.github/workflows/publish_docker_image.yaml

name: Publish Docker Image

on:
  push:
    branches:
      - "main"
      - "develop"
    tags:
      - "v*"

env:
  TORRUST_IDX_BACK_RUN_AS_USER: appuser

jobs:
  check-secret:
    runs-on: ubuntu-latest
    environment: dockerhub-torrust
    outputs:
      publish: ${{ steps.check.outputs.publish }}
    steps:
      - id: check
        env:
          DOCKER_HUB_USERNAME: "${{ secrets.DOCKER_HUB_USERNAME }}"
        if: "${{ env.DOCKER_HUB_USERNAME != '' }}"
        run: echo "publish=true" >> $GITHUB_OUTPUT

  test:
    needs: check-secret
    if: needs.check-secret.outputs.publish == 'true'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: dtolnay/rust-toolchain@stable
        with:
          toolchain: stable
          components: llvm-tools-preview
      - uses: Swatinem/rust-cache@v2
      - name: Install torrent edition tool (needed for testing)
        run: cargo install imdl      
      - name: Run Tests
        run: cargo test

  dockerhub:
    needs: test
    if: needs.check-secret.outputs.publish == 'true'
    runs-on: ubuntu-latest
    environment: dockerhub-torrust
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v4
        with:
          images: |
            # For example: torrust/index
            "${{ secrets.DOCKER_HUB_USERNAME }}/${{secrets.DOCKER_HUB_REPOSITORY_NAME }}"
          tags: |
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}

      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_HUB_USERNAME }}
          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Build and push
        uses: docker/build-push-action@v4
        with:
          context: .
          file: ./Dockerfile
          build-args: |
            RUN_AS_USER=${{ env.TORRUST_IDX_BACK_RUN_AS_USER }}
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max