config.yml

# CircleCI 2.1 configuration file
version: 2.1

orbs:
  win: circleci/windows@2.2.0
  rok8s-scripts: fairwinds/rok8s-scripts@11.1.3

# Shared config to use between jobs
# These can be used to inject shared variables
# see https://blog.daemonl.com/2016/02/yaml.html
.references:
  shared-env-config: &shared-env-config
    GARDEN_DISABLE_VERSION_CHECK: "true"
    GARDEN_DISABLE_ANALYTICS: "true"
    GARDEN_K8S_BUILD_SYNC_MODE: "mutagen"
    GARDEN_LOGGER_TYPE: basic

  shared-machine-config: &shared-machine-config
    image: "ubuntu-2004:202010-01"
    docker_layer_caching: true

  remote-docker: &remote-docker
    setup_remote_docker:
      version: 20.10.11
      docker_layer_caching: true

  # Configuration for our node jobs
  node-config: &node-config
    docker:
      - image: gardendev/circleci-runner:14.19.3-1
        environment:
          <<: *shared-env-config
    resource_class: medium

  # Configuration for release jobs
  release-config: &release-config
    docker:
      # Image that contains ghr for publishing releases to Github
      - image: cibuilds/github:0.12.2

  # Attaches the current saved workspace
  attach-workspace: &attach-workspace
    attach_workspace:
      at: ./

  # Only run jobs on main
  only-main: &only-main
    filters:
      branches:
        only: main
      tags:
        ignore: /.*/

  # Only run on versioned tags
  only-tags: &only-tags
    filters:
      branches:
        ignore: /.*/
      tags:
        only: /\d+\.\d+\.\d+(-\d+)?/

  # Only run for PRs from core team
  only-internal-prs: &only-internal-prs
    filters:
      branches:
        # Forked pull requests have CIRCLE_BRANCH set to pull/XXX
        ignore: /pull\/[0-9]+/

# Reuseable commands to execute in jobs
# see https://circleci.com/docs/2.0/configuration-reference/#commands-requires-version21
# and example https://github.com/mapbox/mapbox-gl-native/blob/master/circle.yml
commands:
  npm_install:
    description: |
      Installs npm packages for root, core, and dashboard and loads and saves the caches as appropriate
    parameters:
      context:
        description: Set this to vm if installing in a VM, to avoid conflicting caches with the docker runs
        type: string
        default: docker
    steps:
      - restore_cache:
          keys:
            - yarn-v4-<<parameters.context>>-{{ checksum "yarn.lock" }}
            - yarn-v4-<<parameters.context>>

      - run: yarn

      - save_cache:
          key: yarn-v4-<<parameters.context>>-{{ checksum "yarn.lock" }}
          paths:
            - ~/.cache/yarn

  configure_git:
    description: Configure git (needed for some tests)
    steps:
      - run:
          name: Configure git
          command: |
            git config --global user.name "Garden CI"
            git config --global user.email "admin@garden.io"

  install_kubectl:
    description: Install kubectl
    steps:
      - run:
          name: Install binary dependencies
          command: |
            mkdir -p $HOME/bin
            cd $HOME/bin
            curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.0/bin/linux/amd64/kubectl
            chmod +x kubectl
            echo 'export PATH=$HOME/bin:$PATH' >> $BASH_ENV

  docker_login:
    description: Login to Docker Hub
    steps:
      - run:
          name: docker login
          command: |
            if [ -n "$DOCKER_PASS" ]; then
              echo $DOCKER_PASS | docker login -u $DOCKER_USER --password-stdin
            else
              echo "Skipping, no login available"
            fi

  install_kind:
    description: Install Kind
    parameters:
      kindNodeImage:
        description: The kind node image to use
        type: string
    steps:
      - run:
          name: Install kind
          command: |
            curl -LO https://github.com/kubernetes-sigs/kind/releases/download/v0.11.1/kind-linux-amd64
            chmod +x kind-linux-amd64
            sudo mv kind-linux-amd64 /usr/local/bin/kind
      - run:
          name: Start kind cluster
          command: |
            # Create the kind cluster with a custom config to enable the default ingress controller
            cat \<<EOF | kind create cluster \
                --image <<parameters.kindNodeImage>> \
                --wait=600s \
                --config=-

