name: push-ld
on:
  workflow_dispatch:

env:
  IMAGE: "ghcr.io/fluxcd/flagger-loadtester"

permissions:
  contents: read

jobs:
  release-load-tester:
    runs-on:
      group: "Default Larger Runners"
    permissions:
      id-token: write
      packages: write
    steps:
      - uses: actions/checkout@v5
      - uses: sigstore/cosign-installer@v3.10.0
      - name: Prepare
        id: prep
        run: |
          VERSION=$(grep 'VERSION' cmd/loadtester/main.go | head -1 | awk '{ print $4 }' | tr -d '"')
          echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
          echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
      - name: Setup QEMU
        uses: docker/setup-qemu-action@v3
      - name: Setup Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: fluxcdbot
          password: ${{ secrets.GHCR_TOKEN }}
      - name: Generate image meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: |
            ${{ env.IMAGE }}
          tags: |
            type=raw,value=${{ steps.prep.outputs.VERSION }}
      - name: Publish image
        id: build-push
        uses: docker/build-push-action@v6
        with:
          push: true
          builder: ${{ steps.buildx.outputs.name }}
          context: .
          file: ./Dockerfile.loadtester
          platforms: linux/amd64,linux/arm64
          build-args: |
            REVISION=${{ github.sha }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
      - name: Sign image
        env:
          COSIGN_EXPERIMENTAL: 1
        run: |
          cosign sign --yes ${{ env.IMAGE }}@${{ steps.build-push.outputs.digest }}