image: docker:stable

stages:
  - image
  - deploy

docker image:
  stage: image
  variables:
    DOCKER_DRIVER: overlay2
  services:
    - docker:dind
  script:
    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN registry.gitlab.com
    - docker build -t registry.gitlab.com/openstapps/app-release-template .
    - docker push registry.gitlab.com/openstapps/app-release-template
  rules:
    - if: '$CI_COMMIT_BRANCH == "main" && $BUILD_IMAGE == "true"'
  tags:
    - docker

web:
  image: registry.gitlab.com/openstapps/app-release-template
  stage: deploy
  script:
    - make web
    - >
      if [ "$RELEASE_TYPE" == "staging" ]; then
        # USE GITLAB PROTECTED & MASKED CI VARIABLES TO PROVIDE THE FOLLOWING DATA!
        # THUS $STAGING_TARGET_SSH_PRIVATE_KEY HAS TO BE BASE64 ENCODED
        # USE AN UNPRIVILIGED USER WITH ACCESS ONLY TO THIS DIRECTORY
        # example: $STAGING_SCP_TARGET = deployuser@staging.environment.com:/path/for/web/data
        sh static/scripts/ssh_deploy.sh $STAGING_SCP_TARGET $STAGING_TARGET_SSH_PRIVATE_KEY
      fi

      if [ "$RELEASE_TYPE" == "production" ]; then
        # USE GITLAB PROTECTED & MASKED CI VARIABLES TO PROVIDE THE FOLLOWING DATA!
        # THUS $PRODUCTION_TARGET_SSH_PRIVATE_KEY HAS TO BE BASE64 ENCODED
        # USE AN UNPRIVILIGED USER WITH ACCESS ONLY TO THIS DIRECTORY
        # example: $PRODUCTION_SCP_TARGET = deployuser@production.environment.com:/path/for/web/data
        sh static/scripts/ssh_deploy.sh $PRODUCTION_SCP_TARGET $PRODUCTION_TARGET_SSH_PRIVATE_KEY
      fi
  artifacts:
    untracked: false
    paths:
      - www.zip
  tags:
    - secrecy
  rules:
    - if: '$CI_COMMIT_BRANCH == "main" && $RELEASE_TYPE == "staging"'
    - if: '$CI_COMMIT_BRANCH == "main" && $RELEASE_TYPE == "production"'

ios:
  image: registry.gitlab.com/openstapps/app-release-template
  stage: deploy
  script:
    - >
      if [ "$RELEASE_TYPE" == "staging" ]; then
        make ios-beta;
      fi

      if [ "$RELEASE_TYPE" == "production" ]; then
        make ios;
      fi
  artifacts:
    untracked: false
  tags:
    - macos
  rules:
    - if: '$CI_COMMIT_BRANCH == "main" && $RELEASE_TYPE == "staging"'
    - if: '$CI_COMMIT_BRANCH == "main" && $RELEASE_TYPE == "production"'

android:
  image: registry.gitlab.com/openstapps/app-release-template
  stage: deploy
  script:
    - >
      if [ "$RELEASE_TYPE" == "staging" ]; then
        make android-beta;
      fi

      if [ "$RELEASE_TYPE" == "production" ]; then
        make android;
      fi
  artifacts:
    untracked: false
  tags:
    - secrecy
  rules:
    - if: '$CI_COMMIT_BRANCH == "main" && $RELEASE_TYPE == "staging"'
    - if: '$CI_COMMIT_BRANCH == "main" && $RELEASE_TYPE == "production"'