# Cloud build should be configured to trigger with this configuration on tags matching:
#   [\w/]+/v\d+\.\d+\.\d+
#
steps:
- name: 'bash'
  args:
  - 'echo'
  - 'Cloud build substitution check: '
  - 'BUILD_ID=$BUILD_ID'
  - 'PROJECT_ID=$PROJECT_ID'
  - 'REVISION_ID=$REVISION_ID'
  - 'REPO_NAME=$REPO_NAME'
  - 'COMMIT_SHA=$COMMIT_SHA'
  - 'BRANCH_NAME=$BRANCH_NAME'
  - 'TAG_NAME=$TAG_NAME'

# Cloud build has already copied the repo at the tag that
# that triggered the build to its /workspace directory, but
# hasn't actually _cloned_ the repo (there's no .git directory).
#
# The goreleaser tool, however, needs the repo and its history
# to produce release notes.
#
# So clone the repo to /workspace/myClone to avoid directory
# name collision.
#
- name: gcr.io/cloud-builders/git
  args:
  - clone
  - https://github.com/kubernetes-sigs/kustomize.git
  - myClone

# Checkout the proper tag.
- name: gcr.io/cloud-builders/git
  dir: myClone
  args:
  - checkout
  - $TAG_NAME

# Run goreleaser indirectly via a shell script
# to configure it properly.
- name: golang:1.19
  entrypoint: /bin/bash
  dir: myClone
  secretEnv: ['GITHUB_TOKEN']
  env:
  - 'GITHUB_USERNAME=KnVerey' # used to make authenticated curl requests to Github in releasing/compile-changelog.sh
  args:
  - releasing/cloudbuild.sh
  - $TAG_NAME
  # - '--snapshot'
  # Use this final arg in a local build, to suppress
  # the release and leave the 'dist' directory in place.

# Overall timeout
timeout: 14m

# golreleaser expects the GITHUB_TOKEN env var to hold the github token
# it needs to write the released package and notes back to github.
# The raw token was encrypted by `gcloud kms encrypt` (Key Management Service)
# The base64 of that is shown below.  It's decrypted by cloud build
# and provided back to goreleaser.
# IMPORTANT: make sure the token does not end with a newline when you encrypt it!
# IMPORTANT: update the GITHUB_USERNAME env var above to match the github user whose token this is
secrets:
- kmsKeyName: projects/k8s-staging-kustomize/locations/global/keyRings/kust-cloud-key-ring/cryptoKeys/kust-cloud-key-name
  secretEnv:
    GITHUB_TOKEN: CiQAJ+XRLwPj71lnT8zn0UdE7ihQIdCzDUsgEX7+mRN4aJ2ffRUSUQAdel1M9mEzxqs6gln1dzoZkNU3lmh7ya0EY3i3zkyz0jJ7Qok6TZsp29dl2lRnza3KxVGTWXo6YHa2Z5Qe7RwgoQxdwSdR3GWLu4fm1h4aXA==

options:
  machineType: 'N1_HIGHCPU_8'