name: Soteria Scan

on:
  push:
    paths: ['programs/**']
  pull_request:
    branches: ['main', 'dev']
    paths: ['programs/**']
  workflow_dispatch: # Pick branch manually

env:
  CARGO_TERM_COLOR: always
  SOLANA_VERSION: "1.13.3"

jobs:
  build:
    name: Soteria
    runs-on: ubuntu-latest
    if: (github.actor != 'dependabot[bot]')
    strategy:
      fail-fast: false
      matrix:
        program: ['programs/mango-v4/',
                  'programs/margin-trade/']
    env:
      PROGRAM_PATH: ${{ matrix.program }}

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Cache Solana binaries
        uses: actions/cache@v2
        id: solana-cache
        with:
          path: |
            ~/.cache/solana
            ~/.local/share/solana
            ~/.rustup
          key: solana-${{ env.SOLANA_VERSION }}

      - name: Cache build dependencies
        uses: Swatinem/rust-cache@v2
        with:
          target-dir: ${{ matrix.program }}.coderrect/build

      - name: Install Solana
        if: steps.solana-cache.outputs.cache-hit != 'true'
        run: |
          echo Installing Solana v${{ env.SOLANA_VERSION }}...
          sh -c "$(curl -sSfL https://release.solana.com/v${{ env.SOLANA_VERSION }}/install)"
          echo "$HOME/.local/share/solana/install/active_release/bin" >> $GITHUB_PATH
          export PATH="/home/runner/.local/share/solana/install/active_release/bin:$PATH"
          echo Installing bpf toolchain...
          (cd /home/runner/.local/share/solana/install/active_release/bin/sdk/bpf/scripts; ./install.sh)
        shell: bash

      - name: Install Soteria
        run: |
          echo Installing Soteria...
          sh -c "$(curl -k https://supercompiler.xyz/install)"
          export PATH=$PWD/soteria-linux-develop/bin/:$PATH
          echo "$PWD/soteria-linux-develop/bin" >> $GITHUB_PATH
        shell: bash

      - name: Run Soteria
        run: |
          cd ${{ matrix.program }}
          soteria -analyzeAll .
        shell: bash