pipeline{
    agent any
    environment{
        ORG_NAME = "userinsighttracking"
	API_KEY = credentials('CLOUDDEFENSE_API_KEY')
        GITLEAKS='/var/lib/jenkins/external_tools/gitleaks/8.18.0'
        GIT_COMMIT_SHORT = sh(
                script: "printf \$(git rev-parse --short ${GIT_COMMIT})",
                returnStdout: true
        )
        DOTNET6LOCATION = '/var/lib/jenkins/external_tools/dotnet-sdk/dotnet_8'
        AWS_EIP = '43.204.68.17'
        USER = 'ec2-user'
        ENV_NAME = getEnvName(env.BRANCH_NAME)
		ENVNAME = get_EnvName(env.BRANCH_NAME)
        SONAR=credentials("sonar-token")
		SONARSERVER=credentials("sonarqube2-token")
        scannerHome = tool 'SonarScanner-msbuild'
    }
    options {
		buildDiscarder(logRotator(numToKeepStr: '5', artifactNumToKeepStr: '5', daysToKeepStr: '15'))
	}
    stages{
        stage("VERSION"){
            steps{
                buildDescription "$BUILD_NUMBER - $GIT_COMMIT_SHORT"
            }
        }
        stage("SecretScanning"){
            steps{
                sh '''
                    $GITLEAKS/gitleaks detect -v --no-git
                '''
            }
        }
        // stage("SonarAnalysis"){
        //     steps {
        //     withSonarQubeEnv('sonarqube-server'){
        //         sh '''
        //         $DOTNET6LOCATION/dotnet ${scannerHome}/SonarScanner.MSBuild.dll begin /k:"${ORG_NAME}-${ENV_NAME}-API" /d:sonar.host.url="https://cd-builds.compunnel.com/sonar" /d:sonar.login="${SONAR}" /d:sonar.cs.opencover.reportsPaths="Insight.Tracker.UnitTest/coverage.opencover.xml" /d:sonar.coverage.exclusions="**TestCases*.cs,User.Insight.Tracker/Program.cs,DataBase.Entities/**,User.Insight.Tracker/Common/DataValidationException.cs,User.Insight.Tracker/Common/UnauthorisedException.cs" /v:$GIT_COMMIT_SHORT
        //         $DOTNET6LOCATION/dotnet build -c Release ./User.Insight.Tracker/User.Insight.Tracker.sln
        //         $DOTNET6LOCATION/dotnet test Insight.Tracker.UnitTest/Insight.Tracker.UnitTest.csproj /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
        //         $DOTNET6LOCATION/dotnet ${scannerHome}/SonarScanner.MSBuild.dll end /d:sonar.login=$SONAR
        //         '''
        //     }
        // }
        // }
		stage("SonarAnalysis-Updated"){
            steps {
            withSonarQubeEnv('sonarqube'){
                sh '''
                $DOTNET6LOCATION/dotnet ${scannerHome}/SonarScanner.MSBuild.dll begin /k:"cd-${ENVNAME}-computrace-${ORG_NAME}-${ENV_NAME}-compunnel-com-api-aws" /d:sonar.host.url="https://sonar.compunnel.com" /d:sonar.login="${SONARSERVER}" /d:sonar.cs.opencover.reportsPaths="Insight.Tracker.UnitTest/coverage.opencover.xml" /d:sonar.coverage.exclusions="**TestCases*.cs,User.Insight.Tracker/Program.cs,DataBase.Entities/**,User.Insight.Tracker/Common/DataValidationException.cs,User.Insight.Tracker/Common/UnauthorisedException.cs" /v:$GIT_COMMIT_SHORT
                $DOTNET6LOCATION/dotnet build -c Release ./User.Insight.Tracker/User.Insight.Tracker.sln
                $DOTNET6LOCATION/dotnet test Insight.Tracker.UnitTest/Insight.Tracker.UnitTest.csproj /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
                $DOTNET6LOCATION/dotnet ${scannerHome}/SonarScanner.MSBuild.dll end /d:sonar.login=$SONARSERVER
                '''
            }
        }
        }
        //   stage("Quality Gate") {
        //     steps {
        //         timeout(time: 1, unit: 'HOURS') {
        //             waitForQualityGate abortPipeline: true
        //         }
        //     }
        // }
        stage("Build"){
            steps{
                sh '''
                    docker build --build-arg ENVIRONMENT=Staging -t $ORG_NAME-$ENV_NAME-api -f ./User.Insight.Tracker/Dockerfile .
