.github/workflows/create-docker-action.yml

name: run_ci

on:
  push:
    branches: ['main', 'chore/*', 'feature/*', 'bug/*']
  workflow_dispatch:


env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}
  TESTING: true
  PB_ENABLED: false
  SQLALCHEMY_DATABASE_URI: "postgresql://postgres:${{ secrets.PG_PASSWORD }}@localhost:5432/crc_test"
  PGPASSWORD: ${{ secrets.PG_PASSWORD }}

jobs:
  sonarcloud:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          # Disabling shallow clone is recommended for improving relevancy of reporting
          fetch-depth: 0
      - name: SonarCloud Scan
        uses: sonarsource/sonarqube-scan-action@v4.1.0
        with:
          args: >
            -Dsonar.organization=sartography
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

  run_tests:
    runs-on: ubuntu-latest
    services:
      postgres:
        image: postgres
        env:
          POSTGRES_PASSWORD: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - uses: browser-actions/setup-chrome@latest
        with:
          chrome-version: stable
      - uses: actions/setup-python@v5
        with:
          python-version: '3.9'
          architecture: 'x64'
      - run: psql -h localhost -c 'create database crc_test;' -U postgres
      - run: pip install pipenv
      - run: pipenv install --dev
      - run: pipenv run coverage run -m pytest
      - run: pipenv run coverage xml -i

  build-and-push-image:
    needs:
      - run_tests
      - sonarcloud
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main'
    permissions:
      contents: read
      packages: write

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Log in to the Container registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

      - name: Build and push Docker image
        uses: docker/build-push-action@v6
        with:
          context: .
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}