---
kind: pipeline
type: kubernetes
name: default

metadata:
  labels:
    pod-security.kubernetes.io/audit: privileged

services:
  - name: docker daemon
    image: docker:dind
    privileged: true
    environment:
      DOCKER_TLS_CERTDIR: ""
    when:
      event:
        - tag
        - promote

steps:
  - name: node.js build
    image: node:18
    commands:
      - "npm add --global pnpm"
      - pnpm i --no-frozen-lockfile
      - pnpm run build

  - name: container build
    image: docker:latest
    privileged: true
    commands:
      - "while ! docker stats --no-stream; do sleep 1; done"
      - "docker build -t $DOCKER_REGISTRY/garrettmills/www ."
      - "docker push $DOCKER_REGISTRY/garrettmills/www"
    environment:
      DOCKER_HOST: tcp://localhost:2375
      DOCKER_REGISTRY:
        from_secret: DOCKER_REGISTRY
    when:
      event:
        - tag
        - promote

  - name: k8s rollout
    image: bitnami/kubectl
    privileged: true
    commands:
      - cd deploy && kubectl apply -f .
      - kubectl rollout restart deployment/garrettmills-dev -n default
    when:
      event:
        - tag
        - promote