name: CI (Gitea)

on:
  push:
    branches:
      - main
      - prod
  pull_request:
    branches:
      - main
      - prod
  workflow_dispatch:

env:
  APP_ENV: test
  APP_SECRET: ci-secret
  DATABASE_DRIVER: sqlite
  DATABASE_SQLITE_PATH: ${{ gitea.workspace }}/var/data/database.test.sqlite
  DOCKERFILE: docker/php/Dockerfile
  BUILD_TARGET: prod
  IMAGE_NAME: tonehaus-app

jobs:
  php-tests:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: '8.2'
          extensions: intl, mbstring, pdo_pgsql, pdo_sqlite, zip, gd
          coverage: none
          ini-values: memory_limit=512M
          tools: composer:v2

      - name: Validate Composer manifest
        run: composer validate --strict

      - name: Cache Composer downloads
        uses: actions/cache@v4
        with:
          path: |
            ~/.cache/composer/files
            ~/.cache/composer/vcs
          key: composer-${{ runner.os }}-${{ hashFiles('**/composer.lock') }}
          restore-keys: |
            composer-${{ runner.os }}-

      - name: Install Composer dependencies
        run: composer install --prefer-dist --no-interaction --no-progress

      - name: Prepare SQLite database
        run: |
          mkdir -p "$(dirname "$DATABASE_SQLITE_PATH")"
          touch "$DATABASE_SQLITE_PATH"
          php bin/console doctrine:migrations:migrate --no-interaction --allow-no-migration

      - name: Run PHPUnit
        run: vendor/bin/phpunit --colors=always

  docker-image:
    needs: php-tests
    runs-on: ubuntu-latest
    env:
      REGISTRY: ${{ secrets.REGISTRY }}
      REGISTRY_IMAGE: ${{ secrets.REGISTRY_IMAGE }}
      REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
      REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Build prod image (local)
        uses: docker/build-push-action@v6
        with:
          context: .
          file: ${{ env.DOCKERFILE }}
          target: ${{ env.BUILD_TARGET }}
          tags: ${{ env.IMAGE_NAME }}:ci
          load: true

      - name: Verify baked APP_ENV
        run: docker run --rm --entrypoint sh ${{ env.IMAGE_NAME }}:ci -c 'test "$APP_ENV" = "prod"'

      - name: Verify Symfony artifacts exist
        run: |
          docker run --rm --entrypoint sh ${{ env.IMAGE_NAME }}:ci -c 'test -f /var/www/html/public/index.php'
          docker run --rm --entrypoint sh ${{ env.IMAGE_NAME }}:ci -c 'test -f /var/www/html/bin/console'

      - name: Smoke-test entrypoint & migrations
        run: docker run --rm --entrypoint /entrypoint.sh ${{ env.IMAGE_NAME }}:ci true

      - name: Login to registry
        if: ${{ env.REGISTRY != '' && env.REGISTRY_USERNAME != '' && env.REGISTRY_PASSWORD != '' }}
        run: |
          echo "$REGISTRY_PASSWORD" | docker login "$REGISTRY" -u "$REGISTRY_USERNAME" --password-stdin

      - name: Push prod image
        if: ${{ env.REGISTRY != '' && env.REGISTRY_IMAGE != '' && env.REGISTRY_USERNAME != '' && env.REGISTRY_PASSWORD != '' }}
        uses: docker/build-push-action@v6
        with:
          context: .
          file: ${{ env.DOCKERFILE }}
          target: ${{ env.BUILD_TARGET }}
          push: true
          tags: |
            ${{ env.REGISTRY }}/${{ env.REGISTRY_IMAGE }}:ci
            ${{ env.REGISTRY }}/${{ env.REGISTRY_IMAGE }}:${{ github.sha }}