# yaml-language-server: $schema=https://clew-resources.sbb-cloud.net/tekton-schema.json
productName: {{ name }}
python:
  {{-"\n  targetRepo: "~ pypi_repository if pypi_repository else ' {}'}}
builder:
  python: "{{ python_version }}"
{%- if docker_repository %}
docker:
  artifactoryDockerRepo: {{ docker_repository }}
  caching: true
{%- endif %}
{%- if helm_repository %}
helm:
  chartRepository: {{ helm_repository }}
  linting: true
{%- endif %}
pipelines:

# This is the continuous build pipeline which runs on every commit on a feature branch or if triggered in the tekton-ui.
# It builds and tests artifacts but does not push them to artifactory.
- name: continuous
  triggerType:
  - GITEVENT
  - USER
  branchNamePrefixes:
  - feature
  - renovate
  build:
{%- if docker_repository %}
    buildDockerImage: true
    deployDockerImage: false
{%- endif %}
    sonarScan:
      enabled: true
    owaspDependencyCheck:
      enabled: true
      additionalParams: "--suppression dependency-check-suppressions.xml --disablePyDist
        --disablePyPkg --failOnCVSS 9"
    failOnQualityGateFailure: true
{%- if use_ggshield %}
    gitguardian:
      enabled: true
      reportmode: "FAILED"
{%- endif %}

# This is the snapshot build pipeline which is triggered when pushing commits to master, if triggered in the tekton ui or through a cron job at 05:00 ervery morning.
# It builds a snapshot-version of the product and pushes it to artifactory.
- name: snapshot
  triggerType:
  - USER
  - GITEVENT
  - CRON
  branchNamePrefixes:
  - master
  cron: 30 3 * * * # Nightly Build triggers at 03:30 every day
  build:
    sonarScan:
      enabled: true
    owaspDependencyCheck:
      enabled: true
      additionalParams: "--suppression dependency-check-suppressions.xml --disablePyDist
        --disablePyPkg --failOnCVSS 9"
    failOnQualityGateFailure: true
{%- if docker_repository %}
    buildDockerImage: true
    deployDockerImage: true
    deployArtifacts: false
{%- endif %}
{%- if use_ggshield %}
    gitguardian:
      enabled: true
      reportmode: "FAILED"
{%- endif %}
# This is the release build pipeline which is triggered by adding a valid version tag to a commit.
# This can either be done using git or the esta-tekton ui.
# This builds and deploys the artifacts using the git tag as version.
- name: release
  triggerType:
  - GITEVENT
  versionTagEventPatterns:
  - "^(\\d+\\.)(\\d+\\.)(\\d+)$"
  build:
{%- if docker_repository %}
    buildDockerImage: true
    deployArtifacts: true
    additionalDockerImageTags:
    - latest
{%- endif %}
{%- if helm_repository %}
    packageAndDeployHelmChart: true
{%- endif %}
    sonarScan:
      enabled: true
    owaspDependencyCheck:
      enabled: true
      additionalParams: "--suppression dependency-check-suppressions.xml --disablePyDist
        --disablePyPkg --failOnCVSS 9"
    failOnQualityGateFailure: true
{%- if use_ggshield %}
    gitguardian:
      enabled: true
      reportmode: "FAILED"
{%- endif %}