name: Build and Push Docker Image

on:
  push:
    branches: [main]

permissions:
  packages: write
  contents: read

jobs:
  build:
    runs-on: ubuntu-latest

    container:
      image: quay.io/buildah/stable
      options: --security-opt seccomp=unconfined --security-opt apparmor=unconfined --device /dev/fuse:rw --privileged

    env:
      BUILDAH_ISOLATION: chroot
      STORAGE_DRIVER: vfs

    steps:
      - name: Install Node.js
        run: dnf install -y nodejs git

      - uses: actions/checkout@v4

      - name: Login to Registry
        run: buildah login -u ${{ gitea.actor }} -p ${{ secrets.GITEA_TOKEN }} git.kocoder.xyz

      - name: Buildah Build
        run: |
          buildah build -t ${{ github.sha }} .
          buildah tag ${{ github.sha }} latest

      - name: Push Docker Images
        run: |
          buildah push ${{ github.sha }} docker://${{ gitea.repositoryUrl }}:${{ github.sha }}
          buildah push latest docker://${{ gitea.repositoryUrl }}:${{ github.sha }}