name: Docker Build Test

on:
  workflow_dispatch:
  push:
    branches:
      - main
      - develop
    paths:
      - 'Dockerfile'
      - 'requirements.txt'
      - '**.py'

jobs:
  test-build:
    runs-on: ubuntu-latest
    name: Test Docker Build Only
    
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Build Docker image (test)
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Dockerfile
          platforms: linux/amd64
          push: false
          tags: |
            salvagedb-bot:test
            salvagedb-bot:${{ github.sha }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
          outputs: type=docker,dest=/tmp/image.tar

      - name: Load and test image
        run: |
          echo "🔄 Loading Docker image..."
          docker load -i /tmp/image.tar
          
          echo "📋 Checking built images:"
          docker images salvagedb-bot
          
          echo "🔍 Inspecting image details:"
          docker inspect salvagedb-bot:test | jq '.[0] | {Created: .Created, Size: .Size, Architecture: .Architecture}'
          
          echo "✅ Docker image built successfully!"

      - name: Security scan (basic)
        run: |
          echo "🛡️ Running basic security checks..."
          
          # Проверяем базовый образ
          echo "Base image check:"
          docker history salvagedb-bot:test --no-trunc --format "table {{.CreatedBy}}" | head -5
          
          # Проверяем пользователя
          echo "User check:"
          docker run --rm salvagedb-bot:test whoami || echo "Cannot determine user"
          
          # Проверяем размер образа
          echo "Image size:"
          docker images salvagedb-bot:test --format "table {{.Repository}}:{{.Tag}}\t{{.Size}}"

      - name: Build Summary
        run: |
          IMAGE_SIZE=$(docker images salvagedb-bot:test --format "{{.Size}}")
          IMAGE_ID=$(docker images salvagedb-bot:test --format "{{.ID}}")
          
          echo "## 🐳 Docker Build Test Summary" >> $GITHUB_STEP_SUMMARY
          echo "- **Event:** ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY
          echo "- **Branch:** ${{ github.ref_name }}" >> $GITHUB_STEP_SUMMARY
          echo "- **Commit:** ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
          echo "- **Image Tags:** \`salvagedb-bot:test\`, \`salvagedb-bot:${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
          echo "- **Image ID:** \`${IMAGE_ID}\`" >> $GITHUB_STEP_SUMMARY
          echo "- **Image Size:** ${IMAGE_SIZE}" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "### ✅ Tests Performed:" >> $GITHUB_STEP_SUMMARY
          echo "- ✅ Docker image builds without errors" >> $GITHUB_STEP_SUMMARY
          echo "- ✅ Image loads and runs correctly" >> $GITHUB_STEP_SUMMARY
          echo "- ✅ Basic security checks passed" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "**Note:** This is a test build only. No images were pushed to any registry." >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "### 🚀 Next Steps:" >> $GITHUB_STEP_SUMMARY
          echo "- Configure registry credentials to enable image publishing" >> $GITHUB_STEP_SUMMARY
          echo "- Use \`docker-build-local.yml\` workflow for registry deployment" >> $GITHUB_STEP_SUMMARY