                    docker tag $ORG_NAME-$ENV_NAME-api:latest 801857237392.dkr.ecr.ap-south-1.amazonaws.com/$ORG_NAME-$ENV_NAME-api:${GIT_COMMIT_SHORT}
                '''
            }
        }
        stage("Push development") {
            when{
                expression { BRANCH_NAME == 'development' }
            }
            steps {
                script {
                    withAWS(credentials:'UserInsightTrackingIAM') {
                        sh "aws ecr get-login-password --region ap-south-1 | docker login --username AWS --password-stdin 801857237392.dkr.ecr.ap-south-1.amazonaws.com"
                        sh "docker push 801857237392.dkr.ecr.ap-south-1.amazonaws.com/userinsighttracking-dev-api:${GIT_COMMIT_SHORT}"
                    }
                }
            }
        }
        stage("Push qa") {
            when{
                expression { BRANCH_NAME == 'pre-production' }
            }
            steps {
                script {
                    withAWS(credentials:'UserInsightTrackingIAM') {
                        sh "aws ecr get-login-password --region ap-south-1 | docker login --username AWS --password-stdin 801857237392.dkr.ecr.ap-south-1.amazonaws.com"
                        sh "docker push 801857237392.dkr.ecr.ap-south-1.amazonaws.com/userinsighttracking-qa-api:${GIT_COMMIT_SHORT}"
                    }
                }
            }
        }
        stage("Push uat") {
            when{
                expression { BRANCH_NAME == 'main' }
            }
            steps {
                script {
                    withAWS(credentials:'UserInsightTrackingIAM') {
                        sh "aws ecr get-login-password --region ap-south-1 | docker login --username AWS --password-stdin 801857237392.dkr.ecr.ap-south-1.amazonaws.com"
                        sh "docker push 801857237392.dkr.ecr.ap-south-1.amazonaws.com/userinsighttracking-uat-api:${GIT_COMMIT_SHORT}"
                    }
                }
            }
        }
        stage("RELEASE_TAG"){
            when { 
                environment name: 'ENV_NAME', value: 'uat' 
            }
            steps{
                sh """
                    git tag -a $GIT_COMMIT_SHORT -m 'Release version - $GIT_COMMIT_SHORT'
                    git push git@github.com:CD-Internal-Projects/User-Insight-Tracking-API.git $GIT_COMMIT_SHORT
                """
            }
        }
        stage('Deploy development') {
            when{
                expression { BRANCH_NAME == 'development' }
            }
            steps {
                 withCredentials([sshUserPrivateKey(credentialsId: "computrace-qa-ssh", keyFileVariable: 'keyfile')]) {
                    sh """
                    sed -i 's/__TAG__/${GIT_COMMIT_SHORT}/g' docker-compose-api.yml
                    scp -i ${keyfile} docker-compose-api.yml ${USER}@${AWS_EIP}:/var/www/html/UserInsightTracking-dev/
                    ssh -i ${keyfile} ${USER}@${AWS_EIP} "cd /var/www/html/UserInsightTracking-dev; \
                    aws --region ap-south-1 ecr get-login-password --region ap-south-1 | docker login --username AWS --password-stdin 801857237392.dkr.ecr.ap-south-1.amazonaws.com; \
                    docker-compose --project-name userinsighttracking-dev -f docker-compose-api.yml up -d; \
                    sudo service nginx reload; \
                    docker logout 801857237392.dkr.ecr.ap-south-1.amazonaws.com;"
                    """
                }
            }
        }
        stage('Deploy qa') {
            when{
                expression { BRANCH_NAME == 'pre-production' }
            }
            steps {
                 withCredentials([sshUserPrivateKey(credentialsId: "computrace-qa-ssh", keyFileVariable: 'keyfile')]) {
                    sh """
                    sed -i 's/__TAG__/${GIT_COMMIT_SHORT}/g' docker-compose-qa-api.yml
                    scp -i ${keyfile} docker-compose-qa-api.yml ${USER}@${AWS_EIP}:/var/www/html/UserInsightTracking-qa/
