name: Build and Push OCI Image

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
  workflow_dispatch:

jobs:
  build:
    runs-on: nix
    steps:
      - name: Checkout code
        uses: https://code.forgejo.org/actions/checkout@v4

      - name: Build OCI image
        run: |
          nix build .#solidhaus-image \
            --print-build-logs \
            --show-trace

      - name: Push to registry
        if: github.ref == 'refs/heads/main'
        run: |
          image=$(nix build --no-link --print-out-paths .#solidhaus-image)
          skopeo copy \
            --dest-tls-verify=false \
            "docker-archive:$image" \
            "docker://registry.toph.so/solidhaus:latest"

          # Also tag with commit SHA
          skopeo copy \
            --dest-tls-verify=false \
            "docker-archive:$image" \
            "docker://registry.toph.so/solidhaus:${GITHUB_SHA:0:7}"

      - name: Build summary
        if: github.ref == 'refs/heads/main'
        run: |
          echo "### ✅ Image Built and Pushed" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "- **Image**: registry.toph.so/solidhaus:latest" >> $GITHUB_STEP_SUMMARY
          echo "- **Tag**: ${GITHUB_SHA:0:7}" >> $GITHUB_STEP_SUMMARY
          echo "- **Commit**: ${GITHUB_SHA}" >> $GITHUB_STEP_SUMMARY