name: Build and Push to ACR

on:
  push:
    branches: [ main ]
  release:
    types: [ published ]
  workflow_dispatch:          # 手动触发
    inputs:
      image_tag:              # 手动运行时可指定 TAG（留空则自动判断）
        description: "Tag to push (default: branch/release name, else latest)"
        required: false
        default: ""

jobs:
  docker:
    runs-on: [buildx]
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Login to ACR
        run: |
          echo "${{ secrets.ACR_PASSWORD }}" | docker login \
            ${{ secrets.ACR_REGISTRY }} \
            -u "${{ secrets.ACR_USERNAME }}" \
            --password-stdin

      - name: Build Docker Image
        run: |
          IMAGE=${{ secrets.ACR_REGISTRY }}/${{ secrets.ACR_NAMESPACE }}/myapp

          # 优先用手动输入的 image_tag；否则用分支/发布名；再否则用 latest
          TAG="${{ github.event.inputs.image_tag }}"
          if [ -z "$TAG" ]; then TAG="${GITHUB_REF_NAME:-latest}"; fi

          echo "Building $IMAGE:$TAG"
          docker build -t "$IMAGE:$TAG" -f docker/Dockerfile .

      - name: Push Docker Image
        run: |
          IMAGE=${{ secrets.ACR_REGISTRY }}/${{ secrets.ACR_NAMESPACE }}/myapp
          TAG="${{ github.event.inputs.image_tag }}"
          if [ -z "$TAG" ]; then TAG="${GITHUB_REF_NAME:-latest}"; fi

          echo "Pushing $IMAGE:$TAG"
          docker push "$IMAGE:$TAG"