.gitlab-ci.yml

stages:
  - build-application
  - build-docker-configuration-recette
  - deploy-application-recette
  - build-docker-configuration-production
  - deploy-application-production
  
cache: &global_cache
  key: ${CI_COMMIT_REF_SLUG}
  paths:
    - .m2/repository/
  policy: pull-push

build_application :
  stage: build-application
  image: registry.beta.pole-emploi.fr/customize-docker-images/maven
  script:
    - 'mvn --batch-mode -DskipTests -Dmaven.repo.local=.m2/repository clean install'
    - 'mkdir -p ./target/app && (cd ./target/app; jar -xf ../*.jar)'
  artifacts:
    paths:
      - ./target/app 
    expire_in: 1 week
  cache:
    <<: *global_cache
    policy: pull
  rules:
    - if: '$CI_COMMIT_BRANCH == "master"'
      changes:
        - pom.xml
        - src/main/java/**/*

sonar_quality_analyse :
  stage: build-application
  image: registry.beta.pole-emploi.fr/customize-docker-images/maven
  script:
    - mvn clean verify -P analyse-sonar sonar:sonar -Dsonar.host.url=$SONAR_URL  -Dsonar.login=$SONAR_TOKEN
  cache:
    <<: *global_cache
    policy: pull
  rules:
    - if: '$CI_COMMIT_BRANCH == "master"'
      changes:
        - pom.xml
        - src/main/java/**/*
  allow_failure: true

generate-docker-stack-recette:
  stage: build-docker-configuration-recette
  image:
    # https://git.beta.pole-emploi.fr/customize-docker-images/p2cli.git
    name: registry.beta.pole-emploi.fr/customize-docker-images/p2cli
  script:
    - cd docker
    - mkdir recette
    - p2 -t estime-backend-recette-stack.yml.j2 -o ./recette/estime-backend-stack.yml
  artifacts:
    paths:
      - ./docker/recette
    expire_in: 1 week
  rules:
    - if: '$CI_COMMIT_BRANCH == "master"'
      changes:
        - pom.xml
        - src/main/java/**/*
            
build-docker-image-recette:
  stage: build-docker-configuration-recette
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  script:
    # build estime-backend docker image and push it in containers registry
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/docker/docker-image/Dockerfile --destination $CI_REGISTRY_IMAGE:release-candidate
  rules:
    - if: '$CI_COMMIT_BRANCH == "master"'
      changes:
        - pom.xml
        - src/main/java/**/*
 
deploy_application-recette:
  stage: deploy-application-recette
  before_script:
    - apt-get update -qq
    - apt-get install -y -qq openssh-client rsync iputils-ping
    # add target server in known_hosts
    - mkdir ~/.ssh
    - echo "$R7_SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts
    # add SSH_PRIVATE_KEY in agent store
    - eval $(ssh-agent -s)
    - ssh-add <(echo "$R7_SSH_PRIVATE_KEY")
    - mkdir -p ~/.ssh
  script:
    - rsync -avz --no-perms --no-owner --no-group -e 'ssh'  $CI_PROJECT_DIR/docker/scripts/deploy.sh $CI_PROJECT_DIR/docker/recette/estime-backend-stack.yml $HOST_SERVER_USER@$R7_HOST_SERVER_IP:/home/docker/estime-backend
    # exec deploy.sh to deploy docker stack estime-frontend or update estime-frontend image service
    - ssh $HOST_SERVER_USER@$R7_HOST_SERVER_IP "cd /home/docker/estime-backend && ./deploy.sh $CI_REGISTRY $CI_REGISTRY_USER $CI_REGISTRY_PASSWORD"
  when: manual
        
generate-docker-stack-production:
  stage: build-docker-configuration-production
  image:
    # https://git.beta.pole-emploi.fr/customize-docker-images/p2cli.git
    name: registry.beta.pole-emploi.fr/customize-docker-images/p2cli
  script:
    - cd docker
    - mkdir production
    - p2 -t estime-backend-production-stack.yml.j2 -o ./production/estime-backend-stack.yml
  artifacts:
    paths:
      - ./docker/production
    expire_in: 1 week
  when: manual

build-docker-image-production:
  stage: build-docker-configuration-production
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  script:
    # build estime-backend docker image and push it in containers registry
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/docker/docker-image/Dockerfile --destination $CI_REGISTRY_IMAGE:release
  when: manual
 
deploy_application-production:
  stage: deploy-application-production
  before_script:
    - apt-get update -qq
    - apt-get install -y -qq openssh-client rsync iputils-ping
    # add target server in known_hosts
    - mkdir ~/.ssh
    - echo "$PROD_SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts
    # add SSH_PRIVATE_KEY in agent store
    - eval $(ssh-agent -s)
    - ssh-add <(echo "$PROD_SSH_PRIVATE_KEY")
    - mkdir -p ~/.ssh
  script: 
    - rsync -avz --no-perms --no-owner --no-group -e 'ssh'  $CI_PROJECT_DIR/docker/scripts/deploy.sh $CI_PROJECT_DIR/docker/production/estime-backend-stack.yml $HOST_SERVER_USER@$PROD_HOST_SERVER_IP:/home/docker/estime-backend
    # exec deploy.sh to deploy docker stack estime-frontend or update estime-frontend image service
    - ssh $HOST_SERVER_USER@$PROD_HOST_SERVER_IP "cd /home/docker/estime-backend && ./deploy.sh $CI_REGISTRY $CI_REGISTRY_USER $CI_REGISTRY_PASSWORD"
  when: manual