.gitlab-ci.yml

image:
  name: registry.gitlab.com/magic7s/k8s-hybrid-cloud:latest
  entrypoint:
    - '/usr/bin/env'
    - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'

before_script:
  - gcloud --version
  - kubectl version --client=true
  - terraform --version
  - helm init --client-only
  - helm repo add istio https://s3-us-west-2.amazonaws.com/vxlan.io/charts
  - mkdir -p ~/.gcp
  - echo $GCPCRED | base64 -d > ~/.gcp/k8s-hybrid-cloud-0f1ceb09cf2a.json
  - gcloud auth activate-service-account --key-file=/root/.gcp/k8s-hybrid-cloud-0f1ceb09cf2a.json
  - gcloud config set core/project k8s-hybrid-cloud
  - gcloud config set compute/region us-west1
  - gcloud config set compute/zone us-west1-a
  - gcloud container clusters list
  - terraform init

stages:
  - pre-build
  - build
  - validate
  - plan
  - apply
  - destroy

cache:
  key: "$CI_COMMIT_SHA"
  paths:
    - kubeconfig_gke-hybrid-cloud
    - kubeconfig_eks-hybrid-cloud
    - config-map-aws-auth_eks-hybrid-cloud.yaml
    - remote-cluster-auth

terraform helm compile:
  image: golang
  stage: pre-build
  before_script:
    - echo $GOPATH
  script:
    - echo $CI_PROJECT_DIR
    - go get -d github.com/terraform-providers/terraform-provider-helm
    - cd $GOPATH/src/github.com/terraform-providers/terraform-provider-helm
    - git checkout v0.8.0
    - go build -o $CI_PROJECT_DIR/terraform-provider-helm .
    - test -f $CI_PROJECT_DIR/terraform-provider-helm
  artifacts:
    paths:
      - terraform-provider-helm
  only:
    changes:
      - Dockerfile

docker build:
  image: docker:stable
  variables:
    CONTAINER_IMAGE: registry.gitlab.com/$CI_PROJECT_PATH
    DOCKER_HOST: tcp://docker:2375
    DOCKER_DRIVER: overlay2
  services:
  - docker:dind
  stage: build
  dependencies:
    - terraform helm compile
  before_script:
    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN registry.gitlab.com
  script:
    - docker pull $CONTAINER_IMAGE:latest || true
    - docker build --cache-from $CONTAINER_IMAGE:latest --tag $CONTAINER_IMAGE:$CI_COMMIT_SHA --tag $CONTAINER_IMAGE:latest .
    - docker push $CONTAINER_IMAGE:$CI_COMMIT_SHA
    - docker push $CONTAINER_IMAGE:latest
  only:
    changes:
      - Dockerfile
      
      
validate:
  stage: validate
  script:
    - terraform validate

plan:
  stage: plan
  script:
    - terraform plan -out "planfile"
  dependencies:
    - validate
  artifacts:
    paths:
      - planfile

apply:
  stage: apply
  script:
    - terraform apply -input=false -auto-approve || true
    - terraform apply -input=false -auto-approve
  dependencies:
    - plan
  artifacts:
    paths:
      - kubeconfig_gke-hybrid-cloud
      - kubeconfig_eks-hybrid-cloud
      - config-map-aws-auth_eks-hybrid-cloud.yaml
      - remote-cluster-auth
    when: always
  when: manual
  
destroy:
  stage: destroy
  retry: 1
  script:
    - terraform destroy -auto-approve
  dependencies:
    - apply
  when: manual