ci_dev.gitlab-ci.yml

stages:
  - dev_pulling_repo
  - dev_secrets_in_repo
  - dev_linting_code
  - dev_linting_docker
  - docker_login

variables:
  GITLAB_API: "https://labs.etsi.org/api/v4"
  CI_JOB_TOKEN: $CI_JOB_TOKEN
  CI_DEBUG_TRACE: "false"
  CI_REGISTRY_USER: $CI_REGISTRY_USER
  CI_REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD
  CI_REGISTRY: $CI_REGISTRY
  CAPIF_DOCKER_REGISTRY: $CAPIF_DOCKER_REGISTRY


.dev_common: &dev_common
  tags:
    - shell

#dev_pulling_repo:
#  stage: dev_pulling_repo
#  script:
#    - git clone https://oauth2:${CI_JOB_TOKEN}@labs.etsi.org/rep/ocf/capif.git
#  <<: *dev_common

dev_secrets_in_repo:
  stage: dev_secrets_in_repo
  script:
    - |
      pip install trufflehog
      cd ../
      trufflehog capif --exclude_paths capif/cicd/exclusions --max_depth=5
#  needs: ["dev_pulling_repo"]
  <<: *dev_common

# define the process to do linting code: Sonarque, ruff?
dev_linting_code:
  stage: dev_linting_code
  script:
    - |
      echo "###ruff checks###"
      pip install ruff
      ruff check --config cicd/ruff.toml . || true
  needs: ["dev_secrets_in_repo"]
  <<: *dev_common

dev_linting_docker:
  stage: dev_linting_docker
  script:
   - |
    # Download hadolint binary
    wget https://github.com/hadolint/hadolint/releases/download/v2.8.0/hadolint-Linux-x86_64 -O hadolint

    # Make it executable
    chmod +x hadolint
    
    # Move it to your binaries folder
    mv hadolint ../
    
    # Verify the installation
    ../hadolint --version

    #find . -name 'services/Dockerfile*' -exec hadolint --no-fail -f gitlab_codeclimate {} + > docker-lint.json

    ../hadolint services/capif-client/Dockerfile || true
    ../hadolint services/vault/Dockerfile || true

    echo "### nginx ###"
    ../hadolint services/nginx/Dockerfile || true

    echo "### register ###"
    ../hadolint services/register/Dockerfile || true

    echo "### TS29222_CAPIF_Access_Control_Policy_API ###"
    ../hadolint services/TS29222_CAPIF_Access_Control_Policy_API/Dockerfile || true

    echo "### TS29222_CAPIF_API_Invoker_Management_API ###"
    ../hadolint services/TS29222_CAPIF_API_Invoker_Management_API/Dockerfile || true

    echo "### TS29222_CAPIF_API_Provider_Management_API ###"
    ../hadolint services/TS29222_CAPIF_API_Provider_Management_API/Dockerfile || true

    echo "### TS29222_CAPIF_Auditing_API ###"
    ../hadolint services/TS29222_CAPIF_Auditing_API/Dockerfile || true

    echo "### TS29222_CAPIF_Discover_Service_API ###"
    ../hadolint services/TS29222_CAPIF_Discover_Service_API/Dockerfile || true

    echo "### TS29222_CAPIF_Events_API ###"
    ../hadolint services/TS29222_CAPIF_Events_API/Dockerfile || true

    echo "### TS29222_CAPIF_Logging_API_Invocation_API ###"
    ../hadolint services/TS29222_CAPIF_Logging_API_Invocation_API/Dockerfile || true

    echo "### TS29222_CAPIF_Publish_Service_API ###"
    ../hadolint services/TS29222_CAPIF_Publish_Service_API/Dockerfile || true

    echo "### TS29222_CAPIF_Routing_Info_API ###"
    ../hadolint services/TS29222_CAPIF_Routing_Info_API/Dockerfile || true

    echo "### TS29222_CAPIF_Security_API ###"
    ../hadolint services/TS29222_CAPIF_Security_API/Dockerfile || true
#  artifacts:
#    name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
#    when: always
#    reports:
#      codequality:
#        - docker-lint.json
#  interruptible: true    
  needs: ["dev_linting_code"]
  <<: *dev_common

# NOT WORKING: failed when docker login. seem we need to use docker-in-docker rather than 
# shell alpine runners
docker_login:
  stage: docker_login
  image: docker:24.0.9
  services:
    - docker:24.0.9-dind
  tags:
    - docker
  script:
   - |
    #docker login --username $CI_REGISTRY_USER --password $CAPIF_DOCKER_REGISTRY $CI_REGISTRY
    cd services/capif-client/ && docker build -t capif-client:$CI_COMMIT_REF_SLUG .

    docker push capif-client:$CI_COMMIT_REF_SLUG
    
## NOT WORKING: failed when build de images - failed to mount overlay: operation not permitted" storage-driver=overlay2
#docker_login:
#  stage: docker_login
#  script:
#   - |
#    #!/bin/bash
#
#    # Update your existing list of packages
#    apk update
#
#    # Install Docker
#    apk add docker
#
#    # Start the Docker service
#    dockerd &
#
#    # Verify the installation
#    docker --version
#
#    echo "### docker login ###"
#    docker login --username $CI_REGISTRY_USER --password $CI_REGISTRY_PASSWORD $CI_REGISTRY
#
#    echo "### build & push capif-client ###"
#    cd services/capif-client/ && docker build -t capif-client:$CI_COMMIT_REF_SLUG .
#
#    docker push capif-client:$CI_COMMIT_REF_SLUG