                    ssh -i ${keyfile} ${USER}@${AWS_EIP} "cd /var/www/html/UserInsightTracking-qa; \
                    aws --region ap-south-1 ecr get-login-password --region ap-south-1 | docker login --username AWS --password-stdin 801857237392.dkr.ecr.ap-south-1.amazonaws.com; \
                    docker-compose --project-name userinsighttracking-qa -f docker-compose-qa-api.yml up -d; \
                    sudo service nginx reload; \
                    docker logout 801857237392.dkr.ecr.ap-south-1.amazonaws.com;"
                    """
                }
            }
        }
        // stage("Push") {
        //     steps {
        //         script {
        //             withAWS(credentials:'UserInsightTrackingIAM') {
        //                 sh "aws ecr get-login-password --region ap-south-1 | docker login --username AWS --password-stdin 801857237392.dkr.ecr.ap-south-1.amazonaws.com"
        //                 sh "docker push 801857237392.dkr.ecr.ap-south-1.amazonaws.com/userinsighttracking-qa-api:${GIT_COMMIT_SHORT}"
        //             }
        //         }
        //     }
        // }
        // stage('Deploy') {
        //     when {
        //         not {
        //             branch 'main'
        //         }
        //     }
        //     steps {
        //          withCredentials([sshUserPrivateKey(credentialsId: "computrace-qa-ssh", keyFileVariable: 'keyfile')]) {
        //             sh """
        //             sed -i 's/__TAG__/${GIT_COMMIT_SHORT}/g' docker-compose-api.yml
        //             scp -i ${keyfile} docker-compose-api.yml ${USER}@${AWS_EIP}:/var/www/html/UserInsightTracking-qa/
        //             ssh -i ${keyfile} ${USER}@${AWS_EIP} "cd /var/www/html/UserInsightTracking-qa; \
        //             aws --region ap-south-1 ecr get-login-password --region ap-south-1 | docker login --username AWS --password-stdin 801857237392.dkr.ecr.ap-south-1.amazonaws.com; \
        //             docker-compose --project-name userinsighttracking-qa -f docker-compose-api.yml up -d; \
        //             sudo service nginx reload; \
        //             docker logout 801857237392.dkr.ecr.ap-south-1.amazonaws.com;"
        //             """
        //         }
        //     }
        // }
        // stage("RELEASE_TAG"){
        //     when { 
        //         environment name: 'ENV_NAME', value: 'uat' 
        //     }
        //     steps{
        //         sh """
        //             git tag -a $GIT_COMMIT_SHORT -m 'Release version - $GIT_COMMIT_SHORT'
        //             git push git@github.com:CD-Internal-Projects/User-Insight-Tracking-API.git $GIT_COMMIT_SHORT
        //         """
        //     }
        // }
        stage("cleanup"){
            steps{
                sh '''
                    docker rmi -f $ORG_NAME-$ENV_NAME-api:latest
                    docker rmi -f 801857237392.dkr.ecr.ap-south-1.amazonaws.com/$ORG_NAME-$ENV_NAME-api:${GIT_COMMIT_SHORT}
                '''
            }
        }
	// stage("clouddefense"){
 //            steps{
 //                sh '''
	// 	    /var/lib/jenkins/external_tools/clouddefense/cd-1.38.6/release-1.38.6/cd-latest-linux-x64 online \
 //                    --api-key=$API_KEY \
	// 	    --repository-url=git@github.com:CD-Internal-Projects/User-Insight-Tracking-API.git \
 //      		    --branch-name=development \
	//     	    --tag=jenkins-scan \
	//   	    --verbose \
	// 	    --type=GITHUB
 //                '''
 //            }
 //        }
    }
    post {
        always{
            cleanWs()
        }
    }
}
def get_EnvName(branchName) {
    if("main".equals(branchName)) {
        return "u";
    } else if ("pre-production".equals(branchName)) {
        return "q";
    } else {
        return "d";
    }
}


def getEnvName(branchName) {
    if("main".equals(branchName)) {
        return "uat";
    } else if ("pre-production".equals(branchName)) {
        return "qa";
    } else {
        return "dev";
    }
}
