name: Publish Docker Image to GCR

on:
  push:
    branches: [dev, main]
    paths:
      [
        '.github/ci-docker-publish.yml',
        'programs/**',
        'lib/client/**',
        'bin/keeper/**',
        'bin/liquidator/**',
        'bin/settle-bot/**',
      ]
  workflow_call:
    secrets:
      GCR_PROJECT:
        required: true
      GCR_SA_KEY:
        required: true
  workflow_dispatch:

env:
  PROJECT_ID: ${{ secrets.GCR_PROJECT }}
  IMAGE: mango-v4

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          submodules: recursive

      # Use docker buildx
      - name: Use docker buildx
        uses: docker/setup-buildx-action@v2
        id: buildx
        with:
          install: true
          buildkitd-flags: --debug

      # Login to Google Cloud
      - name: 'Login to Google Cloud'
        uses: 'google-github-actions/auth@v0'
        id: auth
        with:
          token_format: 'access_token'
          credentials_json: '${{ secrets.GCR_SA_KEY }}'

      # Login to GCR
      - name: Login to GCR
        uses: docker/login-action@v2
        with:
          registry: us-docker.pkg.dev
          username: oauth2accesstoken
          password: ${{ steps.auth.outputs.access_token }}

      # Build and push the base image, leveraging layer caching
      - name: Build and Push Base Image
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          tags: |
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}:${{ github.sha }}
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}:${{ github.ref_name }}
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}:latest
          cache-from: type=gha
          cache-to: type=gha,mode=max
      # Build and push the liquidator runtime image
      - name: Build and Push Liquidator
        uses: docker/build-push-action@v2
        with:
          file: bin/liquidator/Dockerfile.liquidator
          context: .
          push: true
          tags: |
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-liquidator:${{ github.sha }}
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-liquidator:${{ github.ref_name }}
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-liquidator:latest
      # Build and push the settle-bot runtime image
      - name: Build and Push Settle Bot
        uses: docker/build-push-action@v2
        with:
          file: bin/settle-bot/Dockerfile.settle-bot
          context: .
          push: true
          tags: |
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-settle-bot:${{ github.sha }}
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-settle-bot:${{ github.ref_name }}
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-settle-bot:latest
      # Build and push the keeper runtime image
      - name: Build and Push Keeper
        uses: docker/build-push-action@v2
        with:
          file: bin/keeper/Dockerfile.keeper
          context: .
          push: true
          tags: |
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-keeper:${{ github.sha }}
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-keeper:${{ github.ref_name }}
            us-docker.pkg.dev/${{ env.PROJECT_ID }}/gcr.io/${{ env.IMAGE }}-keeper:latest