stages:          # List of stages for jobs, and their order of execution
  - build
  - test
  - deploy

docker-build-push:
  # Use the official docker image.
  image: docker:latest
  stage: build
  services:
    - docker:dind
  before_script:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
  script:
    - docker build --pull -t "$CI_REGISTRY_IMAGE" .
    - docker push "$CI_REGISTRY_IMAGE"
  allow_failure: false
  only:
    - master

docker-build-push-dev:
  # Use the official docker image.
  image: docker:latest
  stage: build
  services:
    - docker:dind
  before_script:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
  script:
    - docker build --pull -t "$CI_REGISTRY_IMAGE:dev" .
    - docker push "$CI_REGISTRY_IMAGE:dev"
  allow_failure: false
  only:
    - dev
    - merge_requests

docker-build:
  image: docker:latest
  stage: build
  services:
    - docker:dind
  before_script:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
  script:
    - docker build --pull -t "$CI_REGISTRY_IMAGE" .
  allow_failure: false
  except:
    - master
    - dev
    - merge_requests

include:
  - template: Security/Container-Scanning.gitlab-ci.yml
  - template: Security/SAST.gitlab-ci.yml
container_scanning:
  variables:
    DOCKER_IMAGE: "$CI_REGISTRY_IMAGE${tag}"
  stage: test
  allow_failure: false
  
deploy_dev:
  stage: deploy
  image: debian
  before_script:
    - apt-get update -qq
    - 'which ssh-agent || ( apt-get install -qq openssh-client )'
    - eval $(ssh-agent -s) 
    - ssh-add <(echo "$SSH_PRIVATE_KEY")
    - mkdir -p ~/.ssh
    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
  script:
    - ssh $SSH_SERVER "cd /root && docker-compose -f shbot-dev.yaml pull shbot-dev && docker-compose -f shbot-dev.yaml up -d shbot-dev && exit"
  only:
    - dev
    - merge_requests

deploy_staging:
  stage: deploy
  image: debian
  before_script:
    - apt-get update -qq
    - 'which ssh-agent || ( apt-get install -qq openssh-client )'
    - eval $(ssh-agent -s) 
    - ssh-add <(echo "$SSH_PRIVATE_KEY")
    - mkdir -p ~/.ssh
    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
  script:
    - ssh $SSH_SERVER "cd /root && docker-compose pull shbot && docker-compose up -d shbot && exit"
  only:
    - master