name: Build and Upload GCP CCM container image

on:
  push:
    branches:
      - 'main'
    paths:
      - '.github/workflows/build-ccm-gcp.yml'
      - '.github/actions/gcpccm_vers_to_build/**'
  schedule:
    - cron: "0 4 * * 3" # Every Wednesday at 4am UTC
  workflow_dispatch:

jobs:
  find-ccm-versions:
    runs-on: ubuntu-22.04
    outputs:
      versions: ${{ steps.find-versions.outputs.versions }}
      latest: ${{ steps.find-latest.outputs.latest }}
    steps:
      - name: Checkout Constellation
        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5

      - name: Checkout kubernetes/cloud-provider-gcp
        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
        with:
          repository: "kubernetes/cloud-provider-gcp"
          path: "cloud-provider-gcp"
          fetch-depth: 0

      - name: Setup Go environment
        uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
        with:
          go-version: "1.22.3"
          cache: false

      - name: Install Crane
        run: |
          go install github.com/google/go-containerregistry/cmd/crane@latest

      - name: Find versions
        id: find-versions
        uses: ./.github/actions/gcpccm_vers_to_build
        with:
          path: "cloud-provider-gcp"

      - name: Find latest
        id: find-latest
        run: |
          rawList=$(jq -r '.[]' <<< '${{ steps.find-versions.outputs.versions }}')
          lastest=$(echo "${rawList}" | sort -V | tail -n 1)
          echo "latest=${lastest}" | tee -a "$GITHUB_OUTPUT"

  build-ccm-gcp:
    # matrix cannot handle empty lists
    if: needs.find-ccm-versions.outputs.versions != '[]'
    runs-on: ubuntu-22.04
    permissions:
      contents: read
      packages: write
    needs: find-ccm-versions
    strategy:
      fail-fast: false
      matrix:
        version: ${{ fromJson(needs.find-ccm-versions.outputs.versions) }}
    steps:
      - name: Checkout Constellation
        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5

      - name: Checkout kubernetes/cloud-provider-gcp
        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
        with:
          repository: "kubernetes/cloud-provider-gcp"
          path: "cloud-provider-gcp"
          ref: refs/tags/ccm/${{ matrix.version }}

      - name: Docker meta
        id: meta
        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
        with:
          images: |
            ghcr.io/edgelesssys/cloud-provider-gcp
          flavor: |
            latest=${{ matrix.version == needs.find-ccm-versions.outputs.latest }}
          tags: |
            type=semver,pattern=v{{version}},value=${{ matrix.version }}

      - name: Log in to the Container registry
        id: docker-login
        uses: ./.github/actions/container_registry_login
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build CCM
        working-directory: cloud-provider-gcp
        run: |
          bazel build //cmd/cloud-controller-manager:cloud-controller-manager

      - name: Copy CCM
        working-directory: cloud-provider-gcp
        run: |
          cp ./bazel-bin/cmd/cloud-controller-manager/cloud-controller-manager_/cloud-controller-manager ./cloud-controller-manager

      - name: Prepare Dockerfile
        working-directory: cloud-provider-gcp
        run: |
          cat > Dockerfile <<EOF
          FROM scratch
          COPY ./cloud-controller-manager /cloud-controller-manager
          EOF

      - name: Build and push container image
        id: build
        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
        with:
          context: ./cloud-provider-gcp
          push: ${{ github.ref_name == 'main' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}