name: CD - Docker - DOCR

on:
  workflow_dispatch:
    inputs:
      site_tld:
        required: true
        type: choice
        description: 'Input: The site tld (variant) to build'
        options:
          - dev
          - org
        default: 'dev'
      app:
        required: true
        type: string
        description: 'Input: The app (component) to build'
        default: 'api'
      show_upcoming_changes:
        required: false
        type: string
        description: 'Input: Show upcoming changes flag (true/false)'
        default: 'false'
  workflow_call:
    inputs:
      site_tld:
        required: true
        type: string
        description: 'Input: The site tld (variant) to build'
      app:
        required: true
        type: string
        description: 'Input: The app (component) to build'
      show_upcoming_changes:
        required: false
        type: string
        description: 'Input: Show upcoming changes flag (true/false)'
        default: 'false'
    secrets:
      DIGITALOCEAN_ACCESS_TOKEN:
        required: true
        description: 'DigitalOcean API token for registry authentication'
      DOCR_NAME:
        required: true
        description: 'DigitalOcean Container Registry name'
    outputs:
      tagname:
        description: 'Output: The tagname for the image built'
        value: ${{ jobs.build.outputs.tagname }}

jobs:
  build:
    name: Build & Push
    runs-on: ubuntu-24.04
    permissions:
      contents: read
    outputs:
      tagname: ${{ steps.tagname.outputs.tagname }}

    steps:
      - name: Checkout Source Files
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Create a tagname
        id: tagname
        run: |
          tagname=$(git rev-parse --short HEAD)-$(date +%Y%m%d)-$(date +%H%M)
          echo "tagname=$tagname" >> $GITHUB_ENV
          echo "tagname=$tagname" >> $GITHUB_OUTPUT

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3

      - name: Install doctl
        uses: digitalocean/action-doctl@135ac0aa0eed4437d547c6f12c364d3006b42824 # v2
        with:
          token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}

      - name: Log in to DigitalOcean Container Registry with short-lived credentials
        run: doctl registry login --expiry-seconds 1200

      - name: Build & Push Image
        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
        with:
          context: .
          file: docker/${{ inputs.app }}/Dockerfile
          push: true
          build-args: |
            SHOW_UPCOMING_CHANGES=${{ inputs.show_upcoming_changes }}
          tags: |
            registry.digitalocean.com/${{ secrets.DOCR_NAME }}/${{ inputs.site_tld }}/learn-${{ inputs.app }}:${{ env.tagname }}
            registry.digitalocean.com/${{ secrets.DOCR_NAME }}/${{ inputs.site_tld }}/learn-${{ inputs.app }}:latest
          cache-from: type=gha
          cache-to: type=gha,mode=max