name: Build and upload access-manager image
env:
  REGISTRY: ghcr.io
  IMAGE_NAME: access-manager

on:
  workflow_dispatch:
  push:
    branches:
      - main
      - "release/**"
    paths:
      - "access_manager/**"
      - "internal/deploy/**"

jobs:
  build-access-manager:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    steps:
      - name: Check out repository
        id: checkout
        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0

      - name: Setup Go environment
        uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1
        with:
          go-version: "1.19.3"

      - name: Build and upload access-manager container image
        id: build-and-upload
        uses: ./.github/actions/build_micro_service
        with:
          name: access-manager
          projectVersion: "0.0.0"
          dockerfile: access_manager/Dockerfile
          githubToken: ${{ secrets.GITHUB_TOKEN }}
          cosignPublicKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
          cosignPrivateKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
          cosignPassword: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}