name: Build Nginx-based docker image
on:
  push:
concurrency:
  group: ${{ github.ref }}
  cancel-in-progress: true
jobs:
  build-static-assets:
    runs-on: ubuntu-latest
    timeout-minutes: 30
    steps:
      - uses: actions/checkout@v4
        with:
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      
      - name: Login to the private Docker registry
        uses: docker/login-action@v3
        with:
          registry: ${{ secrets.PRIVATE_REGISTRY_HOST }}
          username: ${{ secrets.PRIVATE_REGISTRY_USERNAME }}
          password: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}

      - name: Build and push intermediate stages (deps)
        uses: docker/build-push-action@v6
        with:
          context: .
          target: deps
          push: ${{ github.ref == 'refs/heads/main' }}
          tags: ${{ secrets.PRIVATE_REGISTRY_HOST }}/${{ env.GITHUB_REPOSITORY }}:deps
          cache-from: type=registry,ref=${{ secrets.PRIVATE_REGISTRY_HOST }}/${{ env.GITHUB_REPOSITORY }}:deps
          cache-to: type=inline

      - name: Build and push intermediate stages (builder)
        uses: docker/build-push-action@v6
        with:
          context: .
          target: builder
          push: ${{ github.ref == 'refs/heads/main' }}
          tags: ${{ secrets.PRIVATE_REGISTRY_HOST }}/${{ env.GITHUB_REPOSITORY }}:builder
          cache-from: type=registry,ref=${{ secrets.PRIVATE_REGISTRY_HOST }}/${{ env.GITHUB_REPOSITORY }}:builder
          cache-to: type=inline
        
      - name: Build and push (final)
        uses: docker/build-push-action@v6
        with:
          context: .
          push: ${{ github.ref == 'refs/heads/main' }}
          tags: ${{ secrets.PRIVATE_REGISTRY_HOST }}/${{ env.GITHUB_REPOSITORY }}:latest
          cache-from: type=registry,ref=${{ secrets.PRIVATE_REGISTRY_HOST }}/${{ env.GITHUB_REPOSITORY }}:latest
          cache-to: type=inline