name: PR
on:
  pull_request:
    branches: [ master, main ]
permissions:
  contents: read

jobs:
  build:
    runs-on: ubuntu-latest
    services:
      flagd:
        image: ghcr.io/open-feature/flagd-testbed:latest
        ports:
          - 8013:8013

    steps:
      - name: Check out the code
        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c

      - name: Set up JDK 8
        uses: actions/setup-java@ea15b3b99cdc9ac45af1882d085e3f9297a75a8b
        with:
          java-version: '8'
          distribution: 'temurin'
          cache: maven

      - name: Initialize CodeQL
        uses: github/codeql-action/init@e4b846c482eb8fdb860c7c61d2eb64f9bdf79420
        with:
          languages: java

      - name: Cache local Maven repository
        uses: actions/cache@e0d62270e20d6eeecf2fd6397a1b8871b6269e38
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
          restore-keys: |
            ${{ runner.os }}-maven-

      - name: Build with Maven
        run: mvn --batch-mode --update-snapshots verify -P integration-test

      - name: Upload coverage to Codecov
        uses: codecov/codecov-action@4b062cb89c1fe1fd7da7e013d554a088ea14178a
        with:
          token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
          flags: unittests # optional
          name: coverage # optional
          fail_ci_if_error: true # optional (default = false)
          verbose: true # optional (default = false)

      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@e4b846c482eb8fdb860c7c61d2eb64f9bdf79420