name: Build/check CSV flow coverage report

on:
  workflow_dispatch:
    inputs:
      qlModelShaOverride:
        description: 'github/codeql repo SHA used for looking up the CSV models'
        required: false
  push:
    branches:
     - main
     - 'rc/**'
  pull_request:
    paths:
      - '.github/workflows/csv-coverage.yml'
      - '*/ql/src/**/*.ql'
      - '*/ql/src/**/*.qll'
      - 'misc/scripts/library-coverage/*.py'
      # input data files
      - '*/documentation/library-coverage/cwe-sink.csv'
      - '*/documentation/library-coverage/frameworks.csv'
      # coverage report files
      - '*/documentation/library-coverage/flow-model-coverage.csv'
      - '*/documentation/library-coverage/flow-model-coverage.rst'

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - name: Clone self (github/codeql)
      uses: actions/checkout@v2
      with:
        path: script
    - name: Clone self (github/codeql) at a given SHA for analysis
      if: github.event.inputs.qlModelShaOverride != ''
      uses: actions/checkout@v2
      with:
        path: codeqlModels
        ref: github.event.inputs.qlModelShaOverride
    - name: Clone self (github/codeql) for analysis
      if: github.event.inputs.qlModelShaOverride == ''
      uses: actions/checkout@v2
      with:
        path: codeqlModels
    - name: Set up Python 3.8
      uses: actions/setup-python@v2
      with:
        python-version: 3.8
    - name: Download CodeQL CLI
      uses: dsaltares/fetch-gh-release-asset@aa37ae5c44d3c9820bc12fe675e8670ecd93bd1c
      with:
        repo: "github/codeql-cli-binaries"
        version: "latest"
        file: "codeql-linux64.zip"
        token: ${{ secrets.GITHUB_TOKEN }}
    - name: Unzip CodeQL CLI
      run: unzip -d codeql-cli codeql-linux64.zip
    - name: Build modeled package list
      run: |
        PATH="$PATH:codeql-cli/codeql" python script/misc/scripts/library-coverage/generate-report.py ci codeqlModels script
    - name: Upload CSV package list
      uses: actions/upload-artifact@v2
      with:
        name: csv-flow-model-coverage
        path: flow-model-coverage-*.csv
    - name: Upload RST package list
      uses: actions/upload-artifact@v2
      with:
        name: rst-flow-model-coverage
        path: flow-model-coverage-*.rst
    # - name: Check coverage files
    #   if: github.event.pull_request
    #   run: |
    #     python script/misc/scripts/library-coverage/compare-files.py codeqlModels