.github/workflows/build-docker.yml

name: Build and Publish Docker Image

on:
  workflow_dispatch:
  push:
    branches:
      - 'main'
  release:
    types: [published]

jobs:
  build-and-push-image:
    runs-on: ubuntu-latest

    permissions:
      contents: read
      packages: write

    env:
      # Set up environment variables for the job
      DOCKER_REGISTRY: ghcr.io
      IMAGE_NAME: ${{ github.repository }}
      TAG: ${{ github.sha }}

    steps:
      - name: Check out code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
        with:
          install: true

      # Log in to the GitHub Container Registry only when not running on a pull request event
      - name: Login to Docker Registry
        uses: docker/login-action@v2
        with:
          registry: ${{ env.DOCKER_REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v4
        with:
          images: ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}

      # Build and push the Docker image to GHCR for the main branch or specific tags
      - name: Build and Push Docker Image
        if: github.ref == 'refs/heads/main'
        uses: docker/build-push-action@v4
        with:
          context: .
          file: Dockerfile
          push: true
          tags: ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
          labels: version=${{ github.run_id }}

      # For tagged releases, build and push the Docker image with the corresponding tag
      - name: Build and Push Docker Image (Tagged)
        if: startsWith(github.ref, 'refs/tags/')
        uses: docker/build-push-action@v4
        with:
          context: .
          file: Dockerfile
          push: true
          tags: ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}
          labels: version=${{ github.run_id }}