stages:
  - build
  - deploy

variables:
  DOCKER_DRIVER: overlay2

default:
  before_script:
    - export IMAGE_TAG=${CI_COMMIT_TAG-$CI_COMMIT_SHA}

docker-build:
  image: docker/compose:latest
  interruptible: true
  stage: build
  services:
    - docker:dind
  variables:
    CI_PRE_CLONE_SCRIPT: umask 0002

  script:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
    - docker pull $CI_REGISTRY_IMAGE:build-stage || true
    - docker pull $CI_REGISTRY_IMAGE:latest || true

    - docker build
      --target build-stage
      --cache-from $CI_REGISTRY_IMAGE:build-stage
      -f ./docker/php/Dockerfile
      --tag "$CI_REGISTRY_IMAGE:build-stage"
      ./src

    - docker build
      --target latest
      --cache-from $CI_REGISTRY_IMAGE:latest
      --cache-from $CI_REGISTRY_IMAGE:build-stage
      -f ./docker/php/Dockerfile
      --tag "$CI_REGISTRY_IMAGE:latest"
      --tag "$CI_REGISTRY_IMAGE:$IMAGE_TAG"
      ./src

    - docker push "$CI_REGISTRY_IMAGE:build-stage"
    - docker push "$CI_REGISTRY_IMAGE:latest"
    - echo "Pushing to $CI_REGISTRY_IMAGE:$IMAGE_TAG"
    - docker push "$CI_REGISTRY_IMAGE:$IMAGE_TAG"

  only:
    - master
    - /^feature\//
    - /^release\//
    - /^v\d.*/

deploy-stage:
  stage: deploy
  image: docker/compose:latest
  interruptible: true
  environment:
    name: "Staging"
    url: "https://${STAGE_DOMAIN}"
  script:
    - apk add --no-cache openssh-client apache2-utils
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
    - echo "$STAGE_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
    - chmod 600 ~/.ssh/id_rsa

    - export SSH_CONNECTION="${STAGE_SSH_USER}@${STAGE_SSH_HOST}"
    - export ENV_DOMAIN="${STAGE_DOMAIN}"

    - sh ./src/sh/deploy-staging.sh

    - echo "Deployed to https://${ENV_DOMAIN}"

  only:
    - master
#
#deploy-ephemeral:
#  stage: deploy
#  image: docker/compose:latest
#  interruptible: true
#  environment:
#    name: "review/${CI_COMMIT_REF_SLUG}"
#    url: "https://${CI_ENVIRONMENT_SLUG}.${STAGE_DOMAIN}"
#    on_stop: remove-ephemeral
#  script:
#    - apk add --no-cache openssh-client apache2-utils
#    - mkdir -p ~/.ssh
#    - chmod 700 ~/.ssh
#    - echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
#    - echo "$STAGE_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
#    - chmod 600 ~/.ssh/id_rsa
#
#    - export ENV_DOMAIN="${CI_ENVIRONMENT_SLUG}.${STAGE_DOMAIN}"
#    - export SSH_CONNECTION="${STAGE_SSH_USER}@${STAGE_SSH_HOST}"
#
#    - sh ./sh/deploy-staging.sh
#
#    - ssh $SSH_CONNECTION mkdir -p /home/$STAGE_SSH_USER/remove-environment
#    - sed "s~%PROJECT%~amtechdiy--${CI_ENVIRONMENT_SLUG}~;s~%IMAGE%~$CI_REGISTRY_IMAGE:$IMAGE_TAG~" ./sh/remove-environment.sh | ssh $SSH_CONNECTION -T "cat > /home/$STAGE_SSH_USER/remove-environment/remove-environment--${CI_ENVIRONMENT_SLUG}.sh"
#    - echo "Deployed to https://${ENV_DOMAIN}"
#
#  only:
#    - /^feature\//
#    - /^release\//
#  except:
#    - tags
#
#remove-ephemeral:
#  stage: deploy
#
#  image: docker/compose:latest
#  variables:
#    GIT_STRATEGY: none
#  environment:
#    name: "review/${CI_COMMIT_REF_SLUG}"
#    action: stop
#  script:
#    - apk add --no-cache openssh-client apache2-utils
#    - mkdir -p ~/.ssh
#    - chmod 700 ~/.ssh
#    - echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
#    - echo "$STAGE_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
#    - chmod 600 ~/.ssh/id_rsa
#
#    - export SSH_CONNECTION="${STAGE_SSH_USER}@${STAGE_SSH_HOST}"
#    - ssh $SSH_CONNECTION bash "/home/$STAGE_SSH_USER/remove-environment/remove-environment--${CI_ENVIRONMENT_SLUG}.sh"
#    - ssh $SSH_CONNECTION rm "/home/$STAGE_SSH_USER/remove-environment/remove-environment--${CI_ENVIRONMENT_SLUG}.sh"
#
#  only:
#    - /^feature\//
#    - /^release\//
#  except:
#    - tags
#  when: manual
#
deploy-production:
  stage: deploy
  image: docker/compose:latest
  interruptible: true
  environment:
    name: "Production"
    url: "https://${PROD_DOMAIN}"
  script:
    - apk add --no-cache openssh-client apache2-utils
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
    - echo "$PROD_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
    - chmod 600 ~/.ssh/id_rsa

    - export DOCKER_COMPOSE_CONFIG=`docker-compose -f ./docker/docker-compose.shared.yml  -f ./docker/docker-compose.production.yml config`
    - export SSH_CONNECTION="${PROD_SSH_USER}@${PROD_SSH_HOST}"
    - ssh $SSH_CONNECTION docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
    - echo "$DOCKER_COMPOSE_CONFIG" | ssh $SSH_CONNECTION   docker-compose -f - pull
    - echo "$DOCKER_COMPOSE_CONFIG" | ssh $SSH_CONNECTION docker-compose -p $CI_PROJECT_NAME -f - up --force-recreate -d
    - echo "Deployed to https://${PROD_DOMAIN}"
  only:
    - /^v\d.*/
  except:
    - branches