name: Publish docker image

on:
  schedule:
    - cron: "0 3 * * *"
  workflow_dispatch:
    inputs:
      git_ref:
        type: string
        required: true
        default: main
        description: "Git branch/tag/sha revision to build"
      image_tag:
        type: string
        required: true
        default: trunk
        description: "docker image tag"

jobs:
  provide-runner:
    name: Start self-hosted YC runner
    timeout-minutes: 5
    runs-on: ubuntu-latest
    outputs:
      label: ${{steps.start-yc-runner.outputs.label}}
      instance-id: ${{steps.start-yc-runner.outputs.instance-id}}
    steps:
      - name: Start YC runner
        id: start-yc-runner
        uses: yc-actions/yc-github-runner@v1
        with:
          mode: start
          yc-sa-json-credentials: ${{ secrets.YC_SA_JSON_CREDENTIALS }}
          github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
          folder-id: ${{secrets.YC_FOLDER}}
          image-id: fd8earpjmhevh8h6ug5o # TODO: create constant
          disk-size: ${{vars.DISK_SIZE && vars.DISK_SIZE || '1023GB'}}
          disk-type: network-ssd-nonreplicated
          cores: 32
          memory: 64GB
          core-fraction: 100
          zone-id: ru-central1-b
          subnet-id: ${{secrets.YC_SUBNET}}

  prepare-vm:
    name: Prepare runner
    needs: provide-runner
    runs-on: [ self-hosted, "${{ needs.provide-runner.outputs.label }}" ]
    steps:
      - name: Checkout PR
        uses: actions/checkout@v3
        with:
          sparse-checkout: .github
      - name: install docker
        shell: bash
        run: |
          apt-get update 
          apt-get install -y --no-install-recommends docker.io

  build:
    needs:
      - provide-runner
      - prepare-vm
    runs-on: "${{ needs.provide-runner.outputs.label }}"
    steps:
      - name: Checkout
        uses: actions/checkout@v3
        with:
          sparse-checkout: .github

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Log in to the Container registry
        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build and push docker image
        uses: docker/build-push-action@v4
        with:
          push: true
          context: .github/docker/
          file: .github/docker/Dockerfile
          tags: ghcr.io/${{ github.repository_owner }}/local-ydb:${{ inputs.image_tag || 'trunk' }}
          platforms: linux/amd64
          provenance: false
          build-args: |
            GIT_REPO=${{ github.server_url }}/${{ github.repository }}
            GIT_REF=${{ inputs.git_ref || 'main' }}
          secrets: |
            "ccache_remote_storage=${{ vars.REMOTE_CACHE_URL && format('http://{0}{1}', secrets.REMOTE_CACHE_AUTH, vars.REMOTE_CACHE_URL) || ''}}"

  release-runner:
    name: Release self-hosted YC runner if provided on-demand
    needs:
      - provide-runner
      - build
    runs-on: ubuntu-latest
    if: always()
    steps:
      - name: Stop YC runner
        uses: yc-actions/yc-github-runner@v1
        with:
          mode: stop
          yc-sa-json-credentials: ${{ secrets.YC_SA_JSON_CREDENTIALS }}
          github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
          label: ${{ needs.provide-runner.outputs.label }}
          instance-id: ${{ needs.provide-runner.outputs.instance-id }}