.github/workflows/build-images.yml

on:
  workflow_call:
    inputs:
      environment:
        required: false
        description: Used by Skaffold and Helmfile profiles
        type: string
        default: staging
      env-template:
        required: false
        description: Env template file
        type: string
        default: staging
      version:
        required: false
        description: Env template file
        type: string
        default: latest
jobs:
  docker:
    runs-on: self-hosted
    concurrency:
      group: ${{ github.event.repository.name }}-docker-${{ github.ref_name }}
      cancel-in-progress: true
    env:
      APP_NAME: ${{ github.event.repository.name }}
      APP_ENV: ${{ inputs.environment }}
      APP_VERSION: ${{ inputs.version }}
      BUILDKIT_PROGRESS: plain
      DOCKER_REPOSITORY: dcr.bndigital.dev/${{ github.event.repository.name }}
      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
      DOCKER_IMAGE: app
    steps:
      - name: Checkout sources
        uses: actions/checkout@v4

      - name: Generate cms .env files
        uses: bn-digital/vault-env@latest
        continue-on-error: true
        with:
          endpoint: ${{ secrets.VAULT_ENDPOINT }}
          token: ${{ secrets.GH_TOKEN }}
          template: packages/cms/.env.${{ env.APP_ENV }}
          target: packages/cms/.env

      - name: Generate website .env files
        uses: bn-digital/vault-env@latest
        continue-on-error: true
        with:
          endpoint: ${{ secrets.VAULT_ENDPOINT }}
          token: ${{ secrets.GH_TOKEN }}
          template: packages/website/.env.${{ inputs.env-template }}
          target: packages/website/.env.production

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Buildx
        uses: docker/setup-buildx-action@v3

      - name: Login Docker registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.DOCKER_REPOSITORY }}
          username: ${{ env.DOCKER_USERNAME }}
          password: ${{ env.DOCKER_PASSWORD }}

      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: ${{ env.DOCKER_REPOSITORY }}/${{ env.DOCKER_IMAGE }}:${{ env.APP_VERSION }}