.github/workflows/publish-container.yml

name: Release, Build, and Push

on:
  pull_request:
  push:
    branches:
      - main
  repository_dispatch:
    types:
      - dispatch-build
  workflow_dispatch:

permissions:
  contents: write

jobs:
  make-date-tag:
    runs-on: ubuntu-latest
    outputs:
      dtag: ${{ steps.mkdatetag.outputs.dtag }}
    steps:
      - name: make date tag
        id: mkdatetag
        run: echo "dtag=$(date +%Y%m%d-%H%M)" >> $GITHUB_OUTPUT

  build:
    runs-on: ubuntu-latest
    needs: [make-date-tag]
    strategy:
      fail-fast: False
    steps:
      - uses: actions/checkout@v4

      - name: Generate tag list
        id: generate-tag-list
        env:
          TIMESTAMP: ${{ needs.make-date-tag.outputs.dtag }}
        # Here, we either tag the container with the "latest" tag if
        # the commit that triggered this action doesn't have a tag,
        # or we tag it with the commit's tag if one exists
        run: |
          # Check if we're working with a tagged version
          if [ -z "${{ inputs.tag }}" ]
          then
            # Use regex to check for a semver tag match
            if [[ ${GITHUB_REF##*/} =~ v[0-9]+\.[0-9]+\.[0-9]+ ]]
            then
              GITHUB_TAG=${GITHUB_REF##*/}
            else
              GITHUB_TAG="latest"
            fi
          else
            GITHUB_TAG=${{ inputs.tag }}
          fi

          echo "Master SHA:"
          echo $(git rev-parse $GITHUB_REF_NAME)

          echo "Current SHA:"
          echo $(git rev-parse HEAD)

          echo $GITHUB_TAG

          docker_repo="pelican_platform/pelican"
          tag_list=()
          for registry in hub.opensciencegrid.org; do
            for image_tag in "$GITHUB_TAG"; do
              tag_list+=("$registry/$docker_repo":"$image_tag")
            done
          done
          # This causes the tag_list array to be comma-separated below,
          # which is required for build-push-action
          IFS=,
          echo "::set-output name=taglist::${tag_list[*]}"

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          buildkitd-flags: --debug

      - name: Log in to OSG Harbor
        uses: docker/login-action@v3
        if: github.event_name != 'pull_request'
        with:
          registry: hub.opensciencegrid.org
          username: ${{ secrets.PELICAN_HARBOR_ROBOT_USER }}
          password: ${{ secrets.PELICAN_HARBOR_ROBOT_PASSWORD }}

      - name: Build and push Docker images
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./images/Dockerfile
          push: ${{ github.event_name != 'pull_request' }}
          tags: "${{ steps.generate-tag-list.outputs.taglist }}"
          build-args: |
            IS_PR_BUILD=${{ github.event_name == 'pull_request' }}
          cache-from: type=registry,ref=hub.opensciencegrid.org/pelican_platform/pelican:buildcache
          cache-to: type=registry,ref=hub.opensciencegrid.org/pelican_platform/pelican:buildcache,mode=max,image-manifest=true,oci-mediatypes=true,ignore-error=true