jan/.github/workflows/template-tauri-build-linux-x64.yml

name: tauri-build-linux-x64
on:
  workflow_call:
    inputs:
      ref:
        required: true
        type: string
        default: 'refs/heads/main'
      public_provider:
        required: true
        type: string
        default: none
        description: 'none: build only, github: build and publish to github, aws s3: build and publish to aws s3'
      new_version:
        required: true
        type: string
        default: ''
      cortex_api_port:
        required: false
        type: string
        default: ''
      upload_url:
        required: false
        type: string
        default: ''
      channel:
        required: true
        type: string
        default: 'nightly'
        description: 'The channel to use for this job'
    secrets:
      DELTA_AWS_S3_BUCKET_NAME:
        required: false
      DELTA_AWS_ACCESS_KEY_ID:
        required: false
      DELTA_AWS_SECRET_ACCESS_KEY:
        required: false
      TAURI_SIGNING_PRIVATE_KEY:
        required: false
      TAURI_SIGNING_PRIVATE_KEY_PASSWORD:
        required: false
      TAURI_SIGNING_PUBLIC_KEY:
        required: false
    outputs:
      DEB_SIG:
        value: ${{ jobs.build-linux-x64.outputs.DEB_SIG }}
      APPIMAGE_SIG:
        value: ${{ jobs.build-linux-x64.outputs.APPIMAGE_SIG }}
      APPIMAGE_FILE_NAME:
        value: ${{ jobs.build-linux-x64.outputs.APPIMAGE_FILE_NAME }}
jobs:
  build-linux-x64:
    runs-on: ubuntu-22.04
    outputs:
      DEB_SIG: ${{ steps.packageinfo.outputs.DEB_SIG }}
      APPIMAGE_SIG: ${{ steps.packageinfo.outputs.APPIMAGE_SIG }}
      APPIMAGE_FILE_NAME: ${{ steps.packageinfo.outputs.APPIMAGE_FILE_NAME }}
    permissions:
      contents: write
    steps:
      - name: Getting the repo
        uses: actions/checkout@v3
        with:
          ref: ${{ inputs.ref }}

      - name: Free Disk Space Before Build
        run: |
          echo "Disk space before cleanup:"
          df -h
          sudo rm -rf /usr/local/.ghcup
          sudo rm -rf /opt/hostedtoolcache/CodeQL
          sudo rm -rf /usr/local/lib/android/sdk/ndk
          sudo rm -rf /usr/share/dotnet
          sudo rm -rf /opt/ghc
          sudo rm -rf /usr/local/share/boost
          sudo apt-get clean
          echo "Disk space after cleanup:"
          df -h

      - name: Replace Icons for Beta Build
        if: inputs.channel != 'stable'
        shell: bash
        run: |
          cp .github/scripts/icon-${{ inputs.channel }}.png src-tauri/icons/icon.png

      - name: Installing node
        uses: actions/setup-node@v1
        with:
          node-version: 20

      - name: Install jq
        uses: dcarbone/install-jq-action@v2.0.1

      - name: Install ctoml
        run: |
          cargo install ctoml

      - name: Install Tauri dependencies
        run: |
          sudo apt update
          sudo apt install -y libglib2.0-dev libatk1.0-dev libpango1.0-dev libgtk-3-dev libsoup-3.0-dev libwebkit2gtk-4.1-dev librsvg2-dev libfuse2

      - name: Update app version base public_provider
        run: |
          echo "Version: ${{ inputs.new_version }}"
          # Update tauri.conf.json
          jq --arg version "${{ inputs.new_version }}" '.version = $version | .bundle.createUpdaterArtifacts = true' ./src-tauri/tauri.conf.json > /tmp/tauri.conf.json
          mv /tmp/tauri.conf.json ./src-tauri/tauri.conf.json         
          if [ "${{ inputs.channel }}" != "stable" ]; then
            jq '.bundle.linux.deb.files = {"usr/bin/bun": "resources/bin/bun",
                                           "usr/lib/Jan-${{ inputs.channel }}/binaries": "binaries/deps",  
                                           "usr/lib/Jan-${{ inputs.channel }}/binaries/engines": "binaries/engines", 
                                           "usr/lib/Jan-${{ inputs.channel }}/binaries/libvulkan.so": "binaries/libvulkan.so"}' ./src-tauri/tauri.linux.conf.json > /tmp/tauri.linux.conf.json
            mv /tmp/tauri.linux.conf.json ./src-tauri/tauri.linux.conf.json
          fi
          jq --arg version "${{ inputs.new_version }}" '.version = $version' web-app/package.json > /tmp/package.json
          mv /tmp/package.json web-app/package.json

