# You can override the included template(s) by including variable overrides
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/pipeline/#customization
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
# Note that environment variables can be set in several places
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
workflow:
  rules:
  - changes:
    - proxy/**/*
    - Dockerfile
    - requirements.txt
    when: always
  - when: never
stages:
- build
- pre_push
- push
- test
- deploy
- review
- dast
- staging
- canary
- production
- incremental rollout 10%
- incremental rollout 25%
- incremental rollout 50%
- incremental rollout 100%
- performance
- cleanup
build:
  stage: build
  script:
  - docker build -t $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG .
  - docker tag $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_SHORT_SHA
  - docker tag $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG $CI_REGISTRY/$CI_PROJECT_PATH:latest
pre_push:
  needs:
  - build
  stage: pre_push
  before_script:
  - apk add --no-cache curl
  script:
  - echo "Running container to test image"
  - docker run -d --rm --name test_container $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
  - CONTAINER_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}'
    test_container)
  - |
    echo "Waiting for the application to start..."
    sleep 10
    if curl --fail http://$CONTAINER_IP:5050/health; then
      echo "Healthcheck passed"
    else
      echo "Healthcheck failed, stopping push"
      exit 1
    fi
  after_script:
  - docker rm -f test_container
push:
  needs:
  - pre_push
  stage: push
  script:
  - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin
    $CI_REGISTRY
  - docker push $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_SHORT_SHA
  - docker push $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
  - docker push $CI_REGISTRY/$CI_PROJECT_PATH:latest
sast:
  stage: test
include:
- template: Auto-DevOps.gitlab-ci.yml