cd-deploy-ocf.gitlab-ci.yml

stages:
  - deploy_ocf_oficial_staging
  - deploy_ocf_staging
  - delete_ocf_staging
  - deploy_ocf_dev
  - delete_ocf_dev

variables:
  NAMESPACE_DEV: "ocf-dev-$CI_ENVIRONMENT_SLUG"
  NAMESPACE_STAGING: "ocf-staging"
  DOMAIN_STAGING: staging.int
  DOMAIN_DEV: developer.int
  DOMAIN_PROD: prod.int
  CI_JOB_TOKEN: $CI_JOB_TOKEN
  IMAGE_TAG_DEV: $CI_COMMIT_REF_SLUG
  IMAGE_TAG_STAGING: $CI_COMMIT_REF_SLUG
  VAULT_HOSTNAME: $VAULT_HOSTNAME
  VAULT_PORT: $VAULT_PORT
  VAULT_ACCESS_TOKEN: $VAULT_ACCESS_TOKEN
  CI_REGISTRY: $CI_REGISTRY

.staging_common: &staging_common
  only:
    - merge_requests
  except:
    variables:
      - $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != "staging"
  tags:
    - shell

.dev_common: &dev_common
  tags:
    - shell


## staging before mr ###
deploy_ocf_staging:
  stage: deploy_ocf_staging
  needs:
    - staging_build_and_push
  <<: *staging_common
  environment:
    name: review/dev_to_staging
    url: https://capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_STAGING
    on_stop: delete_ocf_staging
    auto_stop_in: 3 day
  script:
    - |
      helm version
      kubectl version --output=yaml
      echo "### setting kubeconfig###"
      whoami
      kubectl cluster-info
      yq --version
      ls -rtt helm/capif
      cat helm/capif/Chart.yaml
      yq e -i ".appVersion = \"$IMAGE_TAG_STAGING\"" helm/capif/Chart.yaml
      cat helm/capif/Chart.yaml
      echo "### download dependencies###"
      helm dependency build helm/capif
      echo "### updating capif###"
      helm upgrade --install -n $NAMESPACE_DEV ocf-pre-staging helm/capif/ --set nginx.nginx.env.capifHostname=capif-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING \
      --set nginx.nginx.env.registerHostname=register-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING \
      --set monitoring.grafana.ingress.hosts[0].host="grafana-$CI_COMMIT_REF_SLUG.$DOMAIN_STAGING" \
      --set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
      --set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
      --set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
      --set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
      --set parametersVault.env.vaultPort=$VAULT_PORT \
      --set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ingress.ip=10.43.107.132 \
      --set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-access-control-policy-api \
      --set accessControlPolicy.image.tag=$CI_COMMIT_REF_SLUG \
      --set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-logging-api-invocation-api \
      --set apiInvocationLogs.apiInvocationLogs.image.tag=$CI_COMMIT_REF_SLUG \
      --set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-invoker-management-api \
      --set apiInvokerManagement.apiInvokerManagement.image.tag=$CI_COMMIT_REF_SLUG \
      --set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-provider-management-api \
      --set apiProviderManagement.apiProviderManagement.image.tag=$CI_COMMIT_REF_SLUG \
      --set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-events-api \
      --set capifEvents.capifEvents.image.tag=$CI_COMMIT_REF_SLUG \
      --set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-routing-info-api \
      --set capifRoutingInfo.capifRoutingInfo.image.tag=$CI_COMMIT_REF_SLUG \
      --set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-security-api \
      --set capifSecurity.capifSecurity.image.tag=$CI_COMMIT_REF_SLUG \
      --set register.register.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/register \
      --set register.register.image.tag=$CI_COMMIT_REF_SLUG \
      --set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-auditing-api \
      --set logs.logs.image.tag=$CI_COMMIT_REF_SLUG \
      --set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
      --set nignx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
      --set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-publish-service-api \
      --set publishedApis.publishedApis.image.tag=$CI_COMMIT_REF_SLUG \
      --set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-discover-service-api \
      --set serviceApis.serviceApis.image.tag=$CI_COMMIT_REF_SLUG \
      --set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
      --set nginx.nginx.image.tag=$CI_COMMIT_REF_SLUG --wait --timeout=10m --create-namespace --atomic

delete_ocf_staging:
  stage: delete_ocf_staging
  <<: *staging_common
  script:
    - echo "### deleting environment $NAMESPACE_STAGING###"
    - helm uninstall -n $NAMESPACE_DEV ocf-staging-$CI_COMMIT_REF_SLUG
  when: manual
  environment:
    name: review/dev_to_staging
    action: stop

