Framework-R-D
diff --git a/‎.clang-tidy‎
Lines changed: 1 addition & 0 deletions b/‎.clang-tidy‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/actions/handle-fix-commit/action.yaml‎
Lines changed: 5 additions & 5 deletions b/‎.github/actions/handle-fix-commit/action.yaml‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎.github/workflows/clang-tidy-check.yaml‎
Lines changed: 3 additions & 2 deletions b/‎.github/workflows/clang-tidy-check.yaml‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎.github/workflows/clang-tidy-fix.yaml‎
Lines changed: 58 additions & 11 deletions b/‎.github/workflows/clang-tidy-fix.yaml‎
Lines changed: 58 additions & 11 deletions
diff --git a/‎.github/workflows/header-guards-check.yaml‎
Lines changed: 163 additions & 0 deletions b/‎.github/workflows/header-guards-check.yaml‎
Lines changed: 163 additions & 0 deletions
@@ -17,6 +17,7 @@ Checks: >
   -cppcoreguidelines-pro-bounds-pointer-arithmetic,
   -cppcoreguidelines-macro-usage,
   -cppcoreguidelines-non-private-member-variables-in-classes,
+  -llvm-header-guard, # Use scripts/fix_header_guards.py instead
   misc-*,
   -misc-non-private-member-variables-in-classes,
   -misc-no-recursion,
 
@@ -55,14 +55,14 @@ runs:
         fi
 
     - name: No changes to apply
-      if: steps.check_changes.outputs.changes == 'false'
+      if: steps.check_changes.outputs.changes == 'false' && github.event.pull_request.number
       uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
       with:
         message: 'No automatic ${{ inputs.tool }} fixes were necessary.'
 
     - name: Get PR maintainer_can_modify property
       id: pr-properties
-      if: steps.check_changes.outputs.changes == 'true'
+      if: steps.check_changes.outputs.changes == 'true' && github.event.pull_request.number
       uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
       with:
         script: |
@@ -123,7 +123,7 @@ runs:
         exit 1
 
     - name: Notify of commit
-      if: steps.commit_and_push.conclusion == 'success' && steps.commit_and_push.outputs.pushed == 'true'
+      if: steps.commit_and_push.conclusion == 'success' && steps.commit_and_push.outputs.pushed == 'true' && github.event.pull_request.number
       uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
       with:
         message: |
@@ -141,13 +141,13 @@ runs:
 
     - name: Upload patch
       if: steps.create_patch.outputs.patch_name
-      uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
+      uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
       with:
         name: fix-patch
         path: ${{ inputs.working-directory }}/${{ steps.create_patch.outputs.patch_name }}
 
     - name: Comment with patch instructions
-      if: steps.create_patch.outputs.patch_name
+      if: steps.create_patch.outputs.patch_name && github.event.pull_request.number
       uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
       with:
         message: |
 
@@ -3,6 +3,7 @@ name: Clang-Tidy Check
 
 permissions:
   contents: read
+  pull-requests: read
 
 
 on:
@@ -121,7 +122,7 @@ jobs:
         build-type: Debug
         extra-options: "-DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCMAKE_CXX_SCAN_FOR_MODULES=OFF -DCMAKE_CXX_CLANG_TIDY='clang-tidy;--export-fixes=clang-tidy-fixes.yaml'"
 
-    - name: Run clang-tidy using CMake target
+    - name: Run clang-tidy using CMake
       id: tidy
       shell: bash
       run: |
@@ -130,7 +131,7 @@ jobs:
 
         echo "➡️ Running clang-tidy checks..."
         cmake_status=0
-        cmake --build . -j $(nproc) > clang-tidy.log 2>&1 || cmake_status=$?
+        cmake --build . -j "$(nproc)" > clang-tidy.log 2>&1 || cmake_status=$?
 
         # Distinguish tooling failures from issue detection by checking log content
         if [ "$cmake_status" -ne 0 ]; then
 
@@ -76,36 +76,82 @@ jobs:
           repository: ${{ needs.pre-check.outputs.repo }}
           token: ${{ secrets.WORKFLOW_PAT }}
 
