name: Publish Docker Image to GHCR

permissions:
  contents: read
  packages: write

on:
  push:
    branches:
      - main

jobs:
  build:
    name: "Build"
    runs-on: ubuntu-latest
    steps:
      - name: "Checkout sources"
        uses: actions/checkout@v6
      - name: "Login to docker registry"
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: "Set version container labels"
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: |
            ghcr.io/pr0ton11/cert-manager-desec-webhook
          tags: |
            type=raw,value=latest,enable={{is_default_branch}}
            type=sha
          labels: |
            maintainer=proton11@github.com
            org.opencontainers.image.title=cert-manager-deSEC-webhook
            org.opencontainers.image.description=An independently maintained deSEC DNS validation webhook for cert-manager 
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: "Build docker image"
        uses: docker/build-push-action@v6
        with:
          context: .
          push: true
          platforms: linux/amd64
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}