name: CI/CD

on:
  push:
    tags:
      - "[0-9]+.[0-9]+.[0-9]+"
  schedule:
    - cron: "0 5 * * 0"

env:
  USER: loganmarchione
  REPO: docker-webdav-nginx

jobs:
  ubuntu_ci:
    name: Build and test

    runs-on: ubuntu-latest

    steps:
    - name: Check out the codebase
      uses: actions/checkout@v2

    - name: Set variables
      run: |
        VER=$(cat VERSION)
        echo "VERSION=$VER" >> $GITHUB_ENV

    - name: Build Docker Image
      uses: docker/build-push-action@v2
      with:
        push: false
        context: .
        file: Dockerfile
        load: true
        tags: |
          ${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
          ${{ env.USER }}/${{ env.REPO }}:latest

    - name: Test image
      run: |
        docker images
        docker run --name test-container --detach --env WEBDAV_USER=user1 --env WEBDAV_PASS=password1 --volume 'webdav:/var/www/webdav' ${USER}/${REPO}:${VERSION}
        docker ps -a

    - name: Container scan
      uses: azure/container-scan@v0
      with:
        image-name: ${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
        severity-threshold: CRITICAL
        run-quality-checks: true

  ubuntu_cd:
    name: Deploy

    needs: ubuntu_ci
    runs-on: ubuntu-latest

    steps:
    - name: Check out the codebase
      uses: actions/checkout@v2

    - name: Set variables
      run: |
        VER=$(cat VERSION)
        echo "VERSION=$VER" >> $GITHUB_ENV

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v1

    - name: Login to DockerHub
      uses: docker/login-action@v1
      with:
        username: ${{ secrets.DOCKER_HUB_USER }}
        password: ${{ secrets.DOCKER_HUB_PASS }}
        logout: true

    - name: Build Docker Image
      uses: docker/build-push-action@v2
      with:
        push: true
        context: .
        file: Dockerfile
        tags: |
          ${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
          ${{ env.USER }}/${{ env.REPO }}:latest