name: "Test fixture cache: publish"

on:
  workflow_dispatch:
  schedule:
    # run nightly at 4AM UTC
    - cron: "0 4 * * *"

permissions:
  contents: read

jobs:

  Publish:
    name: "Publish test fixture image cache"
    # runs-on.com: memory-optimized instances for building test fixture cache
    #   spot disabled: can run up to an hour, avoid interruptions
    #   disk=large: need more storage for docker images and fixture cache
    #   s3-cache: faster actions cache
    #   tmpfs: faster io-intensive workflows
    runs-on: runs-on=${{ github.run_id }}/cpu=4+8/ram=64+128/family=r5+r6+r7+r8/spot=false/extras=s3-cache+tmpfs
    if: github.repository == 'anchore/syft' # only run for main repo
    permissions:
      packages: write
    steps:
      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1
        with:
          persist-credentials: false

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
        with:
          # we want to rebuild the cache with no previous state
          download-test-fixture-cache: false

      - name: Run all tests
        run: |
          make test
        env:
          # we want to rebuild the cache with no previous state
          DOWNLOAD_TEST_FIXTURE_CACHE: "false"

      - name: Login to GitHub Container Registry (ORAS)
        run: echo "${{ secrets.GITHUB_TOKEN }}" | .tool/oras login ghcr.io -u "$ACTOR" --password-stdin
        env:
          ACTOR: ${{ github.actor }}

      - name: Publish test fixture cache
        run: make upload-test-fixture-cache