name: "Prebuild checks"

on:
  pull_request:
  workflow_dispatch:
  schedule:
    - cron: '13 23 * * *'  # every day @ 23:13

env:
  CARGOLOCK_COMMENT: Looks like you changed `Cargo.lock`. Please make sure to review the dependencies and update [internal version list](https://www.notion.so/satoshilabs/Rust-dependencies-a9cc6e8dab934def8eb27896c001e6e2).

jobs:
  block-fixup:
    name: Block fixup
    if: github.event_name == 'pull_request'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Block Fixup Commit Merge
        uses: 13rac1/block-fixup-merge-action@v2.0.0

  # Check the code for style correctness and perform some static code analysis.
  # Biggest part is the python one - using `flake8`, `isort`, `black`, `pylint` and `pyright`,
  # also checking Rust files by `rustfmt` and C files by `clang-format`.
  # Changelogs formats are checked.
  style_check:
    name: Style check
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: ./.github/actions/environment
      - name: "Run style check"
        run: nix-shell --run "poetry run make style_check"
      - name: "Run .editorconfig check"
        run: nix-shell --run "poetry run make editor_check"

  # Check validity of coin definitions and protobuf files.
  defs_check:
    name: Defs check
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          submodules: "recursive"
      - uses: ./.github/actions/environment
      - name: "Run defs check"
        run: nix-shell --run "poetry run make defs_check"

  # Check validity of auto-generated files.
  gen_check:
    name: Gen check
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          submodules: "recursive"
      - uses: ./.github/actions/environment
      - name: "Run gen check"
        run: nix-shell --run "poetry run make gen_check"

  # Verifying that all commits changing some functionality have a changelog entry
  # or contain `[no changelog]` in the commit message.
  changelog_check:
    name: Changelog check
    if: ${{ github.ref != 'main' && github.event_name == 'pull_request' }}
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
          ref: ${{ github.event.pull_request.head.sha }}
      - name: "Run changelog check"
        run: ./ci/check_changelog.sh

  # Checking the format of release commit messages.
  release_commit_msg_check:
    name: Release commit message check
    if: ${{ startsWith(github.ref, 'refs/tags/release/') && github.repository == 'trezor/trezor-firmware' }}
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: ./.github/actions/environment
      - name: "Check release commit message format"
        run: ./ci/check_release_commit_messages.sh

  # Warn if core/embed/rust/Cargo.lock changed
  cargolock_check:
    name: Cargo.lock check
    if: ${{ github.ref != 'main' && github.event_name == 'pull_request' }}
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
          ref: ${{ github.event.pull_request.head.sha }}

      - name: Ask git
        run: |
          git diff --exit-code origin/main -- core/embed/rust/Cargo.lock || echo cargo_modified=1 > $GITHUB_ENV
          cat $GITHUB_OUTPUT

      - name: Find Comment
        uses: peter-evans/find-comment@v3
        if: ${{ env.cargo_modified == '1' }}
        id: fc
        with:
          issue-number: ${{ github.event.pull_request.number }}
          comment-author: 'github-actions[bot]'
          body-includes: cargolock-comment-${{ github.workflow }}

      - name: Create comment
        uses: peter-evans/create-or-update-comment@v4
        if: ${{ env.cargo_modified == '1' && steps.fc.outputs.comment-id == '' }}
        with:
          issue-number: ${{ github.event.pull_request.number }}
          body: |
            <!-- cargolock-comment-${{ github.workflow }} -->
            ${{ env.CARGOLOCK_COMMENT }}
          edit-mode: replace