name: Pull request check
on:
  workflow_call:
    inputs:
      node-version:
        description: "Set node version"
        default: 20
        type: string
      yarn-commands:
        description: "yarn-commands"
        default: |-
          yarn install
          yarn test
        type: string
      notification_enabled:
        description: "Включение оповещений о разворачивании, требуется иметь url для оповещений в vault"
        default: false
        required: false
        type: boolean
      custom_notification_hook_enabled:
        description: "Использовать ли кастомный url хук для оповещений (должен лежать в vault секрете проекта)"
        default: false
        required: false
        type: boolean
      notification_channel:
        description: "Канал для оповещений о результатах деплоя"
        default: internal_projects_notifications
        required: false
        type: string
      vault_secrets_base_path:
        description: 'Базовый путь для секретов проекта в vault'
        required: false
        type: string
      sonar_enabled:
        default: false
        required: false
        type: boolean
    secrets:
      VAULT_ROLE_ID:
        required: true
      VAULT_SECRET_ID:
        required: true

env:
  vault_main_base_path: dev/wilix/main/data/ci

jobs:
  check:
    name: check and test
    runs-on: ubuntu-latest
    steps:
      - uses: https://github.com/actions/checkout@v3
      - name: Use Node.js ${{ inputs.node-version }}
        uses: https://github.com/actions/setup-node@v3
        with:
          node-version: ${{ inputs.node-version }}
      - run: ${{ inputs.yarn-commands }}

      - name: dockerfile lint check
        uses: https://github.com/hadolint/hadolint-action@v3.1.0
        with:
          dockerfile: Dockerfile

      - name: Get general notification url
        if: ${{ inputs.notification_enabled && ! inputs.custom_notification_hook_enabled && (job.status == 'success' || job.status == 'failure') }}
        uses: https://github.com/hashicorp/vault-action@v2
        with:
          url: https://vault.wilix.dev
          method: approle
          roleId: ${{ secrets.VAULT_ROLE_ID }}
          secretId: ${{ secrets.VAULT_SECRET_ID }}
          secrets: |
            ${{ env.vault_main_base_path }} notification_url | MATTERMOST_WEBHOOK_URL ;

      - name: Get custom notification url
        if: ${{ inputs.notification_enabled && inputs.custom_notification_hook_enabled && (job.status == 'success' || job.status == 'failure') }}
        uses: https://github.com/hashicorp/vault-action@v2
        with:
          url: https://vault.wilix.dev
          method: approle
          roleId: ${{ secrets.VAULT_ROLE_ID }}
          secretId: ${{ secrets.VAULT_SECRET_ID }}
          secrets: |
            ${{ inputs.vault_secrets_base_path }} notification_url | MATTERMOST_WEBHOOK_URL ;

      - name: prepare failed notification body
        if: ${{ inputs.notification_enabled && job.status == 'failure' }}
        uses: https://github.com/finnp/create-file-action@master
        env:
          FILE_NAME: "mattermost.json"
          FILE_DATA: |
            {
              "channel": "${{ inputs.notification_channel }}",
              "attachments": [
                {
                  "fallback": "Проверка упала ${{ gitea.repository }}",
                  "text": "@${{ gitea.actor }} упала тестовая сборка",
                  "color": "#FF0000",
                  "fields": [
                    {
                      "short": true,
                      "title": "Сборка",
                      "value": "https://git.wilix.dev/${{ gitea.repository }}/actions/runs/${{ gitea.run_id }}"
                    }
                  ]
                }
              ]
            }

      - name: loop fail notification
        if: ${{ inputs.notification_enabled && job.status == 'failure' }}
        uses: https://github.com/mattermost/action-mattermost-notify@master