pipeline {
  agent any
  options {
    disableConcurrentBuilds()
  }
  stages {
    stage('Build') {
      environment {
        COURIERD_PRIVATE_KEY = credentials('courierd')
        AWS_CONFIG_FILE = credentials('aws_config')
        author = sh(script: "git log -1 --pretty=%an ${GIT_COMMIT}", returnStdout: true).trim()
        commitMsg = sh(script: "git log -1 --pretty=%B ${GIT_COMMIT}", returnStdout: true).trim()
        message = "Build starting - ${env.JOB_NAME} (<${env.BUILD_URL}|Open>) Commit by <@${author}> (${author}): ``` ${commitMsg} ``` "
      }
      steps {
        sshagent(credentials: ['git-aws-read-key']) {
          sh './scripts/build.sh'
          sh './scripts/push.sh'
        }
      }
    }
    stage('Deploy to Staging') {
      environment {
        COURIERD_PRIVATE_KEY = credentials('courierd')
        AWS_CONFIG_FILE = credentials('aws_config')
        AWS_ACCESS_KEY = credentials('samus-gateway2-tcs-access-key')
        AWS_SECRET_KEY = credentials('samus-gateway2-tcs-secret-key')
        SSL_CERTIFICATE_ID_KEY = 'SSL_CERTIFICATE_ID'
        SSL_CERTIFICATE_ID_VALUE = 'arn:aws:acm:us-west-2:948702324517:certificate/6760893f-788b-463f-938e-9a01e22bb525'
      }
      when {
        anyOf { branch 'master'; branch 'staging' }
      }
      steps {
        sshagent(credentials: ['jtv-deploy-user']) {
          sh 'if [ -d .ebextensions ]; then rm -Rf .ebextensions; fi'
          sh 'if [ -d .elasticbeanstalk ]; then rm -Rf .elasticbeanstalk; fi'
          sh 'cp -r deploy/.ebextensions .ebextensions'
          sh 'cp -r deploy/.elasticbeanstalk .elasticbeanstalk'
          sh """set +x
             |export AWS_SECRET_ACCESS_KEY=\$AWS_SECRET_KEY
             |export AWS_ACCESS_KEY_ID=\$AWS_ACCESS_KEY
             |export PYTHONUNBUFFERED=1
             |set -x
             |export IMAGE=docker.pkgs.xarth.tv/samus-gateway:\$GIT_COMMIT
             |
             |cat <<EOF > Dockerrun.aws.json
             |{
             |  "AWSEBDockerrunVersion": "1",
             |  "Image": {
             |    "Name": "\$IMAGE",
             |    "Update": "false"
             |  },
             |  "Ports": [
             |    {
             |      "ContainerPort": "8000"
             |    }
             |  ],
             |  "Volumes": [
             |    {
             |      "ContainerDirectory": "/var/app",
             |      "HostDirectory": "/var/app"
             |    },
             |    {
             |      "ContainerDirectory": "/etc/ssl/certs/ca-bundle.crt",
             |      "HostDirectory": "/etc/ssl/certs/ca-bundle.crt"
             |    }
             |  ],
             |  "Logging": "/var/log/"
             |}
             |EOF
             |
             | rm -f -- artifact.zip
             | aws s3 cp s3://gateway-us-west-2-chronicle-script/install_chronicled.py .ebextensions
             | chmod +x .ebextensions/install_chronicled.py
             | sed -i 's|'\$SSL_CERTIFICATE_ID_KEY'|'\$SSL_CERTIFICATE_ID_VALUE'|' .ebextensions/securelistener-clb.config
             | zip -r artifact.zip Dockerrun.aws.json .ebextensions
             | eb labs cleanup-versions --num-to-leave 10 --older-than 5 --force -v --region us-west-2
             | eb deploy staging-samus-gateway-al2-env --timeout 90 """.stripMargin()
        }
      }
    }
    stage('Integration Tests') {
      environment {
        COURIERD_PRIVATE_KEY = credentials('courierd')
        AWS_CONFIG_FILE = credentials('aws_config')
        AWS_ACCESS_KEY = credentials('samus-gateway2-tcs-access-key')
        AWS_SECRET_KEY = credentials('samus-gateway2-tcs-secret-key')
      }
      when {
        branch 'master'
      }
      steps {
        sshagent(credentials: ['git-aws-read-key']) {
            sh 'manta -v -e AWS_ACCESS_KEY_ID=\$AWS_ACCESS_KEY -e AWS_SECRET_ACCESS_KEY=\$AWS_SECRET_KEY -f build-integration-test.json'
        }
      }
    }
    stage('Deploy to Prod') {
      environment {
        COURIERD_PRIVATE_KEY = credentials('courierd')
        AWS_CONFIG_FILE = credentials('aws_config')
        AWS_ACCESS_KEY = credentials('samus-gateway2-tcs-access-key')
        AWS_SECRET_KEY = credentials('samus-gateway2-tcs-secret-key')
        SSL_CERTIFICATE_ID_KEY = 'SSL_CERTIFICATE_ID'
        SSL_CERTIFICATE_ID_VALUE = 'arn:aws:acm:us-west-2:948702324517:certificate/898a61bb-7ab6-4eee-9681-8a6bee3b9406'
      }
      when {
        branch 'master'
      }
      steps {
        sshagent(credentials: ['jtv-deploy-user']) {
          sh 'if [ -d .ebextensions ]; then rm -Rf .ebextensions; fi'
          sh 'if [ -d .elasticbeanstalk ]; then rm -Rf .elasticbeanstalk; fi'
          sh 'cp -r deploy/.ebextensions .ebextensions'
          sh 'cp -r deploy/.elasticbeanstalk .elasticbeanstalk'
          sh """set +x
             |export AWS_SECRET_ACCESS_KEY=\$AWS_SECRET_KEY
             |export AWS_ACCESS_KEY_ID=\$AWS_ACCESS_KEY
             |export PYTHONUNBUFFERED=1
             |set -x
             |export IMAGE=docker.pkgs.xarth.tv/samus-gateway:\$GIT_COMMIT
             |
             |cat <<EOF > Dockerrun.aws.json
             |{
             |  "AWSEBDockerrunVersion": "1",
             |  "Image": {
             |    "Name": "\$IMAGE",
             |    "Update": "false"
             |  },
             |  "Ports": [
             |    {
             |      "ContainerPort": "8000"
             |    }
             |  ],
             |  "Volumes": [
             |    {
             |      "ContainerDirectory": "/var/app",
             |      "HostDirectory": "/var/app"
             |    },
             |    {
             |      "ContainerDirectory": "/etc/ssl/certs/ca-bundle.crt",
             |      "HostDirectory": "/etc/ssl/certs/ca-bundle.crt"
             |    }
             |  ],
             |  "Logging": "/var/log/"
             |}
             |EOF
             |
             | rm -f -- artifact.zip
             | aws s3 cp s3://gateway-us-west-2-chronicle-script/install_chronicled.py .ebextensions
             | chmod +x .ebextensions/install_chronicled.py
             | sed -i 's|'\$SSL_CERTIFICATE_ID_KEY'|'\$SSL_CERTIFICATE_ID_VALUE'|' .ebextensions/securelistener-clb.config
             | zip -r artifact.zip Dockerrun.aws.json .ebextensions
             | eb labs cleanup-versions --num-to-leave 10 --older-than 5 --force -v --region us-west-2
             | eb deploy prod-samus-gateway-al2-env --timeout 90 """.stripMargin()
        }
      }
    }
  }
}
