name: Build and Push Docker Image

on:
    push:
      branches:
        - master
      paths-ignore:
        - 'scripts/**'
        - '.gitignore'
        - '.github/**'
        - 'book/**'
    workflow_dispatch:

concurrency: build_docker

permissions:
  packages: write
  id-token: write
  contents: write

jobs:
  build-and-push:
    runs-on: ubuntu-latest
    steps:
      # 1. Check out the repository to get the Dockerfile
      - name: Check out code
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      # 2. Log into GitHub Container Registry
      - name: Log in to GHCR
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      # 3. Build and push
      - name: Build and push Docker image
        run: |
          # Define image name
          IMAGE_NAME=ghcr.io/hacktricks-wiki/hacktricks-cloud/translator-image

          # Build Docker image
          docker build -t $IMAGE_NAME:latest .

          # Push Docker image to GHCR
          docker push $IMAGE_NAME:latest

          # Set image visibility to public
          curl -X PATCH \
            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
            -H "Accept: application/vnd.github.v3+json" \
            https://api.github.com/user/packages/container/translator-image/visibility \
            -d '{"visibility":"public"}'