name: Create and publish docker image (rust)

on:
  workflow_dispatch:
  push:
    branches: [ "main" ]
    paths:
      - 'Dockerfile.rust'
      - '.github/workflows/docker.rust.yml'
      - 'crates/**'

jobs:
  build:

    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
      # This is used to complete the identity challenge
      # with sigstore/fulcio when running outside of PRs.
      id-token: write

    steps:
      - name: Free Disk Space (Ubuntu)
        uses: jlumbroso/free-disk-space@main
        with:
          # this might remove tools that are actually needed,
          # if set to "true" but frees about 6 GB
          tool-cache: true

          # all of these default to true, but feel free to set to
          # "false" if necessary for your workflow
          android: true
          dotnet: true
          haskell: true
          large-packages: false
          swap-storage: true

      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          submodules: recursive

      # Workaround: https://github.com/docker/build-push-action/issues/461
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v2.0.0

      # Login against a Docker registry except on PR
      # https://github.com/docker/login-action
      - name: Log into GitHub Container registry
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v2.0.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Log into Docker Hub
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v2.0.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Generate image name
        run: |
          echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}/rust" >>${GITHUB_ENV}

      - uses: int128/docker-build-cache-config-action@v1
        id: cache
        with:
          image: ghcr.io/${{ env.IMAGE_NAME }}/cache

      # Build and push Docker image with Buildx (don't push on PR)
      # https://github.com/docker/build-push-action
      - name: Build and push Docker image
        id: build-and-push
        uses: docker/build-push-action@v3.1.1
        with:
          file: Dockerfile.rust
          context: .
          push: ${{ github.event_name != 'pull_request' }}
          tags: |
            ghcr.io/${{ env.IMAGE_NAME }}:latest
          cache-from: ${{ steps.cache.outputs.cache-from }}
          cache-to: ${{ steps.cache.outputs.cache-to }}