eigent/.github/workflows/build.yml

name: Build

on:
  push:
    tags:
      - "v*"
    paths-ignore:
      - "**.md"
      - "**.spec.js"
      - ".idea"
      - ".vscode"
      - ".dockerignore"
      - "Dockerfile"
      - ".gitignore"
      - ".github/**"
      - "!.github/workflows/build.yml"

permissions:
  contents: write

jobs:
  build:
    runs-on: ${{ matrix.os }}

    strategy:
      matrix:
        include:
          - os: [self-hosted, macOS, ARM64]
            arch: arm64
            artifact_name: macos-arm64
          - os: windows-latest
            arch: x64
            artifact_name: windows-latest
          - os: ubuntu-latest
            arch: x64
            artifact_name: ubuntu-latest

    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
        with:
          clean: true

      # Clean node_modules on self-hosted runner to ensure fresh install
      - name: Clean node_modules (self-hosted)
        if: contains(matrix.os, 'self-hosted')
        run: |
          rm -rf node_modules
          rm -rf release

      - name: Setup Node.js
        if: "!contains(matrix.os, 'self-hosted')"
        uses: actions/setup-node@v6
        with:
          node-version: 20

      - name: Setup Python
        if: "!contains(matrix.os, 'self-hosted')"
        uses: actions/setup-python@v6
        with:
          python-version: "3.11"

      - name: Install Python Dependencies
        run: |
          python3 -m pip install --upgrade pip
          pip3 install uv

      - name: Install Dependencies
        run: npm install

      # Verify Electron installation on macOS
      - name: Verify Electron Installation (macOS)
        if: runner.os == 'macOS'
        run: |
          echo "Checking Electron installation..."
          ls -la node_modules/electron/dist/ || echo "Electron dist not found"
          if [ -d "node_modules/electron/dist/Electron.app" ]; then
            echo "✅ Electron.app found"
            ls -la "node_modules/electron/dist/Electron.app/Contents/Frameworks/" | head -5
          else
            echo "❌ Electron.app NOT found - this will cause build failure"
            exit 1
          fi

      # Install libfuse2 for Linux AppImage builds
      - name: Install libfuse2 (Linux)
        if: runner.os == 'Linux'
        run: |
          sudo apt-get update
          sudo apt-get install -y libfuse2

      # Step for macOS builds with signing
      - name: Build Release Files (macOS with signing)
        if: runner.os == 'macOS'
        run: |
          # Increase file descriptor limit to prevent EMFILE errors during signing
          ulimit -n 65536 || ulimit -n 10240
          echo "File descriptor limit set to: $(ulimit -n)"
          npm run build -- --arch ${{ matrix.arch }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          CSC_LINK: ${{ secrets.CERT_P12 }}
          CSC_KEY_PASSWORD: ${{ secrets.CERT_PASSWORD }}
          APPLE_ID: ${{ secrets.APPLE_ID }}
          APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
          VITE_BASE_URL: ${{ secrets.VITE_BASE_URL }}
          VITE_STACK_PROJECT_ID: ${{ secrets.VITE_STACK_PROJECT_ID }}
          VITE_STACK_PUBLISHABLE_CLIENT_KEY: ${{ secrets.VITE_STACK_PUBLISHABLE_CLIENT_KEY }}
          VITE_STACK_SECRET_SERVER_KEY: ${{ secrets.VITE_STACK_SECRET_SERVER_KEY }}

      # Step for Windows builds without signing
      - name: Build Release Files (Windows without signing)
        if: runner.os == 'Windows'
        run: npm run build -- --arch ${{ matrix.arch }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          VITE_BASE_URL: ${{ secrets.VITE_BASE_URL }}
          VITE_STACK_PROJECT_ID: ${{ secrets.VITE_STACK_PROJECT_ID }}
          VITE_STACK_PUBLISHABLE_CLIENT_KEY: ${{ secrets.VITE_STACK_PUBLISHABLE_CLIENT_KEY }}
          VITE_STACK_SECRET_SERVER_KEY: ${{ secrets.VITE_STACK_SECRET_SERVER_KEY }}

      # Step for Linux builds
      - name: Build Release Files (Linux)
        if: runner.os == 'Linux'
        run: npm run build:linux
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          VITE_BASE_URL: ${{ secrets.VITE_BASE_URL }}
          VITE_STACK_PROJECT_ID: ${{ secrets.VITE_STACK_PROJECT_ID }}
          VITE_STACK_PUBLISHABLE_CLIENT_KEY: ${{ secrets.VITE_STACK_PUBLISHABLE_CLIENT_KEY }}
          VITE_STACK_SECRET_SERVER_KEY: ${{ secrets.VITE_STACK_SECRET_SERVER_KEY }}

      # Verify built app contains Electron Framework
      - name: Verify Built App (macOS)
        if: runner.os == 'macOS'
        run: |
          echo "Checking built app..."
          APP_PATH=$(find release -name "*.app" -type d | head -1)
          if [ -n "$APP_PATH" ]; then
            echo "Found app at: $APP_PATH"
            FRAMEWORKS_PATH="$APP_PATH/Contents/Frameworks"
            if [ -d "$FRAMEWORKS_PATH/Electron Framework.framework" ]; then
              echo "✅ Electron Framework found"
              ls -la "$FRAMEWORKS_PATH/" | head -10
            else
              echo "❌ Electron Framework NOT found in built app!"
              echo "Contents of Frameworks directory:"
              ls -la "$FRAMEWORKS_PATH/" 2>/dev/null || echo "Frameworks directory does not exist"
              exit 1
            fi
          else
            echo "No .app found in release directory"
            ls -la release/
          fi

      - name: Upload Artifact
        uses: actions/upload-artifact@v6
        with:
          name: release-${{ matrix.artifact_name }}-${{ matrix.arch }}
          path: |
            release/*
            !release/builder-debug.yml
            !release/builder-effective-config.yaml
          retention-days: 5
  merge-release:
    needs: build
    runs-on: ubuntu-latest
    steps:
      - name: Create directories
        run: |
          mkdir -p release/mac-arm64 release/win-x64 release/linux-x64

      - name: Download mac-arm64 artifact
        uses: actions/download-artifact@v7
        with:
          name: release-macos-arm64-arm64
          path: temp-mac-arm64

      - name: Download win-x64 artifact
        uses: actions/download-artifact@v7
        with:
          name: release-windows-latest-x64
          path: temp-win-x64

      - name: Download linux-x64 artifact
        uses: actions/download-artifact@v7
        with:
          name: release-ubuntu-latest-x64
          path: temp-linux-x64

      # Move files to final release directory, removing any nested release/ directory
      - name: Move files to clean folders
        shell: bash
        run: |
          # mac-arm64
          if [ -d "temp-mac-arm64/release" ]; then
            mv temp-mac-arm64/release/* release/mac-arm64/ || true
          else
            mv temp-mac-arm64/* release/mac-arm64/ || true
          fi

          # win-x64
          if [ -d "temp-win-x64/release" ]; then
            mv temp-win-x64/release/* release/win-x64/ || true
          else
            mv temp-win-x64/* release/win-x64/ || true
          fi

          # linux-x64
          if [ -d "temp-linux-x64/release" ]; then
            mv temp-linux-x64/release/* release/linux-x64/ || true
          else
            mv temp-linux-x64/* release/linux-x64/ || true
          fi

      # Create GitHub Release
      - name: Create GitHub Release
        if: startsWith(github.ref, 'refs/tags/')
        uses: softprops/action-gh-release@v1
        with:
          files: |
            release/mac-arm64/*
            release/win-x64/*
            release/linux-x64/*
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}