          # Temporarily enable devtool on prod build
          ctoml ./src-tauri/Cargo.toml dependencies.tauri.features[] "devtools"
          cat ./src-tauri/Cargo.toml

          ctoml ./src-tauri/Cargo.toml package.version "${{ inputs.new_version }}"
          cat ./src-tauri/Cargo.toml

          # Change app name for beta and nightly builds
          if [ "${{ inputs.channel }}" != "stable" ]; then
            jq '.plugins.updater.endpoints = ["https://delta.jan.ai/${{ inputs.channel }}/latest.json"]' ./src-tauri/tauri.conf.json > /tmp/tauri.conf.json
            mv /tmp/tauri.conf.json ./src-tauri/tauri.conf.json

            chmod +x .github/scripts/rename-tauri-app.sh
            .github/scripts/rename-tauri-app.sh ./src-tauri/tauri.conf.json ${{ inputs.channel }}

            cat ./src-tauri/tauri.conf.json
            
            # Update Cargo.toml
            ctoml ./src-tauri/Cargo.toml package.name "Jan-${{ inputs.channel }}"
            ctoml ./src-tauri/Cargo.toml dependencies.tauri.features[] "devtools"
            echo "------------------"
            cat ./src-tauri/Cargo.toml

            chmod +x .github/scripts/rename-workspace.sh
            .github/scripts/rename-workspace.sh ./package.json ${{ inputs.channel }}
            cat ./package.json
          fi
      - name: Build app
        run: |
          make build-tauri

          APP_IMAGE=./src-tauri/target/release/bundle/appimage/$(ls ./src-tauri/target/release/bundle/appimage/ | grep AppImage | head -1)
          yarn tauri signer sign \
          --private-key "$TAURI_SIGNING_PRIVATE_KEY" \
          --password "$TAURI_SIGNING_PRIVATE_KEY_PASSWORD" \
          "$APP_IMAGE"

        env:
          RELEASE_CHANNEL: "${{ inputs.channel }}"
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          POSTHOG_KEY: ${{ secrets.POSTHOG_KEY }}
          POSTHOG_HOST: ${{ secrets.POSTHOG_HOST }}
          # CORTEX_API_PORT: ${{ inputs.cortex_api_port }}
          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
          TAURI_SIGNING_PUBLIC_KEY: ${{ secrets.TAURI_SIGNING_PUBLIC_KEY }}

      # Publish app

      ## Artifacts, for dev and test
      - name: Upload Artifact
        if: inputs.public_provider != 'github'
        uses: actions/upload-artifact@v4
        with:
          name: jan-linux-amd64-${{ inputs.new_version }}-deb
          path: ./src-tauri/target/release/bundle/deb/*.deb

      - name: Upload Artifact
        if: inputs.public_provider != 'github'
        uses: actions/upload-artifact@v4
        with:
          name: jan-linux-amd64-${{ inputs.new_version }}-AppImage
          path: ./src-tauri/target/release/bundle/appimage/*.AppImage

      ## create zip file and latest-linux.yml for linux electron auto updater
      - name: Create zip file and latest-linux.yml for linux electron auto updater
        id: packageinfo
        run: |
          cd ./src-tauri/target/release/bundle

          if [ "${{ inputs.channel }}" != "stable" ]; then
            DEB_FILE_NAME=Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.deb
            APPIMAGE_FILE_NAME=Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.AppImage
            DEB_SIG=$(cat deb/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.deb.sig)
            APPIMAGE_SIG=$(cat appimage/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.AppImage.sig)
          else
            DEB_FILE_NAME=Jan_${{ inputs.new_version }}_amd64.deb
            APPIMAGE_FILE_NAME=Jan_${{ inputs.new_version }}_amd64.AppImage
            DEB_SIG=$(cat deb/Jan_${{ inputs.new_version }}_amd64.deb.sig)
            APPIMAGE_SIG=$(cat appimage/Jan_${{ inputs.new_version }}_amd64.AppImage.sig)
          fi

          DEB_FILE_SIZE=$(stat -c%s deb/$DEB_FILE_NAME)
          APPIMAGE_FILE_SIZE=$(stat -c%s appimage/$APPIMAGE_FILE_NAME)
          echo "deb file size: $DEB_FILE_SIZE"
          echo "appimage file size: $APPIMAGE_FILE_SIZE"

