---

include:
  - template: Security/SAST.gitlab-ci.yml

variables:
  PKGDEST: $CI_PROJECT_DIR/packages
  PACKAGER: 'Alexandre Pujol <alexandre@pujol.io>'

stages:
  - lint
  - test
  - build
  - preprocess
  - deploy


# Code Linter
# -----------

bash:
  stage: lint
  image: koalaman/shellcheck-alpine
  script:
    - shellcheck --shell=bash
        PKGBUILD configure
        debian/apparmor.d.postinst debian/apparmor.d.postrm

golangci-lint:
  stage: lint
  image: golangci/golangci-lint
  script:
    - golangci-lint run

hadolint:
  stage: lint
  image: hadolint/hadolint:latest-alpine
  script:
    - hadolint dists/build/*/Dockerfile

sast:
  stage: lint


# Code test
# ---------

tests:
  stage: test
  image: golang
  coverage: '/Coverage: \d+.\d+/'
  script:
    - cp tests/journalctl /usr/bin/journalctl
    - chmod 755 /usr/bin/journalctl
    - go test ./cmd/aa-log -v -cover -coverprofile=coverage.out
    - go tool cover -func=coverage.out


# Package Build
# -------------

archlinux:
  stage: build
  image: registry.gitlab.com/archlex/packages/builders/archlinux
  script:
    - sudo pacman -Syu --noconfirm --noprogressbar lsb-release
    - makepkg -s --noconfirm --noprogressbar
  artifacts:
    expire_in: 1 day
    paths:
      - $PKGDEST/*

debian:
  stage: build
  image: registry.gitlab.com/archlex/packages/builders/debian
  script:
    - VERSION="0.$(git rev-list --count HEAD)-1"
    - mkdir -p "$PKGDEST"
    - sudo apt-get update -q && sudo apt-get install -y  golang-go lsb-release config-package-dev rsync
    - dch --newversion=$VERSION --urgency=medium --distribution=stable --controlmaint "Release $VERSION"
    - dpkg-buildpackage -b -d --no-sign
    - mv ../*.deb $PKGDEST/
  artifacts:
    expire_in: 1 day
    paths:
      - $PKGDEST/*.deb

ubuntu:
  extends: debian
  variables:
    DIST: ubuntu


# Profile Preprocessing
# ---------------------

preprocess-archlinux:
  stage: preprocess
  image: archlinux
  dependencies:
    - archlinux
  script:
    - pacman -Syu --noconfirm --noprogressbar apparmor
    - pacman -U --noconfirm --noprogressbar
        --overwrite etc/apparmor.d/tunables/global
        --overwrite etc/apparmor.d/tunables/xdg-user-dirs
        --overwrite etc/apparmor.d/abstractions/trash
        $PKGDEST/*
    - apparmor_parser --preprocess /etc/apparmor.d 1> /dev/null

preprocess-debian:
  stage: preprocess
  image: debian
  dependencies:
    - debian
  script:
    - apt-get update -q
    - apt-get install -y apparmor apparmor-profiles
    - dpkg --install $PKGDEST/*
    - apparmor_parser --preprocess /etc/apparmor.d 1> /dev/null

preprocess-ubuntu:
  stage: preprocess
  image: ubuntu
  dependencies:
    - ubuntu
  script:
    - apt-get update -q
    - apt-get install -y apparmor apparmor-profiles
    - dpkg --install $PKGDEST/*
    - apparmor_parser --preprocess /etc/apparmor.d 1> /dev/null


# Deploy the documentation 
# ------------------------

pages:
  stage: deploy
  image: python
  script:
    - pip install -r requirements.txt
    - mkdocs build --verbose --site-dir public
  artifacts:
    paths:
      - public
  rules:
    - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH