name: Build and Upload GCP guest-agent container

on:
  workflow_dispatch:
  schedule:
    - cron: "0 4 * * 2" # Every Tuesday at 4am UTC

env:
  REGISTRY: ghcr.io

jobs:
  build-gcp-guest-agent:
    runs-on: ubuntu-22.04
    permissions:
      contents: read
      packages: write

    steps:
      - name: Get latest release of guest-agent
        id: latest-release
        run: |
          latest=$(curl -fsSL https://api.github.com/repos/GoogleCloudPlatform/guest-agent/releases/latest | jq -r .tag_name)
          echo "Latest version of guest-agent is $latest"
          echo "latest=$latest" >> "$GITHUB_OUTPUT"

      - name: Checkout GoogleCloudPlatform/guest-agent
        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
        with:
          repository: "GoogleCloudPlatform/guest-agent"
          ref: refs/tags/${{ steps.latest-release.outputs.latest }}
          path: "guest-agent"

      - name: Checkout Constellation
        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
        with:
          path: "constellation"
          ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

      - name: Docker meta
        id: meta
        uses: docker/metadata-action@507c2f2dc502c992ad446e3d7a5dfbe311567a96 # v4.3.0
        with:
          images: |
            ${{ env.REGISTRY }}/edgelesssys/gcp-guest-agent
          flavor: |
            latest=false
          tags: |
            type=raw,value=${{ steps.latest-release.outputs.latest }}
            type=raw,value=${{ github.ref_name }},enable=${{ github.ref_name != 'main' }}
            type=sha,value=${{ github.sha }}
            type=raw,value=latest,enable=${{ github.ref_name == 'main' }}

      - name: Log in to the Container registry
        id: docker-login
        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # tag=v2.1.0
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Prepare hardcoded configuration file
        run: |
          cp "${GITHUB_WORKSPACE}/constellation/3rdparty/gcp-guest-agent/instance_configs.cfg" "${GITHUB_WORKSPACE}/guest-agent/"

      - name: Build and push container image
        id: build
        uses: docker/build-push-action@1104d471370f9806843c095c1db02b5a90c5f8b6 # v3.3.1
        with:
          context: ./guest-agent
          file: ./constellation/3rdparty/gcp-guest-agent/Dockerfile
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}