.github/workflows/msvc.yml

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
#
# Find more information at:
# https://github.com/microsoft/msvc-code-analysis-action

name: Microsoft C++ Code Analysis

on:
  push:
    branches: [modernize, master]
  pull_request:
    branches: [modernize]
  schedule:
    - cron: "41 21 * * 1"

env:
  # Path to the CMake build directory.
  build: "${{ github.workspace }}/build"

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

permissions: {}

jobs:
  analyze:
    name: Analyze
    runs-on: windows-latest
    permissions:
      contents: read # for actions/checkout to fetch code
      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          submodules: recursive

      - name: Get cmake and ninja
        uses: lukka/get-cmake@latest

      - name: Find MSVC (on Windows)
        uses: ilammy/msvc-dev-cmd@v1

      - name: Configure CMake
        shell: cmd
        run: |
          cmake --preset=windows-x64-release -B "${{ env.build }}"

      - name: Generate files with CMake
        shell: cmd
        run: |
          cmake --build "${{ env.build }}" --target rectpack2D_copy adplug_headers dune_gitversion_intermediate libbinio_gitversion_intermediate adplug_gitversion_intermediate

      - name: Initialize MSVC Code Analysis
        uses: microsoft/msvc-code-analysis-action@v0.1.1
        # Provide a unique ID to access the sarif output path
        id: run-analysis
        with:
          cmakeBuildDirectory: ${{ env.build }}
          # Ruleset file that will determine what checks will be run
          ruleset: NativeRecommendedRules.ruleset

      # Upload SARIF file to GitHub Code Scanning Alerts
      - name: Upload SARIF to GitHub
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: ${{ steps.run-analysis.outputs.sarif }}

      # Upload SARIF file as an Artifact to download and view
      # - name: Upload SARIF as an Artifact
      #   uses: actions/upload-artifact@v3
      #   with:
      #     name: sarif-file
      #     path: ${{ steps.run-analysis.outputs.sarif }}