- job:
    name: tf-a-main-tfa-next
    node: docker-amd64-tf-a-jammy
    project-type: multijob
    concurrent: true
    disabled: false
    description: Main CI job for Trusted Firmware Next
    properties:
      - throttle:
          option: project
          enabled: true
          max-total: 5
      - build-discarder:
          days-to-keep: 14
          num-to-keep: 60
    triggers:
      - gerrit:
          server-name: review.trustedfirmware.org
          projects:
            - branches:
                - branch-compare-type: PLAIN
                  branch-pattern: tfa-next
              project-compare-type: PLAIN
              project-pattern: TF-A/trusted-firmware-a
          trigger-on:
            - patchset-created-event:
                exclude-drafts: true
                exclude-trivial-rebase: false
                exclude-no-code-change: true
                exclude-private: true
                exclude-wip: true
            - comment-added-contains-event:
                comment-contains-value: ^RUN_CI$
          override-votes: true
          gerrit-build-started-verified-value: 0
          gerrit-build-successful-verified-value: 1
          gerrit-build-failed-verified-value: -1
          gerrit-build-unstable-verified-value: -1
          gerrit-build-notbuilt-verified-value: 0
          # without explicitly setting these values to 0, the plugin will by
          # default leave Code Review votes
          gerrit-build-started-codereview-value: 0
          gerrit-build-successful-codereview-value: 0
          gerrit-build-failed-codereview-value: 0
          gerrit-build-unstable-codereview-value: 0
          gerrit-build-notbuilt-codereview-value: 0
          silent: false
          silent-start: false
    parameters:
      # GERRIT_{PROJECT,BRANCH,REFSPEC} are set when triggered by a Gerrit
      # patchset - defaults below are for manual triggers
      - string:
          name: GERRIT_PROJECT
          default: TF-A/trusted-firmware-a
      - string:
          name: GERRIT_BRANCH
          default: refs/heads/tfa-next
      - string:
          name: GERRIT_REFSPEC
          default: +refs/heads/tfa-next:refs/remotes/origin/tfa-next
          description: |
            'e.g. refs/changes/13/31138/1'
      - string:
          name: TF_GERRIT_REFSPEC
          default: ${GERRIT_REFSPEC}
          description: |
            'do-not-amend: used by scripts/clone.sh to fetch the correct Gerrit patchset - use GERRIT_REFSPEC instead'
      - string:
          name: TFTF_GERRIT_PROJECT
          default: TF-A/tf-a-tests
      - string:
          name: TFTF_GERRIT_BRANCH
          default: refs/heads/master
      - string:
          name: TFTF_GERRIT_REFSPEC
          default: +refs/heads/master:refs/remotes/origin/master
      - string:
          name: CI_REFSPEC
          default: +refs/heads/tfa-next:refs/remotes/origin/tfa-next
          description: |
            'Refs to fetch for the tf-a-ci-scripts repo e.g. refs/changes/13/31138/1'
      - string:
          name: JOBS_REFSPEC
          default: refs/heads/master
          description: |
            tf-a-job-configs refspec to use. The master branch is used by default.
      - string:
          name: SHARE_FOLDER
          default: /srv/shared/${JOB_NAME}/${BUILD_NUMBER}
          description: Folder containing shared repositories for downstream pipeline jobs
      - string:
          name: CLONE_REPOS
          default: tf-a-ci-scripts,trusted-firmware-a
          description: |
            Optional arg to clone only specific projects from default list (tf-a-ci-scripts,trusted-firmware-a,tf-a-tests,spm,tf-m-tests,tf-m-extras)
      - string:
          name: FETCH_SSH
          default: 1
          description: |
            Fetch branches with authenticated SSH instead of anonymous HTTPS
    wrappers:
      - credentials-binding:
          - ssh-user-private-key:
              credential-id: TFA_CI_BOT_USER_SSH_KEY
              key-file-variable: CI_BOT_KEY
              username-variable: CI_BOT_USERNAME
              passphrase-variable: ""
      - workspace-cleanup
      - timestamps
    builders:
      - shell: !include-raw: scripts/clone.sh
      - shell: |
          #!/bin/bash
          set -e
          cat << EOF > tf-a-env.param
          TF_GERRIT_PROJECT=${GERRIT_PROJECT}
          TF_GERRIT_BRANCH=${GERRIT_BRANCH}
          TF_GERRIT_REFSPEC=${GERRIT_REFSPEC}
          SHARE_FOLDER=${SHARE_FOLDER}
          EOF
      - multijob:
          name: Lint commit messages
          condition: COMPLETED
          projects:
            - name: tf-a-commitlint-tfa-next
              kill-phase-on: NEVER
              predefined-parameters: |
                REFSPEC=${GERRIT_REFSPEC}
                REFNAME=${GERRIT_PATCHSET_REVISION}
                REFNAME_BASE=origin/${GERRIT_BRANCH}
      - multijob:
          name: Code formatting, static checks and lints
          condition: COMPLETED
          projects:
            - name: tf-a-static-tfa-next
              current-parameters: true
              kill-phase-on: NEVER
              property-file: tf-a-env.param
      - multijob:
          name: Platform independent tests
          condition: COMPLETED
          projects:
            - name: generic-lib-testing
              current-parameters: true
              kill-phase-on: NEVER
              predefined-parameters: |
                TEST_REPO_NAME=trusted-firmware-a
                TEST_REPO_PROJECT=TF-A
              property-file: tf-a-env.param
      - multijob:
          name: Build Trusted Firmware
          condition: COMPLETED
          projects:
            - name: tf-a-ci-gateway-tfa-next
              alias: tf-next-build
              current-parameters: true
              kill-phase-on: NEVER
              predefined-parameters: |
                TEST_GROUPS=tf-next-build
              property-file: tf-a-env.param
      - multijob:
          name: FVP Tests
          condition: COMPLETED
          projects:
            - name: tf-a-ci-gateway-tfa-next
              alias: rfa-fvp
              current-parameters: true
              kill-phase-on: NEVER
              predefined-parameters: |
                TEST_GROUPS=rfa-fvp
              property-file: tf-a-env.param