            kind: Cluster
            apiVersion: kind.x-k8s.io/v1alpha4
            nodes:
            - role: control-plane
              kubeadmConfigPatches:
              - |
                kind: InitConfiguration
                nodeRegistration:
                  kubeletExtraArgs:
                    node-labels: "ingress-ready=true"
                    authorization-mode: "AlwaysAllow"
              extraPortMappings:
              - containerPort: 80
                hostPort: 80
                protocol: TCP
              - containerPort: 443
                hostPort: 443
                protocol: TCP
            EOF

            kubectl config set-context kind-kind

  update_nodejs:
    description: Update Node.js
    steps:
      - run:
          name: Update Node.js
          command: |
            # NVM is already installed, we just need to load it...
            [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
            # ...export for subsequent runs...
            echo 'export NVM_DIR="/opt/circleci/.nvm"' >> $BASH_ENV
            echo "[ -s \"$NVM_DIR/nvm.sh\" ] && . \"$NVM_DIR/nvm.sh\"" >> $BASH_ENV
            nvm install 14
            nvm alias default 14
            nvm use default
            # ...and finally symlink for when calling Garden with sudo below
            sudo ln -s "$NVM_DIR/versions/node/$(nvm version)/bin/node" "/usr/local/bin/node"
            sudo ln -s "$NVM_DIR/versions/node/$(nvm version)/bin/npm" "/usr/local/bin/npm"
            sudo npm install -g yarn

  configure_kubectl_context:
    description: Configure the kubectl context via gcloud so that we can access our remote cluster. Used for e2e testing.
    steps:
      - run:
          name: Configure kubectl context via gcloud and authenticate to Google Container Registry
          command: |
            export GOOGLE_APPLICATION_CREDENTIALS=$HOME/gcloud-key.json
            echo "export GOOGLE_APPLICATION_CREDENTIALS=$GOOGLE_APPLICATION_CREDENTIALS" >> $BASH_ENV
            echo $GCLOUD_SERVICE_KEY > $GOOGLE_APPLICATION_CREDENTIALS
            gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS
            gcloud --quiet config set project $GOOGLE_PROJECT_ID
            gcloud --quiet config set compute/zone $GOOGLE_COMPUTE_ZONE
            gcloud --quiet container clusters get-credentials $GOOGLE_CLUSTER_ID --zone $GOOGLE_COMPUTE_ZONE
            gcloud --quiet auth configure-docker

  build_dist:
    description: Package built code into executables and persist to dist directory
    parameters:
      version:
        description: |
          The version tag used when building. Use to set the version string in the generated zip file names,
          e.g. when creating unstable releases. The script defaults to using the version from core/package.json.
        type: string
        default: ""
    steps:
      # We need Docker for building the Alpine package
      - *remote-docker
      - checkout
      - npm_install
      - *attach-workspace
      - run:
          environment:
            # pkg doesn't use a normal cache directory by default
            # see https://github.com/vercel/pkg/issues/1225
            PKG_CACHE_PATH: tmp/pkg/
          name: Run dist command with the appropriate argument
          command: yarn run dist --version "<<parameters.version>>"
      - persist_to_workspace:
          root: ./
          paths:
            - dist/
            # Needed for the alpine docker build
            - tmp/pkg/
      - store_artifacts:
          path: dist
          destination: dist

