# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
#
# Find more information at:
# https://github.com/microsoft/msvc-code-analysis-action

name: Development Microsoft C++ Code Analysis

on:
  push:
    branches: [ 'dev_checks' ]
  #  branches: [ 'master', 'main', 'develop', 'dev_checks' ]
  #  tags: [ 'v*' ]
  #pull_request:
  #  branches: [ 'master', 'main', 'develop' ]
  schedule:
    - cron: '15 8 * * 0,4' # Run twice a week
  workflow_dispatch:

permissions:
  contents: read

env:
  # Path to the CMake build directory.
  build: '${{ github.workspace }}/build'
  config: 'Release'

jobs:
  analyze:
    permissions:
      contents: read # for actions/checkout to fetch code
      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
    name: Analyze
    runs-on: windows-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          submodules: recursive

      - name: Configure CMake
        run: cmake 
               -DCOOLPROP_MY_MAIN=dev/ci/main.cpp
               -B ${{github.workspace}}/build 
               -S . 

      # Build is not required unless generated source files are used
      # For CoolProp: Needed to build dynamic fluids JSON header
      - name: Build CMake
        run: cmake 
               --build ${{github.workspace}}/build 
               --config Release

      - name: Initialize MSVC Code Analysis
        uses: microsoft/msvc-code-analysis-action@v0.0.1
        # Provide a unique ID to access the sarif output path
        id: run-analysis
        with:
          cmakeBuildDirectory: ${{github.workspace}}/build
          # Ruleset file that will determine what checks will be run
          ruleset: NativeRecommendedRules.ruleset


      # Upload SARIF file to GitHub Code Scanning Alerts
      # NOTE: Too many runs (47 cpp files) to upload to Github (LIMIT = 20)
      #       Commenting and uploading as an artifact below for download
      #       and viewing off-line.
      # - name: Upload SARIF to GitHub
      #   uses: github/codeql-action/upload-sarif@v3
      #   with:
      #     sarif_file: ${{ steps.run-analysis.outputs.sarif }}

      # Upload SARIF file as an Artifact to download and view
      - name: Upload SARIF as an Artifact
        uses: actions/upload-artifact@v4
        with:
          name: sarif-file
          path: ${{ steps.run-analysis.outputs.sarif }}