name: Docker Build & Push to GitHub Container Registry (Use git tags with format vX.Y.Z as release version)

on:
  workflow_call:
    inputs:
      image_name:
        type: string
        required: true
        description: >
          Docker image name without registry and owner.
          Example: observability/alloy

      build_context:
        type: string
        required: false
        default: .
        description: >
          Path to the Docker build context.
          Example: . or ./services/api

      file_path:
        type: string
        required: false
        default: ./Dockerfile
        description: >
          Path to the Dockerfile relative to the repository root.
          Example: ./Dockerfile or ./services/api/Dockerfile

      platforms:
        type: string
        required: false
        default: linux/amd64,linux/arm64
        description: >
          Comma-separated list of target platforms to build.
          Example: linux/amd64,linux/arm64

      registry:
        type: string
        required: false
        default: ghcr.io
        description: >
          Container registry to push the image to.
          Example: ghcr.io or docker.io

      registry_username:
        type: string
        required: false
        default: ${{ github.repository_owner }}
        description: >
          Username for the container registry.
          Example: myusername

      registry_password:
        type: string
        required: false
        default: ${{ secrets.GITHUB_TOKEN }}
        description: >
          Password or token for the container registry.
          Example: secrets.GITHUB_TOKEN

jobs:
  build-and-push:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up QEMU (for cross-arch builds)
        uses: docker/setup-qemu-action@v3
        with:
          platforms: arm64

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Ensure lowercase username because some registries do not allow uppercase letters
        id: lowercase
        run: echo "username=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT

      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ inputs.registry }}/${{ steps.lowercase.outputs.username }}/${{ inputs.image_name }}
          tags: |
            type=match,pattern=.*(v\d+\.\d+\.\d+),group=1
            type=match,pattern=.*(v\d+\.\d+)\.\d+,group=1
            type=match,pattern=.*(v\d+)\.\d+\.\d+,group=1

      # - name: Login to GitHub Container Registry
      #   uses: docker/login-action@v3
      #   with:
      #     registry: ${{ inputs.registry }}
      #     username: ${{ inputs.registry_username }}
      #     password: ${{ inputs.registry_password }}

      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          context: ${{ inputs.build_context }}
          file: ${{ inputs.file_path }}
          platforms: ${{ inputs.platforms }}
          push: false
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}