#
# Jobs section
#
jobs:
  build:
    <<: *node-config
    steps:
      - checkout
      - npm_install
      - run:
          name: build
          command: |
            yarn run build
      # Save the built output to be used for the docker image and for the release steps
      - persist_to_workspace:
          # Must be an absolute path, or relative path from working_directory. This is a directory on the container which is
          # taken to be the root directory of the workspace.
          root: ./
          # Must be relative path from root
          paths:
            # Save the built output for future
            - cli/build/
            - core/build/
            - dashboard/build/
            - static/
            # TODO: see if we can make this somewhat more specific
            - sdk/
            - plugins/
            - e2e/
  build-dist:
    <<: *node-config
    resource_class: large
    steps:
      - build_dist
  build-dist-edge:
    <<: *node-config
    resource_class: large
    steps:
      - build_dist:
          version: edge

  lint:
    <<: *node-config
    resource_class: large
    steps:
      - checkout
      - npm_install
      - *attach-workspace
      - run:
          name: lint
          command: yarn run lint

  check-docs:
    <<: *node-config
    steps:
      - checkout
      - npm_install
      - *attach-workspace
      - run:
          name: Make sure generated docs are up-to-date
          command: yarn run check-docs

  check-package-licenses:
    <<: *node-config
    steps:
      - checkout
      - npm_install
      - *attach-workspace
      - run:
          name: Make sure dependency licenses are okay
          command: |
            mkdir tmp
            yarn check-package-licenses

  test-framework:
    <<: *node-config
    steps:
      - checkout
      - *remote-docker
      - npm_install
      - *attach-workspace
      - configure_git
      - run:
          name: Unit test framework components
          command: |
            GARDEN_LOGGER_TYPE="" yarn run test:framework:unit
          environment:
            CHOKIDAR_USEPOLLING: "1"

  e2e-project:
    <<: *node-config
    parameters:
      project:
        description: The example project to test
        type: string
      environment:
        description: The project environment to use
        type: string
        default: testing
    steps:
      - checkout
      - npm_install
      - configure_kubectl_context
      - docker_login
      - *attach-workspace
      - run:
          name: Set environment
          command: export CIRCLE_BUILD_NUM=$CIRCLE_BUILD_NUM-e2e-<<parameters.project>>
      - run:
          name: Run e2e test
          command: |
            yarn e2e-project --project=<<parameters.project>> --env=<<parameters.environment>>
      - run:
          name: Cleanup
          command: kubectl delete --wait=false $(kubectl get ns -o name | grep $CIRCLE_BUILD_NUM) || true
          when: always

  build-docker-alpine:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      - *attach-workspace
      - docker_login
      - run:
          name: Build image and push to registry
          command: |
            TAG=gardendev/garden:${CIRCLE_SHA1}
            docker build -t ${TAG} -f support/alpine.Dockerfile dist/alpine-amd64
            docker push ${TAG}
  build-docker-aws:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      - *attach-workspace
      - docker_login
      - run:
          name: Build image and push to registry
          command: |
            TAG=gardendev/garden-aws:${CIRCLE_SHA1}
            docker build -t ${TAG} --build-arg TAG=${CIRCLE_SHA1} -f support/aws.Dockerfile dist/alpine-amd64
            docker push ${TAG}
  build-docker-azure:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      - *attach-workspace
      - docker_login
      - run:
          name: Build image and push to registry
          command: |
            TAG=gardendev/garden-azure:${CIRCLE_SHA1}
            docker build -t ${TAG} --build-arg TAG=${CIRCLE_SHA1} -f support/azure.Dockerfile dist/alpine-amd64
            docker push ${TAG}
  build-docker-gcloud:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      - *attach-workspace
      - docker_login
      - run:
          name: Build image and push to registry
          command: |
            TAG=gardendev/garden-gcloud:${CIRCLE_SHA1}
            docker build -t ${TAG} --build-arg TAG=${CIRCLE_SHA1} -f support/gcloud.Dockerfile dist/alpine-amd64
            docker push ${TAG}
  build-docker-aws-gcloud:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      - *attach-workspace
      - docker_login
      - run:
          name: Build image and push to registry
          command: |
            TAG=gardendev/garden-aws-gcloud:${CIRCLE_SHA1}
            docker build -t ${TAG} --build-arg TAG=${CIRCLE_SHA1} -f support/aws-gcloud.Dockerfile dist/alpine-amd64
            docker push ${TAG}
  build-docker-aws-gcloud-azure:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      - *attach-workspace
      - docker_login
      - run:
          name: Build image and push to registry
          command: |
            TAG=gardendev/garden-aws-gcloud-azure:${CIRCLE_SHA1}
            docker build -t ${TAG} --build-arg TAG=${CIRCLE_SHA1} -f support/aws-gcloud-azure.Dockerfile dist/alpine-amd64
            docker push ${TAG}
  build-docker-full:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      - *attach-workspace
      - docker_login
      - run:
          name: Build image and push to registry
          command: |
            TAG=gardendev/garden-full:${CIRCLE_SHA1}
            docker build -t ${TAG} --build-arg TAG=${CIRCLE_SHA1} -f support/full.Dockerfile dist/alpine-amd64
            docker push ${TAG}
  build-docker-buster:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      - *attach-workspace
      - docker_login
      - run:
          name: Build image and push to registry
          command: |
            TAG=gardendev/garden:${CIRCLE_SHA1}-buster
            docker build -t ${TAG} -f support/buster.Dockerfile dist/linux-amd64
            docker push ${TAG}

