#!/bin/bash
# usage: laminarc run ci remote="ssh://src.liz.coffee:2222/cgit" rev="<sha>" \
#                        refname="refs/..."

set -e

RUN=`date +%s`
CWD=`$PWD`
WORKING_DIR=`$PWD/$RUN`

mkdir -p "$WORKING_DIR" && cd "$WORKING_DIR"

checkout="$rev" path="tmpsrc" fetch_code.sh

if [[ ! -e "$WORKING_DIR/tmpsrc/.ci/ci.json" ]]; then
    echo "No Continuous Integration configured for $remote."
    exit 0
fi

PIPELINE_GENERATOR_PATH=$(jq -r '.pipeline' "$WORKING_DIR/tmpsrc/.ci/ci.json")
if [[ "$PIPELINE_GENERATOR_PATH" == *".."* ]]; then
    echo "Error: Path contains '..'"
    exit 1
fi

docker run --rm \
  --network none \
  --cap-drop ALL \
  --security-opt no-new-privileges \
  -v "$WORKING_DIR/tmpsrc/$PIPELINE_GENERATOR:/pipeline" \
  -e refname="$refname" \
  -e rev="$rev" \
  -e remote="$remote" \
  oci.liz.coffee/img/liz-ci:release \
  /pipeline \
  > "$WORKING_DIR/pipeline.json"

pipeline="$WORKING_DIR/pipeline.json" run_pipeline

cd "$CWD" && rm -rf "$WORKING_DIR"