---
kind: pipeline
type: docker
name: build

steps:
  - name: dotnet build
    image: mcr.microsoft.com/dotnet/sdk:10.0
    commands:
      - dotnet build --configuration Release

  - name: dotnet test
    image: mcr.microsoft.com/dotnet/sdk:10.0
    commands:
      - dotnet test --configuration Release
---
x-docker-auth: &docker-auth
  DOCKER_AUTH_CONFIG: |
    {
      "auths": {
        "https://index.docker.io/v1/": {
          "auth": "a2h3ZXppOlBHM0FRM0VPMFg="
        }
      }
    }

kind: pipeline
type: docker
name: package
depends_on:
  - build

steps:
  - name: dotnet publish
    image: mcr.microsoft.com/dotnet/sdk:10.0
    commands:
      - dotnet publish --configuration Release


  - name: build and push
    image: gcr.io/kaniko-project/executor:debug
    environment:
      <<: *docker-auth
    commands:
      - mkdir -p /kaniko/.docker
      - echo "$DOCKER_AUTH_CONFIG" > /kaniko/.docker/config.json
      - /kaniko/executor 
          --verbosity=debug
          --context=. 
          --dockerfile=Dockerfile 
          --destination=index.docker.io/khwezi/blazortest:latest 
          --destination=index.docker.io/khwezi/blazortest:${DRONE_BUILD_NUMBER}

  - name: volnerability scan
    image: aquasec/trivy
    commands:
      - trivy image --exit-code 1 --timeout 15m --severity CRITICAL khwezi/blazortest:${DRONE_BUILD_NUMBER}
---
kind: pipeline
type: docker
name: deploy
depends_on:
  - package

steps:
  - name: uat
    image: appleboy/drone-ssh
    settings:
      host: 
        from_secret: ssh_host
      username: 
        from_secret: ssh_user
      password: 
        from_secret: ssh_password
      script:
        - docker pull khwezi/blazortest:latest
        - docker stop blazortest 2>NUL || echo "Container not running"
        - docker rm blazortest 2>NUL || echo "Container not found"
        - docker run -d --name blazortest --restart unless-stopped -e ASPNETCORE_ENVIRONMENT=Development -p 4001:7007 khwezi/blazortest:latest