  test-docker-gcloud:
    docker:
      - image: gardendev/garden-gcloud:${CIRCLE_SHA1}
        environment:
          <<: *shared-env-config
          GARDEN_TASK_CONCURRENCY_LIMIT: "10"
    steps:
      # Need to checkout to run example project
      - checkout
      - configure_kubectl_context
      - *attach-workspace
      - run:
          name: Deploy demo-project with container
          # overriding CIRCLE_BUILD_NUM to avoid conflict with other tests
          command: CIRCLE_BUILD_NUM=$CIRCLE_BUILD_NUM-docker /garden/garden build --root examples/demo-project --env remote --logger-type basic
      - run:
          name: Cleanup
          command: CIRCLE_BUILD_NUM=$CIRCLE_BUILD_NUM-docker kubectl delete --wait=false $(kubectl get ns -o name | grep demo-project-$CIRCLE_BUILD_NUM) || true
          when: always

  release-service-docker:
    <<: *node-config
    steps:
      - *remote-docker
      - checkout
      # This is to copy the pre-built code from a previous step
      - *attach-workspace
      - docker_login
      # TODO: use garden publish here
      - deploy:
          name: Release docker images
          command: |
            # Switches between git tag and main for releases
            TAG=${CIRCLE_TAG:-main}
            # Push the container
            ./scripts/push-containers.sh $TAG
            # Push again with latest tag for non-pre-release tags
            if [[ "$TAG" == "$CIRCLE_TAG" ]] && [[ $VERSION != *"-"* ]]; then
              ./scripts/push-containers.sh latest
            fi
  release-service-dist:
    <<: *release-config
    steps:
      # Need to checkout to read version from core/package.json
      - checkout
      - *attach-workspace
      - run:
          name: Create a release on GitHub. If the release is a pre-release we publish it right away, otherwise we make a draft.
          command: |
            VERSION="$(cat package.json | jq -r .version)"
            PRERELEASE=""
            DRAFT=-draft
            # If pre-release, we flag it as pre-release and not as a draft
            if [[ $VERSION == *"-"* ]]; then DRAFT=""; PRERELEASE=-prerelease; fi
            ghr \
              -t ${GITHUB_TOKEN} \
              -u ${CIRCLE_PROJECT_USERNAME} \
              -r ${CIRCLE_PROJECT_REPONAME} \
              -c ${CIRCLE_SHA1} \
              -n ${VERSION} \
              -delete \
              ${PRERELEASE} \
              ${DRAFT} \
              ${VERSION} ./dist
  release-service-dist-edge:
    <<: *release-config
    steps:
      - *attach-workspace
      - run:
          name: Publish a pre-release on GitHub with the tag 'edge'
          command: |
            VERSION=edge
            ghr \
              -t ${GITHUB_TOKEN} \
              -u ${CIRCLE_PROJECT_USERNAME} \
              -r ${CIRCLE_PROJECT_REPONAME} \
              -c ${CIRCLE_SHA1} \
              -n ${VERSION} \
              -delete \
              -prerelease \
              ${VERSION} ./dist
  test-dist:
    <<: *node-config
    steps:
      # Need to checkout to run example project
      - checkout
      - configure_kubectl_context
      - *attach-workspace
      - run:
          name: Test that the binary works with the fancy logger enabled
          command: dist/linux-amd64/garden options
      - run:
          name: Test the create commands
          command: |
            mkdir -p /tmp/create-test
            cd /tmp/create-test
            ~/project/dist/linux-amd64/garden create project --name test-project
            ~/project/dist/linux-amd64/garden create module --name test-module --type exec
      - run:
          name: Deploy demo-project with binary
          # overriding CIRCLE_BUILD_NUM to avoid conflict with other tests
          command: CIRCLE_BUILD_NUM=$CIRCLE_BUILD_NUM-dist dist/linux-amd64/garden deploy --root examples/demo-project --env remote --logger-type basic
      - run:
          name: Cleanup
          command: CIRCLE_BUILD_NUM=$CIRCLE_BUILD_NUM-dist kubectl delete --wait=false $(kubectl get ns -o name | grep demo-project-$CIRCLE_BUILD_NUM) || true
          when: always

