name: Check licenses
on:
  workflow_dispatch:
  push:
    branches: [main]
    paths:
      - "**.go"
      - "**/go.mod"
      - "**/go.sum"
      - "./.github/workflows/check-licenses.yml"
      - "hack/check-licenses.sh"
  pull_request:
    paths:
      - "**.go"
      - "**/go.mod"
      - "**/go.sum"
      - "./.github/workflows/check-licenses.yml"
      - "hack/check-licenses.sh"

jobs:
  check:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
        with:
          ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

      - name: Setup Go environment
        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
        with:
          go-version: "1.20.2"
          cache: true

      - name: Install go-licenses
        run: go install github.com/google/go-licenses@0e0ec3a03d2277ffa8161963486f03bb58a6358c # v1.5.0

      - name: Check licenses
        run: hack/check-licenses.sh

      - name: Check for files without license header
        run: "! grep -rL --include='*.go' --exclude-dir 3rdparty -e'SPDX-License-Identifier: AGPL-3.0-only' -e'DO NOT EDIT' | grep ''"