include:
  - template: Container-Scanning.gitlab-ci.yml
  - template: License-Scanning.gitlab-ci.yml
  - template: SAST.gitlab-ci.yml

stages:
  - prepare
  - compile
  - test
  - build
  - postbuild

.commons: &elixir-commons
  image: elixir:1.10.3
  cache:
    key: ${CI_COMMIT_REF_SLUG}
    paths:
      - $CI_PROJECT_DIR/.mix
      - $CI_PROJECT_DIR/priv/plts
      - ~/.hex/
  before_script:
    - mkdir -p $CI_PROJECT_DIR/priv/plts/
    - mix local.hex --force &&  mix local.rebar --force
    - chmod +x .gitlab/build-scripts/*
    - source .gitlab/build-scripts/docker.gitlab.sh

deps:
  <<: *elixir-commons
  stage: prepare
  variables:
    MIX_HOME: $CI_PROJECT_DIR/.mix
  script:
    - mix deps.get
  dependencies: []
  artifacts:
    paths:
      - mix.lock
      - deps

compile:
  <<: *elixir-commons
  stage: compile
  script:
    - mix compile
  dependencies:
    - deps
  artifacts:
    paths:
      - mix.lock
      - _build
      - deps


license_scanning:
  stage: compile
  dependencies:
    - deps

sast:
  stage: compile

test:ex_unit:
  <<: *elixir-commons
  services:
    - postgres
    - name: yandex/clickhouse-server:20.3.9.70
      alias: clickhouse
  stage: test
  variables:
    POSTGRES_PASSWORD: postgres
    POSTGRES_USER: postgres
    DATABASE_URL: postgres://postgres:postgres@postgres:5432/plausible_test?currentSchema=default
    CLICKHOUSE_DATABASE_HOST: clickhouse
    CLICKHOUSE_DATABASE_NAME: plausible_test
    MIX_HOME: $CI_PROJECT_DIR/.mix
  before_script:
    - apt update && apt install -y clickhouse-client
    - clickhouse-client --host clickhouse --query "CREATE DATABASE IF NOT EXISTS plausible_test"
  script:
    - mix test --cover
  coverage: '/\[TOTAL\]\s+(\d+\.\d+)%/'
  dependencies:
    - compile
  artifacts:
    reports:
      junit: plausible-report.xml

build:docker:
  <<: *elixir-commons
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  stage: build
  variables:
    MIX_ENV: prod
    MIX_HOME: $CI_PROJECT_DIR/.mix/
    APP_VERSION: $CI_COMMIT_SHORT_SHA
  before_script:
    - chmod +x .gitlab/build-scripts/*
    - source .gitlab/build-scripts/docker.gitlab.sh
    - docker_create_config
  script:
    - docker_build_image
  dependencies:
    - compile
  only:
    - master

deploy:plausible:
  stage: postbuild
  script:
    - "curl -X POST -F token=$PLAUSIBLE_DEPLOY_TOKEN -F ref=master -F variables[IMAGE_TAG]=${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHORT_SHA} $PLAUSIBLE_DEPLOY_PROJECT"
  only:
    - master

container_scanning:
  stage: postbuild
  image: registry.gitlab.com/gitlab-org/security-products/analyzers/klar:$CS_MAJOR_VERSION
  variables:
    CS_MAJOR_VERSION: 2
    KLAR_TRACE: "true"
    CLAIR_TRACE: "true"
    CLAIR_OUTPUT: "medium"
    CI_APPLICATION_REPOSITORY: $CI_REGISTRY_IMAGE
    CI_APPLICATION_TAG: ${CI_COMMIT_REF_SLUG}-$CI_COMMIT_SHORT_SHA