# Copyright Broadcom, Inc. All Rights Reserved.
# SPDX-License-Identifier: APACHE-2.0

name: '[License] Check license headers'
on:
  pull_request_target:
    types:
      - opened
      - synchronize
    branches:
      - main
      - bitnami:main
# Remove all permissions by default
permissions: {}
jobs:
  license-headers-linter:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write
    steps:
      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        name: Checkout Repository
        with:
          ref: ${{ github.event.pull_request.head.ref }}
          repository: ${{ github.event.pull_request.head.repo.full_name }}
      - id: get-modified-files
        name: 'Get modified files'
        env:
          DIFF_URL: "${{github.event.pull_request.diff_url}}"
          TEMP_FILE: "${{runner.temp}}/pr-${{github.event.number}}.diff"
        run: |
          # This request doesn't consume API calls.
          curl -Lkso $TEMP_FILE $DIFF_URL
          files_changed="$(sed -nr 's/[\-\+]{3} [ab]\/(.*)/\1/p' $TEMP_FILE | sort | uniq)"
          templates=()
          regular_files=()
          is_excluded() {
            # Check if a given path contains one of the excluded paths
            local -r path="${1:?missing path}"
            local -r excluded_paths=("/crds/")
            for excluded_path in "${excluded_paths[@]}"; do
              if [[ "${path}" =~ ${excluded_path} ]]; then
                return 0
              fi
            done
            return 1
          }
          while read -r file_changed; do
            # Avoid removed files and excluded files
            if [[ -f "${file_changed}" ]] && ! is_excluded "${file_changed}"; then
              if [[ "${file_changed}" =~ \/templates\/ ]]; then
                templates+=("${file_changed}")
              else
                regular_files+=("${file_changed}")
              fi
            fi
          done <<< "$(echo "$files_changed" | grep -oE "^bitnami/.*\.ya?ml$" | sort | uniq || true)"
          if [[ ${#templates[@]} -gt 0 ]] || [[ ${#regular_files[@]} -gt 0 ]]; then
            if [[ ${#templates[@]} -gt 0 ]]; then
              # There are modifications over yaml templates
              export templates_json=$(printf "%s\n" "${templates[@]}" | jq -R . | jq -cs .)
              # Overwrite configuration file to analyze only changed templates
              yq -i '. | .header[0].paths=env(templates_json)' .licenserc.yaml
            fi
            if [[ ${#regular_files[@]} -gt 0 ]]; then
              # There are modifications over yaml files
              export regular_files_json=$(printf "%s\n" "${regular_files[@]}" | jq -R . | jq -cs .)
              # Overwrite configuration file to analyze only changed files
              yq -i '. | .header[1].paths=env(regular_files_json)' .licenserc.yaml
            fi
            echo "result=success" >> $GITHUB_OUTPUT
          else
            echo "result=skip" >> $GITHUB_OUTPUT
          fi
      - name: Check license Headers
        uses: apache/skywalking-eyes/header@cd7b195c51fd3d6ad52afceb760719ddc6b3ee91
        if: ${{ steps.get-modified-files.outputs.result == 'success' }}