---
name: Dockle

on:
  push:
    branches:
      - master
      - develop
  pull_request:

jobs:
  dockle:
    runs-on: ubuntu-latest
    env:
      DOCKER_CONTENT_TRUST: 1
      DOCKLE_VERSION: 0.4.15

    steps:
      - uses: actions/checkout@v4.3.0

      - run: |
          cp .config/docker_example.env .config/docker.env
          cp ./compose_example.yml ./compose.yml

      - run: |
          docker compose up -d web
          IMAGE_ID=$(docker compose images --format json web | jq -r '.[0].ID')
          docker tag "${IMAGE_ID}" misskey-web:latest

      - name: Debug docker images
        run: |
          echo "== docker images =="
          docker images
          echo
          echo "== inspect misskey-web:latest =="
          docker image inspect misskey-web:latest || echo "misskey-web:latest NOT FOUND"

      - name: run dockle
        env:
          DOCKER_CONTENT_TRUST: 0
        run: |
          echo "> docker run dockle …"
          docker run --rm \
            -e DOCKER_HOST=unix:///var/run/docker.sock \
            -v /var/run/docker.sock:/var/run/docker.sock \
            goodwithtech/dockle:v${DOCKLE_VERSION} \
            --debug \
            --exit-code 1 \
            misskey-web:latest