on:
  workflow_call:
    secrets:
      hiveToken:

jobs:
  search-token:
    runs-on: ubuntu-22.04
    outputs:
      hive_token_present: ${{ steps.secrets_present.outputs.hive_token }}
    steps:
      - name: check for Hive token presence
        env:
          HIVE_TOKEN: ${{ secrets.hiveToken }}
        id: secrets_present
        run: echo "hive_token=${{ env.HIVE_TOKEN != '' }}" >> $GITHUB_OUTPUT

  check:
    runs-on: ubuntu-22.04
    needs: search-token
    if: needs.search-token.outputs.hive_token_present == 'true'
    steps:
      - name: checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
        with:
          fetch-depth: 2

      - name: setup environment
        uses: ./.github/actions/setup
        with:
          actor: graphql-schema-check

      - name: check pull request label
        if: contains(github.event.pull_request.labels.*.name, 'non-breaking')
        run: echo "safeFlag=--forceSafe" >> $GITHUB_OUTPUT
        id: pr-label-check

      - name: schema check
        env:
          HIVE_TOKEN: ${{ secrets.hiveToken }}
        run: |
          curl -sSL https://graphql-hive.com/install.sh | sh
          hive schema:check "schema.graphql" ${{steps.pr-label-check.outputs.safeFlag }} \
            --github \
            --service "graphql"