name: Build, test, security
on:
  push:
    branches-ignore:
      - main
jobs:
  Clone-repo:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          submodules: recursive
      - uses: actions/upload-artifact@v3
        with:
          name: source-code
          path: .

  SAST-Unit-tests:
    runs-on: ubuntu-latest
    needs: Clone-repo
    steps:
      - uses: actions/download-artifact@v3
        with:
          name: source-code
          path: .
      - run: make tests

  SAST-clang:
    runs-on: ubuntu-latest
    needs: Clone-repo
    steps:
      - uses: actions/download-artifact@v3
        with:
          name: source-code
          path: .
      - run: make static-analysis

  SAST-flawfinder:
    runs-on: ubuntu-latest
    needs: Clone-repo
    steps:
      - uses: actions/download-artifact@v3
        with:
          name: source-code
          path: .
      - run: sudo apt-get install -y flawfinder
      - run: make security-analysis

  Build:
    runs-on: ubuntu-latest
    needs: [ SAST-Unit-tests, SAST-clang, SAST-flawfinder ]
    steps:
      - uses: actions/download-artifact@v3
        with:
          name: source-code
          path: .
      - name: Build server and browser
        run: make dev
      - uses: actions/upload-artifact@v3
        with:
          name: dev-build-files
          path: ./build