.github/workflows/plugins-ci.yml

name: Plugin CI

on:
  workflow_call:
    inputs:
      auto-merge-exclude:
        description: 'A semicolon seperated list of packages that you do not want to be auto-merged.'
        required: false
        default: 'fastify'
        type: string
      license-check:
        description: 'Check licenses.'
        required: false
        type: boolean
        default: false
      license-check-allowed-additional:
        description: 'A semicolon seperated list of additional licenses to allow.'
        required: false
        type: string
        default: ''
      lint:
        description: 'Set to true to run linting scripts.'
        required: false
        default: false
        type: boolean
      fastify-dependency-integration:
        description: 'Set to true to run fastify tests with the (proposed) changes.'
        required: false
        default: false
        type: boolean
      node-versions:
        description: 'A JSON array that specifies the Node.js versions on which the job should run.'
        required: false
        default: '["18", "20", "21"]'
        type: string

jobs:
  dependency-review:
    name: Dependency Review
    if: github.event_name == 'pull_request'
    runs-on: ubuntu-latest
    permissions:
      contents: read
    steps:
      - name: Check out repo
        uses: actions/checkout@v4
        with:
          persist-credentials: false

      - name: Dependency review
        uses: actions/dependency-review-action@v4

  license-check:
    if: >
      !failure() &&
      !cancelled() &&
      inputs.license-check == true
    name: Check Licenses
    runs-on: ubuntu-latest
    permissions:
      contents: read
    steps:
      - uses: actions/checkout@v4
        with:
          persist-credentials: false

      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: lts/*

      - name: Install dependencies
        run: npm i --ignore-scripts

      - name: Check Licenses
        run: ${{ format('npx license-checker --production --summary --onlyAllow="0BSD;Apache-2.0;BlueOak-1.0.0;BSD-2-Clause;BSD-3-Clause;ISC;MIT;{0}"', inputs.license-check-allowed-additional) }}

  linter:
    name: Lint Code
    if: >
      !failure() &&
      !cancelled() &&
      inputs.lint == true
    runs-on: ubuntu-latest
    permissions:
      contents: read
    steps:
      - name: Check out repo
        uses: actions/checkout@v4
        with:
          persist-credentials: false

      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: lts/*

      - name: Install dependencies
        run: npm i --ignore-scripts

      - name: Lint code
        run: npm run lint

  test:
    name: Test
    runs-on: ${{ matrix.os }}
    permissions:
      contents: read
    strategy:
      matrix:
        node-version: ${{ fromJson(inputs.node-versions) }}
        os: [macos-latest, ubuntu-latest, windows-latest]
        exclude:
          - os: macos-latest
            node-version: 14
          - os: macos-latest
            node-version: 16
    steps:
      - name: Check out repo
        uses: actions/checkout@v4
        with:
          persist-credentials: false

      - name: Setup Node ${{ matrix.node-version }}
        uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node-version }}

      - name: Install dependencies
        run: npm i --ignore-scripts

      - name: Run tests
        run: npm test

  fastify-dependency-integration:
    name: Test Fastify Integration
    runs-on: ubuntu-latest
    if: >
      !failure() &&
      !cancelled() &&
      inputs.fastify-dependency-integration == true
    permissions:
      contents: read
    steps:
      - name: Check out repo
        uses: actions/checkout@v4
        with:
          persist-credentials: false

      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: lts/*

      - name: Install dependencies
        run: npm i --ignore-scripts

      - name: Test Fastify Integration
        run: |
          npm link &&
          PACKAGE_NAME=$(node -p "require('./package.json').name")
          git clone https://github.com/fastify/fastify.git --depth 1 &&
          cd fastify &&
          npm i --ignore-scripts &&
          npm link $PACKAGE_NAME &&
          npm run unit

  automerge:
    name: Automerge Dependabot PRs
    if: >
        always() &&
        needs.test.result == 'success' &&
        (needs.fastify-dependency-integration.result == 'success' || needs.fastify-dependency-integration.result == 'skipped') &&
        github.event_name == 'pull_request' &&
        github.event.pull_request.user.login == 'dependabot[bot]'
    needs:
      - test
      - fastify-dependency-integration
    permissions:
      pull-requests: write
      contents: write
    runs-on: ubuntu-latest
    steps:
      - uses: fastify/github-action-merge-dependabot@v3
        with:
          exclude: ${{ inputs.auto-merge-exclude }}
          github-token: ${{ secrets.GITHUB_TOKEN }}
          target: major