on:
  pull_request:
    types:
      - opened
      - edited
      - reopened
      - synchronize

name: Static checks
jobs:
  static-checks:
    runs-on: ubuntu-20.04
    strategy:
      matrix:
        cmd:
          - "make vendor"
          - "make static-checks"
          - "make check"
          - "make test"
          - "sudo -E PATH=\"$PATH\" make test"
    env:
      RUST_BACKTRACE: "1"
      target_branch: ${{ github.base_ref }}
      GOPATH: ${{ github.workspace }}
    steps:
    - name: Free disk space
      run: |
        sudo rm -rf /usr/share/dotnet
        sudo rm -rf "$AGENT_TOOLSDIRECTORY"
    - name: Checkout code
      uses: actions/checkout@v3
      with:
        fetch-depth: 0
        path: ./src/github.com/${{ github.repository }}
    - name: Install Go
      uses: actions/setup-go@v3
      with:
        go-version: 1.19.3
    - name: Check kernel config version
      run: |
        cd "${{ github.workspace }}/src/github.com/${{ github.repository }}"
        kernel_dir="tools/packaging/kernel/"
        kernel_version_file="${kernel_dir}kata_config_version"
        modified_files=$(git diff --name-only origin/main..HEAD)
        if git diff --name-only origin/main..HEAD "${kernel_dir}" | grep "${kernel_dir}"; then
          echo "Kernel directory has changed, checking if $kernel_version_file has been updated"
          if echo "$modified_files" | grep -v "README.md" | grep "${kernel_dir}" >>"/dev/null"; then
            echo "$modified_files" | grep "$kernel_version_file" >>/dev/null || ( echo "Please bump version in $kernel_version_file" && exit 1)
          else
            echo "Readme file changed, no need for kernel config version update."
          fi
          echo "Check passed"
        fi
    - name: Set PATH
      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
      run: |
        echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
    - name: Setup
      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
      run: |
        cd ${GOPATH}/src/github.com/${{ github.repository }} && ./ci/setup.sh
    - name: Installing rust
      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
      run: |
        cd ${GOPATH}/src/github.com/${{ github.repository }} && ./ci/install_rust.sh
        PATH=$PATH:"$HOME/.cargo/bin"
        rustup target add x86_64-unknown-linux-musl
        rustup component add rustfmt clippy
    - name: Setup seccomp
      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
      run: |
        libseccomp_install_dir=$(mktemp -d -t libseccomp.XXXXXXXXXX)
        gperf_install_dir=$(mktemp -d -t gperf.XXXXXXXXXX)
        cd ${GOPATH}/src/github.com/${{ github.repository }} && ./ci/install_libseccomp.sh "${libseccomp_install_dir}" "${gperf_install_dir}"
        echo "Set environment variables for the libseccomp crate to link the libseccomp library statically"
        echo "LIBSECCOMP_LINK_TYPE=static" >> $GITHUB_ENV
        echo "LIBSECCOMP_LIB_PATH=${libseccomp_install_dir}/lib" >> $GITHUB_ENV
    - name: Run check
      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
      run: |
        cd ${GOPATH}/src/github.com/${{ github.repository }} && ${{ matrix.cmd }}