name: 'Build and Push with Podman'
description: 'Build and push container images using Podman and docker-run-action. Also supports Podman login.'
branding:
  color: 'yellow'
  icon: 'package'

inputs:
  login_registry:
    description: Container registry to push to (e.g. quay.io). If not set, image is only built locally.
    required: false
  login_username:
    description: Registry username.
    required: false
  login_password:
    description: Registry password (GitHub secret recommended).
    required: false
  tags:
    description: |
      Tags for the image. Space-separated. e.g. 
      quay.io/podman/stable:latest quay.io/podman/stable:nightly
    required: false
  labels:
    description: |
      List of additional metadata for an image. Space-separated.
    required: false
  build_args:
    description: |
      Optional build arguments. Space-separated. e.g.
      MY_ENV_VAR=Test MY_ENV_VAR2=Test2
    required: false
  extra_args:
    description: |
      Extra args to be passed to podman. Space-separated. e.g.
      -e=MY_ENV=Test -e=MY_ENV=Test2
    required: false
  dockerfile:
    description: Path to the Dockerfile. If set, build step is performed.
    required: false
  push:
    description: Whether to push the image after building.
    default: 'false'
    required: false
  security:
    description: Security flags that are used for an intermediate container. New line separated.
    default: '--network=host'
    required: false

runs:
  using: composite
  steps:
    - name: Run container steps
      uses: frozen-tapestry/docker-run-action@0c2c7831e29d4389f7521909b92e8097d1eecc88
      with:
        image: quay.io/podman/stable:latest
        mount_ws: true
        options: |
          ${{ inputs.security }}
          -v=${{ env.CACHE_SHARED_PATH }}/podman-auth:/home/podman/auth:rw
          -v=${{ env.CACHE_SHARED_PATH }}/podman-storage:/home/podman/.local/share/containers/storage:rw
          -v=${{ github.action_path }}/scripts:/scripts:ro
          -e=REGISTRY_AUTH_FILE=/home/podman/auth/auth.json
          -e=REGISTRY=${{ inputs.login_registry }}
          -e=USERNAME=${{ inputs.login_username }}
          -e=PASSWORD=${{ inputs.login_password }}
          -e=ACTION_TAGS=${{ inputs.tags }}
          -e=ACTION_LABELS=${{ inputs.labels }}
          -e=ACTION_BUILD_ARGS=${{ inputs.build_args }}
          -e=ACTION_EXTRA_ARGS=${{ inputs.extra_args }}
          -e=DOCKERFILE=${{ inputs.dockerfile }}
          -e=REVISION=${{ github.sha }}
          -e=SOURCE=${{ github.server_url }}/${{ github.repository }}
          -e=PUSH=${{ inputs.push }}
        run: /bin/bash /scripts/run.sh