jan/.github/workflows/template-tauri-build-windows-x64-preview.yml

name: tauri-build-windows-x64
on:
  workflow_call:
    inputs:
      ref:
        required: true
        type: string
        default: "refs/heads/main"
      public_provider:
        required: true
        type: string
        default: none
        description: "none: build only, github: build and publish to github, aws s3: build and publish to aws s3"
      new_version:
        required: true
        type: string
        default: ''
      cortex_api_port:
        required: false
        type: string
        default: ""
      upload_url:
        required: false
        type: string
        default: ''
      channel:
        required: true
        type: string
        default: 'nightly'
        description: 'The channel to use for this job'
    secrets:
      DELTA_AWS_S3_BUCKET_NAME:
        required: false
      DELTA_AWS_ACCESS_KEY_ID:
        required: false
      DELTA_AWS_SECRET_ACCESS_KEY:
        required: false
      AZURE_KEY_VAULT_URI:
        required: false
      AZURE_CLIENT_ID:
        required: false
      AZURE_TENANT_ID:
        required: false
      AZURE_CLIENT_SECRET:
        required: false
      AZURE_CERT_NAME:
        required: false
      TAURI_SIGNING_PRIVATE_KEY:
        required: false
      TAURI_SIGNING_PRIVATE_KEY_PASSWORD:
        required: false
      TAURI_SIGNING_PUBLIC_KEY:
        required: false
    outputs:
      WIN_SIG:
        value: ${{ jobs.build-windows-x64.outputs.WIN_SIG }}
      FILE_NAME:
        value: ${{ jobs.build-windows-x64.outputs.FILE_NAME }}

jobs:
  build-windows-x64:
    runs-on: windows-latest
    outputs:
      WIN_SIG: ${{ steps.metadata.outputs.WIN_SIG }}
      FILE_NAME: ${{ steps.metadata.outputs.FILE_NAME }}
    permissions:
      contents: write
    steps:
      - name: Getting the repo
        uses: actions/checkout@v3
        with:
          ref: ${{ inputs.ref }}

      - name: Replace Icons for Beta Build
        if: inputs.channel != 'stable'
        shell: bash
        run: |
          cp .github/scripts/icon-${{ inputs.channel }}.png src-tauri/icons/icon.png

      - name: Installing node
        uses: actions/setup-node@v1
        with:
          node-version: 20

      - name: Install jq
        uses: dcarbone/install-jq-action@v2.0.1

      - name: Install ctoml
        run: |
          cargo install ctoml

      - name: Update app version base on tag
        id: version_update
        shell: bash
        run: |
          echo "Version: ${{ inputs.new_version }}"
          # Update tauri.conf.json
          jq --arg version "${{ inputs.new_version }}" '.version = $version | .bundle.createUpdaterArtifacts = true' ./src-tauri/tauri.conf.json > /tmp/tauri.conf.json
          mv /tmp/tauri.conf.json ./src-tauri/tauri.conf.json
          jq --arg version "${{ inputs.new_version }}" '.version = $version' web/package.json > /tmp/package.json
          mv /tmp/package.json web/package.json

          ctoml ./src-tauri/Cargo.toml package.version "${{ inputs.new_version }}"
          cat ./src-tauri/Cargo.toml

          generate_build_version() {
              ### Examble
              ### input 0.5.6 output will be 0.5.6 and 0.5.6.0
              ### input 0.5.6-rc2-beta output will be 0.5.6 and 0.5.6.2
              ### input 0.5.6-1213 output will be 0.5.6 and and 0.5.6.1213
              local new_version="$1"
              local base_version
              local t_value

              # Check if it has a "-"
              if [[ "$new_version" == *-* ]]; then
                  base_version="${new_version%%-*}" # part before -
                  suffix="${new_version#*-}"         # part after -

                  # Check if it is rcX-beta
                  if [[ "$suffix" =~ ^rc([0-9]+)-beta$ ]]; then
                      t_value="${BASH_REMATCH[1]}"
                  else
                      t_value="$suffix"
                  fi
              else
                  base_version="$new_version"
                  t_value="0"
              fi

              # Export two values
              new_base_version="$base_version"
              new_build_version="${base_version}.${t_value}"
          }
          generate_build_version ${{ inputs.new_version }}
          sed -i "s/jan_version/$new_base_version/g" ./src-tauri/tauri.bundle.windows.nsis.template
          sed -i "s/jan_build/$new_build_version/g" ./src-tauri/tauri.bundle.windows.nsis.template
          echo "------------------"
          cat ./src-tauri/tauri.bundle.windows.nsis.template

