DOTNET?=dotnet
DOCKER?=docker

NUGET_REGISTRY?=TrueCloudLab
NUGET_REGISTRY_URL?=https://git.frostfs.info/api/packages/TrueCloudLab/nuget/index.json
NUGET_REGISTRY_USER?=
NUGET_REGISTRY_PASSWORD?=

NUPKG=find -iname '*.nupkg' | grep . | xargs -d'\n' -t -r -n1
RFC3161_TSA?=http://timestamp.digicert.com


.PHONY: build
build:
	$(DOTNET) build


.PHONY: sign
sign: export NUGET_CERT_REVOCATION_MODE=offline
sign: release/maintainer.pfx
	$(NUPKG) $(DOTNET) nuget sign --overwrite --certificate-path $< --timestamper "$(RFC3161_TSA)"
	@rm -v "$<" # maintainer.pfx is not password protected and must be ephemeral
	$(NUPKG) $(DOTNET) nuget verify


.PHONY: publish
publish:
	$(NUPKG) $(DOTNET) nuget verify
	$(NUPKG) $(DOTNET) nuget push --source "$(NUGET_REGISTRY)"


.PHONY: nuget-registry
nuget-registry:
ifeq (,$(NUGET_REGISTRY_USER))
	$(error NUGET_REGISTRY_USER not set)
endif
ifeq (,$(NUGET_REGISTRY_PASSWORD))
	$(error NUGET_REGISTRY_PASSWORD not set)
endif
	$(DOTNET) nuget add source \
		--name "$(NUGET_REGISTRY)" \
		--username "$(NUGET_REGISTRY_USER)" \
		--password "$(NUGET_REGISTRY_PASSWORD)" \
		--store-password-in-clear-text \
		"$(NUGET_REGISTRY_URL)"


.PHONY: clean
clean:
	-$(NUPKG) rm -v


.PHONY: container
container:
	$(DOCKER) run --pull=always --rm -it -v "$$PWD:/src" -w /src git.frostfs.info/truecloudlab/env:dotnet-8.0


include release/codesign.mk