name: Build and Test
on:
    pull_request: {}
    push:
        branches: [develop, staging, master]
concurrency:
    group: ${{ github.workflow }}-${{ github.ref }}
    cancel-in-progress: true
jobs:
    fetch:
        uses: ./.github/workflows/build_prepare.yaml
        with:
            config: ${{ github.event.pull_request.base.ref == 'develop' && 'element.io/nightly' || 'element.io/release' }}
            version: ${{ github.event.pull_request.base.ref == 'develop' && 'develop' || '' }}

    windows:
        needs: fetch
        name: Windows
        uses: ./.github/workflows/build_windows.yaml
        strategy:
            matrix:
                arch: [x64, ia32]
        with:
            arch: ${{ matrix.arch }}

    # This allows core contributors to test changes to the dockerbuild image within a pull request
    linux_docker:
        name: Linux docker
        runs-on: ubuntu-latest
        if: github.event_name == 'pull_request'
        outputs:
            docker-image: ${{ steps.docker.outputs.image }}
        permissions:
            contents: read
            packages: write
        env:
            REGISTRY: ghcr.io
            IMAGE_NAME: ${{ github.repository }}-dockerbuild-pr
        steps:
            - uses: actions/checkout@v4

            - name: "Get modified files"
              id: changed_files
              uses: tj-actions/changed-files@716b1e13042866565e00e85fd4ec490e186c4a2f # v41
              with:
                  files: |
                      dockerbuild/**
            - name: Log in to the Container registry
              if: steps.changed_files.outputs.any_modified == 'true'
              uses: docker/login-action@3d58c274f17dffee475a5520cbe67f0a882c4dbb
              with:
                  registry: ${{ env.REGISTRY }}
                  username: ${{ github.actor }}
                  password: ${{ secrets.GITHUB_TOKEN }}

            - id: docker
              if: steps.changed_files.outputs.any_modified == 'true'
              run: |
                  echo "image=$IMAGE:$PR" >> $GITHUB_OUTPUT
              env:
                  IMAGE: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
                  PR: ${{ github.event.pull_request.number }}

            - name: Build and push Docker image
              if: steps.changed_files.outputs.any_modified == 'true'
              uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5
              with:
                  context: dockerbuild
                  push: true
                  tags: ${{ steps.docker.outputs.image }}

    linux:
        needs:
            - fetch
            - linux_docker
        name: "Linux (${{ matrix.arch }}) (sqlcipher: ${{ matrix.sqlcipher }})"
        uses: ./.github/workflows/build_linux.yaml
        strategy:
            matrix:
                sqlcipher: [system, static]
                arch: [amd64, arm64]
                exclude:
                    # FIXME: This combination yields a broken Seshat at this time
                    # Errors at launch with `undefined symbol: PKCS5_PBKDF2_HMAC
                    - arch: arm64
                      sqlcipher: static
        with:
            config: ${{ github.event.pull_request.base.ref == 'develop' && 'element.io/nightly' || 'element.io/release' }}
            sqlcipher: ${{ matrix.sqlcipher }}
            docker-image: ${{ needs.linux_docker.outputs.docker-image }}
            arch: ${{ matrix.arch }}

    macos:
        needs: fetch
        name: macOS
        uses: ./.github/workflows/build_macos.yaml

    test:
        needs:
            - macos
            - linux
            - windows
        strategy:
            matrix:
                include:
                    - name: macOS Universal
                      os: macos
                      artifact: macos
                      executable: "/Users/runner/Applications/Element.app/Contents/MacOS/Element"
                      # We need to mount the DMG and copy the app to the Applications folder as a mounted DMG is
                      # read-only and thus would not allow us to override the fuses as is required for Playwright.
                      prepare_cmd: |
                          hdiutil attach ./dist/*.dmg -mountpoint /Volumes/Element &&
                          rsync -a /Volumes/Element/Element.app ~/Applications/ &&
                          hdiutil detach /Volumes/Element
                    - name: "Linux (amd64) (sqlcipher: system)"
                      os: ubuntu
                      artifact: linux-amd64-sqlcipher-system
                      executable: "/opt/Element/element-desktop"
                      prepare_cmd: "sudo apt install ./dist/*.deb"
                    - name: "Linux (amd64) (sqlcipher: static)"
                      os: ubuntu
                      artifact: linux-amd64-sqlcipher-static
                      executable: "/opt/Element/element-desktop"
                      prepare_cmd: "sudo apt install ./dist/*.deb"
                    - name: Windows (x86)
                      os: windows
                      artifact: win-ia32
                      executable: "./dist/win-ia32-unpacked/Element.exe"
                    - name: Windows (x64)
                      os: windows
                      artifact: win-x64
                      executable: "./dist/win-unpacked/Element.exe"
        name: Test ${{ matrix.name }}
        runs-on: ${{ matrix.os }}-latest
        steps:
            - uses: actions/checkout@v4

            - uses: actions/setup-node@v4
              with:
                  cache: "yarn"

            - name: Install Deps
              run: "yarn install --frozen-lockfile"

            - uses: actions/download-artifact@v4
              with:
                  name: ${{ matrix.artifact }}
                  path: dist

            - name: Prepare for tests
              run: ${{ matrix.prepare_cmd }}
              if: matrix.prepare_cmd

            # We previously disabled the `EnableNodeCliInspectArguments` fuse, but Playwright requires
            # it to be enabled to test Electron apps, so turn it back on.
            - name: Set EnableNodeCliInspectArguments fuse enabled
              run: $RUN_AS npx @electron/fuses write --app ${{ matrix.executable }} EnableNodeCliInspectArguments=on
              shell: bash
              env:
                  # We need sudo on Linux as it is installed in /opt/
                  RUN_AS: ${{ runner.os == 'Linux' && 'sudo' || '' }}

            - name: Run tests
              uses: coactions/setup-xvfb@b6b4fcfb9f5a895edadc3bc76318fae0ac17c8b3 # v1
              timeout-minutes: 5
              with:
                  run: "yarn test ${{ runner.os != 'Linux' && '--ignore-snapshots' || '' }}"
              env:
                  ELEMENT_DESKTOP_EXECUTABLE: ${{ matrix.executable }}

            - name: Upload HTML report
              uses: actions/upload-artifact@v3
              with:
                  name: ${{ matrix.artifact }}-test
                  path: playwright-report
                  retention-days: 14