nullplatform-asset-docker-image-create.yml

stages:
  - nullplatform-asset-docker-image-create
  - nullplatform-asset-docker-image-build-and-push

variables:
  RUNNER_TAG: $RUNNER_TAG
  NULLPLATFORM_API_KEY: $NULLPLATFORM_API_KEY
  NULLPLATFORM_ENCRIPTION_KEY: $NULLPLATFORM_ENCRIPTION_KEY
  NULLPLATFORM_URL: "https://ci.nullplatform.com" #build/:id/asset
  NULLPLATFORM_ASSET_HEADERS: "Content-Type: application/json"

nullplatform-asset-docker-image-create:
  stage: nullplatform-asset-docker-image-create
  image: ubuntu:latest
  before_script:
    - apt-get update
    - apt-get install -y openssl curl jq
    - openssl enc -d -iter 1000 -aes-256-cbc -in nullplatform_login.response.json.enc -out nullplatform_login.response.json -k "$NULLPLATFORM_ENCRIPTION_KEY"
    - ACCESS_TOKEN=$(cat nullplatform_login.response.json | jq -r '.access_token')
  script:
    - |+
      while IFS= read -r line; do
        BUILD_ID=$(echo "$line" | jq -r '.id')
        APPLICATION_ID=$(echo "$line" | jq -r '.application_id')
        NULLPLATFORM_ASSET_CREATE_BODY="{\"type\":\"docker-image\",\"metadata\":{},\"name\":\"main\"}"
        NULLPLATFORM_ASSET_CREATE_RESPONSE=$(curl --fail --http1.1 --retry 3 --retry-connrefused --retry-all-errors -X POST -H "$NULLPLATFORM_ASSET_HEADERS" -H "Authorization:Bearer $ACCESS_TOKEN" -d "$NULLPLATFORM_ASSET_CREATE_BODY" $NULLPLATFORM_URL/build/$BUILD_ID/asset)
        for target in $(echo "$NULLPLATFORM_ASSET_CREATE_RESPONSE" | jq -rc '.targets[]'); do
          ASSET_URL=$(echo "$target" | jq -r '.url')
          ASSET_REPOSITORY_PROVIDER=$(echo "$target" | jq -r '.provider')
          NULLPLATFORM_APPLICATION_PARAMETERS=$(curl --fail --http1.1 --retry 3 --retry-connrefused --retry-all-errors -H "Authorization:Bearer $ACCESS_TOKEN" $NULLPLATFORM_URL/application/$APPLICATION_ID/parameter)
          for parameter in $(echo "$NULLPLATFORM_APPLICATION_PARAMETERS" | jq -c '.[]'); do
            name=$(echo "$parameter" | jq -r '.name')
            value=$(echo "$parameter" | jq -r '.value')
            if [ "$value" != "null" ]; then
              eval "$name=\"$value\""
            fi
          done
          if [ "$ASSET_REPOSITORY_PROVIDER" == "aws-ecr" ]; then
            AWS_ACCESS_KEY_ID="$BUILD_AWS_ACCESS_KEY"
            AWS_SECRET_ACCESS_KEY="$BUILD_AWS_SECRET_ACCESS_KEY"
            AWS_DEFAULT_REGION="$BUILD_AWS_REGION"
            ECR_REGISTRY=$(echo "$ASSET_URL" | cut -d '/' -f 1)
            FILE_LINE=$(echo "ASSET_URL=$ASSET_URL ASSET_REPOSITORY_PROVIDER=$ASSET_REPOSITORY_PROVIDER AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY AWS_DEFAULT_REGION=$AWS_DEFAULT_REGION ECR_REGISTRY=$ECR_REGISTRY")
          elif [ "$ASSET_REPOSITORY_PROVIDER" == "azure-container-registry" ]; then
            FILE_LINE=$(echo "ASSET_URL=$ASSET_URL ASSET_REPOSITORY_PROVIDER=$ASSET_REPOSITORY_PROVIDER BUILD_AZURE_REGISTRY_LOGIN_SERVER=$BUILD_AZURE_REGISTRY_LOGIN_SERVER BUILD_AZURE_REGISTRY_USERNAME=$BUILD_AZURE_REGISTRY_USERNAME BUILD_AZURE_REGISTRY_PASSWORD=$BUILD_AZURE_REGISTRY_PASSWORD")
          else
            echo "Asset repository provider '$ASSET_REPOSITORY_PROVIDER' is not supported yet"
            exit 1
          fi
          printf "%s %s %s %s %s\n" $FILE_LINE >> assets-to-create.txt
        done
        printf "%s\n" $NULLPLATFORM_ASSET_CREATE_RESPONSE >> nullplatform-asset-create.json
      done < nullplatform-build-create.json
    - openssl enc -iter 1000 -aes-256-cbc -salt -in assets-to-create.txt -out assets-to-create.txt.enc -k "$NULLPLATFORM_ENCRIPTION_KEY"
  artifacts:
    paths:
      - nullplatform-asset-create.json
      - assets-to-create.txt.enc
    expire_in: 30 min
  except:
    - tags