name: "Build: Release"

permissions:
  contents: read
  packages: write

on:
  workflow_call:
  workflow_dispatch:

concurrency:
  group: ${{ github.head_ref || github.run_id }}
  cancel-in-progress: true

env:
  CANDIDATE_IMAGE: ghcr.io/benzine-framework/bouncer:build-${{ github.sha }}
  RELEASE_IMAGE_GHCR: ghcr.io/benzine-framework/bouncer:latest
  RELEASE_IMAGE_DOCKER: benzine/bouncer:latest

jobs:
  release:
    name: Release Swarm Loadbalancer
    runs-on: ubuntu-latest
    strategy:
      matrix:
        registry:
          - ghcr
          - docker
      fail-fast: false
    steps:
      - name: "Pull Candidate Image"
        run: docker pull ${{ env.CANDIDATE_IMAGE }}
      - uses: benzine-framework/action-setup-docker@main
        with:
          ghcr_user: ${{ github.repository_owner }}
          ghcr_token: ${{ secrets.GHCR_TOKEN }}
          docker_hub_user: ${{ secrets.DOCKER_HUB_USER }}
          docker_hub_token: ${{ secrets.DOCKER_HUB_TOKEN }}
      - name: "Login to GHCR"
        if: matrix.registry == 'ghcr'
        run: docker login ghcr.io -u matthewbaggett -p ${{ secrets.GITHUB_TOKEN }}
      - name: "Tag Candidate Image"
        run: docker tag ${{ env.CANDIDATE_IMAGE }} ${{ matrix.registry == 'ghcr' && env.RELEASE_IMAGE_GHCR || env.RELEASE_IMAGE_DOCKER }}
      - name: "Push Release Image"
        run: docker push ${{ matrix.registry == 'ghcr' && env.RELEASE_IMAGE_GHCR || env.RELEASE_IMAGE_DOCKER }}