name: Build

on:
  push:
    paths:
      - '.github/workflows/build.yml'
      - 'pom.xml'
      - 'src/**'
  pull_request_target:
    types: [labeled]

env:
  JAVA_DIST: 'temurin'
  JAVA_VERSION: 25

defaults:
  run:
    shell: bash

jobs:
  test:
    name: Compile and Test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
        with:
          distribution: ${{ env.JAVA_DIST }}
          java-version: ${{ env.JAVA_VERSION }}
          cache: 'maven'
      - name: Cache SonarCloud packages
        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar
      - name: Build and Test
        run: >
          xvfb-run
          mvn -B verify
          jacoco:report
          org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
          -Pcoverage
          -Dsonar.projectKey=cryptomator_cryptomator
          -Dsonar.organization=cryptomator
          -Dsonar.host.url=https://sonarcloud.io
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}