name: Build and Publish Docker image

on:
  push:
    branches: [ main ]
  workflow_dispatch: {}

permissions:
  contents: read
  packages: write
  id-token: write

jobs:
  build-publish:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout
      uses: actions/checkout@v4

    - name: Set up QEMU
      uses: docker/setup-qemu-action@v2

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Login to GitHub Container Registry
      uses: docker/login-action@v2
      with:
        registry: ghcr.io
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}

    - name: Build and push
      uses: docker/build-push-action@v4
      with:
        context: .
        push: true
        tags: |
          ghcr.io/${{ github.repository_owner }}/home:latest
          ghcr.io/${{ github.repository_owner }}/home:${{ github.sha }}
        file: Dockerfile

    - name: Output image
      run: |
        echo "Image pushed: ghcr.io/${{ github.repository_owner }}/home:latest"
        echo "Image pushed: ghcr.io/${{ github.repository_owner }}/home:${{ github.sha }}"

  redeploy:
    name: Redeploy target
    needs: build-publish
    runs-on: ubuntu-latest
    steps:
    - name: Check redeploy inputs
      if: ${{ secrets.REDEPLOY_URL != '' && secrets.REDEPLOY_TOKEN != '' }}
      run: |
        echo "Redeploy inputs present"

    - name: Call redeploy endpoint
      if: ${{ secrets.REDEPLOY_URL != '' && secrets.REDEPLOY_TOKEN != '' }}
      run: |
        echo "Calling redeploy endpoint..."
        # curl --fail ritorna exit code != 0 se lo status HTTP non è 2xx
        curl --fail -s -X POST \
          -H "Authorization: Bearer ${{ secrets.REDEPLOY_TOKEN }}" \
          -H "Content-Type: application/json" \
          -d "{\"image\":\"ghcr.io/${{ github.repository_owner }}/home:${{ github.sha }}\"}" \
          "${{ secrets.REDEPLOY_URL }}"

    - name: Skip redeploy warning
      if: ${{ secrets.REDEPLOY_URL == '' || secrets.REDEPLOY_TOKEN == '' }}
      run: |
        echo "REDEPLOY_URL or REDEPLOY_TOKEN not set; skipping redeploy step."