name: Build and Push Docker Images

on:
  workflow_dispatch:
  push:
    branches: [ main ]
    paths:
      - 'caddy-*/**'
      - '.gitea/workflows/build-and-push.yml'

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        variant:
          - name: 'cloudflare'
            dockerfile: 'caddy-cloudflare/Dockerfile'
            context: 'caddy-cloudflare'
          - name: 'cloudflare-crowdsec'
            dockerfile: 'caddy-cloudflare-crowdsec/Dockerfile'
            context: 'caddy-cloudflare-crowdsec'
          - name: 'cloudflare-ddns'
            dockerfile: 'caddy-cloudflare-ddns/Dockerfile'
            context: 'caddy-cloudflare-ddns'
          - name: 'cloudflare-ddns-crowdsec'
            dockerfile: 'caddy-cloudflare-ddns-crowdsec/Dockerfile'
            context: 'caddy-cloudflare-ddns-crowdsec'
          - name: 'crowdsec'
            dockerfile: 'caddy-crowdsec/Dockerfile'
            context: 'caddy-crowdsec'
      fail-fast: true

    steps:
      - 
        name: Checkout code
        uses: actions/checkout@v6.0.2
      - 
        name: Parse Caddy version
        id: version
        run: |
          VERSION=$(grep -m 1 -Eo 'caddy:[0-9]+\.[0-9]+\.[0-9]' caddy-cloudflare/Dockerfile | cut -d ':' -f2)
          echo "version=$VERSION" >> $GITHUB_OUTPUT
          echo "Version from file: $VERSION"
        
          # Extract semantic version parts
          MAJOR=$(echo $VERSION | cut -d. -f1)
          MINOR=$(echo $VERSION | cut -d. -f1-2)
          
          echo "major_version=$MAJOR" >> $GITHUB_OUTPUT
          echo "minor_version=$MINOR" >> $GITHUB_OUTPUT
          echo "Major: $MAJOR, Minor: $MINOR"
      - 
        name: Set up QEMU
        uses: docker/setup-qemu-action@v3.7.0
      - 
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3.12.0
        with:
          driver-opts: image=moby/buildkit:v0.23.2@sha256:ddd1ca44b21eda906e81ab14a3d467fa6c39cd73b9a39df1196210edcb8db59e
      - 
        name: Login to GitHub Container Registry
        uses: docker/login-action@v4.0.0
        with:
          registry: ghcr.io
          username: ${{ vars.GH_USERNAME }}
          password: ${{ secrets.GH_TOKEN }}
      - 
        name: Login to Docker Hub
        uses: docker/login-action@v4.0.0
        with:
          username: ${{ vars.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - 
        name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v5.10.0
        with:
          images: |
            ghcr.io/${{ vars.GH_USERNAME }}/caddy-${{ matrix.variant.name }}
            ${{ vars.DOCKERHUB_USERNAME }}/caddy-${{ matrix.variant.name }}
          tags: |
            type=sha,format=long,prefix=sha-
            type=raw,value=latest
            type=raw,value=${{ steps.version.outputs.major_version }}
            type=raw,value=${{ steps.version.outputs.minor_version }}
            type=raw,value=${{ steps.version.outputs.version }},priority=1000
      - 
        name: Build and push
        uses: docker/build-push-action@v6.19.2
        with:
          context: ${{ matrix.variant.context }}
          file: ${{ matrix.variant.dockerfile }}
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          platforms: linux/amd64,linux/arm64,linux/arm/v7
          cache-from: type=gha
          cache-to: type=gha,mode=max
          build-args: |
            BUILDKIT_INLINE_CACHE=1