name: ASF-code-quality

on: [push, pull_request]

env:
  DOTNET_CLI_TELEMETRY_OPTOUT: true
  DOTNET_NOLOGO: true

permissions:
  checks: write
  contents: write
  pull-requests: write
  security-events: write

jobs:
  main:
    if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      if: github.event_name != 'pull_request'
      uses: actions/checkout@v4.1.1
      with:
        show-progress: false

    - name: Checkout code (for PR)
      if: github.event_name == 'pull_request'
      uses: actions/checkout@v4.1.1
      with:
        fetch-depth: 100 # History is required for pull request analysis
        ref: ${{ github.event.pull_request.head.sha }}  # To check out the actual pull request commit, not the merge commit
        show-progress: false

    - name: Run Qodana scan
      uses: JetBrains/qodana-action@v2023.3.1
      with:
        args: --property=idea.headless.enable.statistics=false
      env:
        QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}

    - name: Report Qodana results to GitHub
      uses: github/codeql-action/upload-sarif@v3.24.5
      with:
        sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json