---
kind: pipeline
type: kubernetes
name: build

metadata:
  labels:
    pod-security.kubernetes.io/audit: privileged

services:
  - name: docker daemon
    image: docker:dind
    privileged: true
    environment:
      DOCKER_TLS_CERTDIR: ""

steps:
  - name: container build
    image: docker:latest
    privileged: true
    commands:
      - "while ! docker stats --no-stream; do sleep 1; done"
      - docker image build -t $DOCKER_REGISTRY/noded/backend .
      - docker push $DOCKER_REGISTRY/noded/backend
    environment:
      DOCKER_REGISTRY:
        from_secret: DOCKER_REGISTRY
      DOCKER_HOST: tcp://localhost:2375
#    when:
#      event: tag

  - name: environment substitution
    image: rockylinux:9.0-minimal
    commands:
      - microdnf install -y gettext
      - cd deploy && mkdir ../deploy-subst && bash -c 'for f in *.yaml; do envsubst < $f > ../deploy-subst/$f; done'

#  - name: k8s rollout
#    image: bitnami/kubectl
#    commands:
#      - cd deploy && bash -c 'for f in *.yaml; do envsubst < $f | kubectl apply -f -; done'
#    environment:
#      NODED_DOMAIN:
#        from_secret: NODED_DOMAIN
#      NODED_DATABASE_HOST:
#        from_secret: NODED_DATABASE_HOST
#      NODED_REDIS_HOST:
#        from_secret: NODED_REDIS_HOST
#      NODED_DATABASE_NAME:
#        from_secret: NODED_DATABASE_NAME
#    when:
#      event: tag