.github/workflows/ci.yaml

name: Tests and Linting

on:
  pull_request:
  push:
    branches:
      - main

jobs:
  validate:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-python@v5
        with:
          python-version: "3.11"

      - name: Install Pre-Commit
        run: python -m pip install pre-commit && pre-commit install

      - name: Load cached Pre-Commit Dependencies
        id: cached-pre-commit-dependencies
        uses: actions/cache@v3
        with:
          path: ~/.cache/pre-commit/
          key: pre-commit-|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }}

      - name: Execute Pre-Commit
        run: pre-commit run --show-diff-on-failure --color=always --all-files

  test:
    strategy:
      fail-fast: true
      matrix:
        python-version: ["3.8", "3.9", "3.10", "3.11"]
    uses: ./.github/workflows/test.yaml
    with:
      python-version: ${{ matrix.python-version }}
      coverage: ${{ matrix.python-version == '3.11' }}

  test-platform-compat:
    if: github.event_name == 'push'
    strategy:
      fail-fast: true
      matrix:
        os: ["macos-latest", "windows-latest"]
    uses: ./.github/workflows/test.yaml
    with:
      python-version: "3.11"
      os: ${{ matrix.os }}

  sonar:
    needs:
      - test
      - validate
    if: github.event.pull_request.head.repo.fork == false && github.repository_owner == 'litestar-org'
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Download Artifacts
        uses: actions/download-artifact@v3
        with:
          name: coverage-xml
      - name: Fix coverage file for sonarcloud
        run: sed -i "s/home\/runner\/work\/litestar\/litestar/github\/workspace/g" coverage.xml
      - name: SonarCloud Scan
        uses: sonarsource/sonarcloud-github-action@master
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

  codeql:
    needs:
      - test
      - validate
    runs-on: ubuntu-latest
    permissions:
      security-events: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Initialize CodeQL Without Dependencies
        uses: github/codeql-action/init@v2
        with:
          setup-python-dependencies: false
          languages: python
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2