# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0

{ depot, lib, pkgs, ... }:
let
  cfg = {
    stages = [ "build" "deploy" ];

    nixCache = {
      stage = "build";
      image = "nixos/nix:latest";
      script = [
        "nix run -f ./ third_party.nixpkgs.bash -c ./hack/populate_secrets.sh"
        "nix build -v -f ./ci-root.nix --substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\""
        "nix copy -v --to 's3://lukegb-nix-cache?endpoint=storage.googleapis.com' ./result"
        "cat ./result/other-systemPathJSON > systems.json"
      ];
      artifacts = {
        paths = [ "systems.json" ];
        expire_in = "30 days";
      };
      tags = [ "cacher" ];
    };

    nixCacheMacOS = {
      stage = "build";
      image = "nixos/nix:latest";
      script = [
        "nix run -f ./ third_party.nixpkgs.bash -c ./hack/populate_secrets.sh"
        "nix build -v -f ./ci-root.nix --substituters \"https://cache.nixos.org/ s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1\""
        "nix copy -v --to 's3://lukegb-nix-cache?endpoint=storage.googleapis.com' ./result"
      ];
      tags = [ "macos" ];
    };
  } // (lib.mapAttrs deployStage deployMachs);

  deployMachs = lib.filterAttrs (name: cfg: cfg.config.my.deploy.enable) depot.ops.nixos.systemConfigs;
  deployStage = machName: mach: {
    stage = "deploy";
    needs = [{ job = "nixCache"; artifacts = true; }];
    tags = [ "deployer" ];

    resource_group = machName;
    script = ''./hack/deploy.sh "${machName}" "${mach.config.my.deploy.args}"'';
    environment = {
      name = machName;
    };
  };

  format = pkgs.formats.yaml { };
  configFile = format.generate ".gitlab-ci.yml" cfg;
in
  configFile