name: Static Analysis
on:
  workflow_call:
  pull_request:
    types: [edited]

jobs:
  pr-lint:
    if: github.event_name == 'pull_request'
    runs-on: ubuntu-22.04
    permissions:
      pull-requests: read
    steps:
      - name: Enforce PR title length <= 64
        # Don't run for Dependabot PRs
        if: ${{ !contains(github.event.pull_request.head.label, 'dependabot') }}
        run: |
          # 64 instead of 72 because GitHub adds the PR number to the title
          if [ $(echo "${{ github.event.pull_request.title }}" | wc -c) -gt 64 ]; then
            echo "PR title too long. Please keep it under 64 characters."
            exit 1
          fi
      - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 #v5.5.3
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  version-check:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Check version is up to date
        run: |
          ./scripts/bump-versions.sh
          if [ -z "$(git status --porcelain)" ]; then
            # Working directory clean
            echo "Version manifests up to date"
          else
            # Uncommitted changes
            echo '`scripts/bump-versions.sh` found outdated files! Showing diff'
            git diff
            exit 1
          fi

  link-check:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - uses: lycheeverse/lychee-action@f796c8b7d468feb9b8c0a46da3fac0af6874d374 # v2.2.0
        with:
          fail: true
          args: --offline --verbose --no-progress **/*.md

  global-linter:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
        with:
          python-version: "3.11"
      - uses: actions/cache/restore@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
        name: Restore Python Cache
        id: cache
        with:
          path: ~/.cache/pip
          key: ubuntu-22.04-${{ runner.arch }}-pip-${{ hashFiles('.github/requirements.txt') }}
      - name: Install Python Dependencies
        run: |
          pip install -r .github/requirements.txt
      - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
        with:
          node-version: 20
      - name: Install dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y shfmt
          npm install -g prettier
      - name: Run pre-commit
        run: |
          pre-commit install --config .github/pre-commit-config.yaml
          SKIP=no-commit-to-branch pre-commit run --all-files --config .github/pre-commit-config.yaml
      - uses: actions/cache/save@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
        if: ${{ steps.cache.outputs.cache-hit != 'true'}}
        name: Save Python Cache
        with:
          path: ~/.cache/pip
          key: ${{ steps.cache.outputs.cache-primary-key }}