  test-plugins:
    machine:
      <<: *shared-machine-config
    parameters:
      kindNodeImage:
        description: The kind node image to use
        type: string
    environment:
      <<: *shared-env-config
      GARDEN_LOG_LEVEL: debug
    steps:
      - checkout
      - docker_login
      - install_kubectl
      - install_kind:
          kindNodeImage: <<parameters.kindNodeImage>>
      - update_nodejs
      - configure_git
      - npm_install:
          context: vm
      - *attach-workspace
      # Restore Maven cache
      - restore_cache:
          keys:
            - m2-v1
      # Run tests
      - run:
          name: Plugin tests
          command: yarn run test:plugins
      # Persist Maven cache
      - save_cache:
          key: m2-v1
          paths:
            - ~/.m2

  test-kind:
    machine:
      <<: *shared-machine-config
    parameters:
      kindNodeImage:
        description: The kind node image to use
        type: string
    environment:
      <<: *shared-env-config
      GARDEN_LOG_LEVEL: debug
    steps:
      - checkout
      - install_kubectl
      - docker_login
      - install_kind:
          kindNodeImage: <<parameters.kindNodeImage>>
      - update_nodejs
      - configure_git
      - npm_install:
          context: vm
      - *attach-workspace
      - run:
          name: Integ tests
          command: |
            cd core
            # Notes:
            # - We skip tests that only work for remote environments
            # - We currently don't support in-cluster building on kind.
            yarn integ-kind
      - run:
          name: Deploy demo-project
          command: ./bin/garden deploy --root examples/demo-project --logger-type basic

  test-microk8s:
    machine:
      <<: *shared-machine-config
    parameters:
      kubernetesVersion:
        description: The Kubernetes version to run
        type: string
    environment:
      <<: *shared-env-config
      K8S_VERSION: <<parameters.kubernetesVersion>>
      GARDEN_LOG_LEVEL: debug
    steps:
      - checkout
      - run:
          name: Install system dependencies
          command: |
            sudo apt update
            sudo apt install snapd nfs-common
      - docker_login
      - run:
          name: Install and start microk8s
          command: |
            sudo snap install microk8s --classic --channel=<<parameters.kubernetesVersion>>/stable
            sudo microk8s.status --wait-ready --timeout=300

            # Workaround for some issue with snap/microk8s
            sudo microk8s.enable storage registry dns || true
            sleep 10
            sudo microk8s.enable storage registry dns

            sudo usermod -a -G microk8s circleci
            echo "********* microk8s ready! ************"

