name: AntiVirus Whitelisting

on:
  workflow_call:
    inputs:
      url:
        description: "Url to the file to upload"
        required: true
        type: string
      avast:
        description: "Upload to Avast"
        required: false
        type: boolean
        default: true
      kaspersky:
        description: "Upload to Kaspersky"
        required: false
        type: boolean
        default: true
  workflow_dispatch:
    inputs:
      url:
        description: "Url to the file to upload"
        required: true
        type: string
      avast:
        description: "Upload to Avast"
        required: false
        type: boolean
        default: false
      kaspersky:
        description: "Upload to Kaspersky"
        required: false
        type: boolean
        default: false

jobs:
  download-file:
    name: Downloads the file into the VM
    runs-on: ubuntu-latest
    outputs:
      fileName: ${{ steps.extractName.outputs.fileName}}
    env:
      INPUT_URL: ${{ inputs.url }}
    steps:
      - name: Extract file name
        id: extractName
        run: |
          url="${INPUT_URL}"
          echo "fileName=${url##*/}" >> $GITHUB_OUTPUT
      - name: Download file
        run: curl --silent --fail-with-body --proto "=https" -L "${INPUT_URL}" -o "${{steps.extractName.outputs.fileName}}"
      - name: Upload artifact
        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: ${{ steps.extractName.outputs.fileName }}
          path: ${{ steps.extractName.outputs.fileName }}
          if-no-files-found: error
  allowlist-kaspersky:
    name: Anti Virus Allowlisting Kaspersky
    runs-on: ubuntu-latest
    needs: download-file
    if: inputs.kaspersky
    steps:
      - name: Download artifact
        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
        with:
          name: ${{ needs.download-file.outputs.fileName }}
          path: upload
      - name: Upload to Kaspersky
        uses: SamKirkland/FTP-Deploy-Action@a51268f67f6605236975928ae28b0f7e9971d50a # v4.6.3
        with:
          protocol: ftps
          server: allowlist.kaspersky-labs.com
          port: 990
          username: ${{ secrets.ALLOWLIST_KASPERSKY_USERNAME }}
          password: ${{ secrets.ALLOWLIST_KASPERSKY_PASSWORD }}
          local-dir: ./upload/
  allowlist-avast:
    name: Anti Virus Allowlisting Avast
    runs-on: ubuntu-latest
    needs: download-file
    if: inputs.avast
    steps:
      - name: Download artifact
        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
        with:
          name: ${{ needs.download-file.outputs.fileName }}
          path: upload
      - name: Upload to Avast
        uses: wlixcc/SFTP-Deploy-Action@a5ccb9c6211a94cc59404f0fdb2a9936a6dfee64 # v1.2.6
        with:
          server: whitelisting.avast.com
          port: 22
          username: ${{ secrets.ALLOWLIST_AVAST_USERNAME }}
          password: ${{ secrets.ALLOWLIST_AVAST_PASSWORD }}
          ssh_private_key: ''
          sftp_only: true
          local_path: './upload/*'
          remote_path: '/data'