name: Build And Publish
run-name: ${{ gitea.actor }} runs ci pipeline
on: [ push ]

jobs:
  BuildAndPublish:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: https://github.com/actions/checkout@v4

      - name: Use Node.js
        uses: https://github.com/actions/setup-node@v3
        with:
          node-version: '18.17.0'

      - name: Decrypt secrets
        run: ./decrypt_secrets.sh
        env:
          SECRET_PASSPHRASE: ${{ secrets.SECRET_PASSPHRASE }}

      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{secrets.DOCKER_HUB_USERNAME}}
          password: ${{secrets.DOCKER_HUB_PASSWORD}}

      - name: Set up Docker Buildx
        uses: https://github.com/docker/setup-buildx-action@v3
        with:
          config-inline: |
            [registry."docker.io"]
              mirrors = ["mirror.gcr.io"]            

      #      - name: Build and push Docker image
      #        uses: https://github.com/docker/build-push-action@v6
      #        with:
      #          context: .
      #          file: ./Dockerfile
      #          push: true
      #          tags: ${{secrets.DOCKER_HUB_USERNAME}}/portfolio:v1

      - name: Build Docker image
        run: |
          DOCKER_BUILDKIT=1 docker build --no-cache --secret id=SPOTIFY_CLIENT_ID,env=.env \
          --secret id=SPOTIFY_CLIENT_SECRET,env=.env \
          --secret id=SPOTIFY_REFRESH_TOKEN,env=.env \
          --secret id=NEXT_PUBLIC_SITE_URL,env=.env \
          --secret id=GITHUB_ACCESS_TOKEN,env=.env \
          --secret id=GITHUB_USERNAME,env=.env \
          --secret id=GITHUB_CLIENT_ID,env=.env \
          --secret id=GITHUB_SECRET,env=.env \
          --secret id=NEXT_PUBLIC_SUPABASE_URL,env=.env \
          --secret id=NEXT_PUBLIC_SUPABASE_ANON_KEY,env=.env \
          --secret id=SUPABASE_SERVICE_ROLE_KEY,env=.env \
          -t ${{secrets.DOCKER_HUB_USERNAME}}/portfolio:v1 \
          .

      - name: Push the Docker image
        run: |
          docker image push ${{secrets.DOCKER_HUB_USERNAME}}/portfolio:v1

      - name: Stop the docker container
        continue-on-error: true
        run: sudo docker stop portfolio

      - name: Remove the docker container
        continue-on-error: true
        run: sudo docker rm portfolio

      - name: Pull the Docker image
        run: sudo docker pull ${{secrets.DOCKER_HUB_USERNAME}}/portfolio:v1

      - name: Run the Docker container
        run: sudo docker run -d --restart unless-stopped --env-file ./.env --name portfolio -p ${{vars.TAILSCALE_IP}}:3000:3000 ${{secrets.DOCKER_HUB_USERNAME}}/portfolio:v1