.github/workflows/ci-pr.yml

# Unique name for this workflow
name: CI on PR

# Definition when the workflow should run
on:
    workflow_dispatch:
    pull_request:
        types: [opened, edited, synchronize, reopened]
        branches-ignore:
            - prerelease/spring[2-9][0-9]
            - prerelease/summer[2-9][0-9]
            - prerelease/winter[2-9][0-9]

# Jobs to be executed
jobs:
    # Dummy job used to skip CI run on automated PRs
    skip-ci:
        if: "github.actor == 'trailheadapps-bot'"
        runs-on: trailheadapps-Ubuntu
        steps:
            - name: Noop
              run: |
                  echo "Skipping CI run for automated PRs."

    # Formatting and linting only runs on human-submitted PRs
    format-lint-lwc-tests:
        if: "github.actor != 'trailheadapps-bot'"
        runs-on: trailheadapps-Ubuntu
        steps:
            # Checkout the source code
            - name: 'Checkout source code'
              uses: actions/checkout@v3

            # Install Volta to enforce proper node and package manager versions
            - name: 'Install Volta'
              uses: volta-cli/action@v4

            # Cache node_modules to speed up the process
            - name: 'Restore node_modules cache'
              id: cache-npm
              uses: actions/cache@v3
              with:
                  path: node_modules
                  key: npm-${{ hashFiles('**/package-lock.json') }}
                  restore-keys: |
                      npm-${{ env.cache-name }}-
                      npm-

            # Install npm dependencies for Prettier and Jest
            - name: 'Install npm dependencies'
              if: steps.cache-npm.outputs.cache-hit != 'true'
              run: HUSKY=0 npm ci

            # Prettier formatting
            - name: 'Code formatting verification with Prettier'
              run: npm run prettier:verify

            # Lint LWC / Aura
            - name: 'Lint Lightning Web Components / Aura Components'
              run: npm run lint

            # LWC unit tests
            - name: 'Unit test Lightning Web Components'
              run: npm run test:unit:coverage

            # Upload code coverage data
            - name: 'Upload code coverage for LWC to Codecov.io'
              uses: codecov/codecov-action@v3
              with:
                  flags: LWC

    # Auto merge Dependabot PRs for:
    # - patch updates on prod dependencies
    # - minor updates on dev dependencies
    dependabot-auto-merge:
        # Only run for Dependabot PRs
        if: ${{ github.actor == 'dependabot[bot]' }}
        runs-on: trailheadapps-Ubuntu
        needs: format-lint-lwc-tests
        permissions:
            pull-requests: write
            contents: write
        steps:
            - name: 'Fetch Dependabot metadata'
              id: dependabot
              uses: dependabot/fetch-metadata@v1

            - name: 'Check auto merge conditions'
              id: auto-merge
              if: |
                  (
                    steps.dependabot.outputs.update-type == 'version-update:semver-patch' &&
                    contains('direct:production,indirect:production', steps.dependabot.outputs.dependency-type)
                  ) || (
                    contains('version-update:semver-minor,version-update:semver-patch', steps.dependabot.outputs.update-type) &&
                    contains('direct:development,indirect:development', steps.dependabot.outputs.dependency-type)
                  )
              run: echo "::notice ::auto-merge conditions satisfied"

            - name: 'Approve and merge PR'
              if: ${{ steps.auto-merge.conclusion == 'success' }}
              run: |
                  gh pr review --approve "$PR_URL"
                  gh pr merge --auto --rebase "$PR_URL"
              env:
                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
                  PR_URL: ${{ github.event.pull_request.html_url }}

    scratch-org-test:
        runs-on: trailheadapps-Ubuntu
        needs: format-lint-lwc-tests
        if: ${{ github.actor != 'dependabot[bot]' }}
        steps:
            # Checkout the source code
            - name: 'Checkout source code'
              uses: actions/checkout@v3

            # Run PMD scan
            - name: 'Run PMD scan'
              uses: pmd/pmd-github-action@v1.4.0
              id: pmd
              with:
                  version: '6.55.0'
                  sourcePath: 'force-app'
                  rulesets: 'ruleset.xml'

            # Check for PMD violations
            - name: 'Check for PMD violations'
              if: steps.pmd.outputs.violations != 0
              run: exit 1

            # Install Salesforce CLI
            - name: 'Install Salesforce CLI'
              run: |
                  npm install @salesforce/cli --location=global
                  nodeInstallPath=$(npm config get prefix)
                  echo "$nodeInstallPath/bin" >> $GITHUB_PATH
                  sf --version

            # Store secret for dev hub
            - name: 'Populate auth file with DEVHUB_SFDX_URL secret'
              shell: bash
              run: |
                  echo ${{ secrets.DEVHUB_SFDX_URL }} > ./DEVHUB_SFDX_URL.txt
                  secretFileSize=$(wc -c "./DEVHUB_SFDX_URL.txt" | awk '{print $1}')
                  if [ $secretFileSize == 1 ]; then
                      echo "Missing DEVHUB_SFDX_URL secret. Is this workflow running on a fork?";
                      exit 1;
                  fi

            # Authenticate dev hub
            - name: 'Authenticate Dev Hub'
              run: sf org login sfdx-url -f ./DEVHUB_SFDX_URL.txt -a devhub -d

            # Create scratch org
            - name: 'Create scratch org'
              run: sf org create scratch -f config/project-scratch-def.json -a scratch-org -d -y 1

            # Deploy source to scratch org
            - name: 'Push source to scratch org'
              run: sf project deploy start

            # Assign permissionset
            - name: 'Assign permissionset to default user'
              run: sf org assign permset -n recipes

            # Import sample data
            - name: 'Import sample data'
              run: sf data tree import -p ./data/data-plan.json

            # Run Apex tests in scratch org
            - name: 'Run Apex tests'
              run: sf apex test run -c -r human -d ./tests/apex -w 20

            # Upload code coverage data
            - name: 'Upload code coverage for Apex to Codecov.io'
              uses: codecov/codecov-action@v3
              with:
                  flags: Apex

            # Housekeeping
            - name: 'Delete scratch org'
              if: always()
              run: sf org delete scratch -p -o scratch-org

    trigger-packaging:
        runs-on: trailheadapps-Ubuntu
        needs: scratch-org-test
        steps:
            # Checkout the source code
            - name: 'Checkout source code'
              uses: actions/checkout@v3

            # Check for package changes using git diff
            - name: 'Check for package changes'
              id: checkForChanges
              run: |
                  git fetch origin $GITHUB_BASE_REF --depth=1
                  changedPaths=$( git diff-tree --name-only origin/$GITHUB_BASE_REF $GITHUB_SHA )
                  set +e
                  hasChanges='false'
                  if [ $(echo "$changedPaths" | grep -c '^force-app') == 1 ]; then
                      hasChanges='true'
                  fi
                  echo "hasChanges=$hasChanges" >> $GITHUB_OUTPUT

            # Trigger packaging PR workflow
            - name: 'Trigger packaging PR workflow if needed'
              uses: peter-evans/repository-dispatch@v2
              if: ${{ steps.checkForChanges.outputs.hasChanges == 'true' }}
              with:
                  token: ${{ secrets.BOT_ACCESS_TOKEN }}
                  event-type: start-packaging-pr
                  client-payload: '{ "ref": "${{ github.ref }}", "sha": "${{ github.sha }}" }'