# Starter pipeline
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml

trigger:
- development
- releases/*
- feature/*
- hotfix/*
- bugfix/*

variables:
- group: blueprint-sandbox-web
- name: isReleaseDeployment
  value: $[eq(variables['Build.SourceBranch'], 'refs/heads/development')]
- name: imageName
  value: $[variables.containerImageName]
- name: containerRegistryEndpoint
  value: $[variables.containerRegistryEndpointUrl]
- name: webAppName
  value: $[variables.appServiceName]
  
pool:
  vmImage: ubuntu-latest

steps:
- checkout: self
  fetchDepth: 0 # It will fix gitversion iteraction to extract the correct version from our history
  persistCredentials: true # It will fix terminal user to be able to push tag version on the build.
  displayName: '[Step1.0] Define fetchDepth'


# Install gitversion tool
# - task: gitversion/setup@3
#   displayName: '[Step2.1] Install Git Tools'
#   inputs:
#     versionSpec: '5.x'

# Execute the tool to identify the next SemVersion for this library
# - task: gitversion/execute@3
#   displayName: '[Step2.2] Calculate SemVer'
#   inputs:
#     useConfigFile: true
#     configFilePath: '.pipelines/GitVersion.yml'

# Echo the SemVersion Identified
- script: echo current version is $(GitVersion.SemVer) $(Build.SourcesDirectory)
  displayName: '[Step2.3] Display calculated version'

- script: npm ci
  displayName: '[Step3.1] NPM CI'

- task: SnykSecurityScan@1
  displayName: '[Step3.2] Snyk Scanning'
  inputs:
    serviceConnectionEndpoint: 'SnykConnection'
    testType: 'app'
    severityThreshold: 'high'
    monitorWhen: 'noIssuesFound'
    failOnIssues: true
    additionalArguments: '--file=package.json'

- task: Docker@2
  displayName: '[Step4.1] Build'
  inputs:
    containerRegistry: '$(containerRegistryServiceConnectionName)'
    repository: '$(imageName)'
    command: 'build'
    # tags: '$(GitVersion.SemVer)'
    tags: 'sandbox'
    Dockerfile: '**/Dockerfile'
    arguments: --build-arg NEXT_PUBLIC_API_URL=$(NEXT_PUBLIC_API_URL) --build-arg NEXT_PUBLIC_CERBEROS_API_URL=$(NEXT_PUBLIC_CERBEROS_API_URL) --build-arg NEXT_PUBLIC_APP_ID=$(NEXT_PUBLIC_APP_ID) --build-arg NEXT_PUBLIC_REDIRECT_URI=$(NEXT_PUBLIC_REDIRECT_URI) --build-arg NEXT_PUBLIC_SCOPE=$(NEXT_PUBLIC_SCOPE) --build-arg NEXT_PUBLIC_AUTHORITY=$(NEXT_PUBLIC_AUTHORITY) --build-arg NEXT_PUBLIC_LOGOUT_URI=$(NEXT_PUBLIC_LOGOUT_URI) --build-arg NEXT_PUBLIC_ACCESS_AS_USER=$(NEXT_PUBLIC_ACCESS_AS_USER)
    
# - task: SnykSecurityScan@1
#   inputs:
#     serviceConnectionEndpoint: 'SnykConnection'
#     testType: 'container'
#     # dockerImageName: '$(containerRegistryEndpoint)/$(imageName):$(GitVersion.SemVer)'
#     dockerImageName: '$(containerRegistryEndpoint)/$(imageName):sandbox'
#     severityThreshold: 'high'
#     monitorWhen: 'noIssuesFound'
#     failOnIssues: true

- task: Docker@2
  displayName: '[Step4.1] Push'
  inputs:
    containerRegistry: '$(containerRegistryServiceConnectionName)'
    repository: '$(imageName)'
    command: 'push'
    # tags: '$(GitVersion.SemVer)'
    tags: 'sandbox'
    Dockerfile: '**/Dockerfile'

- task: AzureRmWebAppDeployment@4
  displayName: 'Deploy on Sandbox'
  condition: and(succeeded(), eq(variables.isReleaseDeployment, true)) 
  enabled: true
  inputs:
    ConnectionType: 'AzureRM'
    azureSubscription: '$(azureRMServiceConnectionName)'
    appType: 'webAppContainer'
    WebAppName: '$(webAppName)'
    DockerNamespace: '$(containerRegistryEndpoint)'
    DockerRepository: '$(imageName)'
    # DockerImageTag: '$(GitVersion.SemVer)'
    DockerImageTag: 'sandbox'