.travis.yml

language: go

go:
  - '1.14.x'
  - '1.13.x'

services:
  - docker

os:
  - linux
  - osx

dist: xenial

env:
  global:
    - PATH=$PATH:$GOPATH/bin
    - CONTROLLER_IMAGE_NAME=quay.io/bitnami/sealed-secrets-controller
    - CONTROLLER_IMAGE=${CONTROLLER_IMAGE_NAME}:${TRAVIS_TAG:-build-$TRAVIS_BUILD_ID}
    - MINIKUBE_WANTUPDATENOTIFICATION=false
    - MINIKUBE_WANTREPORTERRORPROMPT=false
    - MINIKUBE_HOME=${HOME}
    - CHANGE_MINIKUBE_NONE_USER=true
    - KUBECONFIG=${HOME}/.kube/config
    - DOCKER_CLI_EXPERIMENTAL=enabled

matrix:
  include:
    - env: INT_KVERS=v1.16.13 INT_SSC_CONF=controller.yaml
    - env: INT_KVERS=v1.17.11 INT_SSC_CONF=controller.yaml

addons:
  apt:
    packages:
      - wget
      - ca-certificates

before_install:
  - set -e

install:
  - go build -i ./...
  - |
    if [ "$INT_KVERS" != "" ]; then
      v=1.3.1
      if ! which minikube-$v; then
        wget -O $GOPATH/bin/minikube-$v \
           https://storage.googleapis.com/minikube/releases/v$v/minikube-$(go env GOOS)-$(go env GOARCH)
        chmod +x $GOPATH/bin/minikube-$v
      fi
      ln -sf minikube-$v $GOPATH/bin/minikube

      v=$INT_KVERS
      if ! which kubectl-$v; then
        wget -O $GOPATH/bin/kubectl-$v https://storage.googleapis.com/kubernetes-release/release/$v/bin/$(go env GOOS)/$(go env GOARCH)/kubectl
        chmod +x $GOPATH/bin/kubectl-$v
      fi
      ln -sf kubectl-$v $GOPATH/bin/kubectl

      mkdir -p $(dirname $KUBECONFIG) $HOME/.minikube
      touch $KUBECONFIG
      sudo -E $GOPATH/bin/minikube start --vm-driver=none \
        --extra-config=apiserver.authorization-mode=RBAC \
        --kubernetes-version $INT_KVERS
      sudo chown -R travis: /home/travis/.minikube/

      go install github.com/onsi/ginkgo/ginkgo
    fi
  - |
    v=0.12.0
    if ! which kubecfg-$v; then
      wget -O $GOPATH/bin/kubecfg-$v https://github.com/ksonnet/kubecfg/releases/download/v$v/kubecfg-$(go env GOOS)-$(go env GOARCH)
      chmod +x $GOPATH/bin/kubecfg-$v
    fi
    ln -sf kubecfg-$v $GOPATH/bin/kubecfg

script:
  - make
  - make test
  - make kubeseal-static
  - EXE_NAME=kubeseal-$(go env GOOS)-$(go env GOARCH)
  - cp kubeseal-static $EXE_NAME
  - ./$EXE_NAME --help || test $? -eq 2
  - |
    if [ "$INT_KVERS" != "" ]; then
      # multiarch manifests require push to real repository and each job in the travis matrix
      # needs its own image tag.
      make controller.yaml controller-norbac.yaml CONTROLLER_IMAGE=${CONTROLLER_IMAGE}-${TRAVIS_JOB_ID}

      minikube update-context
      minikube status
      docker login -u="$DOCKER_USERNAME" -p="$DOCKER_PASSWORD" quay.io
      sudo chmod o+x /etc/docker # https://github.com/docker/for-linux/issues/396
      make push-controller-image CONTROLLER_IMAGE=${CONTROLLER_IMAGE}-${TRAVIS_JOB_ID}
      while ! kubectl cluster-info; do sleep 3; done
      kubectl create -f $INT_SSC_CONF
      kubectl rollout status deployment/sealed-secrets-controller -n kube-system -w
      make integrationtest CONTROLLER_IMAGE=${CONTROLLER_IMAGE}-${TRAVIS_JOB_ID} GINKGO="ginkgo -v --randomizeSuites --failOnPending --trace --progress --compilers=2 --nodes=4"

