name: Build Application Image

on:
  workflow_run:
    workflows: ["Run Tests"]
    types:
      - completed
    branches:
      - main
      - production
  workflow_dispatch:
    inputs:
      image_tag:
        description: 'Image tag (default: latest)'
        required: false
        default: 'latest'

env:
  IMAGE_NAME: jd-book-uploader
  IMAGE_TAG: ${{ inputs.image_tag || 'latest' }}
  REGISTRY: ${{ secrets.REGISTRY_URL || '' }}

jobs:
  build:
    name: Build with Pack
    runs-on: ubuntu-latest
    if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }}
    outputs:
      image: ${{ steps.image.outputs.full }}
      image-digest: ${{ steps.build.outputs.digest }}
    
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Configure Docker Socket
        run: |
          # Detect Docker socket location (handles rootless Docker)
          if [ -S "/run/user/$(id -u)/docker.sock" ]; then
            echo "PACK_DOCKER_HOST=unix:///run/user/$(id -u)/docker.sock" >> $GITEA_ENV
          elif [ -S "/var/run/docker.sock" ]; then
            echo "PACK_DOCKER_HOST=unix:///var/run/docker.sock" >> $GITEA_ENV
          else
            echo "Error: Docker socket not found"
            exit 1
          fi
          docker info

      - name: Install Pack CLI
        run: |
          PACK_VERSION="0.32.0"
          wget -q "https://github.com/buildpacks/pack/releases/download/v${PACK_VERSION}/pack-v${PACK_VERSION}-linux.tgz"
          tar -xzf "pack-v${PACK_VERSION}-linux.tgz"
          sudo mv pack /usr/local/bin/
          pack --version

      - name: Set default builder
        run: |
          pack config default-builder paketobuildpacks/builder-jammy-tiny:latest

      - name: Prepare build environment
        run: |
          # Create .env.production for build (no secrets, just structure)
          cat > .env.production << EOF
          PORT=8080
          # Database and Firebase config loaded at runtime
          EOF

      - name: Build image
        id: build
        env:
          PACK_DOCKER_HOST: ${{ env.PACK_DOCKER_HOST }}
        run: |
          PACK_ARGS=(
            "${IMAGE_NAME}:${IMAGE_TAG}"
            --path .
          )
          
          if [ -n "$PACK_DOCKER_HOST" ]; then
            PACK_ARGS+=(--docker-host "$PACK_DOCKER_HOST")
          fi
          
          if [ -f ".env.production" ]; then
            PACK_ARGS+=(--env-file .env.production)
          fi
          
          pack build "${PACK_ARGS[@]}"
          
          IMAGE_DIGEST=$(docker inspect "${IMAGE_NAME}:${IMAGE_TAG}" --format='{{.Id}}')
          echo "digest=${IMAGE_DIGEST}" >> $GITEA_OUTPUT

      - name: Tag image
        id: image
        run: |
          if [ -n "${{ env.REGISTRY }}" ]; then
            FULL_IMAGE="${{ env.REGISTRY }}/${IMAGE_NAME}:${IMAGE_TAG}"
            docker tag "${IMAGE_NAME}:${IMAGE_TAG}" "${FULL_IMAGE}"
            echo "full=${FULL_IMAGE}" >> $GITEA_OUTPUT
          else
            echo "full=${IMAGE_NAME}:${IMAGE_TAG}" >> $GITEA_OUTPUT
          fi

      - name: Push to registry
        if: env.REGISTRY != ''
        run: |
          echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY }} -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
          docker push "${{ steps.image.outputs.full }}"

      - name: Save image artifact
        uses: actions/upload-artifact@v4
        with:
          name: docker-image
          path: /tmp/image.tar
          retention-days: 1
        if: env.REGISTRY == ''
        run: |
          docker save "${IMAGE_NAME}:${IMAGE_TAG}" -o /tmp/image.tar