image: docker:24.0.6
services:
  - docker:24.0.6-dind

#Global variables
variables:
  GIT_STRATEGY: clone
  FF_NETWORK_PER_BUILD: "true" # activate container-to-container networking. (don't define "network_mode" in docker runner config)
  DOCKER_TLS_CERTDIR: ""
  PROJECT_NAME: "DOCKER_IMAGE"

# Pas de merge request pipeline
workflow:
  rules:
    - if: $CI_PIPELINE_SOURCE != 'merge_request_event'

stages:
  - Build

##############################################################################
###### STAGE BUILD ###########################################################
##############################################################################
build_image:
  stage: Build
  tags:
    - dind
  script:
    - |
      apk update && apk add curl bash git grep jq
    
      # Install VDG CA
      curl $IP_VDG_CERTIFICATE/certs/rootvdgca_ROOTVDG-CA.crt > /usr/local/share/ca-certificates/rootvdgca.crt
      curl $IP_VDG_CERTIFICATE/certs/adsubca.crt > /usr/local/share/ca-certificates/adsubca.crt
      update-ca-certificates

      # Vérification du format du tag lié au commit
      if ! [[ "$CI_COMMIT_TAG" =~ @ ]] ; then echo -e "\e[1;31mERROR - Bad commit tag (missing @) $CI_COMMIT_TAG\e[0m" ; exit 1 ; fi
      if ! [[ "$CI_COMMIT_TAG" =~ % ]] ; then echo -e "\e[1;31mERROR - Bad commit tag (missing %) $CI_COMMIT_TAG\e[0m" ; exit 1 ; fi
      
      # Traitement du tag - Supprime à partir du @xxx
      IMG_TYPE_TAG="$(echo $CI_COMMIT_TAG | cut -f1 -d@)"
      # Récupération du type d'image (p.ex drupal_php, musinfo_php,...)
      IMG_TYPE="$(echo $IMG_TYPE_TAG | cut -f1 -d%)"
      echo "$IMG_TYPE"
      # Récupération du tag (p.ex 8.1-fpm-alpine, 8.1-fpm-alpine3.18, ...)
      IMG_TAG="$(echo $IMG_TYPE_TAG | cut -f2 -d%)"
      echo "$IMG_TAG"
      
      # Vérification des formats pour que le nom de l'image soit correct
      if ! [[ "$(echo "$IMG_TYPE" | grep -s -E '^[a-z]+_[a-z]+([a-z_-]+)?$')" ]] ; then echo -e "\e[1;31mERROR - Bad format for type $IMG_TYPE\e[0m" ; exit 1 ; fi
      if ! [[ "$(echo "$IMG_TAG" | grep -s -E '^[0-9]+\.[0-9]+(\.[0-9]+)?-fpm-alpine([0-9]+\.[0-9]+)?$')" ]] ; then echo -e "\e[1;31mERROR - Bad format for tag $IMG_TAG\e[0m" ; exit 1 ; fi
      if [ ! -d "src/$IMG_TYPE/$IMG_TAG" ]; then echo -e "\e[1;31mERROR - Le répertoire pour l'image de base $IMG_TYPE avec le tag $IMG_TAG n'existe pas.\e[0m" ; exit 1 ; fi
    
      # Push on nexus and try to connect
      docker login -u $NEXUS_3_USER -p $NEXUS_3_PASSWORD $NEXUS_3_DOCKER_REGISTRY
      echo -e "\e[1;36mBuilding base image $IMG_TYPE with tag $IMG_TAG\e[0m"
      docker build --build-arg IMG_TAG="$IMG_TAG" --build-arg DIR_ARG="src/${IMG_TYPE}/$IMG_TAG" --add-host gitlab.ville-geneve.ch:10.104.1.28 --pull --no-cache -t $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:$IMG_TAG -f ./src/${IMG_TYPE}/$IMG_TAG/Dockerfile . || exit 1
      if curl -k -u $NEXUS_3_USER:$NEXUS_3_PASSWORD --silent -f -IlSL https://$NEXUS_3_DOCKER_REGISTRY/v2/$SITE_CONTAINER_URL/$IMG_TYPE/manifests/$IMG_TAG > /dev/null; then 
        echo -e "\e[1;33mDeleting previous image $IMG_TYPE with tag $IMG_TAG!\e[0m"
        Manifest_SHA256=$(curl -u $NEXUS_3_USER:$NEXUS_3_PASSWORD -s "https://$NEXUS_3_SERVER/service/rest/v1/search?name=${SITE_CONTAINER_URL}/${IMG_TYPE}&version=$IMG_TAG" | jq '.items[].assets[].checksum.sha256' | sed -e 's|"||g')
        echo "Manifest_SHA256=$Manifest_SHA256"
        curl -u $NEXUS_3_USER:$NEXUS_3_PASSWORD -is -X DELETE "https://$NEXUS_3_DOCKER_REGISTRY/v2/$SITE_CONTAINER_URL/$IMG_TYPE/manifests/sha256:$Manifest_SHA256"
      fi
      docker push $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:$IMG_TAG || exit 1
      echo -e "\e[1;36mBuilding tests image ${IMG_TYPE} with tag ${IMG_TAG}-tests\e[0m"
      # To avoid error:
      #      'Head "https://registry-docker.ville-geneve.ch/v2/devspe/docker-base-image/drupal_php/manifests/8.1-fpm-alpine3.18": 
      #       x509: certificate signed by unknown authority' 
      # Need to force docker pull the base image from registy before!!!!
      docker pull $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:$IMG_TAG || exit 1
      docker build --build-arg IMG_TAG="$IMG_TAG" --build-arg DIR_ARG="src/${IMG_TYPE}/$IMG_TAG" --build-arg IMG_NAME="$NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE" --add-host gitlab.ville-geneve.ch:10.104.1.28 --no-cache -t $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:${IMG_TAG}-tests -f ./src/${IMG_TYPE}/$IMG_TAG/Dockerfile-tests . || exit 1
      if curl -k -u $NEXUS_3_USER:$NEXUS_3_PASSWORD --silent -f -IlSL https://$NEXUS_3_DOCKER_REGISTRY/v2/$SITE_CONTAINER_URL/$IMG_TYPE/manifests/${IMG_TAG}-tests > /dev/null; then 
        echo -e "\e[1;33mDeleting previous image ${IMG_TYPE} with tag ${IMG_TAG}-tests!\e[0m"
        Manifest_Tests_SHA256=$(curl -u $NEXUS_3_USER:$NEXUS_3_PASSWORD -s "https://$NEXUS_3_SERVER/service/rest/v1/search?name=${SITE_CONTAINER_URL}/${IMG_TYPE}&version=${IMG_TAG}-tests" | jq '.items[].assets[].checksum.sha256' | sed -e 's|"||g')
        echo "Manifest_Tests_SHA256=$Manifest_Tests_SHA256"
        curl -u $NEXUS_3_USER:$NEXUS_3_PASSWORD -is -X DELETE "https://$NEXUS_3_DOCKER_REGISTRY/v2/$SITE_CONTAINER_URL/$IMG_TYPE/manifests/sha256:$Manifest_Tests_SHA256"
      fi
      docker push $NEXUS_3_DOCKER_REGISTRY/$SITE_CONTAINER_URL/$IMG_TYPE:${IMG_TAG}-tests || exit 1
      

  rules:
    - if: $CI_COMMIT_TAG != null
      when: manual