name: commit-qc-checks

on:
    push:
        branches-ignore:
            - 'main'

jobs:
    check-if-py-files-exist:
        runs-on: ubuntu-latest
        outputs:
            py_files_exist: ${{ steps.check.outputs.py_files_exist }}
        steps:
            - uses: actions/checkout@v2
            - id: check_files
              run: |
                if [ -n "$(find . -name '*.py')" ]; then
                    echo "::set-output name=py_files_exist::true"
                else
                    echo "::set-output name=py_files_exist::false"
                fi

    quality-checks:
        needs: check-if-py-files-exist
        if: ${{ needs.check-if-py-files-exist.outputs.py_files_exist == 'true' }}
        runs-on: ubuntu-latest
        steps:
            - uses : actions/checkout@v2
            - name : 'Python: Setup'
              uses : actions/setup-python@v2
              with:
                python-version: 3.11
            - name : 'Python: Install Dependencies'
              run: |
                python -m pip install --upgrade pip
                pip install flake8 pylint black bandit safety
            - name : 'Python: Linting'
              run: |
                flake8 .
                find . -name "*.py" | xargs pylint
            - name : 'Python: Formatting'
              run: |
                black --check .
            - name: 'Python: Security'
              run: |
                bandit -r .
                safety check
            - name: 'Terraform: Setup'
              uses: hashicorp/setup-terraform@v3
              with:
                terraform_version: latest
            - name: 'Terraform: Formatting'
              working-directory: ./terraform
              run: terraform fmt -check -recursive
            - name: 'Terraform: Initialise'
              working-directory: ./terraform
              run: terraform init -backend=false
            - name: 'Terraform: Validate'
              working-directory: ./terraform
              run: terraform validate