          DEB_SH512_CHECKSUM=$(python3 ../../../../.github/scripts/electron-checksum.py deb/$DEB_FILE_NAME)
          APPIMAGE_SH512_CHECKSUM=$(python3 ../../../../.github/scripts/electron-checksum.py appimage/$APPIMAGE_FILE_NAME)
          echo "deb sh512 checksum: $DEB_SH512_CHECKSUM"
          echo "appimage sh512 checksum: $APPIMAGE_SH512_CHECKSUM"

          CURRENT_TIME=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")
          echo "releaseDate: $CURRENT_TIME"

          # Create latest-linux.yml file
          echo "version: ${{ inputs.new_version }}" > latest-linux.yml
          echo "files:" >> latest-linux.yml
          echo "  - url: $DEB_FILE_NAME" >> latest-linux.yml
          echo "    sha512: $DEB_SH512_CHECKSUM" >> latest-linux.yml
          echo "    size: $DEB_FILE_SIZE" >> latest-linux.yml
          echo "  - url: $APPIMAGE_FILE_NAME" >> latest-linux.yml
          echo "    sha512: $APPIMAGE_SH512_CHECKSUM" >> latest-linux.yml
          echo "    size: $APPIMAGE_FILE_SIZE" >> latest-linux.yml
          echo "path: $APPIMAGE_FILE_NAME" >> latest-linux.yml
          echo "sha512: $APPIMAGE_SH512_CHECKSUM" >> latest-linux.yml
          echo "releaseDate: $CURRENT_TIME" >> latest-linux.yml

          cat latest-linux.yml
          cp latest-linux.yml beta-linux.yml

          echo "DEB_SIG=$DEB_SIG" >> $GITHUB_OUTPUT
          echo "APPIMAGE_SIG=$APPIMAGE_SIG" >> $GITHUB_OUTPUT
          echo "DEB_FILE_NAME=$DEB_FILE_NAME" >> $GITHUB_OUTPUT
          echo "APPIMAGE_FILE_NAME=$APPIMAGE_FILE_NAME" >> $GITHUB_OUTPUT

      ## Upload to s3 for nightly and beta
      - name: upload to aws s3 if public provider is aws
        if: inputs.public_provider == 'aws-s3' || inputs.channel == 'beta'
        run: |
          cd ./src-tauri/target/release/bundle

          # Upload for electron updater for nightly
          aws s3 cp ./latest-linux.yml s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/latest-linux.yml
          aws s3 cp ./beta-linux.yml s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/beta-linux.yml

          # Upload for tauri updater
          aws s3 cp ./appimage/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.AppImage s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.AppImage
          aws s3 cp ./deb/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.deb s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.deb
          aws s3 cp ./appimage/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.AppImage.sig s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.AppImage.sig
          aws s3 cp ./deb/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.deb.sig s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.deb.sig
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: ${{ secrets.DELTA_AWS_REGION }}
          AWS_EC2_METADATA_DISABLED: 'true'

      ## Upload to github release for stable release
      - name: Upload release assert if public provider is github
        if: inputs.channel == 'stable'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ inputs.upload_url }}
          asset_path: ./src-tauri/target/release/bundle/latest-linux.yml
          asset_name: latest-linux.yml
          asset_content_type: text/yaml

      - name: Upload release assert if public provider is github
        if: inputs.channel == 'beta'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ inputs.upload_url }}
          asset_path: ./src-tauri/target/release/bundle/beta-linux.yml
          asset_name: beta-linux.yml
          asset_content_type: text/yaml
      - name: Upload release assert if public provider is github
        if: inputs.public_provider == 'github'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ inputs.upload_url }}
          asset_path: ./src-tauri/target/release/bundle/appimage/${{ steps.packageinfo.outputs.APPIMAGE_FILE_NAME }}
          asset_name: ${{ steps.packageinfo.outputs.APPIMAGE_FILE_NAME }}
          asset_content_type: application/octet-stream

      - name: Upload release assert if public provider is github
        if: inputs.public_provider == 'github'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ inputs.upload_url }}
          asset_path: ./src-tauri/target/release/bundle/deb/${{ steps.packageinfo.outputs.DEB_FILE_NAME }}
          asset_name: ${{ steps.packageinfo.outputs.DEB_FILE_NAME }}
          asset_content_type: application/octet-stream