.github/workflows/ci.yml

name: CI

on: [push]

env:
  CI: true
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
jobs:
  lint:
    uses: inrupt/typescript-sdk-tools/.github/workflows/reusable-lint.yml@v3
    with:
      build: true

  test:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        # We test against different OSes, because the build toolchain has OS-specific dependencies.
        os: ["ubuntu-latest", "windows-latest", "macos-latest"]
        node-version: ["22.x", "20.x", "18.x"]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node-version }}
          cache: npm
      - run: npm ci
      - run: npm run test
      # Check that we can build our test apps using esbuild
      - run: npm run test:esbuild
      # Upload coverage for sonarcube (only matching OS and one node version required)
      - uses: actions/upload-artifact@v4
        if: ${{ matrix.node-version == '22.x' }}
        with:
          name: code-coverage-${{ matrix.os }}-${{matrix.node-version}}
          path: coverage/

  sonar-scan:
    needs: [test]
    runs-on: ubuntu-latest
    strategy:
      matrix:
        # Since this is a monorepo, the Sonar scan must be run on each of the packages but this will pull in the test
        # coverage information produced by the tests already run.
        project-root:
          [
            "packages/browser",
            "packages/oidc-browser",
            "packages/node",
            "packages/core",
          ]
    steps:
      - uses: actions/checkout@v4
        with:
          # Sonar analysis needs the full history for features like automatic assignment of bugs. If the following step
          # is not included the project will show a warning about incomplete information.
          fetch-depth: 0
      - uses: actions/download-artifact@v4
        with:
          name: code-coverage-ubuntu-latest-22.x
          path: coverage/
      - name: SonarCloud Scan
        uses: SonarSource/sonarcloud-github-action@v3
        if: ${{ github.actor != 'dependabot[bot]' }}
        with:
          projectBaseDir: ${{ matrix.project-root }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}