steps:
- name: 'gcr.io/kaniko-project/executor:v0.22.0'
  args: [
    '--cache=true',
    '--build-arg', 'SOURCE_COMMIT=$COMMIT_SHA',
    '--destination=us.gcr.io/$PROJECT_ID/sentry-builder:$COMMIT_SHA',
    '-f', './docker/builder.dockerfile'
  ]
  timeout: 180s
- name: 'us.gcr.io/$PROJECT_ID/sentry-builder:$COMMIT_SHA'
  env: [
    'SOURCE_COMMIT=$COMMIT_SHA'
  ]
  timeout: 360s
- name: 'gcr.io/kaniko-project/executor:v0.22.0'
  args: [
    '--cache=true',
    '--build-arg', 'SOURCE_COMMIT=$COMMIT_SHA',
    '--destination=us.gcr.io/$PROJECT_ID/sentry:$COMMIT_SHA',
    '-f', './docker/Dockerfile'
  ]
  timeout: 300s
# Smoke tests
- name: 'gcr.io/$PROJECT_ID/docker-compose'
  entrypoint: 'bash'
  env:
  - 'SENTRY_IMAGE=us.gcr.io/$PROJECT_ID/sentry:$COMMIT_SHA'
  - 'SENTRY_TEST_HOST=http://nginx'
  - 'CI=1'
  args:
  - '-e'
  - '-c'
  - |
    mkdir onpremise && cd onpremise
    curl -L "https://github.com/getsentry/onpremise/archive/master.tar.gz" | tar xzf - --strip-components=1
    # The following trick is from https://stackoverflow.com/a/52400857/90297 with great gratuity
    echo '{"version": "3.4", "networks":{"default":{"external":{"name":"cloudbuild"}}}}' > docker-compose.override.yml
    ./install.sh
    ./test.sh || docker-compose logs nginx web relay
  timeout: 300s
- name: 'gcr.io/cloud-builders/docker'
  secretEnv: ['DOCKER_PASSWORD']
  entrypoint: 'bash'
  args:
  - '-e'
  - '-c'
  - |
    # Only push to Docker Hub from master
    [ "$BRANCH_NAME" != "master" ] && exit 0
    # Need to pull the image first due to Kaniko
    docker pull us.gcr.io/$PROJECT_ID/sentry:$COMMIT_SHA
    echo "$$DOCKER_PASSWORD" | docker login --username=sentrybuilder --password-stdin
    docker tag us.gcr.io/$PROJECT_ID/sentry:$COMMIT_SHA getsentry/sentry:$SHORT_SHA
    docker push getsentry/sentry:$SHORT_SHA
    docker tag us.gcr.io/$PROJECT_ID/sentry:$COMMIT_SHA getsentry/sentry:$COMMIT_SHA
    docker push getsentry/sentry:$COMMIT_SHA
    docker tag us.gcr.io/$PROJECT_ID/sentry:$COMMIT_SHA getsentry/sentry:latest
    docker push getsentry/sentry:latest
- name: 'node:12'
  secretEnv: ['ZEUS_HOOK_BASE']
  entrypoint: 'bash'
  args:
  - '-e'
  - '-c'
  - |
    # Only push to Zeus from releases/*
    [[ ! "$BRANCH_NAME" =~ ^releases/ ]] && exit 0
    npx -p "@zeus-ci/cli" zeus job update --build $BUILD_ID --job 1 --ref $COMMIT_SHA --build-label GCB --job-label "OSS Packages" --status passed
    npx -p "@zeus-ci/cli" zeus upload --build $BUILD_ID --job 1 --type "application/x-pywheel+zip" dist/*.whl
timeout: 2400s
options:
  # We need more memory for Webpack builds & e2e onpremise tests
  machineType: 'N1_HIGHCPU_8'
secrets:
- kmsKeyName: projects/sentryio/locations/global/keyRings/service-credentials/cryptoKeys/cloudbuild
  secretEnv:
    # This is a personal access token for the sentrybuilder account, encrypted using the
    # short guide at http://bit.ly/2Pg6uw9
    DOCKER_PASSWORD: |
      CiQAE8gN7y3OMxn+a1kofmK4Bi8jQZtdRFj2lYYwaZHVeIIBUzMSTQA9tvn8XCv2vqj6u8CHoeSP
      TVW9pLvSCorKoeNtOp0eb+6V1yNJW/+JC07DNO1KLbTbodbuza6jKJHU5xeAJ4kGQI78UY5Vu1Gp
      QcMK
    ZEUS_HOOK_BASE: |
      CiQAE8gN75WxSPytiv8kAp3cOp3RJHMqnfwH2bPDLJnwRxjQUJYSpAEAPbb5/GE1N8kUiC2YLh2n
      IinZi+rM5umfESVC5lhzDkDqBiGLEvAKtAHOvnbVbdm/Ui5KytpUUGb+QRajw9MFGZlavUz81wyu
      QDOpuajIhRNhhTZsJIhvFDkpQQykSgM2A7uKSQtQTLI9+njyB4F+SQEgaB6SvC7gMCqhSqYH+qJB
      r1OJiKninNgwred/uJU0ZcVnNERNZ/hOyC1p/lXS7LHooA==