+      - name: Try to download existing fixes from check workflow
+        id: download_fixes_check
+        if: needs.pre-check.outputs.tidy_checks == ''
+        uses: dawidd6/action-download-artifact@fe9d59ce33ce92db8a6ac90b2c8be6b6d90417c8 # v15
+        with:
+          workflow: clang-tidy-check.yaml
+          name: clang-tidy-report
+          path: fixes
+          branch: ${{ needs.pre-check.outputs.ref }}
+        continue-on-error: true
+
+      - name: Try to download existing fixes from previous fix workflow
+        id: download_fixes_fix
+        if: steps.download_fixes_check.outcome != 'success' && needs.pre-check.outputs.tidy_checks == ''
+        uses: dawidd6/action-download-artifact@fe9d59ce33ce92db8a6ac90b2c8be6b6d90417c8 # v15
+        with:
+          workflow: clang-tidy-fix.yaml
+          name: clang-tidy-report
+          path: fixes
+          branch: ${{ needs.pre-check.outputs.ref }}
+        continue-on-error: true
+
+      - name: Apply fixes from artifact if available
+        id: apply_from_artifact
+        if: needs.pre-check.outputs.tidy_checks == '' && (steps.download_fixes_check.outcome == 'success' || steps.download_fixes_fix.outcome == 'success')
+        run: |
+          if [ -f fixes/clang-tidy-fixes.yaml ]; then
+            echo "Applying fixes from existing artifact..."
+            cd phlex-src
+            clang-apply-replacements ../fixes || true
+            echo "applied=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "applied=false" >> "$GITHUB_OUTPUT"
+          fi
+
       - name: Setup build environment
+        if: steps.apply_from_artifact.outputs.applied != 'true'
         uses: Framework-R-D/phlex/.github/actions/setup-build-env@main
 
-      - name: Configure CMake for clang-tidy
+      - name: Prepare CMake configuration options
+        if: steps.apply_from_artifact.outputs.applied != 'true'
+        id: prep_tidy_opts
         env:
           TIDY_CHECKS: ${{ needs.pre-check.outputs.tidy_checks }}
         run: |
           . /entrypoint.sh
           cd "$GITHUB_WORKSPACE"
 
-          CLANG_TIDY_OPTS="clang-tidy;--fix;--export-fixes=clang-tidy-fixes.yaml"
+          CLANG_TIDY_OPTS="clang-tidy;--export-fixes=clang-tidy-fixes.yaml"
           if [ -n "$TIDY_CHECKS" ]; then
             CHECKS_NORMALIZED=$(echo "$TIDY_CHECKS" | tr ' ' ',')
             CLANG_TIDY_OPTS="${CLANG_TIDY_OPTS};--checks=-*,${CHECKS_NORMALIZED}"
           fi
+          echo "clang_tidy_opts=${CLANG_TIDY_OPTS}" >> "$GITHUB_OUTPUT"
 
-          cmake -B phlex-build -S phlex-src \
-            -DCMAKE_BUILD_TYPE=Debug \
-            -DCMAKE_EXPORT_COMPILE_COMMANDS=ON \
-            -DCMAKE_CXX_SCAN_FOR_MODULES=OFF \
-            -DCMAKE_CXX_CLANG_TIDY="${CLANG_TIDY_OPTS}"
+      - name: Configure CMake (Debug)
+        if: steps.apply_from_artifact.outputs.applied != 'true'
+        uses: Framework-R-D/phlex/.github/actions/configure-cmake@main
+        with:
+          build-type: Debug
+          extra-options: "-DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCMAKE_CXX_SCAN_FOR_MODULES=OFF -DCMAKE_CXX_CLANG_TIDY='${{ steps.prep_tidy_opts.outputs.clang_tidy_opts }}'"
 
-      - name: Apply clang-tidy fixes using CMake build
+      - name: Generate clang-tidy fixes using CMake build
+        if: steps.apply_from_artifact.outputs.applied != 'true'
         run: |
           . /entrypoint.sh
           cd "$GITHUB_WORKSPACE/phlex-build"
+          cmake --build . -j "$(nproc)" || true
 
-          echo "Applying clang-tidy fixes..."
-          cmake --build . -j $(nproc) || true
-          echo "Clang-tidy fixes applied"
+      - name: Apply clang-tidy fixes
+        if: steps.apply_from_artifact.outputs.applied != 'true'
+        run: |
+          cd "$GITHUB_WORKSPACE/phlex-build"
+          if [ -f clang-tidy-fixes.yaml ]; then
+            clang-apply-replacements . || true
+          fi
 
       - name: Upload clang-tidy report
         if: always()
@@ -114,6 +160,7 @@ jobs:
           name: clang-tidy-report
           path: phlex-build/clang-tidy-fixes.yaml
           retention-days: 7
+          if-no-files-found: ignore
 
       - name: Handle fix commit
         uses: Framework-R-D/phlex/.github/actions/handle-fix-commit@main
 