            # Set up kubeconfig and environment
            mkdir -p /home/circleci/.kube
            sudo sh -c 'microk8s.kubectl config view --raw > /home/circleci/.kube/config'
            sudo chown -R circleci:circleci /home/circleci/.kube
            echo 'export PATH=/snap/bin:$PATH' >> $BASH_ENV
            echo "********* env prepped! *********"
      - update_nodejs
      - configure_git
      - npm_install:
          context: vm
      - *attach-workspace
      - run:
          name: Integ tests
          command: |
            cd core
            # Notes:
            # - We skip tests that only work for remote environments
            # - Need to run with sudo to work with microk8s, because CircleCI doesn't allow us to log out
            #   and back in to add the circleci user to the microk8s group.
            # - We currently don't support in-cluster building on microk8s.
            sudo -E GARDEN_SKIP_TESTS="cluster-docker kaniko remote-only" npm run _integ
      - run:
          name: Deploy demo-project
          command: sudo -E ./bin/garden deploy --root examples/demo-project --logger-type basic

  test-minikube:
    machine:
      <<: *shared-machine-config
    resource_class: large
    parameters:
      minikubeVersion:
        description: The Minikube version to use
        type: string
        default: v1.11.0
      kubernetesVersion:
        description: The Kubernetes version to run
        type: string
      skipTests:
        description: Integ test groups to skip
        type: string
        default: "cluster-docker kaniko remote-only"
    environment:
      <<: *shared-env-config
      K8S_VERSION: <<parameters.kubernetesVersion>>
      MINIKUBE_VERSION: <<parameters.minikubeVersion>>
      GARDEN_LOG_LEVEL: debug
    steps:
      - checkout
      - install_kubectl
      - run:
          name: Install system dependencies
          command: |
            sudo apt-get update
            sudo apt install nfs-common conntrack
      - docker_login
      - update_nodejs
      - configure_git
      - npm_install:
          context: vm
      - *attach-workspace
      - run:
          name: Install Minikube Executable
          command: |
            curl -Lo minikube https://github.com/kubernetes/minikube/releases/download/${MINIKUBE_VERSION}/minikube-linux-amd64
            chmod +x minikube
            sudo mv minikube /usr/local/bin
      - run:
          name: Start Minikube Cluster
          command: |
            sudo -E minikube start \
              --extra-config=kubeadm.ignore-preflight-errors=NumCPU \
              --extra-config=kubeadm.ignore-preflight-errors=RSRC_INSUFFICIENT_CORES \
              --kubernetes-version=$K8S_VERSION \
              --vm-driver=none \
              --cpus 3 \
              --memory 4096
            sudo chown -R circleci:circleci /home/circleci/.kube /home/circleci/.minikube /etc/kubernetes
            # Work around annoying issue on recent minikubes where namespaces take a long time to generate default service account
            kubectl create namespace container-default
            sleep 10
      - run:
          name: Integ tests
          # Note: We skip tests that only work for remote environments
          command: |
            cd core
            GARDEN_SKIP_TESTS="<<parameters.skipTests>>" yarn _integ
      - run:
          name: Deploy demo-project
          command: sudo -E ./bin/garden deploy --root examples/demo-project
      - run:
          name: Run cluster cleanup
          command: |
            sudo -E ./bin/garden plugins local-kubernetes cleanup-cluster-registry --root core/test/data/test-projects/container --env cluster-docker

