.ContainerImageKaniko: &ContainerImageKaniko
  name: ContainerImageKaniko
  image: gcr.io/kaniko-project/executor:debug
  
  environment:
    KANIKO_ARGS: ""
    TAG_PREFIX: ""
    TAG_SUFFIX: ""
    TAG_COMMIT_ENABLE: "true"
    TAG_COMMIT_PREFIX: "commit-"
    TAG_REF_SLUG_ENABLE: "false"
    TAG_REF_NORMALIZED_ENABLE: "true"
    ADDITIONAL_REGISTRY_DESTINATIONS: ""
    ADD_CI_REGISTRY_AUTH: "true"

  commands:
    # drone does not support expanding vars in environment values, set defaults via bash
    - |
      export CONTEXT_DIR="${CONTEXT_DIR:-$DRONE_WORKSPACE_BASE}"
      export DOCKERFILE="${DOCKERFILE:-$DRONE_WORKSPACE_BASE/Dockerfile}"

    # add gitlab registry auth
    - |
      if [[ "$ADD_CI_REGISTRY_AUTH" == "true" ]]; then
        mkdir -p /kaniko/.docker
        echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n token:$CI_REGISTRY_PASSWORD | base64)\"}}}" > /kaniko/.docker/config.json
      fi

    - IMAGE_DESTS=""

    # default tag based on commit
    - |
      if [[ "$TAG_COMMIT_ENABLE" == "true" ]]; then
        IMAGE_DESTS="$IMAGE_DESTS --destination $CI_REGISTRY_IMAGE:$TAG_PREFIX$TAG_COMMIT_PREFIX$CI_COMMIT_SHA$TAG_SUFFIX"
      fi

    # add tag for reference if available using normalization
    # - attempt to build tag first
    # - attempt to build branch if not a PR (if not PR for extra security, variable description on drone unclear)
    - |
      if [[ "$TAG_REF_NORMALIZED_ENABLE" == "true" ]] && [[ ! -z $DRONE_TAG ]]; then
        REF_TAG_NORMALIZED=$(echo $DRONE_TAG | sed s:/:-:g)
        IMAGE_DESTS="$IMAGE_DESTS --destination $CI_REGISTRY_IMAGE:$TAG_PREFIX$REF_TAG_NORMALIZED$TAG_SUFFIX"
      elif [[ "$TAG_REF_NORMALIZED_ENABLE" == "true" ]] && [[ -z "$DRONE_PULL_REQUEST" ]] && [[ ! -z $DRONE_BRANCH ]]; then
        REF_TAG_NORMALIZED=$(echo $DRONE_BRANCH | sed s:/:-:g)
        IMAGE_DESTS="$IMAGE_DESTS --destination $CI_REGISTRY_IMAGE:$TAG_PREFIX$REF_TAG_NORMALIZED$TAG_SUFFIX"
      fi
    
    - |
      if [[ -z "$KANIKO_ARGS" ]]; then
        KANIKO_ARGS=""
      fi
      KANIKO_ARGS="$KANIKO_ARGS --context $CONTEXT_DIR --dockerfile $DOCKERFILE"

      if [[ "KANIKO_SINGLE_SNAPSHOT" ]]; then
        KANIKO_ARGS="$KANIKO_ARGS --single-snapshot"
      fi

    # build image
    - |
      echo "kaniko args: $KANIKO_ARGS"
      echo "pushing to destinations: $IMAGE_DESTS"
      echo "pushing to additional destinations: $ADDITIONAL_REGISTRY_DESTINATIONS"
      /kaniko/executor $KANIKO_ARGS $IMAGE_DESTS $ADDITIONAL_REGISTRY_DESTINATIONS