.gitlab-ci.yml

include:
  - remote: https://open.greenhost.net/stackspin/stackspin/raw/main/.gitlab/ci_templates/kaniko.yml

stages:
  - build
  - build-test-images
  # TODO: Re-enable after fixing #82
  # - lint
  - application-test
  - integration-test

login_test:
  image: python:3.9
  stage: unittest
  needs: []
  variables:
    HYDRA_ADMIN_URL: http://localhost/ignored
    KRATOS_PUBLIC_URL: http://localhost/ignored
    PUBLIC_URL: http://localhost/ignored
  cache:
    paths:
      - "$CI_PROJECT_DIR/pip-cache"
    key: "$CI_PROJECT_ID"
    before_script:
      - cd login
      - python -V
      - pip install -r requirements.txt
    script:
      - pytest -v --cov=login --cov-report=term --cov-report=xml tests
    artifacts:
      reports:
        cobertura: login/coverage.xml
    coverage: '/^TOTAL.+?(\d+\%)$/'

login:
  stage: build
  needs:
    - "login_test"
  variables:
    KANIKO_CONTEXT: "login"
    KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
  extends: .kaniko_build
  only:
    changes:
      - login/**/*
      - .gitlab-ci.yml


integration_test_app:
  stage: build-test-images
  variables:
    KANIKO_CONTEXT: "test/integration_tests"
    KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
  extends: .kaniko_build
  only:
    changes:
      - test/integration_tests/**/*
      - .gitlab-ci.yml

integration_test:
  stage: build-test-images
  variables:
    KANIKO_CONTEXT: "test/integration_tests/test"
    KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
  extends: .kaniko_build
  only:
    changes:
      - test/integration_tests/test/**/*
      - test/integration_tests/test/Dockerfile
      - .gitlab-ci.yml

pylint:
  stage: build-test-images
  variables:
    KANIKO_CONTEXT: "test/lint/pylint"
    KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
  extends: .kaniko_build
  only:
    changes:
      - test/lint/pylint/Dockerfile
      - test/lint/pylint/requirements.txt
      - .gitlab-ci.yml



# TODO: This integration testing is the old test. This need to be modified
#       and will happen in the issue which is about integration the login 
#       image & testing that
behave-integration:
  stage: integration-test
  services:
    - name: postgres:latest
      alias: postgres
    - name: docker.io/oryd/hydra:v1.10.7-alpine
      alias: hydra
      command:
        - serve
        - all
        - --dangerous-force-http
        - --dangerous-allow-insecure-redirect-urls
        - "http://oidc:5000/callback"
    - name: ${CI_REGISTRY_IMAGE}/integration_test_app:${CI_COMMIT_REF_NAME}
      alias: oidc
  variables:
    # Feature Flag FF_NETWORK_PER_BUILD Enables creation of a docker network per build
    # with the docker executor of the gitlab-runner. This is required for service
    # interconnection. Requires gitlab-runner v12.9.0
    FF_NETWORK_PER_BUILD: 1
    DATABASE_HOST: "postgres"
    URLS_LOGIN: "http://login:5000/login"
    URLS_LOGOUT: "http://logout:5002/logout"
    URLS_CONSENT: "http://consent:5001/consent"
    URLS_SELF_ISSUER: "http://hydra:4444/"
    BASE_URL: "http://hydra:4444/"
    HYDRA_ADMIN_URL: "http://hydra:4445"
    ACCESS_TOKEN_URL: "http://hydra:4444/oauth2/token"
    AUTHORIZE_URL: "http://hydra:4444/oauth2/auth"
    USERINFO_URL: "http://hydra:4444/userinfo"
    GRAPHQL_URL: "http://backend:5000/graphql"
    GIT_SUBMODULE_STRATEGY: "recursive"
    TESTUSER_USERNAME: "testuser"
    TESTUSER_USERNAME2: "testuser2"
    TESTUSER_PASSWORD: "password"
    TESTUSER_EMAIL: "testuser@example.net"
    TESTUSER_EMAIL2: "testuser2@example.net"
    ROLE: "admin"
    DSN: "memory"
    SECRETS_SYSTEM: "youReallyNeedToChangeThis"
    DATABASE_USER: postgres
    DATABASE_PASSWORD: secret
    DATABASE_NAME: postgres
    POSTGRES_PASSWORD: secret
    POSTGRES_USER: postgres
    POSTGRES_DB: postgres
    OAUTHLIB_INSECURE_TRANSPORT: "true"
    KEY: "testapp"
    SECRET: "secret"
    DEBUG: "true"
    FLASK_ENV: "development"
  image: ${CI_REGISTRY_IMAGE}/integration_test:${CI_COMMIT_REF_NAME}
  script:
    - echo "I am skipped today!"
    # Create user and application objects
    #- /bin/bash user-panel/backend/utils/create-user.bash ${TESTUSER_USERNAME} ${TESTUSER_PASSWORD} ${TESTUSER_EMAIL} backend:5000
    #- /bin/bash user-panel/backend/utils/create-user.bash ${TESTUSER_USERNAME2} ${TESTUSER_PASSWORD} ${TESTUSER_EMAIL2} backend:5000
    #- /bin/bash user-panel/backend/utils/create-application.bash ${KEY} "Application used for testing" backend:5000
    #- /bin/bash user-panel/backend/utils/create-role.bash ${ROLE} backend:5000
    #- /bin/bash user-panel/backend/utils/grant-access.bash ${TESTUSER_USERNAME} ${KEY} backend:5000
    #- /bin/bash user-panel/backend/utils/assign-role.bash ${TESTUSER_USERNAME} ${ROLE} backend:5000
    # Wait for 60s for hydra to become available. Then create the oauth2 client object
    #- while [[ $HYDRAADMINSTATUS -ne "200" &&  60 -ge $TIMER ]]; do HYDRAADMINSTATUS=`curl http://hydra:4445/health/ready -o /dev/null -w "%{http_code}"` || TIMER=$TIMER+5 && sleep 5 ; done
    #- /bin/bash test/create-hydra-client.bash ${KEY} ${SECRET} http://hydra:4445 http://oidc:5000/callback http://oidc:5000/ http://oidc:5000/logout
    #- cd test/integration_tests/test/behave/
    #- TIMER=0
    #- while [[ $HYDRASTATUS -ne "200" &&  60 -ge $TIMER ]]; do HYDRASTATUS=`curl http://hydra:4444/health/ready -o /dev/null -w "%{http_code}"` || TIMER=$TIMER+5 && sleep 5 ; done
    #- >
    #    python3 -m behave
    #    -D headless=True
    #    -D url=http://oidc:5000
    #    -D username=${TESTUSER_USERNAME}
    #    -D username2=${TESTUSER_USERNAME2}
    #    -D password=${TESTUSER_PASSWORD}
    #    -D email=${TESTUSER_EMAIL}
    #    -D role=${ROLE}
  artifacts:
    paths:
      - test/integration_tests/test/behave/screenshots/
    expire_in: 1 month
    when: on_failure

# TODO: Fix https://open.greenhost.net/stackspin/single-sign-on/-/issues/82
#
# pylint-lint:
#   stage: lint
#   variables:
#     GIT_AUTHOR_NAME: "RUNNER"
#     GIT_AUTHOR_EMAIL: "runner@greenhost.net"
#     PYLINT_PLUGINS: "pylint_flask pylint_flask_sqlalchemy"
#   image: ${CI_REGISTRY_IMAGE}/pylint:${CI_COMMIT_REF_NAME}
#   script:
#     - echo "Reverting back to main to squash commits"
#     - git reset --soft main
#     - git lint