when:
  - branch: main
    event: push
    path:
      exclude:
        - 'k8s/**'
      on_empty: true

steps:
  - name: build-and-push
    image: woodpeckerci/plugin-kaniko
    settings:
      registry: git.mikhailkilin.ru
      repo: killingdruid/bcard
      tags: ${CI_COMMIT_SHA}
      username:
        from_secret: docker_username
      password:
        from_secret: docker_password

  - name: update-manifests
    image: alpine/git
    environment:
      GIT_TOKEN:
        from_secret: git_push_token
    commands:
      - 'cat ~/.netrc 2>/dev/null && echo "=== netrc exists ===" || echo "=== no netrc ==="'
      - 'git config --list 2>/dev/null | grep -i cred || echo "no credential config"'
      - 'printf "machine git.mikhailkilin.ru\nlogin killingdruid\npassword %s\n" "$GIT_TOKEN" > ~/.netrc'
      - 'chmod 600 ~/.netrc'
      - 'sed -i "s#image: git.mikhailkilin.ru/killingdruid/bcard:.*#image: git.mikhailkilin.ru/killingdruid/bcard:${CI_COMMIT_SHA}#" k8s/bcard.yaml'
      - 'git config user.email "woodpecker@ci"'
      - 'git config user.name "Woodpecker CI"'
      - 'git add k8s/bcard.yaml'
      - 'git diff --cached --quiet && echo "No changes" || (git commit -m "[CI SKIP] deploy ${CI_COMMIT_SHA}" && git push origin HEAD:main)'