stage('publish helm') {

    // assumptions
    NEXUS_INTERNAL_URL=20.0.1.92:8091
    NEXUS_PUBLIC_URL=nexus.c-mgmt.bylightsdc.bylight.com
    NEXUS_HELM_REPO=helm-local
    NEXUS_HELM_REPO_URL=http://$NEXUS_PUBLIC_URL/repository/$NEXUS_HELM_REPO

    // install tools
    sudo yum install -y libxml2

    // initialize helm
    helm init --client-only

    // clone project
    git clone https://{PAT}@github.com/ByLightSDC/Challenge04.git

    // set project variables
    PROJECT_HOME=echo $(pwd)/Challenge04
    PROJECT_XML_FILE=$PROJECT_HOME/pom.xml

    // ex: Skills Tracker
    PROJECT_NAME=sed -e 's/xmlns=".*"//g' -e 's/xsi:schemaLocation=".*"//g' $PROJECT_XML_FILE | xmllint --xpath 'string(/project/name/text())' -
    // ex: skills-tracker
    PROJECT_ARTIFACTID=sed -e 's/xmlns=".*"//g' -e 's/xsi:schemaLocation=".*"//g' $PROJECT_XML_FILE | xmllint --xpath 'string(/project/artifactId/text())' -
    // ex: 0.1.0-SNAPSHOT
    PROJECT_VERSION=sed -e 's/xmlns=".*"//g' -e 's/xsi:schemaLocation=".*"//g' $PROJECT_XML_FILE | xmllint --xpath 'string(/project/version/text())' -


    // ensure project contains a helm chart
    // single file test
    PROJECT_HELM_EXISTS=[ -d $PROJECT_HOME/helm ] && echo "true" || echo "false"

    // multiple file test (needs to do and and not or)
    //PROJECT_HELM_EXISTS=for i in $PROJECT_HOME/helm/Chart.yml,$PROJECT_HOME/helm/values.yml; do test -f "$i" && echo "true" && break || echo "false"; done
    
    // if helm chart doesnt exist, build it and exit build
    // commit should kick off the build again with the helm chart present
    if (!PROJECT_HELM_EXISTS) {
        cd $PROJECT_HOME
        mkdir helm
        helm create $PROJECT_ARTIFACT_ID
        git add && git commit -m 'created default helm chart' && git push
        exit()
    }

    // set helm variables
    HELM_HOME = $PROJECT_HOME../

    // checkout bl-helm-catalog project
    git clone https://github.com/ByLightSDC/bl-helm-catalog.git $HELM_HOME

    // create helm catalog directory for new version
    mkdir -p $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION

    // copy helm chart from project into helm catalog
    // ex: Challenge04/helm/skills-tracker bl-helm-catalog/skills-tracker/0.1.0-SNAPSHOT
    cp $PROJECT_HOME/helm/$PROJECT_ARTIFACTID $HELM_HOME/$PROJECT_NAME/$PROJECT_VERSION/

    // update description in Chart.yml
    // description: A Helm chart for Kubernetes to description: Skills Tracker Helm chart for Kubernetes 
    sed -e 's/description:".*"/description: $PROJECT_NAME Helm chart for Kuberentes/g' $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION/$PROJECT_ARTIFACTID/Chart.yml

    // update version in Chart.yml
    // version: 0.0.1 to version: 0.1.0-SNAPSHOT
    sed -e 's/version:".*"/version: $PROJECT_VERSION/g' $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION/$PROJECT_ARTIFACTID/Chart.yml

    // update repository in values.yml
    // will point to nexus url/project artifact id. If Rancher can properly search the private repo, the NEXUS_URL should not be present.
    // I was able to get search docker repo working in MHV, but haven't had success in BL LAB. I think its a cert issue.
    // repository: nginx to repository: 20.0.1.92:8091/vahomeloan
    sed -e 's/  repository:".*"/  repository: $NEXUS_INTERNAL_URL\/$PROJECT_ARTIFACTID/g' $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION/$PROJECT_ARTIFACTID/values.yml
    
    // update tag in values.yml to be latest or version. not sure
    // tag: xxx to tag: latest
    sed -e 's/  tag:".*"/  tag: latest/g' $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION/$PROJECT_ARTIFACTID/values.yml

    // enable helm-local repository in nexus
    // add nexus-push plugin to helm (maybe only once or specific version)
    helm plugin install --version master https://github.com/sonatype-nexus-community/helm-nexus-push.git

    //add local repo to your help repo list
    helm repo add --username <username> --password <password> helm-local $NEXUS_PUBLIC_URL/repository/helm-local

    // check syntax
    helm lint $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION/$PROJECT_ARTIFACTID

    // wrap it up - creates .tgz in $HELM_HOME. Used when creating index. tgz files are in .gitignore
    helm package $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION/$PROJECT_ARTIFACTID

    // create catalog index file of all available charts. execute from $HELM_HOME
    helm repo index --url $NEXUS_HELM_REPO --merge index.yaml .    

    // push tgz to nexus - upload tgz artifact to helm-local repo in nexus
    // helm nexus-push helm-local skills-tracker/0.0.1/skills-tracker/ --username admin --password xxxxxx
    helm nexus-push $NEXUS_HELM_REPO $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION/$PROJECT_ARTIFACTID --username <username> --password <password> 
}

state("deploy helm - ci") {

    // set variables
    DEV_PROJECT_ID=p5v4d
    RANCHER_URL=https://rancher.myhealth.va.gov/v3
    RANCHER_TOKEN=token-$DEV_PROJECT_ID:8mmtrasdflkjdoijasdojasdfasdf
    

    // login to rancher (logs into a particular cluster (dev))
    rancher login --token $RANCHER_TOKEN $RANCHER_URL

    // deploy to rancher/k8s
    rancher apps install -n mhv-national-services $HELM_HOME/$PROJECT_ARTIFACTID/$PROJECT_VERSION/$PROJECT_ARTIFACTID $PROJECT_ARTIFACTID
}