name: Code Quality Checks

on:
  pull_request: { }
  push:
    branches: [ main, develop ]

# Enrich gradle.properties for CI/CD
env:
  GRADLE_OPTS: -Dorg.gradle.jvmargs="-Xmx3072m -Dfile.encoding=UTF-8 -XX:+HeapDumpOnOutOfMemoryError" -XX:MaxPermSize=512m -Dkotlin.daemon.jvm.options="-Xmx2g" -Dkotlin.incremental=false
  CI_GRADLE_ARG_PROPERTIES: --stacktrace -PpreDexEnable=false --max-workers 2 --no-daemon

jobs:
  check:
    name: Project Check Suite
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Run code quality check suite
        run: ./tools/check/check_code_quality.sh

  # Knit for all the modules (https://github.com/Kotlin/kotlinx-knit)
  knit:
    name: Knit
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Run knit
        run: |
          ./gradlew knitCheck $CI_GRADLE_ARG_PROPERTIES

  # Check the project: ktlint, detekt, lint
  lint:
    name: Android Linter
    runs-on: ubuntu-latest
    # Allow all jobs on main and develop. Just one per PR.
    concurrency:
      group: ${{ github.ref == 'refs/heads/main' && format('lint-main-{0}', github.sha) || github.ref == 'refs/heads/develop' && format('lint-develop-{0}', github.sha) || format('lint-{0}', github.ref) }}
      cancel-in-progress: true
    steps:
      - uses: actions/checkout@v3
      - name: Run ktlint
        run: |
          ./gradlew ktlintCheck $CI_GRADLE_ARG_PROPERTIES --continue
      - name: Run detekt
        if: always()
        run: |
          ./gradlew detekt $CI_GRADLE_ARG_PROPERTIES
      - name: Run lint
        # Not always, if ktlint or detekt fail, avoid running the long lint check.
        run: |
          ./gradlew vector-app:lintGplayKotlinCryptoRelease $CI_GRADLE_ARG_PROPERTIES
          ./gradlew vector-app:lintFdroidKotlinCryptoRelease $CI_GRADLE_ARG_PROPERTIES
          ./gradlew vector-app:lintGplayRustCryptoRelease $CI_GRADLE_ARG_PROPERTIES
          ./gradlew vector-app:lintFdroidRustCryptoRelease $CI_GRADLE_ARG_PROPERTIES
      - name: Upload reports
        if: always()
        uses: actions/upload-artifact@v3
        with:
          name: linting-report
          path: |
            */build/reports/**/*.*
      - name: Prepare Danger
        if: always()
        run: |
          npm install --save-dev @babel/core
          npm install --save-dev @babel/plugin-transform-flow-strip-types
          yarn add danger-plugin-lint-report --dev
      - name: Danger lint
        if: always()
        uses: danger/danger-js@11.2.6
        with:
          args: "--dangerfile ./tools/danger/dangerfile-lint.js"
        env:
          DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }}
          # Fallback for forks
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  # Gradle dependency analysis using https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin
  dependency-analysis:
    name: Dependency analysis
    runs-on: ubuntu-latest
    # Allow all jobs on main and develop. Just one per PR.
    concurrency:
      group: ${{ github.ref == 'refs/heads/main' && format('dep-main-{0}', github.sha) || github.ref == 'refs/heads/develop' && format('dep-develop-{0}', github.sha) || format('dep-{0}', github.ref) }}
      cancel-in-progress: true
    steps:
      - uses: actions/checkout@v3
      - name: Dependency analysis
        run: ./gradlew dependencyCheckAnalyze $CI_GRADLE_ARG_PROPERTIES
      - name: Upload dependency analysis
        if: always()
        uses: actions/upload-artifact@v3
        with:
          name: dependency-analysis
          path: build/reports/dependency-check-report.html