name: Build and Push Docker Images

on:
  workflow_dispatch:
  push:
    branches: [ main ]
    paths:
      - 'caddy-*/**'
      - '.github/workflows/**'
  pull_request:
    branches: [ main ]
    paths:
      - 'caddy-*/**'
      - '.github/workflows/**'

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        variant:
          - name: 'cloudflare'
            dockerfile: 'caddy-cloudflare/Dockerfile'
            context: 'caddy-cloudflare'
          - name: 'cloudflare-crowdsec'
            dockerfile: 'caddy-cloudflare-crowdsec/Dockerfile'
            context: 'caddy-cloudflare-crowdsec'
          - name: 'cloudflare-ddns'
            dockerfile: 'caddy-cloudflare-ddns/Dockerfile'
            context: 'caddy-cloudflare-ddns'
          - name: 'cloudflare-ddns-crowdsec'
            dockerfile: 'caddy-cloudflare-ddns-crowdsec/Dockerfile'
            context: 'caddy-cloudflare-ddns-crowdsec'
          - name: 'crowdsec'
            dockerfile: 'caddy-crowdsec/Dockerfile'
            context: 'caddy-crowdsec'
      fail-fast: false

    steps:
      - 
        name: Checkout code
        uses: actions/checkout@v5.0.0
      - 
        name: Parse Caddy version
        id: version
        run: echo "version=$(grep -oP '(?<=FROM caddy:)[0-9]+\.[0-9]+\.[0-9]+' ${{ matrix.variant.dockerfile }} | head -n 1)" >> $GITHUB_OUTPUT
      - 
        name: Set up QEMU
        uses: docker/setup-qemu-action@v3.6.0
      - 
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3.11.1
        with:
          driver-opts: image=moby/buildkit:v0.23.2@sha256:ddd1ca44b21eda906e81ab14a3d467fa6c39cd73b9a39df1196210edcb8db59e
      - 
        name: Login to GitHub Container Registry
        uses: docker/login-action@v3.5.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GH_TOKEN }}
      - 
        name: Login to Docker Hub
        uses: docker/login-action@v3.5.0
        with:
          username: ${{ vars.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - 
        name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v5.8.0
        with:
          images: |
            ghcr.io/${{ github.actor }}/caddy-${{ matrix.variant.name }}
            ${{ vars.DOCKERHUB_USERNAME }}/caddy-${{ matrix.variant.name }}
          tags: |
            type=raw,value=${{ steps.version.outputs.version }}
            type=sha,format=long,prefix=sha-
            type=raw,value=latest
      - 
        name: Build and push
        uses: docker/build-push-action@v6.18.0
        with:
          context: ${{ matrix.variant.context }}
          file: ${{ matrix.variant.dockerfile }}
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          platforms: linux/amd64,linux/arm64,linux/arm/v7