when:
  - branch: master
    event: [push, pull_request]


clone:
  git:
    image: woodpeckerci/plugin-git
    settings:
      recursive: true
      # TODO: extend this to use an image that has our root certificate baked in
      skip-verify: true

steps:
  publish:
    image: woodpeckerci/plugin-kaniko
    settings:
      registry: cr.forge.lan
      repo: darkdork.dev/pleroma
      context: pleroma
      tags:
      - ${CI_COMMIT_SHA}
      - prod
      cache: true
      skip-tls-verify: true
      username:
        from_secret:
          docker_registry_username
      password:
        from_secret:
          docker_registry_password
    when:
      event: [pull_request, push]
  deploy:
    image: cr.forge.lan/alk8s/alk8s:latest
    pull: true
    environment:
        KUBECONFIG_BASE64:
          from_secret: kubeconfig_base64
        CI_COMMIT_SHA: ${CI_COMMIT_SHA}
    commands:
      - mkdir -p ~/.kube
      - echo $KUBECONFIG_BASE64 | base64 -d > ~/.kube/config
      - pwd
      - envsubst < manifests/pleroma/deployment.template.yaml | kubectl apply -f -