---
name: manifest

description: "Creates manifest"

inputs:
  roleId:
    description: 'This is the vault approle id'
    required: true
  secretId:
    description: 'This is the vault approle secret id'
    required: true

runs:
  using: composite
  steps:
    - name: Get Vault secrets
      uses: https://github.com/hashicorp/vault-action@v3
      with:
        url: ${{ vars.VAULT_HOST }}
        caCertificate: ${{ vars.VAULT_CA_CERT }}
        method: approle
        outputToken: true
        roleId: ${{ inputs.roleId }}
        secretId: ${{ inputs.secretId }}
        secrets: |
          iaas/data/docker-registry/registry.infra.eu01.int.stackit.cloud harbor-push | REGISTRY_PASS ;
    - name: Login to Registry
      uses: https://stackit-iaas.git.onstackit.cloud/actions/login-action@v4
      with:
        registry: ${{ env.REGISTRY_URL }}
        username: ${{ env.REGISTRY_USER }}
        password: ${{ env.REGISTRY_PASS }}
    - name: Create Manifest
      shell: bash
      run: |
        if [ -n "${BRANCH_NAME}" ]; then
          BRANCH_NICE=$(echo ${BRANCH_NAME} | iconv -t ascii | sed -r s/[^a-zA-Z0-9]+/-/g | sed -r s/^-+\|-+$//g | tr A-Z a-z)
          DOCKER_TAG="${REGISTRY_URL}/${DOCKER_PATH}:${BRANCH_NICE}"
        elif [ -n "${TAG}" ]; then
          DOCKER_TAG="${REGISTRY_URL}/${DOCKER_PATH}:${TAG}"
        else
          echo "Either TAG or BRANCH_NAME env variable need to be set. Exiting."
          exit 1
        fi

        docker manifest create "${DOCKER_TAG}" "${DOCKER_TAG}-amd64" "${DOCKER_TAG}-arm64"
        docker manifest push "${DOCKER_TAG}"

        if [[ $RELEASE == "true" ]]; then
          docker manifest create "${DOCKER_LATEST}" "${DOCKER_LATEST}-amd64" "${DOCKER_LATEST}-arm64"
          docker manifest push "${DOCKER_LATEST}"
        fi