name: sonar-scanner version check
on:
  workflow_dispatch:
  schedule:
    - cron: '15 10 * * *'

jobs:
  check-version:
    name: Check for sonar-scanner version update
    runs-on: ubuntu-latest-large
    outputs:
      should_update: ${{ steps.version-check.outputs.should_update }}
      new-version: ${{ steps.latest-version.outputs.sonar-scanner-version }}
    steps:
      - run: sudo apt install -y jq
      - uses: actions/checkout@v4
        with:
          ref: master
          fetch-depth: 0

      - name: "Fetch currently used sonar-scanner version"
        id: tagged-version
        shell: bash
        run: cat sonar-scanner-version >> $GITHUB_OUTPUT

      - name: "Fetch latest sonar-scanner version"
        id: latest-version
        shell: bash
        run: |
          ./scripts/fetch_latest_version.sh > sonar-scanner-version
          cat sonar-scanner-version >> $GITHUB_OUTPUT

      - name: "Determine if update is needed"
        id: version-check
        shell: bash
        run: |
          if [[ "${{ steps.tagged-version.outputs.sonar-scanner-version }}" != "${{ steps.latest-version.outputs.sonar-scanner-version }}" ]]; then
            echo "should_update=true" >> $GITHUB_OUTPUT
          else
            echo "should_update=false" >> $GITHUB_OUTPUT
          fi

  update-version:
    name: Prepare pull request for sonar-scanner version update
    needs: check-version
    runs-on: ubuntu-latest-large
    permissions:
      contents: write
      pull-requests: write
    if: needs.check-version.outputs.should_update == 'true'
    steps:
      - uses: actions/checkout@v4
        with:
          ref: master
          persist-credentials: true
          fetch-depth: 0
      - run: sudo snap install yq
      - name: "Update default version"
        shell: bash
        env:
          NEW_VERSION: ${{ needs.check-version.outputs.new-version }}
        run: |
          yq -i '.inputs.scannerVersion.default = strenv(NEW_VERSION)' action.yml
          ./scripts/fetch_latest_version.sh > sonar-scanner-version
      - name: "Create Pull Request for version update"
        shell: bash
        env:
          UPDATE_BRANCH: update-to-sonar-scanner-${{ needs.check-version.outputs.new-version }}
          TITLE: "Update SonarScanner CLI to ${{ needs.check-version.outputs.new-version }}"
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          git config --global user.name "SonarTech"
          git config --global user.email "sonartech@sonarsource.com"
          git checkout -b ${UPDATE_BRANCH}
          git add sonar-scanner-version
          git add action.yml
          git commit -m "${TITLE}"
          git push --force-with-lease origin ${UPDATE_BRANCH}
          gh pr list

          if [[ $(gh pr list -H "${UPDATE_BRANCH}" | grep "${UPDATE_BRANCH}" | wc -l) -eq 0 ]]; then
            gh pr create -B master -H ${UPDATE_BRANCH} --title "${TITLE}" --body "Automatic update of the sonar-scanner version value. Be sure to trigger the QA workflow by closing and reopening this PR (see https://github.com/orgs/community/discussions/65321)."
          fi