pipeline {
    agent { label 'docker' }

    parameters {
        booleanParam(name: 'DRY_RUN', defaultValue: true, description: 'If checked, no code will be pushed to Gitea, Reposilite, or Docker.')
    }

    environment {
        REPO_URL = credentials('reposilite-url')
        DOCKER_REGISTRY = credentials('docker-registry-url')
        GIT_URL_CLEAN = sh(script: "echo ${GIT_URL} | sed 's|https://||'", returnStdout: true).trim()
        IS_DRY_RUN = "${params.DRY_RUN}"
    }

    stages {
        stage('Version & Tag') {
            steps {
                withCredentials([usernamePassword(credentialsId: 'Jenkins_Gitea',
                                             usernameVariable: 'GITEA_CREDS_USR',
                                             passwordVariable: 'GITEA_CREDS_PSW'),
                                file(credentialsId: 'jenkins-gpg-key', variable: 'GPG_KEY_FILE')]) {
                    sh '''
                        gpg --batch --import "${GPG_KEY_FILE}"
                        KEY_ID=$(gpg --list-keys --with-colons | awk -F: '/^pub:/ { print $5; exit }')

                        git config user.email "jenkins@77zzcx7.de"
                        git config user.name "Jenkins"
                        git config user.signingkey "$KEY_ID"
                        git config commit.gpgsign true
                        git config tag.gpgSign true

                        # We need to pass the repo url in -Darguments again because of insane maven lifecycle forking
                        pkgx mvn release:prepare -B \
                            -s build/settings.xml \
                            -Dpassword="${GITEA_CREDS_PSW}" \
                            -Dusername="${GITEA_CREDS_USR}" \
                            -DdryRun=${IS_DRY_RUN} \
                            -Drepository.url=${REPO_URL} \
                            -DtagNameFormat="v@{project.version}" \
                            -Darguments="-Drepository.url=${REPO_URL} -Dtag=v\\${project.version} -DskipTests"
                    '''
                }
            }
        }

        stage('Deploy Release') {
            steps {
                withCredentials([usernamePassword(credentialsId: 'reposilite-jenkins-cred',
                                 usernameVariable: 'REPO_USER',
                                 passwordVariable: 'REPO_TOKEN')]) {
                    sh '''
                        pkgx mvn release:perform -B \
                            -s build/settings.xml \
                            -DdryRun=${DRY_RUN} \
                            -Drepository.url=${REPO_URL} \
                            -Darguments="-Drepository.url=${REPO_URL} -DskipTests"
                    '''
                }
            }
        }

        stage('Docker Build & Push') {
            steps {
                script {
                    def jarPath = sh(script: "ls target/checkout/web-container/target/*.jar | head -n 1", returnStdout: true).trim()
                    def releaseVer = sh(script: "pkgx mvn help:evaluate -Dexpression=project.version -q -DforceStdout -f target/checkout/web-container/pom.xml", returnStdout: true).trim()
                    def registry = env.DOCKER_REGISTRY.toLowerCase()
                    def registryHost = registry.replace("https://", "").replace("http://", "").replaceAll("/\$", "").toLowerCase()
                    def imageTag = "${registryHost}/nbscloud:${releaseVer}".toLowerCase()

                    docker.withRegistry(registry, '') {
                        def customImage = docker.build(imageTag, "-f build/Dockerfile --build-arg JAR_FILE=${jarPath} .")

                        if (params.DRY_RUN) {
                            echo "DRY_RUN - do not push image to registry"
                        }
                        else {
                            customImage.push("${releaseVer}")
                            customImage.push("latest")
                        }
                    }
                }
            }
        }
    }
}