image: danger89/gtk3-docker-cmake-ninja:3.1
stages:
  - build
  #- upload
  - test
  - release

variables:
  GIT_SUBMODULE_STRATEGY: recursive
  PACKAGE_REGISTRY_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/libreweb-browser/${CI_COMMIT_TAG}"
  RELEASE_LINKS_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/releases/${CI_COMMIT_TAG}/assets/links"
  SAST_EXCLUDED_ANALYZERS: "bandit,brakeman,eslint,gosec,kubesec,nodejs-scan,phpcs-security-audit,pmd-apex,security-code-scan,sobelow,spotbugs"
  SAST_EXCLUDED_PATHS: "lib"

doxygen:
  stage: build
  script:
    - "./scripts/build-docs.sh"
  artifacts:
    name: Doxygen
    paths:
      - build_docs/docs/html/

linux_build:
  stage: build
  script: 
    - "./scripts/build-lnx-prod.sh"
  artifacts:
    name: Packages
    expire_in: 4 weeks
    paths:
    - build_prod/libreweb-browser-*.deb
    - build_prod/libreweb-browser-*.rpm
    - build_prod/libreweb-browser-*.tar.gz

static_code_analysis:
  stage: build
  script: "./scripts/cpp-check.sh"

code_style_guidelines:
  stage: build
  script: "./scripts/check-format.sh"

unit_test:
  stage: test
  script: "./scripts/build-run-tests.sh"

sast:
  stage: test
  variables:
    SEARCH_MAX_DEPTH: 3

include:
  - template: Security/SAST.gitlab-ci.yml

# Upload artifacts & Create new release
upload_and_release:
  stage: release # upload
  image: curlimages/curl:latest
  rules:
    - if: $CI_PROJECT_NAMESPACE == "libreweb" && $CI_COMMIT_TAG
  script:
    - 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file build_prod/libreweb-browser-v${CI_COMMIT_TAG}.deb
      ${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.deb'
    - 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file build_prod/libreweb-browser-v${CI_COMMIT_TAG}.rpm
      ${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.rpm'
    - 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file build_prod/libreweb-browser-v${CI_COMMIT_TAG}.tar.gz
      ${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.tar.gz'
    - 'curl --header "PRIVATE-TOKEN: ${ACCESS_TOKEN}" --header "Content-Type: application/json"
      --request POST --data "{\"name\":\"LibreWeb Browser (Compressed binary)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.tar.gz\",\"link_type\":\"package\"}"
      ${RELEASE_LINKS_URL}'
    - 'curl --header "PRIVATE-TOKEN: ${ACCESS_TOKEN}" --header "Content-Type: application/json"
      --request POST --data "{\"name\":\"LibreWeb Browser (Red-Hat/Fedora/openSUSE)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.rpm\",\"link_type\":\"package\"}"
      ${RELEASE_LINKS_URL}'
    - 'curl --header "PRIVATE-TOKEN: ${ACCESS_TOKEN}" --header "Content-Type: application/json"
      --request POST --data "{\"name\":\"LibreWeb Browser (Debian/Ubuntu/Linux Mint)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.deb\",\"link_type\":\"package\"}"
      ${RELEASE_LINKS_URL}'

# Create new release
#release:
#  stage: release
#  image: registry.gitlab.com/gitlab-org/release-cli:edge
#  rules:
#    - if: '$CI_PROJECT_NAMESPACE == "libreweb" && $CI_COMMIT_TAG'
#  script:
#    - release-cli --timeout 700s create --name "Release version $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \
#        --assets-link "{\"name\":\"LibreWeb Browser (Debian/Ubuntu/Linux Mint)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.deb\"}" \
#        --assets-link "{\"name\":\"LibreWeb Browser (Red-Hat/Fedora/openSUSE)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.rpm\"}" \
#        --assets-link "{\"name\":\"LibreWeb Browser (Compressed binary)\",\"url\":\"${PACKAGE_REGISTRY_URL}/libreweb-browser-v${CI_COMMIT_TAG}.tar.gz\"}"