---
kind: pipeline
type: docker
name: "Test Pipeline"

trigger:
  event:
    exclude:
      - tag

steps:
  - name: submodules
    image: alpine/git
    commands:
      - git submodule update --init --recursive

  - name: "Hugo test build"
    image: node:lts-buster-slim
    commands:
      - npm install
      - npm run test
      - npm run build

---
kind: pipeline
type: docker
name: "Next Build Pipeline"

trigger:
  event:
    exclude:
      - pull_request
  branch:
    exclude:
      - master

depends_on:
  - "Test Pipeline"

steps:
  - name: submodules
    image: alpine/git
    commands:
      - git submodule update --init --recursive

  - name: "Build (${DRONE_BRANCH} as next)"
    image: plugins/docker
    settings:
      username:
        from_secret: hub_user
      password:
        from_secret: hub_passwd
      repo: ocram85/blog
      tags: "next"
      dockerfile: Dockerfile
      build_args:
        - NODE_BASE=lts-buster-slim
        - NGINX_BASE=1.21.6-alpine

  - name: "Trivy (next)"
    image: aquasec/trivy:0.24.3
    failure: ignore
    commands:
      - |
        trivy image \
          --severity UNKNOWN,LOW,MEDIUM \
          --no-progress \
          ocram85/blog:next
      - |
        trivy image \
          --exit-code 1 \
          --severity HIGH,CRITICAL \
          --no-progress \
          ocram85/blog:next

  - name: "Trigger Service Update"
    image: ocram85/portainer-serviceupdate
    settings:
      #VERBOSE: true
      URI: "https://portainer.ocram85.com"
      TOKEN:
        from_secret: NEXT_TOKEN

---
kind: pipeline
type: docker
name: "Master Build Pipeline"

trigger:
  event:
    exclude:
      - pull_request
      - tag
  branch:
    include:
      - master

depends_on:
  - "Test Pipeline"

steps:
  - name: submodules
    image: alpine/git
    commands:
      - git submodule update --init --recursive

  - name: "Build (master)"
    image: plugins/docker
    settings:
      username:
        from_secret: hub_user
      password:
        from_secret: hub_passwd
      repo: ocram85/blog
      auto_tag: true
      dockerfile: Dockerfile
      build_args:
        - NODE_BASE=lts-buster-slim
        - NGINX_BASE=1.21.6-alpine

  - name: "Trivy (latest)"
    image: aquasec/trivy:0.24.3
    failure: ignore
    commands:
      - |
        trivy image \
          --severity UNKNOWN,LOW,MEDIUM \
          --no-progress \
          ocram85/blog:latest
      - |
        trivy image \
          --exit-code 1 \
          --severity HIGH,CRITICAL \
          --no-progress \
          ocram85/blog:latest

  - name: "Trigger Service Update"
    image: ocram85/portainer-serviceupdate
    settings:
      #VERBOSE: true
      URI: "https://portainer.ocram85.com"
      TOKEN:
        from_secret: TOKEN
---
kind: pipeline
type: docker
name: "Tags Pipeline"

trigger:
  event:
    include:
      - tag
steps:
  - name: submodules
    image: alpine/git
    commands:
      - git submodule update --init --recursive

  - name: "Build tag image"
    image: plugins/docker
    settings:
      username:
        from_secret: hub_user
      password:
        from_secret: hub_passwd
      repo: ocram85/blog
      auto_tag: true