variables:
  GIT_STRATEGY: clone     #This seems to have no effect also set in webinterface
  GIT_DEPTH: 0          #This seems to have no effect also set in webinterface
  GIT_SUBMODULE_STRATEGY: recursive
  SCRIPTS_REPO: git@git.nitrokey.com:nitrokey/gitlab-ci.git
  REPO_GROUP: nitrokey
  COMMON_PULL: "true"
  COMMON_UPLOAD_NIGHTLY: "true"
  COMMON_GITHUB_RELEASE: "true"
  COMMON_UPLOAD_FILES: "false"
  COMMON_UPDATE_DOCKER: "false"
  COMMON_UPLOAD_OEM_FILES: "false"

pull:
  rules: 
    - if: '$CI_PIPELINE_SOURCE == "trigger" && $CI_COMMIT_BRANCH == $MAIN_BRANCH && $COMMON_PULL == "true"'
  image: registry.git.nitrokey.com/nitrokey/gitlab-ci/ci-pull:latest
  tags:
    - docker
  stage: pull-github
  before_script:
    - apt-get update -y
    - echo "-----BEGIN OPENSSH PRIVATE KEY-----" > ~/.ssh/common_scripts_key
    - echo "$COMMON_SCRIPTS_KEY" >> ~/.ssh/common_scripts_key
    - echo "-----END OPENSSH PRIVATE KEY-----" >> ~/.ssh/common_scripts_key
    - chmod 600 ~/.ssh/common_scripts_key
    - export SCRIPTS_DIR=$(mktemp -d)
    - git clone -q --depth 1 $SCRIPTS_REPO $SCRIPTS_DIR
  script:
    - chmod +x  $SCRIPTS_DIR/ci-scripts/pull.sh
    - $SCRIPTS_DIR/ci-scripts/pull.sh $REPO_GROUP $REPO_NAME
     
upload-nightly:
  stage: deploy
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule" && $COMMON_UPLOAD_NIGHTLY == "true"'
  tags:
    - docker
  image: registry.git.nitrokey.com/nitrokey/gitlab-ci/ci-nightly-build:latest
  before_script:
    - apt-get update -y
    - echo "-----BEGIN OPENSSH PRIVATE KEY-----" > ~/.ssh/common_scripts_key
    - echo "$COMMON_SCRIPTS_KEY" >> ~/.ssh/common_scripts_key
    - echo "-----END OPENSSH PRIVATE KEY-----" >> ~/.ssh/common_scripts_key
    - chmod 600 ~/.ssh/common_scripts_key
    - export SCRIPTS_DIR=$(mktemp -d)
    - git clone -q --depth 1 $SCRIPTS_REPO $SCRIPTS_DIR
  script:
    - chmod +x $SCRIPTS_DIR/ci-scripts/nightly_upload.sh
    - $SCRIPTS_DIR/ci-scripts/nightly_upload.sh 

notify-matrixbot-fail:
  image: registry.git.nitrokey.com/nitrokey/gitlab-ci/ci-oem-release:latest
  tags:
    - docker
  stage: .post
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule"' 
      when: on_failure
  script: 
    - wget $nk_ci_bot_server/matrix-ci-bot/$CI_PROJECT_NAME/$CI_COMMIT_SHA/$CI_JOB_NAME/failed/${CI_PIPELINE_URL#*/*/*/}

notify-matrixbot-success:
  image: registry.git.nitrokey.com/nitrokey/gitlab-ci/ci-oem-release:latest
  tags:
    - docker
  stage: .post
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule"' 
      when: on_success
  script: 
    - wget $nk_ci_bot_server/matrix-ci-bot/$CI_PROJECT_NAME/$CI_COMMIT_SHA/$CI_JOB_NAME/success/${CI_PIPELINE_URL#*/*/*/}

