name: Code quality

on:
  push:
    branches:
    - main

jobs:
  has_sonar_token:
    name: Check for SonarCloud token
    runs-on: ubuntu-latest

    outputs:
      ok: ${{ steps.check.outputs.ok }}

    steps:
    - name: Check for SonarCloud token
      id: check
      run: |
        if [ -n "${{ secrets.SONAR_TOKEN }}" ];
        then
          echo "ok=true" >> $GITHUB_OUTPUT;
          echo "SONAR_TOKEN secret detected, running Code Quality."
        else
          echo "ok=false" >> $GITHUB_OUTPUT;
          echo "No SONAR_TOKEN secret detected, skipping Code Quality."
        fi

  code_quality:
    name: Code quality (SonarCloud)
    runs-on: ubuntu-latest

    # This prevents running SonarCloud on forks that don't have a SONAR_TOKEN set.
    needs: has_sonar_token
    if: needs.has_sonar_token.outputs.ok == 'true'

    env:
      SONAR_SCANNER_VERSION: 4.7.0.2747

    steps:
    - name: Checkout
      uses: actions/checkout@v3

    - name: Set up JDK 11
      uses: actions/setup-java@v3
      with:
        distribution: temurin
        java-version: 11

    - name: Cache SonarCloud
      id: cache-sonarcloud
      uses: actions/cache@v3
      with:
        path: .sonar
        key: sonar-${{ runner.os }}-${{ env.SONAR_SCANNER_VERSION }}

    - name: Cache SonarCloud-Cache
      uses: actions/cache@v3
      with:
        path: .sonar-cache
        key: sonar-cache-${{ runner.os }}-${{ env.SONAR_SCANNER_VERSION }}-${{ hashFiles('src/**') }}
        restore-keys: |
          sonar-cache-${{ runner.os }}-${{ env.SONAR_SCANNER_VERSION }}-
          sonar-cache-${{ runner.os }}-
          sonar-cache-

    - name: Download SonarCloud
      if: steps.cache-sonarcloud.outputs.cache-hit != 'true'
      run: |
        mkdir .sonar

        curl -sSLo .sonar/sonar-scanner.zip ${{ env.SONAR_SCANNER_DOWNLOAD_URL }}
        unzip -o .sonar/sonar-scanner.zip -d .sonar/

        curl -sSLo .sonar/build-wrapper-linux-x86.zip ${{ env.BUILD_WRAPPER_DOWNLOAD_URL }}
        unzip -o .sonar/build-wrapper-linux-x86.zip -d .sonar/
      env:
        SONAR_SCANNER_DOWNLOAD_URL: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
        BUILD_WRAPPER_DOWNLOAD_URL: https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip

    - name: Setup SonarCloud
      run: |
        echo "$(pwd)/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH
        echo "$(pwd)/.sonar/build-wrapper-linux-x86" >> $GITHUB_PATH

    - name: Install conan
      run: |
        pip install conan
        conan profile new default --detect
        conan profile update settings.compiler.libcxx=libstdc++11 default

    - name: Compile
      run: |
        mkdir build
        cd build
        conan install ..
        build-wrapper-linux-x86-64 --out-dir ../.build-wrapper-out cmake .. -DMIN_LOGGER_LEVEL=TRACE
        build-wrapper-linux-x86-64 --out-dir ../.build-wrapper-out make -j$(nproc)

    - name: Run SonarCloud
      run: |
        sonar-scanner \
          --define sonar.host.url="https://sonarcloud.io/" \
          --define sonar.cfamily.build-wrapper-output=".build-wrapper-out" \
          --define sonar.projectKey=TrueBrain_TrueMQTT-cpp \
          --define sonar.organization=truebrain \
          --define sonar.projectName=TrueMQTT-cpp \
          --define sonar.sources=src \
          --define sonar.sourceEncoding=UTF-8 \
          --define sonar.cfamily.cache.enabled=true \
          --define sonar.cfamily.cache.path=.sonar-cache
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}