      # cleanup the manifests since they point to the job specific image used for parallel integration testing
      # and might not be suitable for publishing as GH release artifacts.
      rm -f controller.yaml controller-norbac.yaml
    fi
  - |
    if [ "$TRAVIS_OS_NAME" = linux ]; then
      make controller.yaml controller-norbac.yaml CONTROLLER_IMAGE=$CONTROLLER_IMAGE
    fi
  - rm -f kubeseal-static
  - GOOS=windows GOARCH=amd64 make kubeseal-static
  - mv kubeseal-static kubeseal.exe
  - GOOS=linux GOARCH=arm GOARM=7 make kubeseal-static
  - mv kubeseal-static kubeseal-arm
  - GOOS=linux GOARCH=arm64 make kubeseal-static
  - mv kubeseal-static kubeseal-arm64

after_script: set +e

after_success:
  - |
    echo OS_NAME=$TRAVIS_OS_NAME BRANCH=$TRAVIS_BRANCH PR=$TRAVIS_PULL_REQUEST GO_VERSION=$TRAVIS_GO_VERSION
    if [[ "$TRAVIS_OS_NAME" == linux && \
          "$TRAVIS_BRANCH" == main && \
          "$TRAVIS_PULL_REQUEST" == false && \
          "$TRAVIS_GO_VERSION.0" =~ ^1\.14\. ]]; then
      echo "Pushing :latest..."
      docker login -u="$DOCKER_USERNAME" -p="$DOCKER_PASSWORD" quay.io
      sudo chmod o+x /etc/docker # https://github.com/docker/for-linux/issues/396
      make push-controller-image CONTROLLER_IMAGE=${CONTROLLER_IMAGE_NAME}:latest
    fi

before_deploy:
  - |
    if [[ "$TRAVIS_OS_NAME" == linux && \
          "$INT_KVERS" == "v1.16.13" ]]; then
      docker login -u="$DOCKER_USERNAME" -p="$DOCKER_PASSWORD" quay.io
      sudo chmod o+x /etc/docker # https://github.com/docker/for-linux/issues/396
      make push-controller-image CONTROLLER_IMAGE=${CONTROLLER_IMAGE}
    fi

deploy:
  api_key:
    secure: Q+/wLh9Qbe3dMmmBF1x2Qt5PqdHyHD+wjiRX0fV+leFtNjWEAgcSBrnPxhQVYrvL/tk/In/r9NlvO3VrCv7C11nkYEn5S7RJLIq6+v37Q789hBLchs5dH2FAwNyjA2Sezaf6ulYgqtouuy6Pt0ZY18/rjMcdKl1bYS+TeQU63eRWENgoHI0/yU6fR7w0q0Hjin+a1HCtn0K6YNxc51A0Rc/7TnYgDBSq74cpq+1xsazLrtDXrbtv6+WND5Oe702fwDM/C1b7k8jbmGPstVIWGKA0lfmzaTZUvuNyXbBzz76yBLXrDo41VhS9aBwWoIshTJhVGIl0rr8hy4K0J+MExsmUpp9ZLTwPXd4kFrEWPHFzA6oMNQknO0Lw92O85YpyJ9Jq8c2gPB+/syurhgKjmOHr+x/uGUUlXrYRnuaL/4Wqz5r+UiGcBGGiU9DLn1K8emgChf2FjkA009T/0o0cvUAS3c9WAeqv7P37EJUxpjL3+LrGlaKZaAAo/xAIO100YJ12SAfo0e8TSiMUQ2dngsWxDfWw5Yj90iyx9QE0XswkR5cKU6hsDzRR1xTmtv/jwyMrlgg7/UIQUkvQFZvC7NlkNcEMGCUCIE+Uc41Hh5L6OFqUvb7f/ULQ6D+vJ0wEMteIQolJh7mWSAUUmTiYKYKMR+RikEUtlJg5+TUZ+Y4=
  file:
    - $EXE_NAME
    - kubeseal.exe
    - kubeseal-arm
    - kubeseal-arm64
    - controller.yaml
    - controller-norbac.yaml
  on:
    condition: ${TRAVIS_GO_VERSION}.0 =~ ^1\.14\.
    tags: true
  provider: releases
  skip_cleanup: true

cache:
  directories:
    - $GOPATH/pkg
    - $GOPATH/bin
    - $HOME/.minikube/cache

branches:
  only:
    # using github actions for main and PRs
    # - main
    # release tags
    - /^v\d+\.\d+\.\d+.*/
    # for bors (in particular: don't build "staging.tmp")
    - staging
    - trying

notifications:
  email:
    on_success: never