ci_dev.gitlab-ci.yml

stages:
  - dev_pulling_repo
  - dev_secrets_in_repo
  - dev_linting_code
  - dev_linting_docker

variables:
  GITLAB_API: "https://labs.etsi.org/api/v4"
  CI_JOB_TOKEN: $CI_JOB_TOKEN

.dev_common: &dev_common
  tags:
    - shell

dev_pulling_repo:
  stage: dev_pulling_repo
  script:
    - git clone https://oauth2:${CI_JOB_TOKEN}@labs.etsi.org/rep/ocf/capif.git
  <<: *dev_common

dev_secrets_in_repo:
  stage: dev_secrets_in_repo
  script:
    - pip install trufflehog
    - trufflehog capif --exclude_paths cicd/exclusions --max_depth=5
  needs: ["dev_pulling_repo"]
  <<: *dev_common

# define the process to do linting code: Sonarque, ruff?
dev_linting_code:
  stage: dev_linting_code
  script:
    - echo "ruff checks"
  needs: ["dev_secrets_in_repo"]
  <<: *dev_common

dev_linting_docker:
  stage: dev_linting_docker
  image: hadolint/hadolint:latest-debian
  script:
   - find . -name 'capif/services/Dockerfile*' -exec hadolint --no-fail -f gitlab_codeclimate {} + > docker-lint.json
   - hadolint services/capif-client/Dockerfile
#    - hadolint services/nginx/Dockerfile
#    - hadolint services/register/Dockerfile
  artifacts:
    name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
    when: always
    reports:
      codequality:
        - docker-lint.json
  interruptible: true    
  needs: ["dev_linting_code"]
  <<: *dev_common

docker_login:
  stage: docker_login
  script:
   - >
    docker --version