name: Dependency Check

on:
  workflow_dispatch:
  schedule:
    - cron: '0 0 1 * *'

env:
  solutionFile: CleanArchitecture.sln
  projectName: CleanArchitecture

jobs:
  checkLicenses:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Install .NET Core
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: |
          9.x.x

    - name: Restore dependencies
      run: dotnet restore

    - name: Check for license issues
      run: |
          dotnet new tool-manifest
          dotnet tool install --local liz.tool
          dotnet liz "${{ env.solutionFile }}" --blacklist .github/license-blacklist.json --suppress-progressbar

  checkVulnerabilities:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Check for vulnerabilities
      uses: dependency-check/Dependency-Check_Action@main
      id: depcheck
      with:
        project: ${{ env.projectName }}
        path: "**/*.csproj"
        format: "HTML"
        out: "reports"
        args: >
          --failOnCVSS "7"

    - name: Upload test results
      uses: actions/upload-artifact@v4
      with:
        name: Dependency Check Report
        path: ${{github.workspace}}/reports