.github/workflows/docker-push.yml

---
name: docker-push

# yamllint disable-line rule:truthy
on:
  workflow_run:
    workflows: ["lint"]
    types:
      - completed

concurrency:
  group: docker-push-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true

jobs:
  push-enabled:
    name: push-enabled
    runs-on: ubuntu-22.04
    outputs:
      push-enabled: ${{ steps.check.outputs.push-enabled }}
      docker-image-tag: ${{ steps.check.outputs.docker-image-tag }}
    steps:
      - name: Check if push allowed
        id: check
        run: |
          image_tag=latest
          push_enabled=false
          if [[ '${{ github.event.workflow_run.head_branch }}' =~ ^[0-9]+\.[0-9]+\.[0-9]+ ]]; then
            echo -e "\u001b[32mDetected semver tag\u001b[0m"
            image_tag='${{ github.event.workflow_run.head_branch }}'
            push_enabled=true
          elif [[ '${{ github.event.workflow_run.head_branch }}' == "master" ]]; then
            echo -e "\u001b[32mDetected master branch\u001b[0m"
            push_enabled=true
          else
            echo "::warning ::Unable to detect semver tag or master branch"
            push_enabled=false
          fi

          if [[ '${{ github.event.workflow_run.conclusion }}' != 'success' ]]; then
            echo "::warning ::Unable to detect successful lint workflow_run conclusion"
            push_enabled=false
          else
            echo -e "\u001b[32mDetected success lint workflow_run conclusion\u001b[0m"
          fi

          echo "push-enabled=${push_enabled}" >> $GITHUB_OUTPUT
          echo "docker-image-tag=${image_tag}" >> $GITHUB_OUTPUT

  docker-push:
    name: push latest
    runs-on: ubuntu-22.04
    needs: push-enabled
    if: needs.push-enabled.outputs.push-enabled == 'true'
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Generate docker metadata
        id: docker_meta
        uses: crazy-max/ghaction-docker-meta@96383f45573cb7f253c731d3b3ab81c87ef81934  # v1.8.5 => c53f88523ad1fcebbdb10b3bb9cfa7ddb69d6677
        with:
          images: dokku/ci-docker-image
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to DockerHub
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Build and push
        id: docker_build
        uses: docker/build-push-action@v5
        with:
          push: ${{ github.event_name != 'pull_request' }}
          platforms: linux/amd64,linux/arm64,linux/arm/v7
          tags: dokku/ci-docker-image:${{ needs.push-enabled.outputs.docker-image-tag }}
          labels: |
            ${{ steps.docker_meta.outputs.labels }}
            org.opencontainers.image.version=${{ github.event.workflow_run.head_branch }}
      - name: Image digest
        run: echo ${{ steps.docker_build.outputs.digest }}