name: Linux Release Build

on:
  workflow_call:
    inputs:
      build-version:
        description: 'The version to build'
        required: true
        type: string
      release-branch:
        description: 'The branch to build'
        required: true
        type: string
      MOZ_BUILD_DATE:
        type: string
        required: true
        default: ''
      use-sccache:
        description: 'Use sccache'
        required: true
        type: boolean
        default: false

jobs:
  build-linux:
    permissions:
      contents: write
    # aarch64 does not need full 16x
    runs-on: ${{ (inputs.release-branch == 'release' && matrix.arch == 'x86_64') && 'self-hosted' || 'blacksmith-8vcpu-ubuntu-2404' }}
    strategy:
      fail-fast: false
      matrix:
        arch: [x86_64, aarch64]
    env:
      SCCACHE_GHA_ENABLED: ${{ inputs.use-sccache && 'true' || 'false' }}
      CARGO_TERM_COLOR: always
      RUSTC_WRAPPER: ${{ inputs.use-sccache && 'sccache' || '' }}
      CARGO_INCREMENTAL: 0
    name: Build Linux - ${{ matrix.arch }}

    steps:
      - name: Free Disk Space (Ubuntu)
        uses: jlumbroso/free-disk-space@main
        with:
          tool-cache: false

      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          submodules: recursive
          token: ${{ secrets.DEPLOY_KEY }}

      - name: Setup Node.js
        uses: useblacksmith/setup-node@v5
        with:
          node-version-file: '.nvmrc'

      - name: Run sccache-cache
        uses: mozilla-actions/sccache-action@main
        if: ${{ inputs.use-sccache }}
        with:
          disable_annotations: true

      - name: Expose actions cache variables
        uses: actions/github-script@v6
        with:
          script: |
            core.exportVariable('ACTIONS_CACHE_URL', process.env['ACTIONS_CACHE_URL'])
            core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN'])

      - name: Setup Git
        run: |
          git config --global user.email "mauro-balades@users.noreply.github.com"
          git config --global user.name "mauro-balades"

      - name: Install system dependencies
        run: |
          set -x
          sudo apt-get update --fix-missing
          sudo apt-get update
          sudo apt-get install -y python3 python3-pip dos2unix yasm nasm build-essential libgtk2.0-dev libpython3-dev m4 uuid libasound2-dev libcurl4-openssl-dev libdbus-1-dev libdrm-dev libdbus-glib-1-dev libgtk-3-dev libpulse-dev libx11-xcb-dev libxt-dev xvfb lld llvm

      - name: Install dependencies
        run: |
          npm ci

      - name: Load Surfer CI setup
        run: npm run surfer -- ci --brand ${{ inputs.release-branch }} --display-version ${{ inputs.build-version }}

      - name: Download Firefox source and dependencies
        run: npm run download

      - name: Fix Rust version
        run: |
          # Install a rust version compatible with LLVM 18
          curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain $(cat .rust-toolchain)
          source $HOME/.cargo/env

          if test "${{ matrix.arch }}" = "aarch64"; then
            rustup target add aarch64-unknown-linux-gnu
          else
            rustup target add x86_64-unknown-linux-gnu
          fi

      - name: Import
        env:
          SURFER_COMPAT: ${{ matrix.arch }}
        run: |
          . "$HOME/.cargo/env"
          npm run import

      - name: Build language packs
        run: sh scripts/download-language-packs.sh

      - name: Bootstrap
        run: |
          cd engine
          export SURFER_PLATFORM="linux"
          ./mach --no-interactive bootstrap --application-choice browser
          cd ..

      - name: Insert API Keys
        run: |
          mkdir -p ~/.zen-keys
          echo "${{ secrets.ZEN_SAFEBROWSING_API_KEY }}" > ~/.zen-keys/safebrowsing.dat

      - name: Build
        env:
          SURFER_COMPAT: ${{ matrix.arch }}
          ZEN_RELEASE_BRANCH: ${{ inputs.release-branch }}
        continue-on-error: true
        run: |
          export SURFER_PLATFORM="linux"
          if [[ -n ${{ inputs.MOZ_BUILD_DATE }} ]];then
            export MOZ_BUILD_DATE=${{ inputs.MOZ_BUILD_DATE }}
          fi
          bash .github/workflows/src/release-build.sh

      - name: Package
        env:
          SURFER_COMPAT: ${{ matrix.arch }}
          ZEN_GA_DISABLE_PGO: true
        run: |
          export SURFER_PLATFORM="linux"
          export ZEN_RELEASE=1
          npm run package

      - name: Remove API Keys
        run: |
          rm -rf ~/.zen-keys

      - name: Rename artifacts
        run: |
          mv dist/zen-*.tar.xz "zen.linux-${{ matrix.arch }}.tar.xz"
          mv dist/output.mar linux${{ matrix.arch == 'aarch64' && '-aarch64' || '' }}.mar

      - name: Upload build artifact (binary)
        uses: actions/upload-artifact@v4
        with:
          retention-days: 5
          name: zen.linux-${{ matrix.arch }}.tar.xz
          path: ./zen.linux-${{ matrix.arch }}.tar.xz

      - name: Upload build artifact (.mar)
        uses: actions/upload-artifact@v4
        with:
          retention-days: 5
          name: linux${{ matrix.arch == 'aarch64' && '-aarch64' || '' }}.mar
          path: ./linux${{ matrix.arch == 'aarch64' && '-aarch64' || '' }}.mar

      - name: Upload build artifact (update manifests)
        uses: actions/upload-artifact@v4
        with:
          retention-days: 5
          name: linux_update_manifest_${{ matrix.arch }}
          path: ./dist/update