name: Build Bouncer

permissions:
  contents: read
  packages: write

on:
  push:
    branches:
      - main
    paths:
      - bouncer/**
      - .github/workflows/bouncer.yml
  workflow_call:
  workflow_dispatch:

env:
  should_push: ${{ github.ref == 'refs/heads/main' }}

jobs:
  bouncer-build:
    name: Bake Bouncer Container
    runs-on: ubuntu-latest
    steps:
      - name: "Setup: Get Date"
        id: date
        run: |
          {
            echo "datetime=$(date +'%Y-%m-%d %H:%M:%S')"
            echo "date=$(date +'%Y-%m-%d')"
            echo "time=$(date +'%H:%M:%S')"
            echo "container_build_datetime=$(date -u +'%Y-%m-%dT%H:%M:%S.%3NZ')"
          } >> "$GITHUB_OUTPUT"

      - name: "Setup: PHP"
        uses: shivammathur/setup-php@v2
        with:
          php-version: 8.1
        env:
          runner: self-hosted

      - name: "Setup: Setup QEMU"
        uses: docker/setup-qemu-action@v2

      - name: "Setup: Expose GitHub Runtime"
        uses: crazy-max/ghaction-github-runtime@v3

      - name: "Setup: Setup Docker Buildx"
        uses: docker/setup-buildx-action@v2

      - name: "Setup: Login to Docker Hub"
        uses: docker/login-action@v3
        with:
          username: matthewbaggett
          password: ${{ secrets.DOCKER_HUB_PASSWORD }}

      - name: "Setup: Login to GHCR"
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: matthewbaggett
          password: ${{ secrets.GHCR_PASSWORD }}

      - name: "Setup: Checkout Source"
        uses: actions/checkout@v4
        with:
          sparse-checkout: |
            bouncer

      - name: "Setup: Configure Cache"
        uses: actions/cache@v4
        with:
          path: bouncer
          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
          restore-keys: |
            ${{ runner.os }}-composer-

      - name: "Dependencies: Composer Install"
        working-directory: bouncer
        run: composer install --ignore-platform-reqs

      - name: "Build: Build & Push Image"
        uses: docker/build-push-action@v5
        with:
          context: bouncer
          target: bouncer
          platforms: ${{ !env.ACT && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
          pull: true
          #push: ${{ env.should_push && !env.ACT }}
          push: true
          build-args: |
            GIT_SHA=${{ github.sha }}
            BUILD_DATE=${{ steps.date.outputs.container_build_datetime }}
            GIT_COMMIT_MESSAGE=${{ github.event.head_commit.message }}
          tags: |
            ${{ !env.ACT && 'benzine/bouncer:latest' || '' }}
            ${{ !env.ACT && 'ghcr.io/benzine-framework/bouncer:latest' || 'ghcr.io/benzine-framework/bouncer:devel' }}
          cache-from: ${{ !env.ACT && 'type=gha' || 'type=local,src=/tmp' }}
          cache-to: ${{ !env.ACT && 'type=gha,mode=max' || 'type=local,dest=/tmp' }}
          build-contexts: |
            php:cli=docker-image://ghcr.io/benzine-framework/php:cli-8.2

      - name: "Validate build"
        shell: bash
        run: |
          docker \
            run \
              --rm \
              ghcr.io/benzine-framework/bouncer:latest \
                /usr/bin/install-report