  test-macos:
    macos:
      xcode: "13.4.1"
    steps:
      - checkout
      - *attach-workspace
      # - run:
      #     name: Configure Node.js
      #     command: nvm install 14 && nvm alias default 14
      - run:
          name: brew install
          command: brew install docker kubectl git rsync
      # Garden has 2 main pre-requisites: git and rsync
      # Upgrade rsync to the latest version.
      # The default version is too old, Garden requires 3.1.0+.
      # This step ensures that Garden is always tested to be compatible with the latest rsync.
      - run:
          name: Upgrade rsync
          command: brew upgrade rsync
      # Upgrade git to the latest version.
      # This step ensures that Garden is always tested to be compatible with the latest git.
      - run:
          name: Upgrade git
          command: brew upgrade git
      - run:
          name: Install gcloud SDK
          command: |
            cd $HOME
            curl -LO https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-390.0.0-darwin-x86_64.tar.gz
            tar xzf google-cloud-sdk-390.0.0-darwin-x86_64.tar.gz
            echo 'export PATH=$HOME/google-cloud-sdk/bin:$PATH' >> $BASH_ENV
      - docker_login
      - configure_kubectl_context
      - run:
          name: Deploy demo-project
          command: CIRCLE_BUILD_NUM=$CIRCLE_BUILD_NUM-macos dist/macos-amd64/garden deploy --root examples/demo-project --logger-type basic --env remote
      - run:
          name: Cleanup
          command: kubectl delete --wait=false $(kubectl get ns -o name | grep $CIRCLE_BUILD_NUM-macos) || true
          when: always

  test-windows:
    executor: win/default
    steps:
      - checkout
      - *attach-workspace
      - run:
          name: Install Deps
          command: |
            choco install -y git
            choco install -y rsync
            choco upgrade -y git rsync gcloudsdk kubernetes-cli
            refreshenv
      - run:
          name: Write gcloud credentials to file
          command: $env:GCLOUD_SERVICE_KEY | Set-Content key.json
      - run:
          name: Setup remote K8s
          command: |
            gcloud auth activate-service-account --key-file=key.json
            $env:GOOGLE_APPLICATION_CREDENTIALS = (Get-Location) + '\key.json'
            gcloud --quiet config set project $env:GOOGLE_PROJECT_ID
            gcloud --quiet config set compute/zone $env:GOOGLE_COMPUTE_ZONE
            gcloud --quiet container clusters get-credentials $env:GOOGLE_CLUSTER_ID --zone $env:GOOGLE_COMPUTE_ZONE
            gcloud --quiet auth configure-docker
      - run:
          name: Deploy demo-project
          command: |
            $env:CIRCLE_BUILD_NUM = "$env:CIRCLE_BUILD_NUM-win"
            .\dist\windows-amd64\garden.exe deploy --root .\examples\demo-project\ --logger-type basic --env remote --force-build
      - run:
          name: Cleanup
          command: (kubectl delete namespace --wait=false demo-project-$env:CIRCLE_BUILD_NUM-win) -or $true
          when: always

workflows:
  version: 2
  commit:
    jobs:
      ### ALL BRANCHES ###

      - build
      - build-dist:
          requires: [build]
      - lint:
          requires: [build]
      - check-docs:
          requires: [build]
      - check-package-licenses:
          requires: [build]
      - build-docker-alpine:
          <<: *only-internal-prs
          context: docker
          requires: [build-dist]
      - build-docker-aws:
          <<: *only-internal-prs
          context: docker
          requires: [build-docker-alpine]
      - build-docker-azure:
          <<: *only-internal-prs
          context: docker
          requires: [build-docker-alpine]
      - build-docker-gcloud:
          <<: *only-internal-prs
          context: docker
          requires: [build-docker-alpine]
      - build-docker-aws-gcloud:
          <<: *only-internal-prs
          context: docker
          requires: [build-docker-gcloud]
      - build-docker-aws-gcloud-azure:
          <<: *only-internal-prs
          context: docker
          requires: [build-docker-gcloud]
      - build-docker-full:
          <<: *only-internal-prs
          context: docker
          requires: [build-docker-gcloud]
      - build-docker-buster:
          <<: *only-internal-prs
          context: docker
          requires: [build-dist]

      - test-docker-gcloud:
          <<: *only-internal-prs
          context: docker
          requires: [build-docker-gcloud]
      - test-framework:
          requires: [build]
      - test-dist:
          # Don't attempt to run dist tests for external PRs (they won't have access to the required keys)
          <<: *only-internal-prs
          requires: [build-dist]
      - test-macos:
          <<: *only-internal-prs
          requires: [build-dist]
      - test-windows:
          <<: *only-internal-prs
          requires: [build-dist]