@@ -0,0 +1,163 @@
+name: Header Guards Check
+run-name: "${{ github.actor }} checking header guards"
+
+permissions:
+  contents: read
+  pull-requests: read
+
+on:
+  pull_request:
+  workflow_dispatch:
+    inputs:
+      ref:
+        description: "The branch, ref, or SHA to checkout. Defaults to the repository's default branch."
+        required: false
+        type: string
+  workflow_call:
+    inputs:
+      checkout-path:
+        description: "Path to check out code to"
+        required: false
+        type: string
+      skip-relevance-check:
+        description: "Bypass relevance check"
+        required: false
+        type: boolean
+        default: false
+      pr-base-sha:
+        description: "Base SHA of the PR for relevance check"
+        required: false
+        type: string
+      pr-head-sha:
+        description: "Head SHA of the PR for relevance check"
+        required: false
+        type: string
+      ref:
+        description: "The branch, ref, or SHA to checkout"
+        required: false
+        type: string
+      repo:
+        description: "The repository to checkout from"
+        required: false
+        type: string
+
+env:
+  local_checkout_path: ${{ (github.event_name == 'workflow_call' && inputs.checkout-path) || format('{0}-src', github.event.repository.name) }}
+
+jobs:
+  pre-check:
+    runs-on: ubuntu-latest
+    outputs:
+      is_act: ${{ steps.detect_act.outputs.is_act }}
+      ref: ${{ (github.event_name == 'workflow_call' && inputs.ref) || (github.event_name == 'workflow_dispatch' && (github.event.inputs.ref || github.ref)) || github.sha }}
+      repo: ${{ (github.event_name == 'workflow_call' && inputs.repo) || github.repository }}
+      base_sha: ${{ (github.event_name == 'workflow_call' && inputs.pr-base-sha) || github.event.pull_request.base.sha || github.event.before }}
+    steps:
+      - name: Detect act environment
+        id: detect_act
+        uses: Framework-R-D/phlex/.github/actions/detect-act-env@main
+
+  detect-changes:
+    needs: pre-check
+    if: >
+      needs.pre-check.result == 'success' &&
+      github.event_name != 'workflow_dispatch' &&
+      (
+        github.event_name != 'workflow_call' ||
+        (inputs.skip-relevance-check != 'true' && github.event.inputs == null && github.event.comment == null)
+      ) &&
+      needs.pre-check.outputs.is_act != 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
+    outputs:
+      has_changes: ${{ steps.filter.outputs.matched }}
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      with:
+        fetch-depth: 0
+        path: ${{ env.local_checkout_path }}
+        ref: ${{ needs.pre-check.outputs.ref }}
+        repository: ${{ needs.pre-check.outputs.repo }}
+
+    - name: Detect relevant changes
+      id: filter
+      uses: Framework-R-D/phlex/.github/actions/detect-relevant-changes@main
+      with:
+        repo-path: ${{ env.local_checkout_path }}
+        base-ref: ${{ needs.pre-check.outputs.base_sha }}
+        head-ref: ${{ (github.event_name == 'workflow_call' && inputs.pr-head-sha) || needs.pre-check.outputs.ref }}
+        file-type: cpp
+
+    - name: Report detection outcome
+      run: |
+        if [ "${{ steps.filter.outputs.matched }}" != "true" ]; then
+          echo "::notice::No header file changes detected; check will be skipped."
+        else
+          echo "::group::Header files"
+          printf '%s\n' "${{ steps.filter.outputs.matched_files }}"
+          echo "::endgroup::"
+        fi
+
+  header-guards-check:
+    needs: [pre-check, detect-changes]
+    if: >
+      always() &&
+      (
+        needs.detect-changes.result == 'skipped' ||
+        (
+          needs.detect-changes.result == 'success' &&
+          needs.detect-changes.outputs.has_changes == 'true'
+        )
+      )
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      with:
+        ref: ${{ needs.pre-check.outputs.ref }}
+        path: ${{ env.local_checkout_path }}
+        repository: ${{ needs.pre-check.outputs.repo }}
+
+    - name: Set up Python
+      uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+      with:
+        python-version: '3.12'
+
+    - name: Check header guards
+      id: check
+      working-directory: ${{ env.local_checkout_path }}
+      run: |
+        python3 scripts/fix_header_guards.py --check --root . phlex plugins form > check_output.txt 2>&1 || echo "has_issues=true" >> "$GITHUB_OUTPUT"
+        cat check_output.txt
+
+    - name: Report results
+      if: always() && steps.check.outputs.has_issues == 'true'
+      run: |
+        echo "::error::Header guard check failed."
+        echo "::error::Comment '@${{ github.event.repository.name }}bot header-guards-fix' on the PR to auto-fix."
+        exit 1
+
+  header-guards-check-skipped:
+    needs: [pre-check, detect-changes]
+    if: >
+      needs.pre-check.result == 'success' &&
+      github.event_name != 'workflow_dispatch' &&
+      (
+        github.event_name != 'workflow_call' ||
+        (inputs.skip-relevance-check != 'true' && github.event.inputs == null && github.event.comment == null)
+      ) &&
+      needs.pre-check.outputs.is_act != 'true' &&
+      (needs.detect-changes.result == 'success' && needs.detect-changes.outputs.has_changes != 'true')
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+    - name: No relevant header changes detected
+      run: echo "::notice::No header file changes detected; header-guards-check skipped."