name: Build and Push Docker Image

on:
  push:
    branches:
      - main

env:
  REGISTRY: git.cbraaten.dev
  IMAGE_NAME: git.cbraaten.dev/caleb/blog

jobs:
  build:
    runs-on: ubuntu-latest

    permissions:
      contents: read

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Get short SHA
        id: sha
        run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

      - name: Print Secrets
        run: |
            if [ -z "${{ secrets.REGISTRY_USERNAME }}" ]; then
              echo "ERROR: REGISTRY_USERNAME secret is not set"
              exit 1
            else
              echo "✓ REGISTRY_USERNAME is set"
            fi
            if [ -z "${{ secrets.REGISTRY_PASSWORD }}" ]; then
              echo "ERROR: REGISTRY_PASSWORD secret is not set"
              exit 1
            else
              echo "✓ REGISTRY_PASSWORD is set"
            fi

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Login to Registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ secrets.REGISTRY_USERNAME }}
          password: ${{ secrets.REGISTRY_PASSWORD }}

      - name: Build and Push Docker Image
        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: |
            ${{ env.IMAGE_NAME }}:latest
            ${{ env.IMAGE_NAME }}:${{ steps.sha.outputs.short_sha }}