name: Java CI with Gradle

on:
  push:
    paths:
      - '**.java'
      - '**.json'
      - 'gradle**'
      - 'build.gradle'
  pull_request:
    paths:
      - '**.java'
      - '**.json'
      - 'gradle**'
      - 'build.gradle'
  # Makes it possible to run this workflow manually from the Actions tab
  workflow_dispatch:

permissions:
  contents: write

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Set up Java 21
      uses: actions/setup-java@v4
      with:
        java-version: '21'
        distribution: 'microsoft'

    - name: Grant execute permission for gradlew
      run: chmod +x gradlew

    - name: Setup Gradle
      uses: gradle/actions/setup-gradle@v4
      with:
        build-scan-publish: true
        build-scan-terms-of-use-url: "https://gradle.com/help/legal-terms-of-use"
        build-scan-terms-of-use-agree: "yes"

    - name: Generate and submit dependency graph
      if: ${{ github.event_name == 'push' }}
      uses: gradle/actions/dependency-submission@v4

    - name: Execute Gradle build
      run: ./gradlew spotlessCheck build --stacktrace --warning-mode=fail

    - name: VirusTotal scan
      if: ${{ github.event_name == 'push' }}
      uses: crazy-max/ghaction-virustotal@v4
      with:
        vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }}
        files: |
          ./build/libs/*.jar
      continue-on-error: true