stages:
  - build
  - deploy

variables:
  DOCKER_TLS_CERTDIR: /certs
  FRONTEND_IMAGE: $CI_REGISTRY_IMAGE/frontend
  BACKEND_IMAGE: $CI_REGISTRY_IMAGE/backend

.build-template: &build-template
  image:
    name: gcr.io/kaniko-project/executor:v1.23.2-debug
    entrypoint: [""]
  stage: build
  variables:
    DOCKER_CONFIG: /kaniko/.docker
    REGISTRY_USER: $CI_REGISTRY_USER
    REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD
    REGISTRY_URL: $CI_REGISTRY
  script:
    - mkdir -p /kaniko/.docker
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
    - /kaniko/executor
      --context "${CONTEXT}"
      --dockerfile "${DOCKERFILE_PATH}"
      --destination "${IMAGE_NAME}:${CI_COMMIT_SHA}"
      --destination "${IMAGE_NAME}:latest"
      --cache=true

build_frontend:
  <<: *build-template
  variables:
    CONTEXT: "${CI_PROJECT_DIR}/services/frontend"
    DOCKERFILE_PATH: "Dockerfile"
    IMAGE_NAME: "$CI_REGISTRY_IMAGE/frontend"

build_backend:
  <<: *build-template
  variables:
    CONTEXT: "${CI_PROJECT_DIR}/services/backend"
    DOCKERFILE_PATH: "Dockerfile"
    IMAGE_NAME: "$CI_REGISTRY_IMAGE/backend"

deploy:
  image: alpine:latest
  stage: deploy
  rules:
    - if: $CI_COMMIT_REF_NAME == "master"
  variables:
    SSH_USER: $ENV_SSH_USER
    SSH_HOST: $ENV_SSH_HOST
    SSH_PRIVATE_KEY_BASE64: $ENV_PRIVATE_KEY_BASE64
  before_script:
    - apk add --no-cache openssh-client
  script:
    - mkdir -p ~/.ssh
    - echo "$SSH_PRIVATE_KEY_BASE64" | base64 -d > ~/.ssh/id_rsa
    - chmod 600 ~/.ssh/id_rsa
    - scp -o StrictHostKeyChecking=no -r infrastructure/ compose.yaml ${SSH_USER}@${SSH_HOST}:~/deploy/
    - ssh -o StrictHostKeyChecking=no ${SSH_USER}@${SSH_HOST} "
      cd ~/deploy &&
      docker compose pull &&
      docker compose down &&
      docker compose up -d --remove-orphans
      "