name: Code Quality

on:
  push:
    branches: [ main, develop ]
  pull_request:
    branches: [ main ]

jobs:
  quality:
    runs-on: ubuntu-latest
    
    steps:
    - uses: actions/checkout@v4
    
    - name: Set up Python
      uses: actions/setup-python@v4
      with:
        python-version: '3.10'
    
    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
        pip install flake8 black isort
        pip install -r app/requirements.txt
    
    - name: Lint with flake8
      run: |
        # Stop the build if there are Python syntax errors or undefined names
        flake8 app --count --select=E9,F63,F7,F82 --show-source --statistics
        # Exit-zero treats all errors as warnings
        flake8 app --count --exit-zero --max-complexity=10 --max-line-length=88 --statistics
    
    - name: Check code formatting with black
      run: |
        black --check app
    
    - name: Check import sorting with isort
      run: |
        isort --check-only app
    
    - name: Check for security issues
      run: |
        pip install bandit
        bandit -r app -f json -o bandit-report.json || true
    
    - name: Upload security report
      uses: actions/upload-artifact@v3
      if: always()
      with:
        name: bandit-security-report
        path: bandit-report.json