name: Build with Kaniko (No Docker Required)

on:
  push:
    branches:
      - main
      - master
    tags:
      - 'v*'
  workflow_dispatch:

env:
  REGISTRY: code.littlelan.cn
  IMAGE_NAME: carrotskin/backend

jobs:
  build-and-push:
    runs-on: ubuntu-latest
    container:
      image: gcr.io/kaniko-project/executor:debug
      options: --entrypoint ""
    
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Create Kaniko config
        run: |
          mkdir -p /kaniko/.docker
          cat > /kaniko/.docker/config.json << EOF
          {
            "auths": {
              "${{ env.REGISTRY }}": {
                "auth": "$(echo -n '${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}' | base64)"
              }
            }
          }
          EOF

      - name: Generate destination tags
        id: tags
        run: |
          SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
          
          # 基础标签
          DEST="--destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}"
          DEST="$DEST --destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-$SHORT_SHA"
          
          # main/master 分支添加 latest 标签
          REF="${{ github.ref }}"
          if [ "$REF" = "refs/heads/main" ] || [ "$REF" = "refs/heads/master" ]; then
            DEST="$DEST --destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
          fi
          
          echo "destinations=$DEST" >> $GITHUB_OUTPUT

      - name: Build and push with Kaniko
        run: |
          /kaniko/executor \
            --context "${GITHUB_WORKSPACE}" \
            --dockerfile "${GITHUB_WORKSPACE}/Dockerfile" \
            ${{ steps.tags.outputs.destinations }} \
            --cache=true \
            --cache-repo=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cache

      - name: Build summary
        run: |
          echo "🚀 镜像构建完成"
          echo "仓库: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"