---
kind: pipeline
type: docker
name: build
trigger:
  event:
    exclude:
      - promote

clone:
  disable: true

steps:
  - name: checkout
    image: alpine/git
    commands:
      - git clone https://gitea.khongisa.co.za/MngomaLab/webapitest.git .
      - git checkout ${DRONE_COMMIT}

  - name: dotnet build
    image: mcr.microsoft.com/dotnet/sdk:8.0
    commands:
      - dotnet build --configuration Release

  - name: dotnet test
    image: mcr.microsoft.com/dotnet/sdk:8.0
    commands:
      - dotnet test --configuration Release
---
x-docker-auth: &docker-auth
  DOCKER_AUTH_CONFIG: |
    {
      "auths": {
        "https://index.docker.io/v1/": {
          "auth": "a2h3ZXppOlBHM0FRM0VPMFg="
        }
      }
    }

kind: pipeline
type: docker
name: package
depends_on:
  - build
trigger:
  event:
    exclude:
      - promote

clone:
  disable: true

steps:
  - name: checkout
    image: alpine/git
    commands:
      - git clone https://gitea.khongisa.co.za/MngomaLab/webapitest.git .
      - git checkout ${DRONE_COMMIT}
  
  - name: dotnet publish
    image: mcr.microsoft.com/dotnet/sdk:8.0
    commands:
      - dotnet publish --configuration Release


  - name: build and push
    image: gcr.io/kaniko-project/executor:debug
    environment:
      <<: *docker-auth
    commands:
      - mkdir -p /kaniko/.docker
      - echo "$DOCKER_AUTH_CONFIG" > /kaniko/.docker/config.json
      - /kaniko/executor 
          --verbosity=debug
          --context=. 
          --dockerfile=Dockerfile 
          --destination=index.docker.io/khwezi/webapitest:latest 
          --destination=index.docker.io/khwezi/webapitest:${DRONE_BUILD_NUMBER}

  - name: volnerability-scan
    image: aquasec/trivy
    commands:
      - trivy image --exit-code 1 --severity CRITICAL khwezi/webapitest:${DRONE_BUILD_NUMBER}
  
  - name: container-scan
    image: aquasec/trivy
    commands:
      - trivy image --exit-code 1 --severity CRITICAL khwezi/webapitest:${DRONE_BUILD_NUMBER}
---
kind: pipeline
type: docker
name: deploy
depends_on:
  - package
trigger:
  event:
    exclude:
      - promote

clone:
  disable: true

steps:
  - name: uat
    image: appleboy/drone-ssh
    settings:
      host: 
        from_secret: ssh_host
      username: 
        from_secret: ssh_user
      password: 
        from_secret: ssh_password
      script:
        - docker pull khwezi/webapitest:latest
        - docker stop webapitest || true
        - docker rm webapitest || true
        - docker run -d --name webapitest -e ASPNETCORE_ENVIRONMENT=Development -p 4000:8081 khwezi/webapitest:latest

---
kind: pipeline
type: docker
name: golive
depends_on:
  - deploy

clone:
  disable: true

steps:
  - name: prod
    image: appleboy/drone-ssh
    settings:
      host: 
        from_secret: ssh_host
      username: 
        from_secret: ssh_user
      password: 
        from_secret: ssh_password
      script:
        - docker pull khwezi/webapitest:latest
        - docker stop webapi || true
        - docker rm webapi || true
        - docker run -d --name webapi -e ASPNETCORE_ENVIRONMENT=Production -p 4001:8081 khwezi/webapitest:latest
    when:
      event:
        - promote
      target:
        - prod