---
check-GL-token:
  stage: .pre
  image: docker.io/alpine:3
  variables:
    GIT_STRATEGY: none
  script:
    - |
      echo "[*] For gitlab automation jobs You need to set a variable called 'GL_TOKEN' with a Project Access Token with either 'read_api' or 'api' scope access."
      echo "[*] The variable should be available only on protected branches."

      if [ "${CI_COMMIT_REF_PROTECTED}" = "true" ]; then
        echo "[+] branch ${CI_COMMIT_REF_NAME} is protected."
        if [ ! -z "${GL_TOKEN}" ]; then
          echo "[+] GL_TOKEN is set."
          echo "[+] Everything OK."
        else
          echo "[!] GL_TOKEN not set!"
          echo "[!] semantic-release jobs will not run."
          echo "[!] badge job will not run."
          echo "[!] gitlab:recommended job will not run."
        fi
      else
        echo "[-] branch ${CI_COMMIT_REF_NAME} not protected"
        if [ "${GL_TOKEN}" ]; then
          echo "[!] GL_TOKEN is set, but the current branch is unprotected!"
          echo "[!] This is a security risk."
          echo "[!] Set the variable as protected to make it available only to protected branches."
          exit 1
        else
          echo "[+] Everything OK."
        fi
      fi
  allow_failure: true