---
kind: pipeline
name: default

steps:
  - name: copy-sigs
    image: alpine:3
    commands:
      - cp /tmp/signatures.json site/data/signatures/signatures.json
    volumes:
      - name: signatures
        path: /tmp/signatures.json
    when:
      branch:
        - master
      event:
        exclude:
          # do not copy sigs in pull requests to speed up builds
          - pull_request

  - name: deploy
    image: docker:20
    environment:
      XDG_RUNTIME_DIR: "/run/user/1001"
      DOCKER_HOST: "unix:///run/user/1001/docker.sock"
    commands:
      - docker compose -p pmpc-website up --build -d
    volumes:
      - name: dockersock
        path: /run/user/1001/docker.sock
    when:
      branch:
        - master
      event:
        - push
        - tag
        - deployment
        - cron

# This has to run on the same machine as the forms API until this feature
# exists: https://git.fsfe.org/fsfe-system-hackers/forms/issues/62
node:
  cont2: noris

volumes:
  - name: dockersock
    host:
      path: /run/user/1001/docker.sock
  - name: signatures
    host:
      path: /srv/forms/pmpc/signatures.json
---
kind: signature
hmac: 7072ad806c76dee8ac77e916e2cd451de72a5d1739b4d32b7bb81610d63825d6

...