name: Docker Build and Push (Docker Hub, Multi-Arch)

on:
  push:
    branches:
      - main
  workflow_dispatch:
    inputs:
      extra_tag:
        description: "Optionaler zusätzlicher Tag (z.B. v1.2.3). Wird zusätzlich zu :latest und :<sha> gepusht."
        required: false
        default: ""

jobs:
  build-and-push:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Log in to Docker Hub
        uses: docker/login-action@v3
        with:
          registry: docker.io
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Set up QEMU (for multi-arch)
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Get Git commit SHA
        id: git_sha
        run: echo "sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

      - name: Define Docker Hub image names
        id: image_names
        run: |
          NS_LC=$(echo "${{ secrets.DOCKERHUB_USERNAME }}" | tr '[:upper:]' '[:lower:]')
          echo "backend_image=docker.io/$NS_LC/utools-backend" >> $GITHUB_OUTPUT
          echo "frontend_image=docker.io/$NS_LC/utools-frontend" >> $GITHUB_OUTPUT

      - name: Build & push multi-arch images via Bake (latest + sha)
        uses: docker/bake-action@v5
        with:
          files: |
            compose.build.yml
          push: true
          set: |
            *.platform=linux/amd64,linux/arm64
            backend.tags=${{ steps.image_names.outputs.backend_image }}:latest
            backend.tags+=${{ steps.image_names.outputs.backend_image }}:${{ steps.git_sha.outputs.sha }}
            frontend.tags=${{ steps.image_names.outputs.frontend_image }}:latest
            frontend.tags+=${{ steps.image_names.outputs.frontend_image }}:${{ steps.git_sha.outputs.sha }}

      # Optionaler Zusatz-Tag ohne Rebuild: manifest neu taggen
      - name: Tag backend image with extra tag (manifest)
        if: ${{ github.event.inputs.extra_tag && github.event.inputs.extra_tag != '' }}
        run: |
          docker buildx imagetools create \
            -t ${{ steps.image_names.outputs.backend_image }}:${{ github.event.inputs.extra_tag }} \
            ${{ steps.image_names.outputs.backend_image }}:${{ steps.git_sha.outputs.sha }}

      - name: Tag frontend image with extra tag (manifest)
        if: ${{ github.event.inputs.extra_tag && github.event.inputs.extra_tag != '' }}
        run: |
          docker buildx imagetools create \
            -t ${{ steps.image_names.outputs.frontend_image }}:${{ github.event.inputs.extra_tag }} \
            ${{ steps.image_names.outputs.frontend_image }}:${{ steps.git_sha.outputs.sha }}