.gitlab-ci.yml

stages:
  - lint
  - build
  - publish

.base_cpp:
  image: cogment/orchestrator-build-env:v2.0.0
  before_script:
    - mkdir build
    - cd build
    - cmake ..

.base_gh_ssh_agent:
  before_script:
    ## _Inspired by https://docs.gitlab.com/ee/ci/ssh_keys/_
    ##
    ## Install ssh-agent if not already installed.
    - "command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )"
    ## Run ssh-agent
    - eval $(ssh-agent -s)
    ## Add the private key file to ssh-agent
    - echo "$GH_REPO_SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
    ## Create the SSH directory and give it the right permissions
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    ## Using the set $SSH_KNOWN_HOSTS to be able to verify remote servers public keys
    - echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts

cpp_lint:
  extends: .base_cpp
  stage: lint
  script:
    - make format
    - git diff --exit-code

apache_licenses_check:
  stage: lint
  image: registry.gitlab.com/ai-r/apache-license-checker:latest
  script:
    - apache-license-checker

shellcheck:
  image: koalaman/shellcheck-alpine:stable
  stage: lint
  before_script:
    - shellcheck --version
  script:
    - shellcheck ./scripts/*.sh

shfmt:
  image: mvdan/shfmt:v3.1.0-alpine
  stage: lint
  before_script:
    - shfmt -version
  script:
    - shfmt -i 2 -ci -d ./scripts

build:
  extends: .base_cpp
  stage: build
  script:
    - make

.base_docker:
  image: docker:19.03.1
  services:
    - docker:19.03.1-dind
  variables:
    # Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled
    DOCKER_HOST: tcp://docker:2376
    DOCKER_TLS_CERTDIR: "/certs"
  before_script:
    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
    - docker login -u $DOCKER_HUB_USERNAME -p $DOCKER_HUB_TOKEN

build_docker:
  extends: .base_docker
  stage: build
  script:
    - docker pull $CI_REGISTRY_IMAGE:latest || true
    - docker build --cache-from $CI_REGISTRY_IMAGE:latest .
  except:
    # This job is not run on `develop` because `publish_latest` run there and "includes" the build
    - develop

publish_latest_to_gitlab_docker_registry:
  extends: .base_docker
  stage: publish
  script:
    - docker pull $CI_REGISTRY_IMAGE:latest || true
    - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:latest .
    - docker push $CI_REGISTRY_IMAGE:latest
  only:
    - develop

publish_tag_to_dockerhub:
  extends: .base_docker
  stage: publish
  variables:
    DOCKER_HUB_IMAGE: "cogment/orchestrator"
  script:
    - docker pull $CI_REGISTRY_IMAGE:latest || true
    - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG --tag $DOCKER_HUB_IMAGE:$CI_COMMIT_TAG --tag $CI_REGISTRY_IMAGE:latest --tag $DOCKER_HUB_IMAGE:latest .
    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG
    - docker push $CI_REGISTRY_IMAGE:latest
    - docker push $DOCKER_HUB_IMAGE:$CI_COMMIT_TAG
    - docker push $DOCKER_HUB_IMAGE:latest
  only:
    - /^v[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+(?:-[[:alnum:]]+)?$/

publish_branch_to_github:
  extends: .base_gh_ssh_agent
  stage: publish
  script:
    - git checkout ${CI_COMMIT_BRANCH} # Checkout the branch not the sha1
    - git remote add downstream git@github.com:cogment/cogment-orchestrator.git
    - git fetch downstream ${CI_COMMIT_BRANCH}
    - git push --tags downstream ${CI_COMMIT_BRANCH}:${CI_COMMIT_BRANCH}
  only:
    - main