---
# Self-test pipeline: runs on normal pushes to cc-ci (M2). Sanity-checks the exec runner can drive
# host abra/docker. Recipe CI is the separate `custom`-event pipeline below.
kind: pipeline
type: exec
name: self-test

platform:
  os: linux
  arch: amd64

trigger:
  event:
    - push

steps:
  # Lint/format gate (Phase 1b, RL1). Runs the exact toolchain from the pinned `lint` devshell
  # (flake.nix) via scripts/lint.sh in check mode — FAILS the build on any unclean file so future
  # commits stay formatted + lint-clean. HOME=/root so nix reuses root's store/eval cache.
  - name: lint
    environment:
      HOME: /root
    commands:
      - nix develop .#lint --command bash scripts/lint.sh

  - name: hello
    commands:
      - echo "cc-ci self-test on the exec runner"
      - whoami
      - abra --version
      - docker info --format 'swarm={{.Swarm.LocalNodeState}}'

---
# Recipe-CI pipeline: runs on bridge-triggered builds (event=custom, params RECIPE/REF/PR/SRC set by
# the comment-bridge). Deploys the recipe at the PR head, runs install/upgrade/backup + any
# recipe-local tests via the shared harness, then guarantees teardown (plan §4.2/§4.3).
#
# Resource safety (plan §4.2/§4.3): MAX_TESTS=DRONE_RUNNER_CAPACITY=1 (nix/modules/drone-runner.nix) is
# the primary concurrency cap; concurrency.limit below is a redundant belt. CCCI_JANITOR_MAX_AGE=0
# makes the run-start janitor reap ANY orphaned run app before deploying — safe because capacity=1
# means no concurrent run exists (a SIGKILL'd/timed-out build leaves an orphan with no teardown).
kind: pipeline
type: exec
name: recipe-ci

platform:
  os: linux
  arch: amd64

trigger:
  event:
    - custom

concurrency:
  limit: 1

steps:
  - name: ci
    environment:
      STAGES: install,upgrade,backup,restore,custom
      CCCI_JANITOR_MAX_AGE: "0"
      # The exec runner points HOME at a per-build workspace; force it to /root so abra finds its
      # server config + recipes under /root/.abra (as the manual M4/M5 runs did). Safe: capacity=1
      # means no concurrent build shares /root/.abra.
      HOME: /root
    commands:
      # RECIPE/REF/PR/SRC (+ CCCI_QUICK for `!testme --quick`) are injected as env vars from the
      # build's custom params. CCCI_QUICK=1 makes run_recipe_ci take the opt-in fast lane (WC7);
      # absent => full cold (default). run_quick ignores STAGES (always upgrade+custom).
      - 'echo "recipe-ci: RECIPE=$RECIPE REF=$REF PR=$PR SRC=$SRC stages=$STAGES quick=${CCCI_QUICK:-0}"'
      - cc-ci-run runner/run_recipe_ci.py