# Connected with creating the testing image for CI.

# Environment job builds the `ci/Dockerfile` and pushes the built docker image
# into our GitLab registry. Since modifications of this Dockerfile are very rare
# this is a _manual_ job which needs to be triggered on GitLab.
# Almost all CI jobs run inside this docker image.
.environment:
  stage: environment
  image: docker
  variables:
    GIT_SUBMODULE_STRATEGY: none  # no need to fetch submodules
    CONTAINER_NAME: "$CI_REGISTRY/satoshilabs/trezor/trezor-firmware/trezor-firmware-env.nix"
    ALPINE_RELEASE: "3.15"
    ALPINE_ARCH: "x86_64"
    ALPINE_VERSION: "3.15.0"
    ALPINE_CHECKSUM: "ec7ec80a96500f13c189a6125f2dbe8600ef593b87fc4670fe959dc02db727a2"
    NIX_VERSION: "2.4"
  services:
    - docker:dind
  before_script:
    - docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
  script:
    - wget -nc -P ci/ https://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/releases/$ALPINE_ARCH/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz
    - echo "${ALPINE_CHECKSUM}  ci/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz" | sha256sum -c
    - docker build --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" --build-arg NIX_VERSION="$NIX_VERSION" --build-arg FULLDEPS_TESTING=1 ci/
    - docker push $CONTAINER_NAME:$CI_COMMIT_SHA
    - docker push $CONTAINER_NAME:latest
  tags:
    - runner0_dind

environment manual:
  extends: .environment
  when: manual

environment scheduled:
  extends: .environment
  only:
    variables:
      - $SCHEDULED_ENVIRONMENR_BUILD == "true"