name: Unit Tests

on:
  push:
    branches: [ "main", "7.*", "8.*" ]
  pull_request:
    branches: [ "*" ]

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v4
      with:
        fetch-depth: 1

    - name: Fetch main branch
      run: |
        git fetch origin main:refs/remotes/origin/main

    - name: Set up Python 3.12
      uses: actions/setup-python@v5
      with:
        python-version: '3.12'

    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
        pip cache purge
        pip install .[dev]

    - name: Python Lint
      run: |
        python -m flake8 tests detection_rules --ignore D203,N815 --max-line-length 120

    - name: Python License Check
      run: |
        python -m detection_rules dev license-check

    - name: Unit tests
      env:
        # only run the test test_rule_change_has_updated_date on pull request events to main
        GITHUB_EVENT_NAME: "${{ github.event_name}}"
      run: |
        python -m detection_rules test

    - name: Build release package
      env:
        # only generate the navigator files on push events to main
        GENERATE_NAVIGATOR_FILES: "${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && '--generate-navigator' || ' ' }}"
      run: |
        python -m detection_rules dev build-release $GENERATE_NAVIGATOR_FILES

    - name: Archive production artifacts for branch builds
      uses: actions/upload-artifact@v4
      if: |
        github.event_name == 'push'
      with:
        name: release-files
        path: |
          releases

    - name: Update navigator gist files
      env:
        GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_GIST_TOKEN }}"
      if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
      run: python -m detection_rules dev update-navigator-gists