name: Build

on:
  workflow_dispatch:
  push:
    branches:
      - "main"
      - "rc"
      - "hotfix-rc"
  pull_request:

jobs:
  build-artifacts:
    name: Build artifacts
    runs-on: ubuntu-22.04

    steps:
      - name: Check out repo
        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up .NET
        uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0

      - name: Publish project
        working-directory: src/KeyConnector
        run: |
          echo "Publish"
          dotnet publish -c "Release" -o obj/build-output/publish
          cd obj/build-output/publish
          zip -r KeyConnector.zip .
          mv KeyConnector.zip ../../../
          pwd
          ls -atlh ../../../

      - name: Upload project artifact
        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
        with:
          name: KeyConnector.zip
          path: src/KeyConnector/KeyConnector.zip
          if-no-files-found: error

  build-docker:
    name: Build Docker images
    runs-on: ubuntu-22.04
    needs: build-artifacts
    env:
      _AZ_REGISTRY: bitwardenprod.azurecr.io
      _PROJECT_NAME: key-connector

    steps:
      - name: Check out repo
        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Log in to Azure
        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
        with:
          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}

      - name: Log in to ACR
        run: az acr login -n ${_AZ_REGISTRY%.azurecr.io}

      - name: Generate Docker image tag
        id: tag
        run: |
          IMAGE_TAG=$(echo "${GITHUB_REF:11}" | sed "s#/#-#g")  # slash safe branch name
          if [[ "$IMAGE_TAG" == "main" ]]; then
            IMAGE_TAG=dev
          fi
          echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT

      - name: Generate full image name
        id: image-name
        env:
          IMAGE_TAG: ${{ steps.tag.outputs.image_tag }}
        run: echo "name=${_AZ_REGISTRY}/${_PROJECT_NAME}:${IMAGE_TAG}" >> $GITHUB_OUTPUT

      - name: Get build artifact
        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
        with:
          name: KeyConnector.zip

      - name: Set up build artifact
        run: |
          mkdir -p src/KeyConnector/obj/build-output/publish
          unzip KeyConnector.zip -d src/KeyConnector/obj/build-output/publish

      - name: Build Docker image
        uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0
        with:
          context: src/KeyConnector
          file: src/KeyConnector/Dockerfile
          platforms: linux/amd64
          push: true
          tags: ${{ steps.image-name.outputs.name }}