name: Build and Push Docker Image

# Controls when the workflow will run
on:
  push:
    branches:
      - main        # Run on pushes to the main branch
    tags:
      - 'v*.*.*'    # Run on pushes of tags like v1.0.0, v1.2.3 etc.

# Environment variables available to all jobs and steps in the workflow
env:
  # Use the Forgejo instance URL directly from the context
  REGISTRY: ${{ forgejo.instance }}
  # Construct the base image name using owner and repo name
  IMAGE_BASE_NAME: ${{ forgejo.repository_owner }}/${{ forgejo.repository }}

jobs:
  build-and-push:
    runs-on: docker-cli # Or specify your preferred runner type that has Docker
    permissions: # Needed for the action to interact with the registry
      contents: read
      packages: write # Required to push to the container registry

    steps:
      - name: Check out code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0 # Fetches all history for all tags and branches - needed for metadata action

      # Optional: Set up QEMU for multi-platform builds (if needed)
      # - name: Set up QEMU
      #   uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        id: buildx # Step ID for referencing outputs
        uses: docker/setup-buildx-action@v3

      - name: Log in to Forgejo Container Registry
        # Uses the automatically generated FORGEJO_TOKEN for authentication
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ forgejo.actor }}      # The user/actor that triggered the workflow
          password: ${{ secrets.FORGEJO_TOKEN }} # Built-in secret provided by Forgejo Actions

      - name: Extract metadata (tags, labels) for Docker
        id: meta # Step ID for referencing outputs
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_BASE_NAME }}
          # Defines tagging strategy based on the event that triggered the workflow
          tags: |
            # tag latest for default branch (e.g., main)
            type=raw,value=latest,enable=${{ forgejo.ref == format('refs/heads/{0}', 'main') }}
            # tag with the git branch name if it's a branch push
            type=ref,event=branch
            # tag with the git tag name if it's a tag push (e.g., v1.0.0)
            type=ref,event=tag
            # tag with the short git SHA
            type=sha,format=short

      - name: Build and push Docker image
        uses: docker/build-push-action@v5
        with:
          context: .              # Build context is the repository root
          file: ./Dockerfile      # Path to your Dockerfile (default)
          # platforms: linux/amd64,linux/arm64 # Uncomment for multi-platform builds (requires QEMU step)
          push: true              # Push the image after building
          tags: ${{ steps.meta.outputs.tags }}    # Use tags generated by the metadata step
          labels: ${{ steps.meta.outputs.labels }}  # Add labels generated by the metadata step
          cache-from: type=gha    # Enable build cache using GitHub Actions cache (works with Forgejo too)
          cache-to: type=gha,mode=max