.gitlab-ci.yml

stages:
  - build
  - docker-build
  - release

variables:
  # This will suppress any download for dependencies and plugins or upload messages which would clutter the console log.
  # `showDateTime` will show the passed time in milliseconds. You need to specify `--batch-mode` to make this work.
  MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
  # As of Maven 3.3.0 instead of this you may define these options in `.mvn/maven.config` so the same config is used
  # when running from the command line.
  # `installAtEnd` and `deployAtEnd` are only effective with recent version of the corresponding plugins.
  MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"

# Cache downloaded dependencies and plugins between builds.
# To keep cache across branches add 'key: "$CI_JOB_NAME"'
cache:
  paths:
    - .m2/repository

.mvn_build_and_it_tests:
  image: registry.internal.pablintino.net/tools-rel/jdk-builder:v0.0.1-jdk11
  services:
    - name: postgres:13.4
      alias: it-postgres
    - name: rabbitmq:3.9.5
      alias: it-rabbitmq
  variables:
    SPRING_DATASOURCE_URL: "jdbc:postgresql://it-postgres:5432/it-database"
    SPRING_DATASOURCE_USERNAME: postgres
    SPRING_DATASOURCE_PASSWORD: changeme
    SPRING_RABBITMQ_HOST: it-rabbitmq
    SPRING_RABBITMQ_PORT: 5672
    POSTGRES_DB: "it-database"
    POSTGRES_USER: "postgres"
    POSTGRES_PASSWORD: "changeme"
  before_script:
    - source <(builder2 source)

maven-build-verify:
  extends: .mvn_build_and_it_tests
  stage: build
  script:
    - 'mvn $MAVEN_CLI_OPTS verify -s ci_settings.xml -P ci-it-test'
  rules:
    # Avoid pipeline creation for maven release plugin commits
    - if: $CI_COMMIT_MESSAGE =~ /^\[maven\-release\-plugin\]/
      when: never
    # Run on non master nor tags branches (includes MRs)
    - if: $CI_COMMIT_REF_NAME != "master" && $CI_COMMIT_TAG == null
      when: always

maven-build-deploy:
  extends: .mvn_build_and_it_tests
  stage: build
  script:
    - if [ ! -f ci_settings.xml ];
      then echo "CI settings missing\! If deploying to GitLab Maven Repository, please see https://docs.gitlab.com/ee/user/packages/maven_repository/index.html#create-maven-packages-with-gitlab-cicd for instructions.";
      fi
    - 'mvn $MAVEN_CLI_OPTS deploy -s ci_settings.xml -P ci-it-test'
  rules:
    # Avoid pipeline creation for maven release plugin commits
    - if: $CI_COMMIT_MESSAGE =~ /^\[maven\-release\-plugin\]/
      when: never
    # Run only on master
    - if: $CI_COMMIT_REF_NAME == "master" && $CI_COMMIT_TAG == null
      when: always
  artifacts:
    paths:
      - scheduler-service/target/*.jar
      - scheduler-service-models/target/*.jar
    expire_in: 1 week

docker-build:
  stage: docker-build
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [ "" ]
  allow_failure: false
  before_script:
    - mkdir -p /kaniko/.docker
    - echo "{\"auths\":{\"${CI_HARBOR_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_HARBOR_ROBOT_USER}" "${CI_HARBOR_ROBOT_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
    - cat /etc/ssl/custom/root_ca.crt >> /kaniko/ssl/certs/additional-ca-cert-bundle.crt
  script:
    - >-
      /kaniko/executor
      --context "${CI_PROJECT_DIR}"/scheduler-service
      --dockerfile "${CI_PROJECT_DIR}/scheduler-service/Dockerfile"
      --destination "${CI_HARBOR_REGISTRY}/arq-svcs-ci/scheduler-service:${CI_COMMIT_SHORT_SHA}"
      --destination "${CI_HARBOR_REGISTRY}/arq-svcs-dev/scheduler-service:latest"
  rules:
    # Avoid pipeline creation for maven release plugin commits
    - if: $CI_COMMIT_MESSAGE =~ /^\[maven\-release\-plugin\]/
      when: never
    # Run only on master
    - if: $CI_COMMIT_REF_NAME == "master" && $CI_COMMIT_TAG == null
      when: on_success

