# SPDX-FileCopyrightText: 2021-2022 Heiko Schaefer <heiko@schaefer.name>
# SPDX-FileCopyrightText: 2021-2022 Nora Widdecke <mail@nora.pink>
# SPDX-License-Identifier: CC0-1.0

stages:
  - lint
  - test
  - virtual-test
  - hw-builddeps
  - hw-import
  - hw-keygen

variables:
  CARGO_HOME: cargo/
  CARGO_TERM_VERBOSE: 'true'

cache: &general_cache_config
  # default key is default
  # default policy is pull-push
  paths:
    - target/
    - $CARGO_HOME

reuse:
  stage: lint
  image:
    name: fsfe/reuse:latest
    entrypoint: [ "" ]
  script:
    - reuse lint
  dependencies: [ ]
  cache: [ ]

cargo-fmt:
  stage: lint
  image: rust:latest
  script:
    - rustup component add rustfmt
    - cargo fmt -- --check
  cache: [ ]

cargo-deny:
  stage: lint
  image: rust:latest
  before_script:
    - cargo install --locked cargo-deny
  script:
    - cargo deny check
  cache: [ ]

cargo-clippy:
  stage: lint
  image: rust:latest
  before_script:
    - mkdir -p /run/user/$UID
    - apt update -y -qq
    - apt install -y -qq --no-install-recommends git clang make pkg-config nettle-dev libssl-dev capnproto ca-certificates libpcsclite-dev
    - apt clean
  script:
    - rustup component add clippy
    - cargo clippy --verbose --tests -- -D warnings
  cache:
    # inherit all general cache settings
    <<: *general_cache_config
    # override the key
    key: "rust-latest"

udeps:
  stage: lint
  image: rustlang/rust:nightly-slim
  before_script:
    - mkdir -p /run/user/$UID
    - apt update -y -qq
    - apt install -y -qq --no-install-recommends curl git clang make pkg-config nettle-dev libssl-dev capnproto ca-certificates libpcsclite-dev
    - apt clean
    - curl --location --output /tmp/cargo-udeps.tar.gz https://github.com/est31/cargo-udeps/releases/download/v0.1.26/cargo-udeps-v0.1.26-x86_64-unknown-linux-gnu.tar.gz
    - tar --extract --verbose --gzip --file /tmp/cargo-udeps.tar.gz --directory /usr/local/bin/ --strip-components=2 ./cargo-udeps-v0.1.26-x86_64-unknown-linux-gnu/cargo-udeps
  script:
    - cargo udeps --workspace --all-features --all-targets
  cache: [ ]

cargo-test:
  stage: test
  image: rust:latest
  before_script:
    - mkdir -p /run/user/$UID
    - apt update -y -qq
    - apt install -y -qq --no-install-recommends git clang make pkg-config nettle-dev libssl-dev capnproto ca-certificates libpcsclite-dev
    - apt clean
  script:
    - cargo test
  cache:
    # inherit all general cache settings
    <<: *general_cache_config
    # override the key
    key: "rust-latest"

cargo-test-debian-bookworm:
  stage: test
  image: debian:bookworm-slim
  before_script:
    - mkdir -p /run/user/$UID
    - apt update -y -qq
    - apt install -y -qq --no-install-recommends git rustc cargo clang make pkg-config nettle-dev libssl-dev capnproto ca-certificates libpcsclite-dev
    - apt clean
  script:
    - cargo test
  cache:
    # inherit all general cache settings
    <<: *general_cache_config
    # override the key
    key: "bookworm"

run_cardtest_smartpgp:
  stage: virtual-test
  image: registry.gitlab.com/openpgp-card/virtual-cards/smartpgp-builddeps
  script:
    - /etc/init.d/pcscd start
    - su - -c "sh /home/jcardsim/run-card.sh > /dev/null" jcardsim
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tools --bin opgpcard -- status
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tools --bin opgpcard -- info
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tests --bin import -- $CONFIG
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tests --bin keygen -- $CONFIG
  variables:
    CONFIG: "card-functionality/ci/virt-smartpgp.toml"
  cache:
    # inherit all general cache settings
    <<: *general_cache_config
    # override the key
    # (the base image of run_cardtest uses bookworm)
    key: "bookworm"

run_cardtest_ykneo:
  stage: virtual-test
  image: registry.gitlab.com/openpgp-card/virtual-cards/ykneo-builddeps
  script:
    - /etc/init.d/pcscd start
    - su - -c "sh /home/jcardsim/run-card.sh > /dev/null" jcardsim
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tools --bin opgpcard -- status
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tools --bin opgpcard -- info
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tests --bin import -- $CONFIG
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tests --bin keygen -- $CONFIG
  variables:
    CONFIG: "card-functionality/ci/virt-ykneo.toml"
  cache:
    # inherit all general cache settings
    <<: *general_cache_config
    # override the key
    # (the base image of run_cardtest uses bookworm)
    key: "bookworm"

run_cardtest_fluffypgp:
  stage: virtual-test
  image: registry.gitlab.com/openpgp-card/virtual-cards/fluffypgp-builddeps
  script:
    - /etc/init.d/pcscd start
    - su - -c "sh /home/jcardsim/run-card.sh > /dev/null" jcardsim
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tools --bin opgpcard -- status
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tools --bin opgpcard -- info
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tests --bin import -- $CONFIG
    - RUST_BACKTRACE=1 cargo run -p openpgp-card-tests --bin keygen -- $CONFIG
  variables:
    CONFIG: "card-functionality/ci/virt-fluffypgp.toml"
  cache:
    # inherit all general cache settings
    <<: *general_cache_config
    # override the key
    # (the base image of run_cardtest uses bookworm)
    key: "bookworm"

hardware-builddeps:
  stage: hw-builddeps
  needs: [ ]
  image: docker:stable
  services:
    - docker:dind
  before_script:
    - docker info
    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
  script:
    - docker pull $IMAGE_LATEST || true
    - docker build --cache-from $IMAGE_LATEST --file=$DOCKERFILE -t $IMAGE_LATEST -t $IMAGE_SHA .
    - docker push $IMAGE_SHA
    - docker push $IMAGE_LATEST
  only:
    changes:
      - card-functionality/docker/Dockerfile.hardware-builddeps
      - .gitlab-ci.yml
  variables:
    IMAGE_LATEST: $CI_REGISTRY_IMAGE/hardware-builddeps:latest
    IMAGE_SHA: $CI_REGISTRY_IMAGE/hardware-builddeps:$CI_COMMIT_SHA
    DOCKERFILE: card-functionality/docker/Dockerfile.hardware-builddeps
  cache: [ ]

.hw-test-template:
  image: registry.gitlab.com/openpgp-card/openpgp-card/hardware-builddeps
  tags:
    - card
  parallel:
    matrix:
      - CONFIG:
          - "card-functionality/ci/basic-2_1.toml"
          - "card-functionality/ci/nitro-pro1.toml"
          - "card-functionality/ci/nitro-pro2.toml"
          - "card-functionality/ci/nitro-start.toml"
  script:
    - RUST_BACKTRACE=1 RUST_LOG=debug cargo run --bin $ARG -- $CONFIG
  cache:
    # inherit all general cache settings
    <<: *general_cache_config
    # cookiejar does not access the cache of the shared gitlab runners,
    # so use a different key for clarity
    key: "cookiejar"

import:
  extends: .hw-test-template
  stage: hw-import
  variables:
    ARG: import

keygen:
  extends: .hw-test-template
  stage: hw-keygen
  timeout: 2h
  variables:
    ARG: keygen