PromucFlow_constructor/.github/workflows/client-build.yml

name: Client Build

on:
  workflow_call:
    inputs:
      pr:
        description: "This is the PR number in case the workflow is being called in a pull request"
        required: false
        type: number
      skip-tests:
        description: "This is a boolean value in case the workflow is being called in build deploy-preview"
        required: false
        type: string
        default: "false"
      branch:
        description: "This is the branch to be used for the build."
        required: false
        type: string

permissions:
  contents: read
  pull-requests: write

# Change the working directory for all "run" steps in this workflow
defaults:
  run:
    working-directory: app/client
    shell: bash

jobs:
  client-build:
    runs-on: ${{ vars.RUNNER_CLIENT_BUILD }}
    # Only run this workflow for internally triggered events
    if: |
      github.event.pull_request.head.repo.full_name == github.repository ||
      github.event_name == 'push' ||
      github.event_name == 'workflow_dispatch' ||
      github.event_name == 'repository_dispatch' ||
      github.event_name == 'schedule'      

    steps:
      # The checkout steps MUST happen first because the default directory is set according to the code base.
      # GitHub Action expects all future commands to be executed in the code directory. Hence, we need to check out
      # the code before doing anything else.

      # Check out merge commit with the base branch in case this workflow is invoked via pull request
      - name: Checkout the merged commit from PR and base branch
        if: inputs.pr != 0
        uses: actions/checkout@v4
        with:
          fetch-tags: true
          ref: refs/pull/${{ inputs.pr }}/merge

      # Check out the specified branch in case this workflow is called by another workflow
      - name: Checkout the specified branch
        if: inputs.pr == 0 && inputs.branch != ''
        uses: actions/checkout@v4
        with:
          fetch-tags: true
          ref: ${{ inputs.branch }}

      # Checkout the code in the current branch in case the workflow is called because of a branch push event
      - name: Checkout the head commit of the branch
        if: inputs.pr == 0 && inputs.branch == ''
        uses: actions/checkout@v4
        with:
          fetch-tags: true

      - name: Get changed files in the client folder
        id: changed-files-specific
        uses: tj-actions/changed-files@v46
        with:
          files: "app/client/**"

      # - name: Updating the client changed file variable
      #   id: changed-files-specific
      #   run: echo "any_changed=true" >> "$GITHUB_OUTPUT"

      - name: Run step if any file(s) in the client folder change
        if: steps.changed-files-specific.outputs.any_changed == 'true'
        env:
          ALL_CHANGED_FILES: ${{ steps.changed-files-specific.outputs.all_changed_files }}
        run: |
          echo "One or more files in the server folder has changed."
          echo "List all the files that have changed: $ALL_CHANGED_FILES"          

      - name: Check compliance
        if: inputs.pr != 0 && steps.changed-files-specific.outputs.any_changed == 'true'
        uses: actions/github-script@v7
        env:
          NODE_PATH: "${{ github.workspace }}/.github/workflows/scripts"
          PR_NUMBER: ${{ inputs.pr }}
        with:
          script: |
            await require("client-build-compliance.js")({core, github, context})            

      # In case this is second attempt try restoring status of the prior attempt from cache
      - name: Restore the previous run result
        if: steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule'
        uses: actions/cache@v4
        with:
          path: |
            ~/run_result            
          key: ${{ github.run_id }}-${{ github.job }}-client

      # Fetch prior run result
      - name: Get the previous run result
        if: steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule'
        id: run_result
        run: cat ~/run_result 2>/dev/null || echo 'default'

      # In case of prior failure run the job
      - if: steps.run_result.outputs.run_result != 'success' && (steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule')
        run: echo "I'm alive!" && exit 0

      - name: Use Node.js
        if: steps.run_result.outputs.run_result != 'success' && (steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule')
        uses: actions/setup-node@v4
        with:
          node-version-file: app/client/package.json

      # actions/setup-node@v4 doesn’t work properly with Yarn 3
      # when the project lives in a subdirectory: https://github.com/actions/setup-node/issues/488
      # Restoring the cache manually instead
      - name: Restore Yarn cache
        if: steps.run_result.outputs.run_result != 'success' && (steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule')
        uses: actions/cache@v4
        id: cache-dependencies
        with:
          path: |
            app/client/.yarn/cache
            app/client/node_modules/.cache/webpack/            
          key: v1-yarn3-${{ hashFiles('app/client/yarn.lock') }}

      # Install all the dependencies
      - name: Install dependencies
        if: steps.run_result.outputs.run_result != 'success' && (steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule')
        run: yarn install --immutable

      # Type checking before starting the build
      - name: Run type check
        if: steps.run_result.outputs.run_result != 'success' && (steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule')
        run: yarn run check-types

      - name: Set the build environment based on the branch
        if: steps.run_result.outputs.run_result != 'success' && (steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule')
        id: vars
        run: |
          set +o pipefail
          echo "REACT_APP_ENVIRONMENT=DEVELOPMENT" >> $GITHUB_OUTPUT
          if [[ "${{github.ref}}" == "refs/heads/master" ]]; then
              echo "REACT_APP_ENVIRONMENT=PRODUCTION" >> $GITHUB_OUTPUT
          fi
          if [[ "${{github.ref}}" == "refs/heads/release" ]]; then
              echo "REACT_APP_ENVIRONMENT=STAGING" >> $GITHUB_OUTPUT
          fi          

