---
kind: pipeline
type: kubernetes
name: build

steps:
  - name: build
    image: mgoltzsche/podman:5.3.1
    privileged: true
    environment:
      REGISTRY_USERNAME:
        from_secret: registry_username
      REGISTRY_PASSWORD:
        from_secret: registry_password
      REGISTRY_SERVER: "docker.io"
      RELEASE_IMAGE_NAME: "docker.io/genunix/restic"
    commands:
      - |
        RESTIC_VERSION=$$(grep RESTIC_VERSION= Dockerfile|cut -d = -f 2)
        podman login --username "$${REGISTRY_USERNAME}" --password "$${REGISTRY_PASSWORD}" "$${REGISTRY_SERVER}"
        echo "== Building $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}"
        podman manifest create $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}
        podman build --platform linux/arm64,linux/amd64 --pull-always --manifest $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA} .
        podman manifest inspect $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}
        echo "== Publishing $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}"
        podman manifest push $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA} docker://$${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}
        podman manifest push $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA} docker://$${RELEASE_IMAGE_NAME}:$${RESTIC_VERSION}
        podman logout "$${REGISTRY_SERVER}"
    volumes:
      - name: containers
        path: /var/lib/containers
    when:
      branch:
        - main

  - name: cleanup
    image: mgoltzsche/podman:5.3.1
    privileged: true
    environment:
      RELEASE_IMAGE_NAME: "docker.io/genunix/restic"
    commands:
      - podman manifest rm $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA} || true
      - podman image prune -f
    volumes:
      - name: containers
        path: /var/lib/containers
    when:
      branch:
        - main

trigger:
  event:
  - push
  - custom

volumes:
  - name: containers
    host:
      path: /var/lib/containers
---
kind: pipeline
type: kubernetes
name: promote

steps:
  - name: promote
    image: mgoltzsche/podman:5.3.1
    privileged: true
    environment:
      REGISTRY_USERNAME:
        from_secret: registry_username
      REGISTRY_PASSWORD:
        from_secret: registry_password
      REGISTRY_SERVER: "docker.io"
      RELEASE_IMAGE_NAME: "docker.io/genunix/restic"
    commands:
      - podman login --username "$${REGISTRY_USERNAME}" --password "$${REGISTRY_PASSWORD}" "$${REGISTRY_SERVER}"
      - echo "== Pulling $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}"
      - podman pull --arch amd64 docker://$${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}
      - podman pull --arch arm64 docker://$${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}
      - podman manifest inspect $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA}
      - echo "== Promoting $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA} into production as latest tag"
      - podman manifest push $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA} docker://$${RELEASE_IMAGE_NAME}:latest
      - podman logout "$${REGISTRY_SERVER}"
    volumes:
      - name: containers
        path: /var/lib/containers

  - name: cleanup
    image: mgoltzsche/podman:5.3.1
    privileged: true
    environment:
      RELEASE_IMAGE_NAME: "docker.io/genunix/restic"
    commands:
      - podman manifest rm $${RELEASE_IMAGE_NAME}:$${DRONE_COMMIT_SHA} || true
      - podman image prune -f
    volumes:
      - name: containers
        path: /var/lib/containers

trigger:
  event:
  - promote
  target:
  - production

volumes:
  - name: containers
    host:
      path: /var/lib/containers