name: CI
on: [ push, pull_request ]
jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        jdk: [ 11, 17, 21 ]
        vault: [ '1.2.0', '1.11.12', '1.15.0' ]
        include:
          - jdk: 21
            vault: '1.11.12'
            analysis: true
    steps:
      - name: Checkout
        uses: actions/checkout@v3
        with:
          fetch-depth: 0
      - name: Set up Java
        uses: actions/setup-java@v3
        with:
          java-version: ${{ matrix.jdk }}
          distribution: 'temurin'
      - name: Compile
        run: mvn -B clean compile
      - name: Set up Vault
        if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/')
        run: |
          wget -q "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_linux_amd64.zip"
          wget -q -O - "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_SHA256SUMS" | grep linux_amd64 | sha256sum -c
          unzip "vault_${{ matrix.vault }}_linux_amd64.zip"
          rm "vault_${{ matrix.vault }}_linux_amd64.zip"
          sudo mv vault /usr/bin/vault
      - name: Test (Unit & Integration)
        if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/')
        env:
          VAULT_VERSION: ${{ matrix.vault }}
        run: mvn -B -P coverage -P integration-test verify
      - name: Test (Unit)
        if: github.ref != 'refs/heads/main' && !startsWith(github.ref, 'refs/heads/release/')
        run: mvn -B -P coverage verify
      - name: Analysis
        if: matrix.analysis
        run: >
          mvn -B sonar:sonar
          -Dsonar.host.url=https://sonarcloud.io
          -Dsonar.organization=stklcode-github
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}