on: 
  push:
    paths:
      - "docker/**"
      - ".gitea/**"
      - "pbsclient/**"
  schedule:
    - cron: "0 16 * * Sun"

jobs:

  build-image:
    runs-on: oci-image-builder

    steps:
    
    - name: Checkout code
      uses: actions/checkout@v4

    - name: Create non-root user for BuildKit
      run: |
        adduser -D -u 1000 builder

    - name: Start BuildKit (rootless)
      run: |
        su builder -c '
          export XDG_RUNTIME_DIR=/tmp/buildkit
          mkdir -p $XDG_RUNTIME_DIR
          buildkitd \
            --root /home/builder/.local/share/buildkit \
            --addr unix://$XDG_RUNTIME_DIR/buildkitd.sock \
            >/home/builder/buildkitd.log 2>&1 &
        '
        sleep 3

    - name: Check BuildKit daemon
      run: |
        ls -l /run/buildkit
        cat /tmp/buildkitd.log || tru

    - name: Authenticate to Gitea registry
      run: |
        mkdir -p ~/.docker
        AUTH=$(printf "%s" "${{ secrets.GITLIMBO_DOCKER_REGISTRY_USERNAME }}:${{ secrets.GITLIMBO_DOCKER_REGISTRY_PASSWORD }}" | base64 -w 0)
        printf '{"auths":{"git.limbosolutions.com":{"auth":"%s"}}}' "$AUTH" > ~/.docker/config.json


    - name: Debug paths
      run: |
        echo "PWD: $(pwd)"
        ls -al
        ls -al ./pbsclient || echo "pbsclient missing"
        ls -al ./pbsclient/docker || echo "docker dir missing"

    - name: Build and push image
      run: |
        su builder -c '
          export XDG_RUNTIME_DIR=/tmp/buildkit
          buildctl \
            --addr unix://$XDG_RUNTIME_DIR/buildkitd.sock \
            build \
            --frontend=dockerfile.v0 \
            --local context=./pbsclient \
            --local dockerfile=./pbsclient/docker \
            --opt filename=Dockerfile \
            --output type=image,name=git.limbosolutions.com/kb/pbsclient:latest,push=true '