name: Docker build and push

on:
  workflow_call:
    inputs:
      job-name:
        description: 'Job name to use for maven build'
        default: 'build'
        type: string
      oci-registry:
        description: 'OCI registry to push the image to'
        default: ''
        type: string
      repository:
        description: |
          Repository name.
          Example: `my-org/my-repo`.
          See [Docker get-image-metadata action](../get-image-metadata/README.md).
        default: ${{ github.repository }}
        type: string
      image:
        description: |
          Additional image name.
          Example: `application`.
          See [Docker get-image-metadata action](../get-image-metadata/README.md).
        type: string
      tag:
        description: "Image tag to publish"
        type: string
      context:
        description: |
          Build's context is the set of files located in the specified PATH or URL.
          See https://github.com/docker/build-push-action#inputs.
        type: string  
        default: "."
      dockerfile:
        description: |
          Location of Dockerfile (defaults to Dockerfile).
          See https://github.com/docker/build-push-action#inputs.
        type: string
        default: "Dockerfile"
      build-args:
        description: |
          List of build-time variables.
          See https://github.com/docker/build-push-action#inputs.
        type: string
        required: false
      target:
        description: |
          Sets the target stage to build.
          See https://github.com/docker/build-push-action#inputs.
        type: string
        required: false
      secrets:
        description: |
          List of secrets to expose to the build.
          See https://docs.docker.com/build/ci/github-actions/secrets/.
        type: string
        required: false
      secret-envs:
        description: |
          List of secret environment variables to expose to the build (e.g., `key=envname, MY_SECRET=MY_ENV_VAR`).
          See https://docs.docker.com/build/ci/github-actions/secrets/.
        type: string
        required: false
      artifact-name:
        description: 'Name of the artifact to download before build'
        type: string
        required: false
      artifact-path:
        description: 'Path where to extract the artifact'
        type: string
        default: '.'
        required: false
    secrets:
      OCI_REGISTRY_USERNAME:
        description: 'Username for the OCI registry'
        required: true
      OCI_REGISTRY_PASSWORD:
        description: 'Password for the OCI registry'
        required: true

jobs:
  # build-amd64:
  #   runs-on: ubuntu-latest
  #   outputs:
  #     digest: ${{ steps.build.outputs.digest }}
  #   steps:
  #     - name: Check out code
  #       uses: actions/checkout@v6

  #     - name: Download artifact
  #       if: ${{ inputs.artifact-name != '' }}
  #       uses: actions/download-artifact@v7
  #       with:
  #         name: ${{ inputs.artifact-name }}
  #         path: ${{ inputs.artifact-path }}          

  #     - name: Docker build
  #       id: build
  #       uses: ./build-and-push
  #       with:
  #         oci-registry: ${{ inputs.oci-registry }}
  #         oci-registry-username: ${{ secrets.OCI_REGISTRY_USERNAME }}
  #         oci-registry-password: ${{ secrets.OCI_REGISTRY_PASSWORD }}
  #         repository: ${{ inputs.repository }}
  #         image: ${{ inputs.image }}
  #         tag: ${{ inputs.tag }}
  #         platform: linux/amd64
  #         context: ${{ inputs.context }}
  #         dockerfile: ${{ inputs.dockerfile }}
  #         build-args: ${{ inputs.build-args }}
  #         target: ${{ inputs.target }}
  #         secrets: ${{ inputs.secrets }}
  #         secret-envs: ${{ inputs.secret-envs }}
  #         push-by-digest: true

  build-arm64:
    runs-on: ubuntu-24.04-arm
    outputs:
      digest: ${{ steps.build.outputs.digest }}
    steps:
      - name: Check out code
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Download artifact
        if: ${{ inputs.artifact-name != '' }}
        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
        with:
          name: ${{ inputs.artifact-name }}
          path: ${{ inputs.artifact-path }}
          
      - name: Docker build
        id: build
        uses: https://gitea.ldpt.fr/actions/docker/build-and-push@main
        with:
          oci-registry: ${{ inputs.oci-registry }}
          oci-registry-username: ${{ secrets.OCI_REGISTRY_USERNAME }}
          oci-registry-password: ${{ secrets.OCI_REGISTRY_PASSWORD }}
          repository: ${{ inputs.repository }}
          image: ${{ inputs.image }}
          tag: ${{ inputs.tag }}
          platform: linux/arm64
          context: ${{ inputs.context }}
          dockerfile: ${{ inputs.dockerfile }}
          build-args: ${{ inputs.build-args }}
          target: ${{ inputs.target }}
          secrets: ${{ inputs.secrets }}
          secret-envs: ${{ inputs.secret-envs }}
          #push-by-digest: true

  # create-image-manifest:
  #   runs-on: ubuntu-latest
  #   needs: [build-amd64, build-arm64]
  #   steps:
  #     - name: Create Manifest
  #       uses: ./create-image-manifest
  #       with:
  #         oci-registry: ${{ inputs.oci-registry }}
  #         oci-registry-username: ${{ secrets.OCI_REGISTRY_USERNAME }}
  #         oci-registry-password: ${{ secrets.OCI_REGISTRY_PASSWORD }}
  #         repository: ${{ inputs.repository }}
  #         tag: ${{ inputs.tag }}
  #         image: ${{ inputs.image }}
  #         digests: ${{ needs.build-amd64.outputs.digest }},${{ needs.build-arm64.outputs.digest }}