mvn-release:
  extends: .mvn_build_and_it_tests
  stage: release
  when: manual
  allow_failure: false
  before_script:
    - source <(builder2 source)
    - 'mkdir -p ~/.ssh/'
    - echo -n "$DEPLOY_PRIVATE_KEY" | base64 --decode > ~/.ssh/id_rsa
    - 'chmod 700 ~/.ssh && chmod 600 ~/.ssh/id_rsa'
    - 'ssh-keyscan $CI_SERVER_HOST >> ~/.ssh/known_hosts'
    - 'chmod 644 ~/.ssh/known_hosts'
    - 'git config --global user.email "noreply@your.gitlab.host"'
    - 'git config --global user.name "GitLab CI"'
    - 'git checkout -B "$CI_COMMIT_REF_NAME"'
  script:
    - if [ ! -f ci_settings.xml ];
      then echo "CI settings missing\! If deploying to GitLab Maven Repository, please see https://docs.gitlab.com/ee/user/packages/maven_repository/index.html#create-maven-packages-with-gitlab-cicd for instructions.";
      fi
    # Grab jar name and version and add it to the dotenv file for further docker usage
    - echo "BUILD_VERSION=v$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout -f scheduler-service/pom.xml | cut -d '-' -f1)" >> build.env
    - echo "SPRING_BOOT_JAR_FILE=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout -f scheduler-service/pom.xml)-$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout -f scheduler-service/pom.xml | cut -d '-' -f1).jar" >> build.env
    - 'mvn release:clean release:prepare release:perform -s ci_settings.xml -P ci-it-test'
  variables:
    # Ensure that the full repo is cloned on every execution. Fixes some issues about tags removed from remote but not in cache
    GIT_STRATEGY: clone
  rules:
    # Avoid pipeline creation for maven release plugin commits
    - if: $CI_COMMIT_MESSAGE !~ /^\[maven\-release\-plugin\]/ &&  $CI_COMMIT_REF_NAME == "master"
      when: manual
    - when: never


maven-build-tag:
  stage: build
  extends: .mvn_build_and_it_tests
  allow_failure: false
  script:
    - if [ ! -f ci_settings.xml ];
      then echo "CI settings missing\! If deploying to GitLab Maven Repository, please see https://docs.gitlab.com/ee/user/packages/maven_repository/index.html#create-maven-packages-with-gitlab-cicd for instructions.";
      fi
    - mvn $MAVEN_CLI_OPTS verify -s ci_settings.xml
  artifacts:
    paths:
      - scheduler-service/target/*.jar
    expire_in: 1 week
  only:
    - tags

docker-release-tag:
  stage: docker-build
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [ "" ]
  allow_failure: false
  before_script:
    - mkdir -p /kaniko/.docker
    - echo "{\"auths\":{\"${CI_HARBOR_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_HARBOR_ROBOT_USER}" "${CI_HARBOR_ROBOT_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
    - cat /etc/ssl/custom/root_ca.crt >> /kaniko/ssl/certs/additional-ca-cert-bundle.crt
  script:
    - >-
      /kaniko/executor
      --context "${CI_PROJECT_DIR}"/scheduler-service
      --dockerfile "${CI_PROJECT_DIR}/scheduler-service/Dockerfile"
      --destination "${CI_HARBOR_REGISTRY}/arq-svcs-rel/scheduler-service:${CI_COMMIT_REF_NAME}"
      --destination "${CI_HARBOR_REGISTRY}/arq-svcs-rel/scheduler-service:latest"
  only:
    - tags