name: Docker Image Build and Analysis

on:
  schedule:
    - cron: "0 0 * * *"  # Schedule the workflow to run daily at midnight (UTC time). Adjust the time if needed.
  workflow_dispatch:  # Manual run trigger
    inputs:
      trigger-build:
        description: 'Trigger a manual build and push'
        default: 'true'

jobs:
  build-and-analyze:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Log in to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Build multiarch Docker image
        id: build-image
        run: |
          docker buildx create --use
          docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 -t wg-dashboard:latest .

      - name: Docker Scout Analysis
        id: docker-scout
        run: |
          docker run --rm \
            -v /var/run/docker.sock:/var/run/docker.sock \
            docker/scout-action:v1 \
            cves \
            --image wg-dashboard:latest \
            --github-token ${{ secrets.GITHUB_TOKEN }}