kind: pipeline
type: kubernetes
name: default

services:
  - name: docker
    image: docker:19.03-dind
    entrypoint: [dockerd]
    privileged: true
    volumes:
      - name: dockersock
        path: /var/run

steps:
  - name: git-fetch-tags
    image: docker:git
    commands:
      - git fetch --tags

  - name: build
    image: autonomy/build-container:latest
    pull: always
    commands:
      - make build
    volumes:
      - name: dockersock
        path: /var/run

  - name: conform
    image: autonomy/build-container:latest
    pull: always
    commands:
      - build/conform-linux-amd64 enforce
    volumes:
      - name: dockersock
        path: /var/run

  - name: test
    image: autonomy/build-container:latest
    pull: always
    commands:
      - make test
    volumes:
      - name: dockersock
        path: /var/run

  - name: image
    image: autonomy/build-container:latest
    pull: always
    commands:
      - make image
    volumes:
      - name: dockersock
        path: /var/run

  - name: push
    image: autonomy/build-container:latest
    pull: always
    environment:
      DOCKER_USERNAME:
        from_secret: docker_username
      DOCKER_PASSWORD:
        from_secret: docker_password
    commands:
      - make login
      - make push
    volumes:
      - name: dockersock
        path: /var/run
    when:
      event:
        exclude:
          - pull_request

  - name: release
    image: plugins/github-release
    settings:
      api_key:
        from_secret: github_token
      draft: true
      files:
        - build/conform-*
      checksum:
        - sha256
        - sha512
    when:
      event: tag

volumes:
  - name: dockersock
    temp: {}