1use gh_workflow::{Event, Job, Run, Schedule, Step, Workflow, WorkflowDispatch};
 2use indoc::formatdoc;
 3
 4use crate::tasks::workflows::{
 5    release::{COMPLIANCE_REPORT_PATH, ComplianceContext, add_compliance_notification_steps},
 6    runners,
 7    steps::{self, CommonJobConditions, named},
 8    vars::{self, StepOutput},
 9};
10
11pub fn compliance_check() -> Workflow {
12    let check = scheduled_compliance_check();
13
14    named::workflow()
15        .on(Event::default()
16            .schedule([Schedule::new("30 17 * * 2")])
17            .workflow_dispatch(WorkflowDispatch::default()))
18        .add_env(("CARGO_TERM_COLOR", "always"))
19        .add_job(check.name, check.job)
20}
21
22fn scheduled_compliance_check() -> steps::NamedJob {
23    let determine_version_step = named::bash(indoc::indoc! {r#"
24        VERSION=$(sed -n 's/^version = "\(.*\)"/\1/p' crates/zed/Cargo.toml | tr -d '[:space:]')
25        if [ -z "$VERSION" ]; then
26            echo "Could not determine version from crates/zed/Cargo.toml"
27            exit 1
28        fi
29        TAG="v${VERSION}-pre"
30        echo "Checking compliance for $TAG"
31        echo "tag=$TAG" >> "$GITHUB_OUTPUT"
32    "#})
33    .id("determine-version");
34
35    let tag_output = StepOutput::new(&determine_version_step, "tag");
36
37    fn run_compliance_check(tag: &StepOutput) -> Step<Run> {
38        named::bash(
39            formatdoc! {r#"
40                echo "tag=$LATEST_TAG" >> "$GITHUB_OUTPUT"
41                cargo xtask compliance "$LATEST_TAG" --branch main --report-path {COMPLIANCE_REPORT_PATH}
42                "#,
43            }
44        )
45        .id("run-compliance-check")
46        .add_env(("LATEST_TAG", tag.to_string()))
47        .add_env(("GITHUB_APP_ID", vars::ZED_ZIPPY_APP_ID))
48        .add_env(("GITHUB_APP_KEY", vars::ZED_ZIPPY_APP_PRIVATE_KEY))
49    }
50
51    let job = Job::default()
52        .with_repository_owner_guard()
53        .runs_on(runners::LINUX_SMALL)
54        .add_step(steps::checkout_repo().with_full_history())
55        .add_step(steps::cache_rust_dependencies_namespace())
56        .add_step(determine_version_step)
57        .add_step(run_compliance_check(&tag_output));
58
59    named::job(add_compliance_notification_steps(
60        job,
61        ComplianceContext::Scheduled {
62            tag_source: tag_output,
63        },
64        "run-compliance-check",
65    ))
66}