---
name: build

on:
  push:
  pull_request:
  repository_dispatch:
    types: [apb]

env:
  CURL_CACHE_DIR: ~/.cache/curl
  PIP_CACHE_DIR: ~/.cache/pip
  PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit
  RUN_TMATE: ${{ secrets.RUN_TMATE }}

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - id: setup-env
        uses: cisagov/setup-env-github-action@develop
      - uses: actions/checkout@v3
      - id: setup-python
        uses: actions/setup-python@v4
        with:
          python-version: "3.10"
      # We need the Go version and Go cache location for the actions/cache step,
      # so the Go installation must happen before that.
      - id: setup-go
        uses: actions/setup-go@v3
        with:
          go-version: "1.19"
      - name: Lookup Go cache directory
        id: go-cache
        run: |
          echo "dir=$(go env GOCACHE)" >> $GITHUB_OUTPUT
      - uses: actions/cache@v3
        env:
          BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\
            py${{ steps.setup-python.outputs.python-version }}-\
            go${{ steps.setup-go.outputs.go-version }}-\
            packer${{ steps.setup-env.outputs.packer-version }}-\
            tf${{ steps.setup-env.outputs.terraform-version }}-"
        with:
          # Note that the .terraform directory IS NOT included in the
          # cache because if we were caching, then we would need to use
          # the `-upgrade=true` option. This option blindly pulls down the
          # latest modules and providers instead of checking to see if an
          # update is required. That behavior defeats the benefits of caching.
          # so there is no point in doing it for the .terraform directory.
          path: |
            ${{ env.PIP_CACHE_DIR }}
            ${{ env.PRE_COMMIT_CACHE_DIR }}
            ${{ env.CURL_CACHE_DIR }}
            ${{ steps.go-cache.outputs.dir }}
          key: "${{ env.BASE_CACHE_KEY }}\
            ${{ hashFiles('**/requirements-test.txt') }}-\
            ${{ hashFiles('**/requirements.txt') }}-\
            ${{ hashFiles('**/.pre-commit-config.yaml') }}"
          restore-keys: |
            ${{ env.BASE_CACHE_KEY }}
      - name: Setup curl cache
        run: mkdir -p ${{ env.CURL_CACHE_DIR }}
      - name: Install Packer
        env:
          PACKER_VERSION: ${{ steps.setup-env.outputs.packer-version }}
        run: |
          PACKER_ZIP="packer_${PACKER_VERSION}_linux_amd64.zip"
          curl --output ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
            --time-cond ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}" \
            --location \
            "https://releases.hashicorp.com/packer/${PACKER_VERSION}/${PACKER_ZIP}"
          sudo unzip -d /opt/packer \
            ${{ env.CURL_CACHE_DIR }}/"${PACKER_ZIP}"
          sudo mv /usr/local/bin/packer /usr/local/bin/packer-default
          sudo ln -s /opt/packer/packer /usr/local/bin/packer
      - uses: hashicorp/setup-terraform@v2
        with:
          terraform_version: ${{ steps.setup-env.outputs.terraform-version }}
      - name: Install shfmt
        env:
          PACKAGE_URL: mvdan.cc/sh/v3/cmd/shfmt
          PACKAGE_VERSION: ${{ steps.setup-env.outputs.shfmt-version }}
        run: go install ${PACKAGE_URL}@${PACKAGE_VERSION}
      - name: Install Terraform-docs
        env:
          PACKAGE_URL: github.com/terraform-docs/terraform-docs
          PACKAGE_VERSION: ${{ steps.setup-env.outputs.terraform-docs-version }}
        run: go install ${PACKAGE_URL}@${PACKAGE_VERSION}
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install --upgrade --requirement requirements-test.txt
      - name: Set up pre-commit hook environments
        run: pre-commit install-hooks
      - name: Run pre-commit on all files
        run: pre-commit run --all-files
      - name: Setup tmate debug session
        uses: mxschmitt/action-tmate@v3
        if: env.RUN_TMATE