.docker-compose-deploy:
  image: docker:20.10.16-alpine3.15
  stage: deploy
  variables:
    DOCKER_COMPOSE_VERSION: "v2.7.0"
    DOCKER_COMPOSE: "$CI_PROJECT_DIR/docker-compose"
    SCP_DESTINATION: ""
    SCP_SOURCE: $CI_PROJECT_DIR
    COMPOSE_EXTRA_ARGS: ""
    COMPOSE_UP_EXTRA_ARGS: ""
    SSH_URL: ""
    SSH_USER: ""
    SSH_PORT: "22"
    DOCKER_REGISTRY: "$CI_REGISTRY"
    DOCKER_REGISTRY_PASS: "$CI_REGISTRY_PASSWORD"
    DOCKER_REGISTRY_USER: "$CI_REGISTRY_USER"
    ENV_SETUP_FILE: "setup_env.sh"
    SSH_PRIVATE_KEY_DEPLOY: $SSH_PRIVATE_KEY
  rules:
    - when: manual
  cache:
    key: "docker-compose-$DOCKER_COMPOSE_VERSION"
    paths:
      - $CI_PROJECT_DIR/docker-compose
  # https://docs.gitlab.com/ee/ci/ssh_keys/
  before_script:
    - if [ -f "$ENV_SETUP_FILE" ]; then chmod +x ./$ENV_SETUP_FILE; ./$ENV_SETUP_FILE; fi
    - 'command -v ssh-agent >/dev/null || ( apk --update add openssh-client )'
    - eval $(ssh-agent -s)
    - echo "$SSH_PRIVATE_KEY_DEPLOY" | tr -d '\r' | ssh-add -
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    # Add keys to known hosts for Docker Compose
    - ssh-keyscan $SSH_URL >> ~/.ssh/known_hosts
    # If missing, install docker-compose from release directly
    - >
      if [[ ! -f "$DOCKER_COMPOSE"  ]]; then
        wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O $DOCKER_COMPOSE
      fi
    - chmod +x /usr/local/bin/docker-compose
  script:
    - export DOCKER_HOST=ssh://$SSH_USER@$SSH_URL:$SSH_PORT
    - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION"  ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi
    - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login  $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi
    - $DOCKER_COMPOSE $COMPOSE_EXTRA_ARGS pull
    - $DOCKER_COMPOSE $COMPOSE_EXTRA_ARGS up -d --remove-orphans $COMPOSE_UP_EXTRA_ARGS

.broken-ssh-connection-workaround:
  script:
    - export DOCKER_HOST=unix:///tmp/docker.sock
    - if [[ -n "$SCP_SOURCE" && -n "$SCP_DESTINATION"  ]]; then scp -rp $SCP_SOURCE $SSH_USER@$SSH_URL:$SCP_DESTINATION; fi
    # Tunnel Docker socket from remote machine to local machine. This should be more stable than the current SSH implementation of Docker
    - rm -f /tmp/docker.sock
    - ssh -M -S docker-ctrl-socket -fnNT -L /tmp/docker.sock:/var/run/docker.sock "$SSH_USER@$SSH_URL" -p $SSH_PORT -o ControlPersist=no
    - if [[ -n "$DOCKER_REGISTRY" ]]; then echo "$DOCKER_REGISTRY_PASS" | docker login $DOCKER_REGISTRY --username $DOCKER_REGISTRY_USER --password-stdin; fi
    - $DOCKER_COMPOSE $COMPOSE_EXTRA_ARGS pull
    - $DOCKER_COMPOSE $COMPOSE_EXTRA_ARGS up -d --remove-orphans $COMPOSE_UP_EXTRA_ARGS

.docker-compose-validate:
  image: docker:20.10.16-alpine3.15
  stage: verify
  variables:
    DOCKER_COMPOSE_VERSION: "v2.7.0"
    DOCKER_COMPOSE: "$CI_PROJECT_DIR/docker-compose"
  cache:
    key: "docker-compose-$DOCKER_COMPOSE_VERSION"
    paths:
      - $CI_PROJECT_DIR/docker-compose
  before_script:
    # If missing, install docker-compose from release directly
    - >
      if [[ ! -f "$DOCKER_COMPOSE"  ]]; then
        wget https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-linux-x86_64 -O $DOCKER_COMPOSE
      fi
    - chmod +x /usr/local/bin/docker-compose
  script:
    - $DOCKER_COMPOSE $COMPOSE_EXTRA_ARGS config --quiet