name: nightly-build
on:
  schedule:
    # Daily at 2:48am
    - cron: '48 2 * * *'

permissions:
  contents: read

jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Setup Go
        uses: actions/setup-go@main
        with:
          go-version: 1.20.4
        id: go

      - name: Setup docker scan
        run: |
          mkdir -p ~/.docker/cli-plugins && \
          curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
          chmod +x ~/.docker/cli-plugins/docker-scan

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
      
      - name: Code checkout
        uses: actions/checkout@master

      - uses: actions/cache@v3
        with:
          path: gocache-for-docker
          key: gocache-docker-${{ runner.os }}-${{ steps.go.outputs.go-version }}-${{ hashFiles('go.mod') }}

      - name: build & publish
        run: |
          docker scan --severity=medium --login --token "$SNYK_TOKEN" --accept-license
          LATEST_TAG=nightly PKG_TAG=nightly make publish
        env: 
          SNYK_TOKEN: ${{ secrets.SNYK_AUTH_TOKEN }}