name: Build Nestri runner base images

on: [ workflow_call ]

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: nestrilabs/nestri
  BASE_IMAGE: docker.io/cachyos/cachyos:latest

# This makes our release ci quit prematurely
# concurrency:
#     group: ci-${{ github.ref }}
#     cancel-in-progress: true

jobs:
  build-and-push-bases:
    name: Build and push images
    if: ${{ github.ref == 'refs/heads/production' || github.ref == 'refs/heads/dev' }}
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    strategy:
      matrix:
        variant:
          - { suffix: "", base: "docker.io/cachyos/cachyos:latest" }
          - { suffix: "v3", base: "docker.io/cachyos/cachyos-v3:latest" }
          #- { suffix: "v4", base: "docker.io/cachyos/cachyos-v4:latest" } # Disabled until GHA has this
    steps:
      - name: Checkout repo
        uses: actions/checkout@v4
      - name: Log into registry ${{ env.REGISTRY }}
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ github.token }}
      - name: Setup Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Set Swap Space
        uses: pierotofy/set-swap-space@master
        with:
          swap-size-gb: 20
      - name: Build and push runner-base image
        uses: docker/build-push-action@v6
        with:
          file: containerfiles/runner-base.Containerfile
          context: ./
          push: true
          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/runner-base:latest-${{ matrix.variant.suffix }}
          build-args: |
            BASE_IMAGE=${{ matrix.variant.base }}
          cache-from: type=gha,scope=runner-base-${{ matrix.variant.suffix }},mode=max
          cache-to: type=gha,scope=runner-base-${{ matrix.variant.suffix }},mode=max
          pull: true
      - name: Build and push runner-builder image
        uses: docker/build-push-action@v6
        with:
          file: containerfiles/runner-builder.Containerfile
          context: ./
          push: true
          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/runner-builder:latest-${{ matrix.variant.suffix }}
          build-args: |
            RUNNER_BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/runner-base:latest-${{ matrix.variant.suffix }}
          cache-from: type=gha,scope=runner-builder-${{ matrix.variant.suffix }},mode=max
          cache-to: type=gha,scope=runner-builder-${{ matrix.variant.suffix }},mode=max
      - name: Build and push runner-common image
        uses: docker/build-push-action@v6
        with:
          file: containerfiles/runner-common.Containerfile
          context: ./
          push: true
          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/runner-common:latest-${{ matrix.variant.suffix }}
          build-args: |
            RUNNER_BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/runner-base:latest-${{ matrix.variant.suffix }}
            RUNNER_BUILDER_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/runner-builder:latest-${{ matrix.variant.suffix }}
          cache-from: type=gha,scope=runner-common-${{ matrix.variant.suffix }},mode=max
          cache-to: type=gha,scope=runner-common-${{ matrix.variant.suffix }},mode=max