# This workflow relies on actions/cache to store the hak dependency artifacts as they take a long time to build
# Due to this extra care must be taken to only ever run all build_* scripts against the same branch to ensure
# the correct cache scoping, and additional care must be taken to not run untrusted actions on the develop branch.
on:
    workflow_call:
        inputs:
            version:
                type: string
                required: false
                description: "Version string to override the one in package.json, used for non-release builds"
            sqlcipher:
                type: string
                required: true
                description: "How to link sqlcipher, one of 'system' | 'static'"
jobs:
    build:
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v3

            - uses: actions/download-artifact@v3
              with:
                  name: webapp

            - name: Cache .hak
              id: cache
              uses: actions/cache@v3
              with:
                  key: ${{ runner.os }}-${{ hashFiles('hakDependencies.json', 'electronVersion') }}
                  path: |
                      ./.hak

            - name: Install Rust
              if: steps.cache.outputs.cache-hit != 'true'
              uses: actions-rs/toolchain@v1
              with:
                  toolchain: stable

            - name: Install libsqlcipher-dev
              if: steps.cache.outputs.cache-hit != 'true' && inputs.sqlcipher == 'system'
              run: sudo apt-get install -y libsqlcipher-dev

            - uses: actions/setup-node@v3
              with:
                  cache: "yarn"

            # Does not need branch matching as only analyses this layer
            - name: Install Deps
              run: "yarn install --pure-lockfile"

            - name: Build Natives
              if: steps.cache.outputs.cache-hit != 'true'
              run: "yarn build:native"
              env:
                  SQLCIPHER_STATIC: ${{ inputs.sqlcipher == 'static' && '1' || '' }}

            - name: "[Nightly] Resolve version"
              id: nightly
              if: inputs.version != ''
              run: |
                  echo "config-args=--nightly '${{ inputs.version }}'" >> $GITHUB_OUTPUT

            - name: Generate debian control file
              run: |
                  cp element.io/${{ inputs.version && 'nightly' || 'release' }}/control.template debcontrol
                  INPUT_VERSION="${{ inputs.version }}"
                  VERSION=${INPUT_VERSION:-$(cat package.json | jq -r .version)}
                  echo "Version: $VERSION" >> debcontrol

            - name: Build App
              run: |
                  scripts/generate-builder-config.ts ${{ steps.nightly.outputs.config-args }} --deb-custom-control=debcontrol
                  yarn build --publish never -l --config electron-builder.json

            - name: Upload Artifacts
              uses: actions/upload-artifact@v3
              with:
                  name: linux-sqlcipher-${{ inputs.sqlcipher }}
                  path: dist
                  retention-days: 1