stages:
  - prod_build_and_push
  - deploy_ocf_prod

variables:
#  CI_JOB_TOKEN: $CI_JOB_TOKEN
  CI_DEBUG_TRACE: "false"
#  CI_REGISTRY_USER: $CI_REGISTRY_USER
#  CI_REGISTRY: $CI_REGISTRY
  CAPIF_DOCKER_REGISTRY: $CAPIF_DOCKER_REGISTRY
  NAMESPACE_PROD: "ocf-prod"
  DOMAIN_PROD: ocf.production
  PATH_PROD: prod

# it will only run when a new tag that starts with ‘v{major.minor.patch}-release’ is pushed
# to the repository.
.release_common: &relase_common
  rules:
#    - if: '$CI_COMMIT_TAG =~ /^.*-release$/'
    - if: '$CI_COMMIT_TAG =~ /^v\d+\.\d+\.\d+-release$/'
  tags:
    - shell

prod_build_and_push:
  stage: prod_build_and_push
  rules:
    - if: '$CI_COMMIT_TAG =~ /^v\d+\.\d+\.\d+-release$/'
      when: always
    - when: never
  tags:
    - shell
  script:
   - export TMP_PWD=$PWD
   - echo "TMP_PWD=$TMP_PWD"
   - echo "### docker login###"
   - echo "$CI_JOB_TOKEN" | docker login $CI_REGISTRY --username $CI_REGISTRY_USER --password-stdin
   - echo "----------------------------------------------------"
   - echo "### build and push nginx image###"
   - cd $TMP_PWD/services/nginx/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/nginx:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/nginx:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push register image###"
   - cd $TMP_PWD/services/register/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/register:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/register:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_Access_Control_Policy_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_Access_Control_Policy_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-access-control-policy-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-access-control-policy-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_API_Invoker_Management_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_API_Invoker_Management_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-api-invoker-management-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-api-invoker-management-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_API_Provider_Management_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_API_Provider_Management_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-api-provider-management-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-api-provider-management-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_Auditing_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_Auditing_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-auditing-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-auditing-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_Discover_Service_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_Discover_Service_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-discover-service-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-discover-service-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_Events_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_Events_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-events-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-events-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_Logging_API_Invocation_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_Logging_API_Invocation_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-logging-api-invocation-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-logging-api-invocation-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_Publish_Service_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_Publish_Service_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-publish-service-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-publish-service-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_Routing_Info_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_Routing_Info_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-routing-info-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-routing-info-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push TS29222_CAPIF_Security_API image###"
   - cd $TMP_PWD/services/TS29222_CAPIF_Security_API/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-security-api:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-security-api:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push vault image###"
   - cd $TMP_PWD/services/vault/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/vault:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/vault:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push helper image###"
   - cd $TMP_PWD/services/helper/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/helper:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/helper:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - echo "### build and push mock-server image###"
   - cd $TMP_PWD/services/mock_server/
   - docker build -t $CI_REGISTRY/ocf/capif/$PATH_PROD/mock-server:$CI_COMMIT_TAG .
   - docker push $CI_REGISTRY/ocf/capif/$PATH_PROD/mock-server:$CI_COMMIT_TAG
   - echo "----------------------------------------------------"
   - docker logout $CI_REGISTRY


deploy_ocf_prod:
  stage: deploy_ocf_prod
  before_script:
    - echo "--- cluster production ---"
    - export KUBECONFIG=$KUBECONFIG_PROD
    - kubectl cluster-info
  needs:
    - prod_build_and_push
  <<: *relase_common
  environment:
    name: review/production
    url: https://$NAMESPACE_PROD.$DOMAIN_PROD
  script:
    - | 
      echo "------ A release has been created! -------"
      helm version
      kubectl version --output=yaml
      echo "### setting kubeconfig###"
      whoami
      kubectl cluster-info
      yq --version
      ls -rtt helm/capif
      cat helm/capif/Chart.yaml
      yq e -i ".appVersion = \"prod\"" helm/capif/Chart.yaml
      cat helm/capif/Chart.yaml

      charts=("mock-server" "nginx" "ocf-access-control-policy" 
        "ocf-api-invocation-logs" "ocf-api-invoker-management" 
        "ocf-api-provider-management" "ocf-auditing-api-logs" 
        "ocf-discover-service-api" "ocf-events" "ocf-helper" 
        "ocf-publish-service-api" "ocf-register" "ocf-routing-info" 
        "ocf-security")
      
      for chart in "${charts[@]}"; do
        yq e -i ".appVersion = \"$CI_COMMIT_TAG\"" "helm/capif/charts/$chart/Chart.yaml"
      done


