# .github/workflows/pr-checks.yml
name: 'Checks'

on:
  pull_request:
    branches:
      - 'main'
      - 'release/**'
  merge_group:

concurrency:
  group: '${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}'
  cancel-in-progress: true

permissions:
  contents: 'read'
  packages: 'write'
  pull-requests: 'write'
  security-events: 'write'
  checks: 'write'
  statuses: 'write'
  actions: 'read'
  attestations: 'read'
  deployments: 'read'
  discussions: 'read'
  issues: 'read'
  pages: 'read'
  repository-projects: 'read'
  id-token: 'write'

jobs:
  lint:
    name: 'Lint'
    uses: './.github/workflows/lint.yml'

  build-and-publish:
    name: 'Build and Publish CI Bundle'
    needs: 'lint'
    uses: './.github/workflows/build-and-publish.yml'

  ci:
    name: 'CI Checks'
    needs: 'lint'
    uses: './.github/workflows/ci.yml'

  e2e:
    name: 'E2E Checks'
    needs: 'build-and-publish'
    uses: './.github/workflows/e2e.yml'
    with:
      version: '${{ needs.build-and-publish.outputs.version }}'
    secrets:
      GEMINI_API_KEY: '${{ secrets.GEMINI_API_KEY }}'

  bundle-size:
    name: 'Bundle Size Check'
    needs: 'build-and-publish'
    uses: './.github/workflows/bundle-size.yml'
    with:
      version: '${{ needs.build-and-publish.outputs.version }}'