name: Create Docker rootfs assets

on:
  workflow_run:
    workflows: ["Create and publish a Docker image"]
    types:
      - completed
    branches:
      - main

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  create-rootfs-assets:
    runs-on: ubuntu-latest
    if: ${{ github.event.workflow_run.conclusion == 'success' }}
    permissions:
      contents: write
      packages: read

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Set up QEMU
        uses: docker/setup-qemu-action@master
        with:
          platforms: all

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@master

      - name: Log in to the Container registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Get latest release tag
        id: get_tag
        run: |
          LATEST_TAG=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r '.tag_name')
          echo "tag=$LATEST_TAG" >> $GITHUB_OUTPUT
          echo "Latest release tag: $LATEST_TAG"

      - name: Export rootfs for amd64
        run: |
          echo "Creating and exporting amd64 container..."
          CONTAINER_ID=$(docker create --platform linux/amd64 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.get_tag.outputs.tag }})
          docker export $CONTAINER_ID --output="firegex-rootfs-amd64.tar"
          docker rm $CONTAINER_ID
          echo "Compressing amd64 rootfs..."
          gzip firegex-rootfs-amd64.tar
          ls -lh firegex-rootfs-amd64.tar.gz

      - name: Export rootfs for arm64
        run: |
          echo "Creating and exporting arm64 container..."
          CONTAINER_ID=$(docker create --platform linux/arm64 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.get_tag.outputs.tag }})
          docker export $CONTAINER_ID --output="firegex-rootfs-arm64.tar"
          docker rm $CONTAINER_ID
          echo "Compressing arm64 rootfs..."
          gzip firegex-rootfs-arm64.tar
          ls -lh firegex-rootfs-arm64.tar.gz

      - name: Calculate checksums
        run: |
          echo "Calculating checksums..."
          sha256sum firegex-rootfs-amd64.tar.gz > firegex-rootfs-amd64.tar.gz.sha256
          sha256sum firegex-rootfs-arm64.tar.gz > firegex-rootfs-arm64.tar.gz.sha256
          cat *.sha256

      - name: Upload rootfs assets to release
        run: |
          echo "Uploading assets to release ${{ steps.get_tag.outputs.tag }}..."
          gh release upload ${{ steps.get_tag.outputs.tag }} \
            firegex-rootfs-amd64.tar.gz \
            firegex-rootfs-amd64.tar.gz.sha256 \
            firegex-rootfs-arm64.tar.gz \
            firegex-rootfs-arm64.tar.gz.sha256 \
            --clobber
          echo "Assets uploaded successfully!"
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}