cache:
  key: one-key-to-rule-them-all

build:
  image: docker:dind
  interruptible: true
  stage: build
  rules:
    - if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
  tags: [ docker ]
  before_script:
    - echo "COMMIT=${CI_COMMIT_SHA}" >> version.env  # COMMIT=`git rev-parse HEAD`
  script:
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
    - docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}

test:
  image: python:3.10-slim-bullseye
  stage: test
  before_script:
    - pip install -r requirements.txt
    - pip install pytest httpx
    - mkdir -p app/cert
    - openssl genrsa -out app/cert/instance.private.pem 2048
    - openssl rsa -in app/cert/instance.private.pem -outform PEM -pubout -out app/cert/instance.public.pem
    - cd test
  script:
    - pytest main.py

deploy:
  stage: deploy
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
  before_script:
    - echo "COMMIT=${CI_COMMIT_SHA}" >> version.env
    - source version.env
    - echo "Building docker image for commit ${COMMIT} with version ${VERSION}"
  script:
    - echo "GitLab-Registry"
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${VERSION}
    - docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:latest
    - docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${VERSION}
    - docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:latest
    - echo "Docker-Hub"
    - docker login -u $PUBLIC_REGISTRY_USER -p $PUBLIC_REGISTRY_TOKEN
    - docker build . --tag $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:${VERSION}
    - docker build . --tag $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:latest
    - docker push $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:${VERSION}
    - docker push $PUBLIC_REGISTRY_USER/${CI_PROJECT_NAME}:latest