name: Validate

on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main, develop]

jobs:
  # Build + tests on all 3 OS — Linux required, Mac/Win continue-on-error
  build-test:
    strategy:
      fail-fast: false
      matrix:
        os: [ubuntu-latest, macos-latest, windows-latest]
    runs-on: ${{ matrix.os }}
    continue-on-error: ${{ matrix.os != 'ubuntu-latest' }}

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Install dependencies (Linux)
        if: matrix.os == 'ubuntu-latest'
        run: |
          sudo apt-get update
          sudo apt-get install -y --no-install-recommends \
            build-essential gcc make cppcheck lcov \
            python3 python3-pip ca-certificates

      - name: Verify toolchain
        shell: bash
        run: |
          set +e
          echo "PATH=$PATH"
          gcc --version 2>&1 | head -1     || echo "  (no gcc)"
          make --version 2>&1 | head -1    || echo "  (no make)"
          cppcheck --version 2>&1 | head -1 || echo "  (no cppcheck)"
          echo "done"

      - name: Static analysis (Cppcheck)
        shell: bash
        run: make static

      - name: MISRA check
        shell: bash
        run: |
          make misra || echo "MISRA findings present (demo non-failing)"

      - name: Build + unit tests
        shell: bash
        run: make test

  # Coverage, traceability, diagrams, API doc, test report — all on Linux,
  # parallel to build-test (matrix continue-on-error is not propagated through needs)
  reports:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Install dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y --no-install-recommends \
            build-essential gcc make cppcheck lcov \
            python3 python3-pip ca-certificates \
            doxygen graphviz

      - name: Build + tests + coverage
        run: |
          make test
          make coverage

      - name: Test summary report
        run: make test-report

      - name: Traceability check
        run: python3 tools/traceability.py check

      - name: Publish Traceability Matrix
        run: python3 tools/traceability.py publish docs/traceability

      - name: Render PlantUML diagrams
        run: python3 tools/render_plantuml.py

      - name: Doxygen API documentation
        run: make docs

      - name: Cppcheck Report (XML + HTML)
        run: |
          mkdir -p build
          cppcheck --enable=all --inconclusive --xml --xml-version=2 \
            -I src src 2> build/cppcheck-report.xml || true
          # cppcheck-htmlreport is part of the cppcheck package
          cppcheck-htmlreport \
            --file=build/cppcheck-report.xml \
            --report-dir=build/cppcheck-html \
            --source-dir=. \
            --title="demo-epb Cppcheck Report" || echo "htmlreport skipped"

      - name: Landing page
        run: make landing-page

      - name: Upload Coverage HTML
        uses: actions/upload-artifact@v3
        if: always()
        with:
          name: coverage-html
          path: build/coverage-html/

      - name: Upload Test Report
        uses: actions/upload-artifact@v3
        if: always()
        with:
          name: test-report
          path: |
            build/test-report.html
            build/test-report.md
            build/test-output.txt

      - name: Upload Traceability Matrix
        uses: actions/upload-artifact@v3
        if: always()
        with:
          name: traceability
          path: docs/traceability/

      - name: Upload Architecture Diagrams
        uses: actions/upload-artifact@v3
        if: always()
        with:
          name: architecture-diagrams
          path: docs/diagrams/

      - name: Upload Doxygen API Doc
        uses: actions/upload-artifact@v3
        if: always()
        with:
          name: api-doc
          path: build/api-doc/html/

      - name: Upload Landing Page
        uses: actions/upload-artifact@v3
        if: always()
        with:
          name: landing-page
          path: build/index.html

      - name: Upload Cppcheck Report
        uses: actions/upload-artifact@v3
        if: always()
        with:
          name: cppcheck-report
          path: build/cppcheck-report.xml

      - name: Deploy to gitea.slohmaier.com/pages/demo-epb/
        if: success() && github.ref == 'refs/heads/main'
        run: |
          DEPLOY=/var/www/pages/demo-epb
          if [ ! -d "$DEPLOY" ]; then
            echo "Mount $DEPLOY not present — check runner config. Skipping."
            exit 0
          fi
          mkdir -p "$DEPLOY"/{docs,coverage,traceability,diagrams,api-doc,reports/cppcheck,src,misra/records}
          cp build/index.html "$DEPLOY/index.html"
          cp -r docs/plaene docs/safety docs/manuals docs/reviews docs/non-conformities "$DEPLOY/docs/"
          cp -r build/coverage-html/. "$DEPLOY/coverage/" 2>/dev/null || true
          cp -r docs/traceability/. "$DEPLOY/traceability/"
          cp -r docs/diagrams/. "$DEPLOY/diagrams/"
          cp -r build/api-doc/html/. "$DEPLOY/api-doc/" 2>/dev/null || true
          cp build/test-report.html build/test-report.md "$DEPLOY/reports/" 2>/dev/null || true
          cp build/cppcheck-report.xml "$DEPLOY/reports/" 2>/dev/null || true
          cp -r build/cppcheck-html/. "$DEPLOY/reports/cppcheck/" 2>/dev/null || true
          cp src/*.c src/*.h "$DEPLOY/src/"
          cp -r src/stubs "$DEPLOY/src/" 2>/dev/null || true
          cp -r misra/records/. "$DEPLOY/misra/records/" 2>/dev/null || true
          echo "https://gitea.slohmaier.com/pages/demo-epb/ updated"