      - e2e-project:
          <<: *only-internal-prs
          name: e2e-code-synchronization
          project: code-synchronization
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-demo-project
          project: demo-project
          environment: remote
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-deployment-strategies
          project: deployment-strategies
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-gke-kaniko-gcr
          project: gke
          environment: gke-kaniko-gcr
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-gke-buildkit-gcr
          project: gke
          environment: gke-buildkit-gcr
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-hadolint
          project: hadolint
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-jib-container
          project: jib-container
          environment: remote
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-kustomize
          project: kustomize
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-remote-sources
          project: remote-sources
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-tasks
          project: tasks
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-templated-k8s-container
          project: templated-k8s-container
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-vote
          project: vote
          environment: remote
          requires: [build]
      - e2e-project:
          <<: *only-internal-prs
          name: e2e-vote-helm
          project: vote-helm
          requires: [build]

      ### VM TESTS ###

      # Note: The below is a not-quite-random mix of local k8s variants and k8s versions. Doing a full matrix of every
      # variant and k8s version would be quite expensive, so we try and make sure each of the latest 6-7 k8s versions is
      # tested, and that the most recent versions are broadly tested. The kind tests are the cheapest to run so we use many
      # of those, but they currently don't test in-cluster building, so we do need a range of versions on minikube as well.
      - test-minikube:
          name: vm-1.22-minikube
          requires: [build]
          kubernetesVersion: "1.22.2"
          minikubeVersion: "v1.25.2"
          # cluster-buildkit works on other minikube versions, but the in-cluster registry has issues on the latest version
          # This is sort of fine, since we don't _really_ support in-cluster building on minikube, just been using it for
          # integration tests.
          skipTests: cluster-docker cluster-buildkit kaniko remote-only
      - test-minikube:
          name: vm-1.23-minikube
          requires: [build]
          kubernetesVersion: "1.23.3"
          minikubeVersion: "v1.25.2"
      - test-minikube:
          name: vm-1.19-minikube
          requires: [build]
          kubernetesVersion: "1.19.7"
          minikubeVersion: "v1.16.0"
      - test-microk8s:
          name: vm-1.24-microk8s
          requires: [build]
          kubernetesVersion: "1.24"
      - test-kind:
          name: vm-1.19-kind
          requires: [build]
          kindNodeImage: kindest/node:v1.19.4
      - test-kind:
          name: vm-1.20-kind
          requires: [build]
          kindNodeImage: kindest/node:v1.20.2
      - test-kind:
          name: vm-1.21-kind
          requires: [build]
          kindNodeImage: kindest/node:v1.21.2
      - test-kind:
          name: vm-1.22-kind
          requires: [build]
          kindNodeImage: kindest/node:v1.22.9@sha256:8135260b959dfe320206eb36b3aeda9cffcb262f4b44cda6b33f7bb73f453105
      - test-kind:
          name: vm-1.23-kind
          requires: [build]
          kindNodeImage: kindest/node:v1.23.6@sha256:b1fa224cc6c7ff32455e0b1fd9cbfd3d3bc87ecaa8fcb06961ed1afb3db0f9ae

      - test-plugins:
          requires: [build]
          kindNodeImage: kindest/node:v1.21.2

      ### MAIN ONLY ###

      # TODO: Re-enable this if we can figure out a way to not spam users who have starred the repo.
      # - build-dist-edge:
      #     <<: *only-main
      #     requires: [build]
      # - release-service-docker:
      #     <<: *only-main
      #     context: docker
      #     requires: [build-dist-edge]
      # - release-service-dist-edge:
      #     <<: *only-main
      #     requires: [build-dist-edge]

  tags:
    jobs:
      - build:
          <<: *only-tags
      - build-dist:
          <<: *only-tags
          requires: [build]
      - release-service-docker:
          <<: *only-tags
          context: docker
          requires: [build-dist]
      - release-service-dist:
          <<: *only-tags
          requires: [build-dist]