manoon-headless/.gitea/workflows/build.yaml

name: Build and Push to GHCR

on:
  push:
    branches: [master, main]

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  build:
    runs-on: ubuntu-latest
    
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Log in to Container Registry
      uses: docker/login-action@v3
      with:
        registry: ${{ env.REGISTRY }}
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}

    - name: Extract metadata
      id: meta
      uses: docker/metadata-action@v5
      with:
        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
        tags: |
          type=sha,prefix=,suffix=,format=short
          type=raw,value=latest,enable={{is_default_branch}}

    - name: Build and push Docker image
      uses: docker/build-push-action@v5
      with:
        context: .
        push: true
        tags: ${{ steps.meta.outputs.tags }}
        labels: ${{ steps.meta.outputs.labels }}
        cache-from: type=gha
        cache-to: type=gha,mode=max

    - name: Update kustomization.yaml
      run: |
        COMMIT_SHA=${{ github.sha }}
        SHORT_SHA=${COMMIT_SHA:0:7}
        sed -i "s|newTag: .*|newTag: ${SHORT_SHA}|" k8s/kustomization.yaml

    - name: Commit and push changes
      run: |
        git config --local user.email "gitea-actions[bot]@users.noreply.gitea.io"
        git config --local user.name "gitea-actions[bot]"
        git add k8s/kustomization.yaml
        git diff --quiet && git diff --staged --quiet || git commit -m "deploy: update image to ${SHORT_SHA} [skip ci]"
        git push