ci.yml

name: Continuous Integration

on:
  pull_request:
    branches:
      - main
  workflow_call:


jobs:

  unit-tests:
    name: Unit Tests
    runs-on: ubuntu-latest
    steps:

      - uses: actions/checkout@v4

      - uses: actions/setup-java@v3
        with:
          java-version: 17
          distribution: corretto
          cache: gradle

      - name: Run unit tests
        run: ./gradlew clean allUnitTests testCodeCoverageReport jacocoTestCoverageVerification

  docker-build-test:
    name: Docker Build Test
    runs-on: ubuntu-latest
    steps:

      - uses: actions/checkout@v4

      - uses: actions/setup-java@v3
        with:
          java-version: 17
          distribution: corretto
          cache: gradle

      - name: ShadowJar
        run: ./gradlew shadowJar

      - name: Run Container
        run: docker compose up --build -d

  e2e-tests:
    name: End-to-end Tests
    runs-on: ubuntu-latest
    steps:

      - uses: actions/checkout@v4

      - uses: actions/setup-java@v3
        with:
          java-version: 17
          distribution: corretto
          cache: gradle

      - name: Run e2e tests
        run: ./e2e-execute.sh


  lint:
    name: Linting
    runs-on: ubuntu-latest
    steps:

      - uses: actions/checkout@v4
        with:
          fetch-depth: 0  # helps with Sonar scanning

      - uses: actions/setup-java@v3
        with:
          java-version: 17
          distribution: corretto
          cache: gradle

      - name: Code Formatting
        run: ./gradlew spotlessCheck

      - name: Sonar
        run: ./gradlew allBuilds testCodeCoverageReport sonar --info
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

      - name: Terraform Formatting
        working-directory: operations
        run: terraform fmt -recursive -check

  securityScanAnalyze:
    name: CodeQL Security Scan
    uses: ./.github/workflows/codeql_reusable.yml