.gitlab-ci.yml

default:
  image: docker:27
  services:
    - name: docker:27-dind
      alias: docker

variables:
  DOCKER_HOST: tcp://docker:2376
  DOCKER_TLS_CERTDIR: "/certs"
  DOCKER_TLS_VERIFY: 1
  DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"

.before_script_template: &before-script
  before_script:
    - apk add curl git jq
    - docker info
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - docker context create docker-container
    - docker buildx create --use docker-container --driver docker-container  --buildkitd-flags '--allow-insecure-entitlement network.host'

stages:
  - build

docker-build-dev:
  stage: build
  except:
    - master
    - main
  interruptible: true
  <<: *before-script
  script:
    - mkdir -p container && cp -r scripts/container/* container
    - docker buildx build
      --platform linux/amd64,linux/arm64
      --allow network.host
      --provenance false
      --pull
      --cache-from type=registry,ref=$CI_REGISTRY/chrisleekr/homelab-infrastructure:cache
      --cache-to type=registry,ref=$CI_REGISTRY/chrisleekr/homelab-infrastructure:cache,oci-mediatypes=true,image-manifest=true
      --tag $CI_REGISTRY/chrisleekr/homelab-infrastructure:dev-${CI_COMMIT_REF_SLUG}
      --push .


docker-build:
  stage: build
  only:
    - master
    - main
  <<: *before-script
  # Use --provenance false to avoid the following error:
  #   https://gitlab.com/gitlab-org/gitlab/-/issues/389577
  script:
    - mkdir -p container && cp -r scripts/container/* container
    - docker buildx build
      --platform linux/amd64,linux/arm64
      --allow network.host
      --provenance false
      --pull
      --cache-from type=registry,ref=$CI_REGISTRY/chrisleekr/homelab-infrastructure:cache
      --cache-to type=registry,ref=$CI_REGISTRY/chrisleekr/homelab-infrastructure:cache,oci-mediatypes=true,image-manifest=true
      --tag $CI_REGISTRY/chrisleekr/homelab-infrastructure:latest
      --tag $CI_REGISTRY/chrisleekr/homelab-infrastructure:v$(cat version.txt)
      --push .