version: 2

references:
  defaults:
    2_4_5: &defaults_2_4_5
      working_directory: ~/wealthsimple
      docker:
        - image: circleci/ruby:2.4.5
          environment:
            RAILS_ENV: test

    2_5_3: &defaults
      working_directory: ~/wealthsimple
      docker:
        - image: circleci/ruby:2.5.3
          environment:
            RAILS_ENV: test

  which_bundler: &which_bundler
    run:
      name: Which bundler?
      command: bundle -v

  bundle_install: &bundle_install
    run:
      name: Bundle Install
      command: bundle install --jobs=4 --retry=3 --path vendor/bundle

  attach_code_workspace: &attach_code_workspace
    attach_workspace:
      at: ~/wealthsimple

  restore_bundle_dependencies: &restore_bundle_dependencies
    run:
      name: Restore bundle dependencies from workspace
      command: bundle --path vendor/bundle

  run_rspec: &run_rspec
    run:
      name: Run rspec
      command: |
        COVERALLS_REPO_TOKEN=${COVERALLS_REPO_TOKEN} \
        bundle exec rspec --require spec_helper \
                          --format RspecJunitFormatter \
                          --out test_results/rspec.xml \
                          --format documentation

jobs:
  checkout_and_bundle_2_4_5:
    <<: *defaults_2_4_5
    steps:
      - checkout
      - *which_bundler
      - *bundle_install
      - run: bundle exec rspec
      - store_test_results:
          path: test_results

  checkout_and_bundle:
    <<: *defaults
    steps:
      - checkout
      - *which_bundler
      - *bundle_install
      - persist_to_workspace:
          root: .
          paths: .

  rspec:
    <<: *defaults
    steps:
      - *attach_code_workspace
      - *restore_bundle_dependencies
      - *run_rspec
      - store_test_results:
          path: test_results

  lint_check:
    <<: *defaults
    steps:
      - *attach_code_workspace
      - *restore_bundle_dependencies
      - run: bundle exec rubocop

  vulnerability_check:
    <<: *defaults
    steps:
      - *attach_code_workspace
      - *restore_bundle_dependencies
      - run: bundle exec bundle-audit update && bundle exec bundle-audit check

  release:
    <<: *defaults
    steps:
      - checkout
      - *attach_code_workspace
      - *restore_bundle_dependencies
      - run:
          name: Release to rubygems.org
          command: |
            mkdir ~/.gem
            echo ":rubygems_api_key: ${RUBYGEMS_API_KEY}" >> ~/.gem/credentials
            chmod 600 ~/.gem/credentials
            bundle exec rake release

workflows:
  version: 2
  build:
    jobs:
      - checkout_and_bundle_2_4_5:
          context: wealthsimple
      - checkout_and_bundle:
          context: wealthsimple
      - rspec:
          requires:
            - checkout_and_bundle
      - lint_check:
          requires:
            - checkout_and_bundle
      - vulnerability_check:
          requires:
            - checkout_and_bundle
      - release:
          context: wealthsimple
          filters:
            branches:
              only: master
          requires:
          - checkout_and_bundle_2_4_5
          - rspec
          - lint_check
          - vulnerability_check

  security-audit:
    triggers:
      - schedule:
          # 11:05 am UTC: 6:05 am EST / 7:05 am EDT
          cron: "5 11 * * *"
          filters:
            branches:
              only: master
    jobs:
      - checkout_and_bundle:
          context: wealthsimple
      - vulnerability_check:
          requires:
            - checkout_and_bundle