name: Docker-in-Docker CI/CD Pipeline

run-name: Build, Push, and Publish Multi-Arch Docker-in-Docker for ${{ github.ref_name }}
on:
  push:
    branches:
    - main
    paths:
    - 'containers/dockerindocker/**'
    - '.forgejo/workflows/dockerindocker.yml'
  workflow_dispatch: {}
  schedule:
  - cron: '0 20 * * 5'

jobs:
  build-and-push:
    name: Build and Push Docker-in-Docker Images
    strategy:
      matrix:
        arch: [ amd64, arm64 ]
    runs-on: ${{ matrix.arch }}
    container:
      image: ghcr.io/catthehacker/ubuntu:act-22.04
    steps:
    - name: Checkout Source Code
      uses: actions/checkout@v4
    - name: Setup Docker Buildx
      uses: docker/setup-buildx-action@v1
    - name: Login to Forgejo Container Registry
      uses: docker/login-action@v3
      with:
        registry: ${{ vars.REGISTRY }}
        username: ${{ github.actor }}
        password: ${{ secrets.FORGEJO_TOKEN }}
    - name: Build and Push Image for ${{ matrix.arch }}
      uses: docker/build-push-action@v6
      with:
        context: ./containers/dockerindocker/
        file: ./containers/dockerindocker/Dockerfile
        platforms: linux/${{ matrix.arch }}
        push: true
        tags: ${{ vars.REGISTRY }}/${{ vars.ORGANISATION }}/dockerindocker:${{ matrix.arch }}-latest
        cache-from: type=registry,ref=${{ vars.REGISTRY }}/${{ vars.ORGANISATION }}/dockerindocker:buildcache-${{ matrix.arch }}
        cache-to: type=registry,ref=${{ vars.REGISTRY }}/${{ vars.ORGANISATION }}/dockerindocker:buildcache-${{ matrix.arch }},mode=max

  create-manifest:
    name: Create and Publish Multi-Arch Manifest
    needs: build-and-push
    runs-on: amd64
    steps:
    - name: Wait for Docker Daemon
      run: |
        i=0
        while ! docker info >/dev/null 2>&1; do
          i=$((i+1))
          if [ $i -ge 15 ]; then
            echo "Docker did not start within 15 seconds"
            exit 1
          fi
          echo "Waiting for Docker to start..."
          sleep 1
        done
    - name: Login to Forgejo Container Registry
      uses: docker/login-action@v3
      with:
        registry: ${{ vars.REGISTRY }}
        username: ${{ secrets.CI_REGISTRY_USER }}
        password: ${{ secrets.CI_TOKEN }}
    - name: Create and Push Multi-Arch Manifest
      run: |
        docker manifest create ${{ vars.REGISTRY }}/${{ vars.ORGANISATION }}/dockerindocker:latest \
          --amend ${{ vars.REGISTRY }}/${{ vars.ORGANISATION }}/dockerindocker:amd64-latest \
          --amend ${{ vars.REGISTRY }}/${{ vars.ORGANISATION }}/dockerindocker:arm64-latest
        docker manifest push ${{ vars.REGISTRY }}/${{ vars.ORGANISATION }}/dockerindocker:latest