---
# Original Author: Ansible by Red Hat <info@ansible.com> (https://github.com/ansible/ansible-lint)
name: run-ansible-lint
description: Run Ansible Lint
author: Michael Sasser <info@michaelsasser.org>
branding:
  icon: shield
  color: red
inputs:
  args:
    description: Arguments to be passed to ansible-lint command.
    required: false
    default: ""
  working_directory:
    description: The directory where to run ansible-lint from. Default is `github.workspace`.
    required: false
    default: ""
  requirements_file:
    description: Path to the requirements YAML file to install role and collection dependencies.
    required: false
    default: ""
  expected_return_code:
    description: Expected return code from ansible-lint. Default is 0. Used for self-testing purposes.
    required: false
    default: "0"
runs:
  using: composite
  steps:
    - name: Process inputs
      id: inputs
      shell: bash
      run: |
        if [[ -n "${{ inputs.working_directory }}" ]]; then
          echo "working_directory=${{ inputs.working_directory }}" >> $GITHUB_OUTPUT
        else
          echo "working_directory=${{ github.workspace }}" >> $GITHUB_OUTPUT
        fi

    # Due to GHA limitation, caching works only for files within GITHUB_WORKSPACE
    # folder, so we are forced to stick this temporary file inside .git, so it
    # will not affect the linted repository.
    # https://github.com/actions/toolkit/issues/1035
    # https://github.com/actions/setup-python/issues/361
    - name: Generate .git/ansible-lint-requirements.txt
      id: get_reqs
      shell: bash
      env:
        GH_ACTION_REF: ${{ github.action_ref || 'main' }}
      working-directory: ${{ steps.inputs.outputs.working_directory }}
      run: |
        reqs_file=$(git rev-parse --show-toplevel)/.git/ansible-lint-requirements.txt
        echo "reqs_file=$reqs_file" >> $GITHUB_OUTPUT
        wget --output-document=$reqs_file https://raw.githubusercontent.com/ansible/ansible-lint/$GH_ACTION_REF/.config/requirements-lock.txt

    - name: Install role and collection dependencies from requirements file
      if: inputs.requirements_file != ''
      shell: bash
      working-directory: ${{ steps.inputs.outputs.working_directory }}
      run: ansible-galaxy install -r ${{ inputs.requirements_file }}

    - name: Run ansible-lint
      shell: bash
      working-directory: ${{ steps.inputs.outputs.working_directory }}
      run: |
        ansible-lint --version
        exit_code=0
        expected_exit_code=${{ inputs.expected_return_code }}
        ansible-lint ${{ inputs.args }} || exit_code=$?
        if [ "$exit_code" != "$expected_exit_code" ]; then echo "Command failed: got '$exit_code', expected '$expected_exit_code'"; exit 1; fi