VERSION 0.8
PROJECT blue-build/cli

all:
	ARG NIGHTLY=false
	BUILD +test-image --NIGHTLY=$NIGHTLY
	BUILD +test-secureblue --NIGHTLY=$NIGHTLY
	BUILD +build --NIGHTLY=$NIGHTLY
	BUILD +rebase --NIGHTLY=$NIGHTLY
	BUILD +upgrade --NIGHTLY=$NIGHTLY

test-image:
	ARG NIGHTLY=false
	FROM +build-template --NIGHTLY=$NIGHTLY --src=template-containerfile
	WORKDIR /tmp/test
	COPY ./test-scripts/*.sh ./

	DO +RUN_TESTS

test-secureblue:
	ARG NIGHTLY=false
	FROM +build-template --NIGHTLY=$NIGHTLY --src=template-secureblue
	WORKDIR /tmp/test
	COPY ./test-scripts/secureblue/*.sh ./

	DO +RUN_TESTS

build-template:
	ARG NIGHTLY=false
	ARG --required src
	FROM DOCKERFILE \
		-f +$src/test/Containerfile \
		+$src/test/* --NIGHTLY=$NIGHTLY

template-containerfile:
	ARG NIGHTLY=false
	FROM +test-base --NIGHTLY=$NIGHTLY
	RUN bluebuild -vv template config/recipe.yml | tee Containerfile

	SAVE ARTIFACT /test

template-secureblue:
	ARG NIGHTLY=false
	FROM +secureblue-base --NIGHTLY=$NIGHTLY
	RUN bluebuild -vv template -o Containerfile config/recipes/general/recipe-silverblue-nvidia.yml

	SAVE ARTIFACT /test

build:
	ARG NIGHTLY=false
	FROM +test-base --NIGHTLY=$NIGHTLY

	RUN --privileged bluebuild -vv build config/recipe.yml

rebase:
	ARG NIGHTLY=false
	FROM +test-base --NIGHTLY=$NIGHTLY

	RUN --privileged bluebuild -vv rebase config/recipe.yml

upgrade:
	ARG NIGHTLY=false
	FROM +test-base --NIGHTLY=$NIGHTLY
	RUN mkdir -p /etc/bluebuild && touch /etc/bluebuild/cli_test.tar.gz

	RUN --privileged bluebuild -vv upgrade config/recipe.yml

secureblue-base:
	ARG NIGHTLY=false
	FROM +test-base --NIGHTLY=$NIGHTLY

	RUN rm -fr /test
	GIT CLONE https://github.com/secureblue/secureblue.git /test

	DO +GEN_KEYPAIR

test-base:
	ARG NIGHTLY=false

	FROM ../+blue-build-cli-alpine --NIGHTLY=$NIGHTLY

	COPY ./mock-scripts/ /usr/bin/

	WORKDIR /test
	COPY ./test-repo /test

	DO +GEN_KEYPAIR

GEN_KEYPAIR:
	FUNCTION
	# Setup a cosign key pair
	RUN echo -n "\n\n" | cosign generate-key-pair
	ENV COSIGN_PRIVATE_KEY=$(cat cosign.key)
	RUN rm cosign.key

RUN_TESTS:
	FUNCTION
	FOR script IN $(ls *.sh)
		RUN --no-cache chmod +x $script \
			&& echo "Running test $script" \
			&& ./$script
	END