github-release:
  rules:
    - if: '$CI_PIPELINE_SOURCE == "web" && $COMMON_GITHUB_RELEASE == "true"'
  image: registry.git.nitrokey.com/nitrokey/gitlab-ci/ci-publish-git:latest
  tags:
    - docker
  stage: deploy
  before_script:
    - apt-get update -y
    - echo "-----BEGIN OPENSSH PRIVATE KEY-----" > ~/.ssh/common_scripts_key
    - echo "$COMMON_SCRIPTS_KEY" >> ~/.ssh/common_scripts_key
    - echo "-----END OPENSSH PRIVATE KEY-----" >> ~/.ssh/common_scripts_key
    - chmod 600 ~/.ssh/common_scripts_key
    - export SCRIPTS_DIR=$(mktemp -d)
    - git clone -q --depth 1 $SCRIPTS_REPO $SCRIPTS_DIR
  script:
    - chmod +x $SCRIPTS_DIR/ci-scripts/release.sh
    - $SCRIPTS_DIR/ci-scripts/release.sh

upload-files:
  image: registry.git.nitrokey.com/nitrokey/gitlab-ci/ci-oem-release:latest
  rules:
    - if: '$CI_PIPELINE_SOURCE == "push" && $COMMON_UPLOAD_FILES == "true"'
  tags:
    - docker
  stage: deploy
  before_script:
    - echo "-----BEGIN OPENSSH PRIVATE KEY-----" > ~/.ssh/common_scripts_key
    - echo "$COMMON_SCRIPTS_KEY" >> ~/.ssh/common_scripts_key
    - echo "-----END OPENSSH PRIVATE KEY-----" >> ~/.ssh/common_scripts_key
    - chmod 600 ~/.ssh/common_scripts_key
    - export SCRIPTS_DIR=$(mktemp -d)
    - git clone -q --depth 1 $SCRIPTS_REPO $SCRIPTS_DIR
  script:
    - chmod +x $SCRIPTS_DIR/ci-scripts/oem-release.sh
    - $SCRIPTS_DIR/ci-scripts/oem-release.sh
  after_script:
    - wget $icon_server/checkmark/$CI_COMMIT_REF_NAME/$CI_COMMIT_SHA/$CI_JOB_NAME/$CI_JOB_STATUS/${CI_JOB_URL#*/*/*/}

upload-oem-files:
  image: registry.git.nitrokey.com/nitrokey/gitlab-ci/ci-oem-release:latest
  rules:
    - if: '$CI_PIPELINE_SOURCE == "push" && $COMMON_UPLOAD_OEM_FILES == "true"'
  tags:
    - docker
  stage: deploy
  before_script:
    - echo "-----BEGIN OPENSSH PRIVATE KEY-----" > ~/.ssh/common_scripts_key
    - echo "$COMMON_SCRIPTS_KEY" >> ~/.ssh/common_scripts_key
    - echo "-----END OPENSSH PRIVATE KEY-----" >> ~/.ssh/common_scripts_key
    - chmod 600 ~/.ssh/common_scripts_key
    - export SCRIPTS_DIR=$(mktemp -d)
    - git clone -q --depth 1 $SCRIPTS_REPO $SCRIPTS_DIR
  script:
    - echo new_common
    - chmod +x $SCRIPTS_DIR/ci-scripts/oem-release-new.sh
    - $SCRIPTS_DIR/ci-scripts/oem-release-new.sh
  after_script:
    - wget $icon_server/checkmark/$CI_COMMIT_REF_NAME/$CI_COMMIT_SHA/$CI_JOB_NAME/$CI_JOB_STATUS/${CI_JOB_URL#*/*/*/}

update-docker:
  tags:
    - lxc
  stage: .pre
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule" && $COMMON_UPDATE_DOCKER == "true"'
  script:
    - docker build -t registry.git.nitrokey.com/$REPO_GROUP/$REPO_NAME/$IMAGE_NAME . 
    - docker login registry.git.nitrokey.com -u token -p $UPDATE_DOCKER
    - docker push registry.git.nitrokey.com/$REPO_GROUP/$REPO_NAME/$IMAGE_NAME 


#hash-artifacts:
#  rules:
#    - if: '$CI_PIPELINE_SOURCE == "web"'
#    - if: '$CI_PIPELINE_SOURCE == "schedule"'
#  image: registry.git.nitrokey.com/nitrokey/gitlab-ci/ci-publish-git:latest
#  tags:
#    - docker
#  stage: hash
#  script:
#    - cd artifacts
#    - sha256sum * | tee sha256sum