.github/workflows/main.yml

name: main

on:
    push:
        branches:
            - main
        tags:
            - "**"
    pull_request:
        branches:
            - main

jobs:
    python:
        name: python
        runs-on: ubuntu-latest
        env:
            ENVIRONMENT: prod
        steps:
            - name: Dump GitHub context
              env:
                  GITHUB_CONTEXT: ${{ toJson(github) }}
              run: echo "${GITHUB_CONTEXT}"

            - name: Checkout
              uses: actions/checkout@v4

            - name: Install Poetry
              run: |
                  pipx environment
                  pipx install poetry
                  poetry config virtualenvs.in-project true

            - name: Set up Python
              uses: actions/setup-python@v4
              with:
                  python-version: 3.12
                  cache: poetry

            - name: Poetry cache
              uses: actions/cache@v3
              with:
                  path: ~/.cache/pypoetry
                  key: pypoetry-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }}
                  restore-keys: |
                      pypoetry-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }}
                      pypoetry-${{ runner.os }}-

            - name: Run CI
              env:
                  ENVIRONMENT: ci
              run: |
                  source $(poetry env info --path)/bin/activate
                  make run-ci

    docker:
        name: docker
        runs-on: ubuntu-latest
        env:
            ENVIRONMENT: prod
            IMAGE_TAG: ${{ github.ref_name }}
        steps:
            - name: Dump GitHub context
              env:
                  GITHUB_CONTEXT: ${{ toJson(github) }}
              run: echo "${GITHUB_CONTEXT}"

            - name: Checkout
              uses: actions/checkout@v4

            - name: Set up Docker Buildx
              uses: docker/setup-buildx-action@v3

            - name: Docker CI
              run: |
                  touch .env
                  ENVIRONMENT=ci make dc-ci

            - name: Docker metadata
              id: docker_metadata
              uses: docker/metadata-action@v5
              with:
                  images: |
                      ${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}
                      ghcr.io/${{ github.repository }}

            - name: Login to Docker Hub
              if: ${{ github.event_name != 'pull_request' }}
              uses: docker/login-action@v3
              with:
                  username: ${{ secrets.DOCKERHUB_USERNAME }}
                  password: ${{ secrets.DOCKERHUB_TOKEN }}

            - name: Login to GHCR
              if: ${{ github.event_name != 'pull_request' }}
              uses: docker/login-action@v3
              with:
                  registry: ghcr.io
                  username: ${{ github.repository_owner }}
                  password: ${{ secrets.GITHUB_TOKEN }}

            - name: Build and push dev image
              uses: docker/build-push-action@v5
              with:
                  target: dev
                  tags: |
                      ${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:dev
                      ghcr.io/${{ github.repository }}:dev
                  labels: ${{ steps.docker_metadata.outputs.labels }}
                  annotations: ${{ steps.docker_metadata.outputs.annotations }}
                  push: ${{ github.event_name != 'pull_request' }}
                  cache-from: |
                      type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:dev
                      type=registry,ref=ghcr.io/${{ github.repository }}:dev
                      type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:cache
                      type=registry,ref=ghcr.io/${{ github.repository }}:cache
                  cache-to: type=inline

            - name: Build and push prod image
              if: ${{ github.event_name != 'pull_request' }}
              uses: docker/build-push-action@v5
              with:
                  tags: ${{ steps.docker_metadata.outputs.tags }}
                  labels: ${{ steps.docker_metadata.outputs.labels }}
                  annotations: ${{ steps.docker_metadata.outputs.annotations }}
                  push: true
                  cache-from: |
                      type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:dev
                      type=registry,ref=ghcr.io/${{ github.repository }}:dev
                      type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:cache
                      type=registry,ref=ghcr.io/${{ github.repository }}:cache
                  cache-to: |
                      type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:cache,mode=max
                      type=registry,ref=ghcr.io/${{ github.repository }}:cache,mode=max