      # We burn React environment & the Segment analytics key into the build itself.
      # This is to ensure that we don't need to configure it in each installation.
      # Client build fails only on errors (EXIT_CODE > 1); warnings (EXIT_CODE <= 1) don’t affect it.
      - name: Create the bundle
        if: steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule'
        run: |
          if [[ "${{ github.ref }}" == "refs/heads/master" ]]; then
            export REACT_APP_SEGMENT_CE_KEY="${{ secrets.APPSMITH_SEGMENT_CE_KEY }}"
          else
            export REACT_APP_SEGMENT_CE_KEY="${{ secrets.APPSMITH_SEGMENT_CE_KEY_RELEASE }}"
          fi
          REACT_APP_ENVIRONMENT=${{steps.vars.outputs.REACT_APP_ENVIRONMENT}} \
          REACT_APP_FARO_APP_ID=${{ secrets.REACT_APP_FARO_APP_ID }} \
          REACT_APP_FARO_APP_NAME=${{ secrets.REACT_APP_FARO_APP_NAME }} \
          REACT_APP_FARO_SOURCEMAP_UPLOAD_API_KEY=${{ secrets.REACT_APP_FARO_SOURCEMAP_UPLOAD_API_KEY }} \
          REACT_APP_FARO_SOURCEMAP_UPLOAD_ENDPOINT=${{ secrets.REACT_APP_FARO_SOURCEMAP_UPLOAD_ENDPOINT }} \
          REACT_APP_FARO_STACK_ID=${{ secrets.REACT_APP_FARO_STACK_ID }} \
          REACT_APP_FUSIONCHARTS_LICENSE_KEY=${{ secrets.APPSMITH_FUSIONCHARTS_LICENSE_KEY }} \
          SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} \
          REACT_APP_VERSION_EDITION="Community" \
          yarn build || EXIT_CODE=$?

          if [ -n "$EXIT_CODE" ] && [ "$EXIT_CODE" -gt 1 ]; then
            exit $EXIT_CODE
          fi          

      # Saving the cache to use it in subsequent runs
      - name: Save Yarn cache
        uses: actions/cache/save@v4
        if: steps.cache-dependencies.outputs.cache-hit != 'true' && (steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule')
        with:
          path: |
            app/client/.yarn/cache
            app/client/node_modules/.cache/webpack/            
          key: v1-yarn3-${{ hashFiles('app/client/yarn.lock') }}

      # Restore the previous built bundle if present. If not push the newly built into the cache
      - name: Restore the previous bundle
        if: steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule'
        uses: actions/cache@v4
        with:
          path: |
            app/client/build/            
          key: ${{ github.run_id }}-${{ github.job }}-client

      - name: Pack the client build directory
        if: steps.changed-files-specific.outputs.any_changed == 'true' ||  github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule'
        run: |
          tar -cvf ./build.tar -C build .          

      - name: Fetch client build from cache
        if: steps.changed-files-specific.outputs.any_changed == 'false' && success()  && github.event_name != 'push' && github.event_name != 'workflow_dispatch'  && github.event_name != 'schedule'
        env:
          cachetoken: ${{ secrets.CACHETOKEN }}
          reponame: ${{ github.event.repository.name }}
          gituser: ${{ secrets.CACHE_GIT_USER }}
          gituseremail: ${{ secrets.CACHE_GIT_EMAIL }}
        run: |
          mkdir cacherepo
          cd ./cacherepo
          git lfs install
          git config --global user.email "$gituseremail"
          git config --global user.name "$gituser"
          git clone https://$cachetoken@github.com/appsmithorg/cibuildcache.git
          if [ "$reponame" = "appsmith" ]; then export repodir="CE"; fi
          if [ "$reponame" = "appsmith-ee" ]; then export repodir="EE"; fi
          cd cibuildcache/$repodir/release/client
          git lfs install
          git lfs migrate import --everything --yes
          git lfs pull ./build.tar
          mv ./build.tar ../../../../../build.tar          

      # Upload the build artifact so that it can be used by the test & deploy job in the workflow
      - name: Upload react build bundle
        uses: actions/upload-artifact@v4
        with:
          name: client-build
          path: app/client/build.tar
          overwrite: true

      - name: Put release build in cache
        if: success() && github.ref == 'refs/heads/release' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule')
        env:
          cachetoken: ${{ secrets.CACHETOKEN }}
          reponame: ${{ github.event.repository.name }}
          gituser: ${{ secrets.CACHE_GIT_USER }}
          gituseremail: ${{ secrets.CACHE_GIT_EMAIL }}
        # git lfs update --force in the script below overrides appsmith git hooks with git lfs hooks since appsmith hooks are not required during workflow runs
        run: |
          pwd
          mkdir cacherepo
          cd ./cacherepo
          git config --global user.email "$gituseremail"
          git config --global user.name "$gituser"
          git clone https://$cachetoken@github.com/appsmithorg/cibuildcache.git
          git lfs update --force
          git lfs install
          cd cibuildcache/
          if [ "$reponame" = "appsmith" ]; then export repodir="CE"; fi
          if [ "$reponame" = "appsmith-ee" ]; then export repodir="EE"; fi
          cd $repodir/release/client
          cp ../../../../../build.tar ./
          git lfs track "build.tar"
          git add  build.tar
          git commit --allow-empty -m "Update Latest build.tar"
          git push          

      # Set status = success
      - name: Save the status of the run
        run: echo "run_result=success" >> $GITHUB_OUTPUT > ~/run_result