.github/workflows/ci.yaml

name: Continuous Integration
on:
  push:
    branches: [master, feature/*]
  # pull_request:
  #   branches: [master]
  workflow_call:
  workflow_dispatch:

jobs:
  format:
    name: Check Format
    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Checkout 3rd-party
        uses: ./.github/actions/checkout

      - name: Install toolchain
        uses: ./.github/actions/rust-toolchain
        with:
          components: rustfmt

      - name: Check format
        run: cargo fmt --all -- --check

  audit:
    name: Cargo Audit
    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Audit packages
        uses: bitwizeshift/rust-actions/cargo-audit@master

  check:
    name: Check Manifest
    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Prepare runner
        uses: ./.github/actions/prepare-runner

      - name: Install toolchain
        uses: ./.github/actions/rust-toolchain

      - name: Check manifest
        run: cargo check --verbose --workspace

  licenses:
    name: Cargo licenses
    runs-on: ubuntu-latest
    continue-on-error: true
    env:
      OUTPUT_FILE: licenses.html

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Prepare runner
        uses: ./.github/actions/prepare-runner

      - name: Check cargo-deny
        uses: bitwizeshift/rust-actions/cargo-deny@master

      - name: Generate license manifest
        id: license-manifest
        uses: ./.github/actions/cargo-about
        with:
          output-file: ${{env.OUTPUT_FILE}}

      - name: Upload License Manifest Artifact
        uses: actions/upload-artifact@v4
        if: steps.license-manifest.outcome == 'success'
        continue-on-error: true
        with:
          name: licenses
          path: ${{env.OUTPUT_FILE}}

  clippy:
    name: Static Analysis
    runs-on: ubuntu-latest
    continue-on-error: true
    permissions:
      contents: read
      security-events: write
      actions: read
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Prepare runner
        uses: ./.github/actions/prepare-runner

      - name: Checkout 3rd-party
        uses: ./.github/actions/checkout

      - name: Install toolchain
        uses: ./.github/actions/rust-toolchain
        with:
          components: clippy

      - name: Install clippy-sarif
        uses: ./.github/actions/cargo-install
        with:
          target: clippy-sarif

      - name: Install sarif-fmt
        uses: ./.github/actions/cargo-install
        with:
          target: sarif-fmt

      - name: Check clippy
        continue-on-error: true
        run: |
          cargo clippy                                                         \
            --no-deps                                                          \
            --message-format=json                                              \
            -- --deny clippy::all                                              \
            | clippy-sarif                                                     \
            | tee rust-clippy-results.sarif                                    \
            | sarif-fmt

      - name: Upload analysis results to GitHub
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: rust-clippy-results.sarif
          wait-for-processing: true

  build:
    name: Build and Test
    uses: ./.github/workflows/build-and-test.yaml