name: Build Telemt Engine

on:
  workflow_dispatch:
    inputs:
      telemt_commit:
        description: 'Telemt commit hash to build from'
        required: true
        default: 'd38d7f2'
      version_tag:
        description: 'Version tag (e.g. 3.0.13-d38d7f2)'
        required: true
        default: '3.0.13-d38d7f2'

env:
  REGISTRY: git.samnet.dev
  PUSH_REGISTRY: registry.samnet.dev
  IMAGE_NAME: mtproxymax-telemt

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - name: Set up QEMU (for ARM builds)
        uses: docker/setup-qemu-action@v3
        with:
          cache-image: false

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Log in to Gitea Container Registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.PUSH_REGISTRY }}
          username: ${{ gitea.actor }}
          password: ${{ secrets.REGISTRY_TOKEN }}

      - name: Create Dockerfile
        run: |
          cat > Dockerfile <<'DEOF'
          FROM rust:1-bookworm AS builder
          ARG TELEMT_REPO=telemt/telemt
          ARG TELEMT_COMMIT
          RUN apt-get update && apt-get install -y --no-install-recommends git && rm -rf /var/lib/apt/lists/*
          RUN git clone "https://github.com/${TELEMT_REPO}.git" /build
          WORKDIR /build
          RUN git checkout "${TELEMT_COMMIT}"
          ENV CARGO_PROFILE_RELEASE_LTO=true CARGO_PROFILE_RELEASE_CODEGEN_UNITS=1 CARGO_PROFILE_RELEASE_DEBUG=false
          RUN cargo build --release && strip target/release/telemt 2>/dev/null || true && cp target/release/telemt /telemt
          FROM debian:bookworm-slim
          RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates && rm -rf /var/lib/apt/lists/*
          COPY --from=builder /telemt /usr/local/bin/telemt
          RUN chmod +x /usr/local/bin/telemt
          STOPSIGNAL SIGINT
          ENTRYPOINT ["telemt"]
          DEOF
          sed -i 's/^          //' Dockerfile

      - name: Lowercase owner
        id: owner
        run: echo "name=$(echo '${{ gitea.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT"

      - name: Build and push multi-arch image
        uses: docker/build-push-action@v6
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          build-args: |
            TELEMT_COMMIT=${{ github.event.inputs.telemt_commit }}
          tags: |
            ${{ env.PUSH_REGISTRY }}/${{ steps.owner.outputs.name }}/${{ env.IMAGE_NAME }}:${{ github.event.inputs.version_tag }}
            ${{ env.PUSH_REGISTRY }}/${{ steps.owner.outputs.name }}/${{ env.IMAGE_NAME }}:latest
          cache-from: type=registry,ref=${{ env.PUSH_REGISTRY }}/${{ steps.owner.outputs.name }}/${{ env.IMAGE_NAME }}:buildcache
          cache-to: type=registry,ref=${{ env.PUSH_REGISTRY }}/${{ steps.owner.outputs.name }}/${{ env.IMAGE_NAME }}:buildcache,mode=max