name: Build and publish Docker image

on:
  push:
    branches:
      - main
      - master
    tags:
      - 'v*.*.*'
  workflow_dispatch:

jobs:
  docker:
    name: Build and push
    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      # Set up Docker Buildx for efficient layer caching.
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      # Log in to the Gitea container registry.
      # The built-in GITEA_TOKEN is injected automatically by Gitea Actions and
      # has write access to packages in the same organisation/user namespace.
      - name: Log in to Gitea registry
        uses: docker/login-action@v3
        with:
          registry: git.sal.giize.com
          username: ${{ gitea.actor }}
          password: ${{ secrets.GITEA_TOKEN }}

      # ── Determine tags ───────────────────────────────────────────────────
      # On a version tag (v1.2.3):  latest, cpu, cpu-1.2.3, 1.2.3
      # On branch push (main/master): latest, cpu
      - name: Docker metadata (CPU)
        id: meta_cpu
        uses: docker/metadata-action@v5
        with:
          images: git.sal.giize.com/mozempk/trueref
          flavor: |
            latest=auto
          tags: |
            type=raw,value=latest,enable={{is_default_branch}}
            type=raw,value=cpu,enable={{is_default_branch}}
            type=semver,pattern={{version}},prefix=cpu-
            type=semver,pattern={{version}}

      - name: Docker metadata (GPU)
        id: meta_gpu
        uses: docker/metadata-action@v5
        with:
          images: git.sal.giize.com/mozempk/trueref
          flavor: |
            latest=false
          tags: |
            type=raw,value=gpu,enable={{is_default_branch}}
            type=semver,pattern={{version}},prefix=gpu-

      # ── CPU image ────────────────────────────────────────────────────────
      - name: Build and push CPU image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: Dockerfile
          push: true
          tags: ${{ steps.meta_cpu.outputs.tags }}
          labels: ${{ steps.meta_cpu.outputs.labels }}
          cache-from: type=gha,scope=cpu
          cache-to: type=gha,mode=max,scope=cpu

      # ── GPU image ────────────────────────────────────────────────────────
      # Built from the same source; only the runtime base image differs.
      - name: Build and push GPU image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: Dockerfile.gpu
          push: true
          tags: ${{ steps.meta_gpu.outputs.tags }}
          labels: ${{ steps.meta_gpu.outputs.labels }}
          cache-from: type=gha,scope=gpu
          cache-to: type=gha,mode=max,scope=gpu