variables:
  LATEST_IMAGE: '$CI_REGISTRY_IMAGE:latest'
  DOCKER_VERSION: '24.0.2'
  GOLANG_VERSION: '1.20'
  NODE_VERSION: '18'
  ALPINE_VERSION: '3'

image: docker:$DOCKER_VERSION-git

.login_registry:
  before_script:
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY

.go-cache:
  variables:
    GOPATH: $CI_PROJECT_DIR/.go
  before_script:
    - mkdir -p .go
    - export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
  cache:
    paths:
      - .go/pkg/mod/

.if-stable-release-tag: &if-stable-release-tag
  if: '$CI_COMMIT_TAG =~ /^v[0-9]+\.[0-9]+\.[0-9]+$/'

.release:
  rules:
    - <<: *if-stable-release-tag

stages:
  - test
  - build
  - analyse

include:
  - template: Jobs/Secret-Detection.gitlab-ci.yml
  - template: Jobs/Container-Scanning.gitlab-ci.yml

build_release:
  rules: !reference [.release, rules]
  stage: build
  extends: .login_registry
  services:
    - name: docker:$DOCKER_VERSION-dind
      alias: docker
  variables:
    DOCKER_BUILDKIT: '1'
    DOCKER_TLS_CERTDIR: '/certs'
    CURRENT_IMAGE: '$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG'
    GO_BUILDER_IMAGE: '$CI_REGISTRY_IMAGE:go-builder'
    NODE_BUILDER_IMAGE: '$CI_REGISTRY_IMAGE:node-builder'
    LOGO_BUILDER_IMAGE: '$CI_REGISTRY_IMAGE:logo'
  script:
    - apk add bash
    - .gitlab/build_image.sh
    - docker push $CURRENT_IMAGE
    - docker push $LATEST_IMAGE

container_scanning:
  rules: !reference [.release, rules]
  stage: analyse
  variables:
    CS_IMAGE: $LATEST_IMAGE