stages:
  - build
  - deploy
  - failed_stage

image: alpine:latest # Use the latest version of Alpine Linux docker image

build_job:
  stage: build

  before_script:
    - 'which ssh-agent || (apk update && apk add curl openssh-client git grep)'
    - eval $(ssh-agent -s)
    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts

  script:
    - sh script.sh

    - git checkout master
    - git config --global user.name "curben-bot"
    - git config --global user.email "3048979-curben-bot@users.noreply.gitlab.com"

    # Commit the changes
    - sh utils/commit.sh

    # Generate successful status badge
    - mkdir -p .gitlab/
    - sh utils/badge.sh "success"
    - git add .gitlab/status.svg
    # Only commit when diff exists https://stackoverflow.com/a/8123841
    - git diff-index --quiet HEAD || git commit -m "Success pipeline"

    - ssh -T git@gitlab.com
    - git remote set-url origin git@gitlab.com:curben/urlhaus-filter.git
    - git push origin master

  rules:
    # Only trigger through schedule job and "Run pipeline" in master branch
    - if: '$CI_COMMIT_REF_NAME == "master" && ($CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_SOURCE == "web")'
      when: always

  # Upload working folder as a job artifact
  artifacts:
    paths:
      - tmp/

deploy_job: # Trigger deploy job on curben/malware-filter
  stage: deploy
  trigger:
    project: curben/malware-filter
    branch: master
    strategy: depend
  rules:
    - if: '$CI_COMMIT_REF_NAME == "master" && ($CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_SOURCE == "web")'
      when: always

failed_job:
  stage: failed_stage

  before_script:
    - 'which ssh-agent || (apk update && apk add curl openssh-client git grep)'
    - eval $(ssh-agent -s)
    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
    - chmod 644 ~/.ssh/known_hosts

  script:
    - git checkout master
    - git config --global user.name "curben-bot"
    - git config --global user.email "3048979-curben-bot@users.noreply.gitlab.com"

    - mkdir -p .gitlab/
    - sh utils/badge.sh "failed"
    - git add .gitlab/status.svg
    - git diff-index --quiet HEAD || git commit -m "Failed pipeline"
    - ssh -T git@gitlab.com
    - git remote set-url origin git@gitlab.com:curben/urlhaus-filter.git
    - git push origin master

  rules:
    - if: '$CI_COMMIT_REF_NAME == "master" && ($CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_SOURCE == "web")'
      # Run this job only when preceding jobs failed
      when: on_failure