# yaml-language-server: $schema=https://json.schemastore.org/github-action.json
# permissions:
#   - contents: read  # Required for checking files in repository
---
name: Common File Check
description: |
  A reusable action to check if a specific file or type of files exists in the repository.
  Emits an output "found" which is true or false.
author: 'Ismo Vuorinen'
branding:
  icon: search
  color: gray-dark

inputs:
  file-pattern:
    description: 'Glob pattern for files to check.'
    required: true

outputs:
  found:
    description: 'Indicates if the files matching the pattern were found.'
    value: ${{ steps.check-files.outputs.found }}

runs:
  using: composite
  steps:
    - name: Validate Inputs
      id: validate
      shell: bash
      env:
        FILE_PATTERN: ${{ inputs.file-pattern }}
      run: |
        set -euo pipefail

        # Validate file pattern is not empty
        if [[ -z "$FILE_PATTERN" ]]; then
          echo "::error::file-pattern input is required and cannot be empty"
          exit 1
        fi

        # Validate file pattern format (basic glob pattern validation)
        pattern="$FILE_PATTERN"

        # Check for path traversal attempts
        if [[ "$pattern" == *".."* ]]; then
          echo "::error::Invalid file pattern: '$pattern'. Path traversal (..) not allowed"
          exit 1
        fi

        # Check for absolute paths (should be relative patterns)
        if [[ "$pattern" == /* ]]; then
          echo "::error::Invalid file pattern: '$pattern'. Absolute paths not allowed, use relative patterns"
          exit 1
        fi

        # Basic validation for dangerous patterns
        if [[ "$pattern" == *";"* ]] || [[ "$pattern" == *"|"* ]] || [[ "$pattern" == *"&"* ]] || [[ "$pattern" == *"\$"* ]]; then
          echo "::error::Invalid file pattern: '$pattern'. Command injection characters not allowed"
          exit 1
        fi

        # Check for reasonable pattern length (prevent extremely long patterns)
        if [ ${#pattern} -gt 255 ]; then
          echo "::error::File pattern too long: ${#pattern} characters. Maximum allowed is 255 characters"
          exit 1
        fi

        # Validate common glob pattern characters are safe
        if ! [[ "$pattern" =~ ^[a-zA-Z0-9*?./_{}\[\]-]+$ ]]; then
          echo "::warning::File pattern contains special characters: '$pattern'. Ensure this is intentional and safe"
        fi

        echo "Validated file pattern: '$pattern'"

    - name: Check for Files
      id: check-files
      shell: bash
      env:
        FILE_PATTERN: ${{ inputs.file-pattern }}
      run: |-
        set -euo pipefail

        if find . -name "$FILE_PATTERN" | grep -q .; then
          echo "found=true" >> $GITHUB_OUTPUT
        else
          echo "found=false" >> $GITHUB_OUTPUT
        fi