# You can override the included template(s) by including variable overrides
# See https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#priority-of-environment-variables

stages:
- test
- build
- push_local
- push_dockerhub

.docker_base:
  image: docker:18.09.7-dind
  services:
    - docker:18.09.7-dind
  variables:
    DOCKER_DRIVER: overlay
    DOCKER_HOST: tcp://localhost:2375/
    IMAGE_TAG: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
    FF_GITLAB_REGISTRY_HELPER_IMAGE: 1
  before_script:
    - docker version
    - docker info
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY

build:
  extends:
    - .docker_base
  stage: build
  script:
  - docker pull $CI_REGISTRY_IMAGE:latest || true
  - >
    docker build
    --pull
    --cache-from $CI_REGISTRY_IMAGE:latest
    --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
    ./Docker/
  - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA

push local:
  extends:
    - .docker_base
  stage: push_local
  variables:
    GIT_STRATEGY: none
  only:
  - master
  script:
  - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
  - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest
  - docker push $CI_REGISTRY_IMAGE:latest

push dockerhub:
  extends:
    - .docker_base
  stage: push_dockerhub
  variables:
    GIT_STRATEGY: none
    CI_DOCKERHUB_IMAGE: index.docker.io/evanrich/py-eagle-mqtt
    CI_DOCKERHUB_REGISTRY: docker.io
  only:
  - tags
  script:
  - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
  - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:$CI_COMMIT_REF_NAME 
  - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_DOCKERHUB_IMAGE:latest
  - docker login -u "$CI_DOCKERHUB_USER" -p "$CI_DOCKERHUB_PASSWORD" $CI_DOCKERHUB_REGISTRY
  - docker push $CI_DOCKERHUB_IMAGE
  
sast:
  stage: test
include:
- template: Security/SAST.gitlab-ci.yml