name: Build & Push Images

on:
  push:
    tags:
      - 'v*'

env:
  GITEA_REGISTRY: git.igmlcreation.fr
  GITEA_REGISTRY_USER: ietm64
  GHCR_REGISTRY: ghcr.io
  GHCR_NAMESPACE: igmlcreation

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        component: [brain, core, web]
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Login to Gitea Registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.GITEA_REGISTRY }}
          username: ${{ env.GITEA_REGISTRY_USER }}
          password: ${{ secrets.DOCKER_PAT }}

      # Login to GHCR (GitHub Container Registry) pour distribuer les images
      # publiquement aux utilisateurs finaux. Reputation domaine plus elevee
      # que git.igmlcreation.fr (mieux pour les antivirus / SmartScreen).
      - name: Login to GHCR
        uses: docker/login-action@v3
        with:
          registry: ${{ env.GHCR_REGISTRY }}
          username: ${{ env.GHCR_NAMESPACE }}
          password: ${{ secrets.GHCR_TOKEN }}

      # Detection du canal :
      #   - tag vX.Y.Z         -> stable (push :latest + :version sur les repos publics)
      #   - tag vX.Y.Z-beta*   -> beta  (push :beta + :version sur les repos GHCR prives
      #                                  loremind-beta-<component> ; backup Gitea avec :version)
      - name: Extract version & channel
        id: meta
        run: |
          VERSION="${GITHUB_REF_NAME#v}"
          echo "version=${VERSION}" >> $GITHUB_OUTPUT
          if [[ "${VERSION}" == *-beta* ]]; then
            echo "channel=beta" >> $GITHUB_OUTPUT
          else
            echo "channel=stable" >> $GITHUB_OUTPUT
          fi

      # Build & push canal STABLE
      - name: Build & push ${{ matrix.component }} (stable)
        if: steps.meta.outputs.channel == 'stable'
        uses: docker/build-push-action@v5
        with:
          context: ./${{ matrix.component }}
          push: true
          tags: |
            ${{ env.GITEA_REGISTRY }}/${{ env.GITEA_REGISTRY_USER }}/${{ matrix.component }}:latest
            ${{ env.GITEA_REGISTRY }}/${{ env.GITEA_REGISTRY_USER }}/${{ matrix.component }}:${{ steps.meta.outputs.version }}
            ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_NAMESPACE }}/loremind-${{ matrix.component }}:latest
            ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_NAMESPACE }}/loremind-${{ matrix.component }}:${{ steps.meta.outputs.version }}

      # Build & push canal BETA
      # GHCR : repos prives loremind-beta-<component> (gated par PAT distribue
      #        via le relais Patreon aux tiers Compagnon).
      # Gitea : backup prive avec :version uniquement (pas de :latest pour ne
      #         pas faire upgrader les installs branchees sur Gitea).
      - name: Build & push ${{ matrix.component }} (beta)
        if: steps.meta.outputs.channel == 'beta'
        uses: docker/build-push-action@v5
        with:
          context: ./${{ matrix.component }}
          push: true
          tags: |
            ${{ env.GITEA_REGISTRY }}/${{ env.GITEA_REGISTRY_USER }}/${{ matrix.component }}:${{ steps.meta.outputs.version }}
            ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_NAMESPACE }}/loremind-beta-${{ matrix.component }}:beta
            ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_NAMESPACE }}/loremind-beta-${{ matrix.component }}:${{ steps.meta.outputs.version }}