name: 4testing multiarch-build

on:
  workflow_dispatch:
    inputs:
      zap:
        description: 'Run ZAP scanning after build?'
        type: boolean

  repository_dispatch:
    types:
      - cron-trigger-action
      - config-trigger-action
      - client-trigger-action
      - server-trigger-action

env:
  DOCKER_PATH: "/install/docker"
  REPO: "onlyoffice"
  DOCKER_IMAGE_PREFIX: "4testing-docspace"
  DOCKERFILE: "Dockerfile.app"

jobs:

  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        platform: [linux/amd64]
        branch: ${{ github.event.client_payload.branches }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3
        with:
          ref: ${{ matrix.branch }}
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2
      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v2
        
      - name: Free Disk Space
        run: |
          sudo rm -rf /usr/local/lib/android /opt/ghc
          sudo docker image prune --all --force

      - name: Login to DockerHub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
          
      - name: Build 4testing
        id: build
        run: |
          cd .${DOCKER_PATH}
          if [ "${{ matrix.branch }}" = "develop" ]; then
            PRODUCT_VERSION="develop"
            DOCKER_TAG=${PRODUCT_VERSION}.${{ github.run_number }}
          else
            PRODUCT_VERSION=$(echo "${{ matrix.branch }}" | sed '/^release\b\|^hotfix\b\|^feature\b/s/release.*\/\|hotfix.*\/\|feature.*\///; s/-git-action$//; s/^v//') 
            DOCKER_TAG=${PRODUCT_VERSION}.${{github.run_number}}
          fi
          export DOCKER_TAG
          docker buildx bake -f build.yml \
          --set *.args.GIT_BRANCH=${{ matrix.branch }} \
          --set *.args.PRODUCT_VERSION=${PRODUCT_VERSION} \
          --set *.args.BUILD_NUMBER=${BUILD_NUMBER} \
          --set *.platform=linux/amd64 \
          --set *.args.PRODUCT_VERSION=${PRODUCT_VERSION} \
          --set *.args.BUILD_NUMBER=${{github.run_number}} \
          --push

          echo "version=${DOCKER_TAG}" >> "$GITHUB_OUTPUT"
        shell: bash

      - name: Run zap action if needed
        if: ${{ github.event.action == 'cron-trigger-action' || github.event_name == 'workflow_dispatch' }}
        env:
          RUN_ZAP: ${{ github.event.inputs.zap || 'true' }}
          GITHUB_TOKEN: ${{ secrets.TOKEN }}
          VERSION: ${{ steps.build.outputs.version }}
        shell: bash
        run: |
           if [[ ${{ matrix.branch }} =~ release || ${{ matrix.branch }} =~ hotfix && ${RUN_ZAP} == true ]]; then
              gh workflow run zap-scan.yaml \
                 --repo ONLYOFFICE/DocSpace \
                 -f branch=${{ matrix.branch }} \
                 -f version=${VERSION}
           fi