---
kind: pipeline
type: docker

platform:
  os: linux
  arch: amd64

steps:
- name: build  
  image: gcr.io/kaniko-project/executor:latest
  entrypoint: [ /kaniko/executor ]
  command: [ "--context=/drone/src", "--dockerfile=Dockerfile", "--destination=image", "--no-push", "--tarPath=maptest-bot.tar" ]

- name: scan-image
  image: aquasec/trivy:latest
  commands:
    - trivy image --exit-code 1 --severity CRITICAL --input maptest-bot.tar

- name: push-image
  image: alpine:3
  commands: 
    - wget -qO- https://github.com/google/go-containerregistry/releases/download/v0.9.0/go-containerregistry_Linux_x86_64.tar.gz | tar xvz -C /usr/bin/
    - crane auth login -u $REGISTRY_USER -p $REGISTRY_PASS $REGISTRY_URL
    - crane push maptest-bot.tar $REGISTRY_URL/strafesnet/maptest-bot:latest
    - crane push maptest-bot.tar $REGISTRY_URL/strafesnet/maptest-bot:master-$DRONE_BUILD_NUMBER
  environment:
    REGISTRY_URL:
      from_secret: REGISTRY_URL
    REGISTRY_USER:
      from_secret: REGISTRY_USER
    REGISTRY_PASS:
      from_secret: REGISTRY_PASS
  when:
    ref:
      - refs/heads/master

- name: deploy
  image: alpine/helm:latest
  commands:
    - mkdir ~/.kube && echo "$KUBE_CONF_DEV" > ~/.kube/config && chmod 600 ~/.kube/config
    - helm upgrade -i --namespace=strafesnet-dev maptest-bot --set config="$(echo $APP_CONFIG | base64 -w0)" --set image.tag=master-$DRONE_BUILD_NUMBER chart
  environment:
    APP_CONFIG:
      from_secret: APP_CONFIG
    KUBE_CONF_DEV:
      from_secret: KUBE_CONF_DEV
  when:
    ref:
      - refs/heads/master

trigger:
  ref:
    - refs/heads/master
    - refs/pull/*/head