### staging branch merged ###
deploy_ocf_oficial_staging:
  stage: deploy_ocf_oficial_staging
  <<: *staging_common
#  rules:
#    - if: '$CI_COMMIT_REF_NAME == "staging"'
#      when: always
  needs:
    - staging_build_and_push_mr
  environment:
    name: review/oficial-staging
    url: https://capif-staging.$DOMAIN_STAGING
  script:
    - |
      helm version
      kubectl version --output=yaml
      echo "### setting kubeconfig###"
      whoami
      kubectl cluster-info
      yq --version
      ls -rtt helm/capif
      cat helm/capif/Chart.yaml
      yq e -i ".appVersion = \"staging\"" helm/capif/Chart.yaml
      cat helm/capif/Chart.yaml
      echo "### download dependencies###"
      helm dependency build helm/capif
      echo "### updating capif###"
      helm upgrade --install -n $NAMESPACE_STAGING ocf-staging helm/capif/ --set nginx.nginx.env.capifHostname=capif-staging.$DOMAIN_STAGING \
      --set nginx.nginx.env.registerHostname=register-staging.$DOMAIN_STAGING \
      --set monitoring.grafana.ingress.hosts[0].host="grafana-staging.$DOMAIN_STAGING" \
      --set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
      --set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
      --set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
      --set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
      --set parametersVault.env.vaultPort=$VAULT_PORT \
      --set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ingress.ip=10.43.107.132 \
      --set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-access-control-policy-api \
      --set accessControlPolicy.image.tag=staging \
      --set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-logging-api-invocation-api \
      --set apiInvocationLogs.apiInvocationLogs.image.tag=staging \
      --set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-api-invoker-management-api \
      --set apiInvokerManagement.apiInvokerManagement.image.tag=staging \
      --set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-api-provider-management-api \
      --set apiProviderManagement.apiProviderManagement.image.tag=staging \
      --set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-events-api \
      --set capifEvents.capifEvents.image.tag=staging \
      --set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-routing-info-api \
      --set capifRoutingInfo.capifRoutingInfo.image.tag=staging \
      --set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-security-api \
      --set capifSecurity.capifSecurity.image.tag=staging \
      --set register.register.image.repository=$CI_REGISTRY/ocf/capif/staging/register \
      --set register.register.image.tag=staging \
      --set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-auditing-api \
      --set logs.logs.image.tag=staging \
      --set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/staging/nginx \
      --set nignx.nginx.image.tag=staging \
      --set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-publish-service-api \
      --set publishedApis.publishedApis.image.tag=staging \
      --set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/staging/ocf-discover-service-api \
      --set serviceApis.serviceApis.image.tag=staging \
      --set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/staging/nginx \
      --set nginx.nginx.image.tag=staging --wait --timeout=10m --create-namespace

## dev ###
deploy_ocf_dev:
  stage: deploy_ocf_dev
  needs:
    - dev_build_and_push
  <<: *dev_common
  environment:
    name: review/$CI_COMMIT_REF_SLUG
    url: https://capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV
    on_stop: delete_ocf_dev
    auto_stop_in: 3 day
#  rules:
#    - if: $CI_COMMIT_BRANCH == "main"
#      when: never
#    - if: $CI_COMMIT_BRANCH == "staging"
#      when: never      
#    - if: $CI_COMMIT_BRANCH
  script:
    - |
      helm version
      kubectl version --output=yaml
      echo "### setting kubeconfig###"
      kubectl cluster-info
      yq --version
      ### Chart main ocf###
      cat helm/capif/Chart.yaml
      yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" helm/capif/Chart.yaml
      cat helm/capif/Chart.yaml
      ### Chart helper###
      yq e -i ".appVersion = \"$IMAGE_TAG_DEV\"" helm/capif/charts/helper/Chart.yaml
      cat helm/capif/charts/helper/Chart.yaml     
      echo "### download dependencies###"
      helm dependency build helm/capif
      echo "### updating capif###"
      helm upgrade --install -n $NAMESPACE_DEV ocf-developer helm/capif/ --set nginx.nginx.env.capifHostname=capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV \
      --set nginx.nginx.env.registerHostname=register-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV \
      --set monitoring.grafana.ingress.hosts[0].host="grafana-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV" \
      --set monitoring.grafana.ingress.hosts[0].paths[0].path="/" \
      --set monitoring.grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set monitoring.grafana.env.prometheusURL=http://prometheus.ocf.pre-production \
      --set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.ocf.pre-production/api/v1/write \
      --set parametersVault.env.vaultHostname=$VAULT_HOSTNAME \
      --set parametersVault.env.vaultPort=$VAULT_PORT \
      --set parametersVault.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set ingress.ip=10.43.107.132 \
      --set accessControlPolicy.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-access-control-policy-api \
      --set accessControlPolicy.image.tag=$CI_COMMIT_REF_SLUG \
      --set apiInvocationLogs.apiInvocationLogs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-logging-api-invocation-api \
      --set apiInvocationLogs.apiInvocationLogs.image.tag=$CI_COMMIT_REF_SLUG \
      --set apiInvokerManagement.apiInvokerManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-invoker-management-api \
      --set apiInvokerManagement.apiInvokerManagement.image.tag=$CI_COMMIT_REF_SLUG \
      --set apiProviderManagement.apiProviderManagement.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-api-provider-management-api \
      --set apiProviderManagement.apiProviderManagement.image.tag=$CI_COMMIT_REF_SLUG \
      --set capifEvents.capifEvents.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-events-api \
      --set capifEvents.capifEvents.image.tag=$CI_COMMIT_REF_SLUG \
      --set capifRoutingInfo.capifRoutingInfo.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-routing-info-api \
      --set capifRoutingInfo.capifRoutingInfo.image.tag=$CI_COMMIT_REF_SLUG \
      --set capifSecurity.capifSecurity.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-security-api \
      --set capifSecurity.capifSecurity.image.tag=$CI_COMMIT_REF_SLUG \
      --set register.register.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/register \
      --set register.register.image.tag=$CI_COMMIT_REF_SLUG \
      --set logs.logs.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-auditing-api \
      --set logs.logs.image.tag=$CI_COMMIT_REF_SLUG \
      --set nignx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
      --set nignx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
      --set publishedApis.publishedApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-publish-service-api \
      --set publishedApis.publishedApis.image.tag=$CI_COMMIT_REF_SLUG \
      --set serviceApis.serviceApis.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/ocf-discover-service-api \
      --set serviceApis.serviceApis.image.tag=$CI_COMMIT_REF_SLUG \
      --set nginx.nginx.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/nginx \
      --set nginx.nginx.image.tag=$CI_COMMIT_REF_SLUG \
      --set helper.image.repository=$CI_REGISTRY/ocf/capif/$CI_COMMIT_REF_SLUG/helper \
      --set helper.image.tag=$CI_COMMIT_REF_SLUG \
      --set helper.env.vaultHostname=$VAULT_HOSTNAME \
      --set helper.env.vaultPort=$VAULT_PORT \
      --set helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \
      --set helper.env.capifHostname=capif-$CI_ENVIRONMENT_SLUG.$DOMAIN_DEV \
      --wait --timeout=10m --create-namespace --atomic

delete_ocf_dev:
  stage: delete_ocf_dev
  <<: *staging_common
  script:
    - echo "### deleting environment $NAMESPACE_DEV###"
    - helm uninstall -n $NAMESPACE_DEV ocf-developer
  when: manual
  environment:
    name: review/$CI_COMMIT_REF_SLUG
    action: stop