# Reusable workflow — called by project repos via `uses:` # Shell-based — no node/JS actions required, works in host mode. # Requires: git and docker available on the runner host. name: Build and push Docker image on: workflow_call: inputs: image_name: description: "Image name (no registry prefix)" required: true type: string repo_name: description: "Source repo name (e.g. mtg-meta-scraper)" required: true type: string dockerfile_path: description: "Path to Dockerfile relative to repo root" required: false type: string default: "Dockerfile" registry: description: "Container registry host" required: false type: string default: "git.thewichersfamily.com" registry_owner: description: "Registry namespace" required: false type: string default: "thethreemagi" secrets: REGISTRY_USER: required: true REGISTRY_TOKEN: required: true GITEA_TOKEN: required: true jobs: build: runs-on: ubuntu-latest steps: - name: Checkout run: | rm -rf /tmp/${{ inputs.image_name }}-build git clone https://oauth2:${{ secrets.GITEA_TOKEN }}@${{ inputs.registry }}/${{ inputs.registry_owner }}/${{ inputs.repo_name }}.git /tmp/${{ inputs.image_name }}-build cd /tmp/${{ inputs.image_name }}-build && git checkout ${{ gitea.sha }} - name: Login to registry run: | echo "${{ secrets.REGISTRY_TOKEN }}" | docker login ${{ inputs.registry }} -u "${{ secrets.REGISTRY_USER }}" --password-stdin - name: Build and push run: | SHORT_SHA=$(echo "${{ gitea.sha }}" | cut -c1-7) IMAGE="${{ inputs.registry }}/${{ inputs.registry_owner }}/${{ inputs.image_name }}" docker build /tmp/${{ inputs.image_name }}-build \ -f /tmp/${{ inputs.image_name }}-build/${{ inputs.dockerfile_path }} \ -t "${IMAGE}:latest" \ -t "${IMAGE}:sha-${SHORT_SHA}" docker push "${IMAGE}:latest" docker push "${IMAGE}:sha-${SHORT_SHA}" - name: Cleanup if: always() run: | docker logout ${{ inputs.registry }} || true rm -rf /tmp/${{ inputs.image_name }}-build