.github/workflows/lint.yaml

name: Lint

on:
  push:
    branches:
      - main
  pull_request:
    types:
      - opened
      - synchronize
      - reopened
  schedule:
    # Run every monday at 12:00 UTC
    - cron: 0 12 * * 1

jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest

    permissions:
      actions: read
      contents: read
      security-events: write

    strategy:
      fail-fast: false
      matrix:
        language:
          - java

    steps:
      - uses: actions/checkout@v3
        with:
          # Shallow clones should be disabled for a better relevancy of analysis
          fetch-depth: 0

      # CodeQL currently does not yet support Kotlin 1.8
      # - name: Initialize CodeQL
      #   uses: github/codeql-action/init@v2
      #   with:
      #     languages: ${{ matrix.language }}

      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          distribution: temurin
          java-version: 17

      - name: Cache Sonar
        uses: actions/cache@v3
        with:
          path: |
            ~/.sonar/cache
          key: cache-${{ runner.os }}-sonar
          restore-keys: |
            cache-${{ runner.os }}-sonar

      - name: Cache ForgeGradle
        uses: actions/cache@v3
        with:
          path: |
            build/fg_cache
          key: cache-${{ runner.os }}-forgegradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties', 'buildSrc/**/Versions.kt', 'buildSrc/**/Dependencies.kt', 'gradle/*.versions.toml') }}
          restore-keys: |
            cache-${{ runner.os }}-forgegradle-

      - name: Build with Gradle
        uses: gradle/gradle-build-action@v2
        with:
          arguments: build

      - name: Perform Detekt analysis
        uses: gradle/gradle-build-action@v2
        with:
          arguments: detekt

      - name: Upload Detekt SARIF report
        uses: github/codeql-action/upload-sarif@v2
        if: ${{ always() }}
        with:
          sarif_file: build/reports/detekt/detekt.sarif

      - name: Perform Sonar analysis
        uses: gradle/gradle-build-action@v2
        with:
          arguments: sonar --info
        env:
          # Needed to get PR information
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

      # - name: Perform CodeQL analysis
      #   uses: github/codeql-action/analyze@v2
      #   with:
      #     category: "/language:${{matrix.language}}"