gitea-ci-library/.gitea/workflows/docker-build-push.yml

name: Docker Build & Push
on:
  workflow_call:
    inputs:
      env_json:
        required: true
        type: string
      version:
        required: true
        type: string
    secrets:
      GITEA_TOKEN:
        required: true
      DOCKER_USERNAME:
        required: false
      DOCKER_PASSWORD:
        required: true

env:
  GITEA_API_URL: ${{ fromJson(inputs.env_json).GITEA_API_URL }}
  GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
  DOCKER_REGISTRY: ${{ fromJson(inputs.env_json).DOCKER_REGISTRY || '' }}
  DOCKER_IMAGE_NAME: ${{ fromJson(inputs.env_json).DOCKER_IMAGE_NAME || '' }}
  DOCKER_UI_URL: ${{ fromJson(inputs.env_json).DOCKER_UI_URL || '' }}
  VERSION: ${{ inputs.version }}

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/checkout@v4
        with:
          repository: niko/gitea-ci-library
          path: .ci

      - name: Set Gitea status to PENDING
        run: |
          echo "===== gitea-ci-library - Docker Build | begin ====="
          bash .ci/scripts/report-status.sh pending "Building Docker image..." ci-docker-build

      - name: Build container
        run: |
          NOW=$(date -u +%Y-%m-%dT%H:%M:%SZ)
          docker build \
            --label "git.commit=${{ github.sha }}" \
            --label "git.commitBy=${{ github.actor }}" \
            --label "build.date=${NOW}" \
            -t "${DOCKER_IMAGE_NAME}:${VERSION}" .

      - name: Report status SUCCESS
        if: success()
        run: bash .ci/scripts/report-status.sh success "Docker build ${VERSION} OK" ci-docker-build

      - name: Report status FAILURE
        if: failure()
        run: bash .ci/scripts/report-status.sh failure "Docker build ${VERSION} FAILED" ci-docker-build

      - name: Save Docker image
        if: success()
        run: |
          mkdir -p /tmp/image
          docker save "${DOCKER_IMAGE_NAME}:${VERSION}" -o /tmp/image/artifact.tar

      - name: Upload Docker image artifact
        if: success()
        uses: actions/upload-artifact@v3
        with:
          name: docker-image
          path: /tmp/image/artifact.tar
          retention-days: 1

  push:
    runs-on: ubuntu-latest
    needs: [build]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/checkout@v4
        with:
          repository: niko/gitea-ci-library
          path: .ci

      - name: Load saved Docker image
        uses: actions/download-artifact@v3
        with:
          name: docker-image
          path: /tmp/image

      - name: Set Gitea status to PENDING
        run: |
          echo "===== gitea-ci-library - Docker Push | begin ====="
          bash .ci/scripts/report-status.sh pending "Pushing to registry..." ci-docker-push

      - name: Push to Docker Registry
        env:
          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME || github.actor }}
          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
        run: |
          docker load -i /tmp/image/artifact.tar

          REGISTRY="${DOCKER_REGISTRY:?DOCKER_REGISTRY not set in env.conf}"
          IMAGE="${DOCKER_IMAGE_NAME:?DOCKER_IMAGE_NAME not set in env.conf}"
          REGISTRY_HOST="${REGISTRY%%/*}"

          FULL_IMAGE="${REGISTRY}/${IMAGE}:${VERSION}"
          echo "Pushing ${FULL_IMAGE} ..."

          docker tag "${DOCKER_IMAGE_NAME}:${VERSION}" "$FULL_IMAGE"
          echo "$DOCKER_PASSWORD" | docker login "$REGISTRY_HOST" -u "$DOCKER_USERNAME" --password-stdin
          docker push "$FULL_IMAGE"
          docker logout "$REGISTRY_HOST"

      - name: Report status SUCCESS
        if: success()
        run: |
          CONTAINER_URL=""
          if [ -n "${DOCKER_UI_URL:-}" ] && [ -n "${VERSION:-}" ]; then
            CONTAINER_URL="${DOCKER_UI_URL}/${VERSION}"
          fi
          bash .ci/scripts/report-status.sh success "Docker push ${VERSION} OK" ci-docker-push "" "$CONTAINER_URL"

      - name: Report status FAILURE
        if: failure()
        run: bash .ci/scripts/report-status.sh failure "Docker push ${VERSION} FAILED" ci-docker-push

  tag-commit:
    runs-on: ubuntu-latest
    needs: [push]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/checkout@v4
        with:
          repository: niko/gitea-ci-library
          path: .ci

      - name: Set Gitea status to PENDING
        run: |
          echo "===== gitea-ci-library - Create Tag | begin ====="
          bash .ci/scripts/report-status.sh pending "Creating tag..." ci-docker-tag

      - name: Create git tag
        env:
          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
          SERVER_URL: ${{ gitea.server_url }}
          RUN_NUMBER: ${{ github.run_number }}
          SHA: ${{ github.sha }}
        run: |
          HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X POST \
            "$SERVER_URL/api/v1/repos/${{ github.repository }}/tags" \
            -H "Authorization: token $GITEA_TOKEN" \
            -H "Content-Type: application/json" \
            -d "{\"tag_name\": \"${VERSION}\", \"message\": \"Build #$RUN_NUMBER\", \"target\": \"$SHA\"}")

          if [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "409" ]; then
            exit 0
          else
            exit 1
          fi

      - name: Report status SUCCESS
        if: success()
        run: bash .ci/scripts/report-status.sh success "Tag ${VERSION} OK" ci-docker-tag

      - name: Report status FAILURE
        if: failure()
        run: bash .ci/scripts/report-status.sh failure "Tag ${VERSION} FAILED" ci-docker-tag