.github/workflows/go-pr-check.yaml

name: 'PR checks'
on:
  pull_request_target:
    branches: [main]

jobs:
  go-build-test:
    permissions:
      contents: read  # for actions/checkout to fetch code
      pull-requests: read  # for golangci/golangci-lint-action to fetch pull requests
      checks: write  # Optional: Allow write access to checks to allow the golangci/golangci-lint-action to annotate code in the PR (SARIF)

    name: Inspect packages
    runs-on: ubuntu-latest
    if: ${{ !contains(github.event.pull_request.labels.*.name, 'skip-ci') }}
    steps:
      - uses: actions/setup-go@v5
        with:
          go-version: '1.22'
          cache: false

      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 1
          ref: refs/pull/${{ github.event.pull_request.number }}/merge

      - name: Verify dependencies
        run: |
          go mod verify
          go mod tidy
          gofmt -s -w .
          if [[ -n "$(git status --porcelain)" ]]; then
            echo "dirty repository"
            git status
            exit 1
          fi

      - name: Run go vet
        run: go vet ./...

      - name: golangci-lint
        uses: golangci/golangci-lint-action@v6
        with:
          version: v1.54
          skip-cache: true

      - name: Run staticcheck
        run: |
          go install honnef.co/go/tools/cmd/staticcheck@v0.4.7
          staticcheck ./...

      - name: Run vulncheck
        run: |
          echo -e "### vulncheck\n\n" >> ${GITHUB_STEP_SUMMARY}
          echo '```' >> ${GITHUB_STEP_SUMMARY}
          go install golang.org/x/vuln/cmd/govulncheck@v1.0.4
          (govulncheck ./... || true) | tee -a ${GITHUB_STEP_SUMMARY}
          echo '```' >> ${GITHUB_STEP_SUMMARY}

      - name: Build
        env:
          CGO_ENABLED: 0
        run: make build

      - name: Test
        run: make test

  build-and-publish-images:
    needs: [ go-build-test ]
    if: ${{ !contains(github.event.pull_request.labels.*.name, 'skip-ci') }}
    secrets: inherit
    uses: ./.github/workflows/release-image.yaml
    with:
      tag: pr-${{ github.event.pull_request.number }}
      releaseWithGoReleaser: false

  run-e2e-tests:
    needs: [ build-and-publish-images ]
    runs-on: ubuntu-latest
    if: ${{ !contains(github.event.pull_request.labels.*.name, 'skip-ci') }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 1
      - name: Run the end to end tests
        env:
          OTEL_SCALER_VERSION: pr-${{ github.event.pull_request.number }}
          E2E_PRINT_LOGS: "true"
        run: make e2e-test