          # Change app name for beta and nightly builds
          if [ "${{ inputs.channel }}" != "stable" ]; then
            jq '.plugins.updater.endpoints = ["https://delta.jan.ai/${{ inputs.channel }}/latest.json"]' ./src-tauri/tauri.conf.json > /tmp/tauri.conf.json
            mv /tmp/tauri.conf.json ./src-tauri/tauri.conf.json

            chmod +x .github/scripts/rename-tauri-app.sh
            .github/scripts/rename-tauri-app.sh ./src-tauri/tauri.conf.json ${{ inputs.channel }}

            cat ./src-tauri/tauri.conf.json

            # Update Cargo.toml
            ctoml ./src-tauri/Cargo.toml package.name "Jan-${{ inputs.channel }}"
            echo "------------------"
            cat ./src-tauri/Cargo.toml

            chmod +x .github/scripts/rename-workspace.sh
            .github/scripts/rename-workspace.sh ./package.json ${{ inputs.channel }}
            cat ./package.json
            
            sed -i "s/jan_productname/Jan-${{ inputs.channel }}/g" ./src-tauri/tauri.bundle.windows.nsis.template
            sed -i "s/jan_mainbinaryname/jan-${{ inputs.channel }}/g" ./src-tauri/tauri.bundle.windows.nsis.template
          fi

      - name: Install AzureSignTool
        run: |
          dotnet tool install --global --version 6.0.0 AzureSignTool

      - name: Build app
        shell: bash
        run: |
          make build-tauri
        env:
          AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }}
          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
          AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
          AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }}
          AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: auto
          AWS_EC2_METADATA_DISABLED: "true"
          AWS_MAX_ATTEMPTS: "5"
          POSTHOG_KEY: ${{ secrets.POSTHOG_KEY }}
          POSTHOG_HOST: ${{ secrets.POSTHOG_HOST }}
          # CORTEX_API_PORT: ${{ inputs.cortex_api_port }}
          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
          TAURI_SIGNING_PUBLIC_KEY: ${{ secrets.TAURI_SIGNING_PUBLIC_KEY }}

      - name: Upload Artifact
        uses: actions/upload-artifact@v4
        with:
          name: jan-${{ inputs.channel }}-tauri-windows-${{ inputs.new_version }}
          path: |
            ./src-tauri/target/release/bundle/nsis/*.exe
      
      ## create zip file and latest.yml for windows electron auto updater
      - name: create zip file and latest.yml for windows electron auto updater
        shell: bash
        run: |
          cd ./src-tauri/target/release/bundle/nsis
          if [ "${{ inputs.channel }}" != "stable" ]; then
            FILE_NAME=Jan-${{ inputs.channel }}_${{ inputs.new_version }}_x64-setup.exe
            WIN_SIG=$(cat Jan-${{ inputs.channel }}_${{ inputs.new_version }}_x64-setup.exe.sig)
          else
            FILE_NAME=Jan_${{ inputs.new_version }}_x64-setup.exe
            WIN_SIG=$(cat Jan_${{ inputs.new_version }}_x64-setup.exe.sig)
          fi

          echo "::set-output name=WIN_SIG::$WIN_SIG"
          echo "::set-output name=FILE_NAME::$FILE_NAME"
        id: metadata

      ## Upload to s3 for nightly and beta
      - name: upload to aws s3 if public provider is aws
        shell: bash
        if: inputs.public_provider == 'aws-s3' || inputs.channel == 'beta' || inputs.channel == 'nightly'
        run: |
          cd ./src-tauri/target/release/bundle/nsis
          aws s3 cp ./Jan-${{ inputs.channel }}_${{ inputs.new_version }}_x64-setup.exe s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_x64-setup-preview.exe
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: ${{ secrets.DELTA_AWS_REGION }}
          AWS_EC2_METADATA_DISABLED: "true"

      ## Upload to github release for stable release
      - name: Upload release assert if public provider is github
        if: inputs.channel == 'stable'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ inputs.upload_url }}
          asset_path: ./src-tauri/target/release/bundle/nsis/latest.yml
          asset_name: latest.yml
          asset_content_type: text/yaml

      - name: Upload release assert if public provider is github
        if: inputs.channel == 'beta'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ inputs.upload_url }}
          asset_path: ./src-tauri/target/release/bundle/nsis/beta.yml
          asset_name: beta.yml
          asset_content_type: text/yaml

      - name: Upload release assert if public provider is github
        if: inputs.public_provider == 'github'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ inputs.upload_url }}
          asset_path: ./src-tauri/target/release/bundle/nsis/${{ steps.metadata.outputs.FILE_NAME }}
          asset_name: ${{ steps.metadata.outputs.FILE_NAME }}
          asset_content_type: application/octet-stream