pipeline {
  agent any

  triggers {
    GenericTrigger(
      causeString: 'Triggered on tag push',
      token: 'tag-trigger-secret',
      printContributedVariables: true,
      printPostContent: true,
      regexpFilterExpression: 'ref=refs/tags/.*\nafter=(?!0{40}).*',
      regexpFilterText: '$ref\n$after',
      genericVariables: [
        [key: 'ref', value: '$.ref'],
        [key: 'after', value: '$.after']
      ]
    )
  }

  environment {
    REGISTRY = 'codeberg.org'
    IMAGE_NAME = "${REGISTRY}/lvl0/incr"
    DOCKER_CREDENTIALS_ID = 'codeberg-registry'
  }

  stages {
    stage('Tag Push Filter') {
      steps {
        script {
          if (!env.ref?.startsWith('refs/tags/')) {
            echo "Not a tag push (ref = ${env.ref}). Skipping build."
            currentBuild.result = 'NOT_BUILT'
            return
          }
        }
      }
    }

    stage('Build & Push Docker Image') {
      when {
        expression {
          return env.ref?.startsWith('refs/tags/') && env.after != null && env.after != "0000000000000000000000000000000000000000"
        }
      }
      steps {
        script {
          def tagName = env.ref.replaceFirst(/^refs\/tags\//, '')
          def cleanedTag = tagName.replaceFirst(/^v/, '')

          sh "docker build -t $IMAGE_NAME:$cleanedTag -f docker/Dockerfile ."

          withCredentials([usernamePassword(credentialsId: "$DOCKER_CREDENTIALS_ID", usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
            sh """
              echo "$PASSWORD" | docker login $REGISTRY -u "$USERNAME" --password-stdin
              docker push $IMAGE_NAME:$cleanedTag
              docker tag $IMAGE_NAME:$cleanedTag $IMAGE_NAME:latest
              docker push $IMAGE_NAME:latest
            """
          }
        }
      }
    }
  }
}
