name: Static Analysis
on:
  workflow_call:
  pull_request:
    types: [edited]

jobs:
  pr-lint:
    if: github.event_name == 'pull_request'
    runs-on: ubuntu-22.04
    permissions:
      pull-requests: read
    steps:
      - name: Enforce PR title length <= 64
        # Don't run for Dependabot PRs
        if: ${{ !contains(github.event.pull_request.head.label, 'dependabot') }}
        env:
          PR_TITLE: "${{ github.event.pull_request.title }}"
        run: |
          pr_title_length=${#PR_TITLE}

          # 64 instead of 72 because GitHub adds the PR number to the title
          if [ "$pr_title_length" -gt 64 ]; then
            echo "PR title too long. Please keep it under 64 characters."
            exit 1
          fi
      - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 #v5.5.3
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  version-check:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Check version is up to date
        run: |
          ./scripts/bump-versions.sh
          if [ -z "$(git status --porcelain)" ]; then
            # Working directory clean
            echo "Version manifests up to date"
          else
            # Uncommitted changes
            echo '`scripts/bump-versions.sh` found outdated files! Showing diff'
            git diff
            exit 1
          fi

  link-check:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - uses: lycheeverse/lychee-action@1d97d84f0bc547f7b25f4c2170d87d810dc2fb2c # v2.4.0
        with:
          fail: true
          args: --offline --verbose --no-progress **/*.md

  global-linter:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
        with:
          python-version: "3.11"
      - uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
        name: Restore Python Cache
        id: cache
        with:
          path: ~/.cache/pip
          key: ubuntu-22.04-${{ runner.arch }}-pip-${{ hashFiles('.github/requirements.txt') }}
      - name: Install Python Dependencies
        run: |
          pip install -r .github/requirements.txt
      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
        with:
          node-version: 20
      - name: Install dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y shfmt
          npm install -g prettier
      - name: Run pre-commit
        run: |
          pre-commit install --config .github/pre-commit-config.yaml
          SKIP=no-commit-to-branch pre-commit run --all-files --config .github/pre-commit-config.yaml
      - uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
        if: ${{ steps.cache.outputs.cache-hit != 'true'}}
        name: Save Python Cache
        with:
          path: ~/.cache/pip
          key: ${{ steps.cache.outputs.cache-primary-key }}