      echo "### download dependencies###"
      helm dependency build helm/capif
      echo "### updating capif###"
      helm upgrade --install -n $NAMESPACE_PROD ocf-prod helm/capif/ \
      --set grafana.enabled=true \
      --set grafana.ingress.enabled=true \
      --set grafana.ingress.hosts[0].host=ocf-mon-prod.$DOMAIN_PROD \
      --set grafana.ingress.hosts[0].paths[0].path="/" \
      --set grafana.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set grafana.env.prometheusUrl=http://prometheus.$DOMAIN_PROD \
      --set grafana.env.tempoUrl="http://ocf-prod-tempo:3100" \
      --set fluentbit.enabled=true \
      --set loki.enabled=true \
      --set tempo.tempo.metricsGenerator.remoteWriteUrl=http://prometheus.$DOMAIN_PROD/api/v1/write \
      --set otelcollector.enabled=true \
      --set otelcollector.configMap.tempoEndpoint=ocf-prod-tempo:4317 \
      --set ocf-access-control-policy.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-access-control-policy-api \
      --set ocf-access-control-policy.image.tag=$CI_COMMIT_TAG \
      --set ocf-access-control-policy.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set ocf-access-control-policy.monitoring="true" \
      --set ocf-api-invocation-logs.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-logging-api-invocation-api \
      --set ocf-api-invocation-logs.image.tag=$CI_COMMIT_TAG \
      --set ocf-api-invocation-logs.env.monitoring="true" \
      --set ocf-api-invocation-logs.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set ocf-api-invocation-logs.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-invocation-logs.env.vaultPort=$VAULT_PORT \
      --set ocf-api-invocation-logs.env.vaultAccessToken=$VAULT_ACCESS_TOKEN_PROD \
      --set ocf-api-invoker-management.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-api-invoker-management-api \
      --set ocf-api-invoker-management.image.tag=$CI_COMMIT_TAG \
      --set ocf-api-invoker-management.env.monitoring="true" \
      --set ocf-api-invoker-management.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set ocf-api-invoker-management.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-invoker-management.env.vaultPort=$VAULT_PORT \
      --set ocf-api-invoker-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN_PROD \
      --set ocf-api-provider-management.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-api-provider-management-api \
      --set ocf-api-provider-management.image.tag=$CI_COMMIT_TAG \
      --set ocf-api-provider-management.env.monitoring="true" \
      --set ocf-api-provider-management.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set ocf-api-provider-management.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-api-provider-management.env.vaultPort=$VAULT_PORT \
      --set ocf-api-provider-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN_PROD \
      --set ocf-events.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-events-api \
      --set ocf-events.image.tag=$CI_COMMIT_TAG \
      --set ocf-events.env.monitoring="true" \
      --set ocf-events.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set ocf-routing-info.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-routing-info-api \
      --set ocf-routing-info.image.tag=$CI_COMMIT_TAG \
      --set ocf-routing-info.env.monitoring="true" \
      --set ocf-security.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-security-api \
      --set ocf-security.image.tag=$CI_COMMIT_TAG \
      --set ocf-security.env.monitoring="true" \
      --set ocf-security.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set ocf-security.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-security.env.vaultPort=$VAULT_PORT \
      --set ocf-security.env.vaultAccessToken=$VAULT_ACCESS_TOKEN_PROD \
      --set ocf-register.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/register \
      --set ocf-register.image.tag=$CI_COMMIT_TAG \
      --set ocf-register.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-register.env.vaultAccessToken=$VAULT_ACCESS_TOKEN_PROD \
      --set ocf-register.env.vaultPort=$VAULT_PORT \
      --set ocf-register.env.mongoHost=mongo-register \
      --set ocf-register.env.mongoPort=27017 \
      --set ocf-register.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set ocf-register.ingress.enabled=true \
      --set ocf-register.ingress.hosts[0].host=register-prod.$DOMAIN_PROD \
      --set ocf-register.ingress.hosts[0].paths[0].path="/" \
      --set ocf-register.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set ocf-auditing-api-logs.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-auditing-api \
      --set ocf-auditing-api-logs.image.tag=$CI_COMMIT_TAG \
      --set ocf-auditing-api-logs.env.monitoring="true" \
      --set ocf-publish-service-api.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-publish-service-api \
      --set ocf-publish-service-api.image.tag=$CI_COMMIT_TAG \
      --set ocf-publish-service-api.env.monitoring="true" \
      --set ocf-publish-service-api.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set ocf-discover-service-api.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/ocf-discover-service-api \
      --set ocf-discover-service-api.image.tag=$CI_COMMIT_TAG \
      --set ocf-discover-service-api.env.monitoring="true" \
      --set nginx.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/nginx \
      --set nginx.image.tag=$CI_COMMIT_TAG \
      --set nginx.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set nginx.env.vaultHostname=$VAULT_HOSTNAME \
      --set nginx.env.vaultPort=$VAULT_PORT \
      --set nginx.env.vaultAccessToken=$VAULT_ACCESS_TOKEN_PROD \
      --set nginx.ingress.enabled=true \
      --set nginx.ingress.hosts[0].host=capif-prod.$DOMAIN_PROD \
      --set nginx.ingress.hosts[0].paths[0].path="/" \
      --set nginx.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set ocf-helper.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/helper \
      --set ocf-helper.image.tag=$CI_COMMIT_TAG \
      --set ocf-helper.env.vaultHostname=$VAULT_HOSTNAME \
      --set ocf-helper.env.vaultPort=$VAULT_PORT \
      --set ocf-helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN_PROD \
      --set ocf-helper.env.capifHostname=capif-prod.$DOMAIN_PROD \
      --set mock-server.enabled=true \
      --set mock-server.image.repository=$CI_REGISTRY/ocf/capif/$PATH_PROD/mock-server \
      --set mock-server.image.tag=$CI_COMMIT_TAG \
      --set mock-server.ingress.enabled=true \
      --set mock-server.ingress.hosts[0].host=mock-server-prod.$DOMAIN_PROD \
      --set mock-server.ingress.hosts[0].paths[0].path="/" \
      --set mock-server.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set mongo-register-express.enabled=true \
      --set mongo-register-express.ingress.enabled=true \
      --set mongo-register-express.ingress.hosts[0].host="mongo-express-register-prod.$DOMAIN_PROD" \
      --set mongo-register-express.ingress.hosts[0].paths[0].path="/" \
      --set mongo-register-express.ingress.hosts[0].paths[0].pathType="Prefix" \
      --set mongo-express.enabled=true \
      --set mongo-express.ingress.enabled=true \
      --set mongo-express.ingress.hosts[0].host="mongo-express-prod.$DOMAIN_PROD" \
      --set mongo-express.ingress.hosts[0].paths[0].path="/" \
      --set mongo-express.ingress.hosts[0].paths[0].pathType="Prefix" \
      --wait --timeout=10m --create-namespace --atomic