[skip ci] Adjust CI workflow to Github ones

Author: neon-nyan

.github/workflows/release-signed.yml

@@ -4,20 +4,18 @@ name: Publish Signed Builds
 
 on:
   workflow_dispatch:
-    inputs:
-      branch:
-        description: 'Specify branch name (preview/stable/github-signpath-test)'
-        required: true
-        default: 'github-signpath-test'
 
 env:
  BRANCH_NAME: ${{ github.head_ref || github.ref_name }} 
  SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
  DOTNET_INSTALL_DIR: '.\.dotnet' 
- DOTNET_VERSION: '9.x'
+ DOTNET_VERSION: '9.0.3xx'
  DOTNET_QUALITY: 'ga'
  NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages
- SIGNPATH_ARTIFACT_SLUG: 'initial' # change this to 'aot-release' when releasing with AOT
+ SIGNPATH_ARTIFACT_SLUG: 'initial' # change this to 'aot-release' when releasing with AOT or 'initial' for normal release
+ BUILD_PROFILE_PREVIEW: 'Publish-PreviewRelease'
+ BUILD_PROFILE_STABLE: 'Publish-StableRelease'
+ BUILD_PROFILE_DEBUG: 'Publish-DebugCIRelease'
 
 #  schedule:
 #    - cron: '0 0 * * 0' # At 00:00 on Sunday
@@ -28,48 +26,44 @@ jobs:
     strategy:
       matrix:
         platform: [x64]
-        framework: [net9.0-windows10.0.22621.0]
+        framework: [net9.0-windows10.0.26100.0]
 
     env:
       CONFIGURATION_STRATEGY: ""
       PUBLISH_PROFILE: ""
       SIGNING_POLICY_SLUG: ""
       VERSION: ""
       Platform: ${{ matrix.platform }}
-
+      SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
 
     steps:
     - name: Set Configuration and Environment Variables
       id: set_env
       run: |
-        if ($env:GITHUB_EVENT_NAME -eq "workflow_dispatch") {
-          $branch = $env:GITHUB_EVENT_INPUTS_BRANCH
-        } else {
-          $branch = $env:GITHUB_REF_NAME
-        }
+        $branch = $env:GITHUB_REF_NAME
 
         if ($branch -eq "preview") {
           echo "CONFIGURATION_STRATEGY=Release" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          echo "PUBLISH_PROFILE=Publish-PreviewRelease" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          echo "PUBLISH_PROFILE=${{ env.BUILD_PROFILE_PREVIEW }}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
           echo "SIGNING_POLICY_SLUG=release-signing" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
         } elseif ($branch -eq "stable") {
           echo "CONFIGURATION_STRATEGY=Publish" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          echo "PUBLISH_PROFILE=Publish-StableRelease" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          echo "PUBLISH_PROFILE=${{ env.BUILD_PROFILE_STABLE }}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
           echo "SIGNING_POLICY_SLUG=release-signing" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
         } elseif ($branch -eq "github-signpath-test") {
           echo "CONFIGURATION_STRATEGY=Debug" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          echo "PUBLISH_PROFILE=Publish-DebugCIRelease" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          echo "SIGNING_POLICY_SLUG=test-signing" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          echo "PUBLISH_PROFILE=${{ env.BUILD_PROFILE_DEBUG }}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          echo "SIGNING_POLICY_SLUG=test-signing-ci" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
         } else {
           Write-Error "Unknown branch or input: $branch"
           exit 1
         }
 
     - name: Print env
       run: |
-          echo Configuration Strategy: $env:CONFIGURATION_STRATEGY
-          echo Publish Profile: $env:PUBLISH_PROFILE
-          echo Signing Policy: $env:SIGNING_POLICY_SLUG
+          echo "::notice::Configuration Strategy: $env:CONFIGURATION_STRATEGY"
+          echo "::notice::Publish Profile: $env:PUBLISH_PROFILE"
+          echo "::notice::Signing Policy: $env:SIGNING_POLICY_SLUG"
 
     - name: Checkout
       uses: actions/checkout@v4
@@ -86,13 +80,20 @@ jobs:
 
     - name: Build
       run: |
+        dotnet workload update
         dotnet publish CollapseLauncher -c ${{ env.CONFIGURATION_STRATEGY }} -p:PublishProfile=${{ env.PUBLISH_PROFILE }} -p:PublishDir=".\build\"
 
     - name: Prepare publish artifacts
       run: |
+        cd CollapseLauncher
         .\build\CollapseLauncher.exe generatevelopackmetadata
-        $version = ((Get-Item .\build\CollapseLauncher.exe).VersionInfo.FileVersion).TrimEnd(".0")
-        echo Build version: $version
+
+        $version = ((Get-Item .\build\CollapseLauncher.exe).VersionInfo.FileVersion)
+        if ($version.EndsWith(".0")) {
+            $version = $version.Substring(0, $version.Length - 2)
+        }
+
+        echo "::notice::Build version: $version"
         echo "VERSION=$version" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
         mkdir SignArtifact
         mkdir SignArtifact\BuildArtifact-$version
@@ -102,47 +103,90 @@ jobs:
       id: upload-unsigned-artifact
       uses: actions/upload-artifact@v4
       with:
-          name: collapse_${{ env.SIGNING_POLICY_SLUG }}-${{ env.CONFIGURATION_STRATEGY }}_${{ env.PUBLISH_PROFILE }}
+          name: collapse-v${{ env.VERSION }}_${{ env.SIGNING_POLICY_SLUG }}-${{ env.CONFIGURATION_STRATEGY }}_${{ env.PUBLISH_PROFILE }}
           path: ./CollapseLauncher/SignArtifact
           compression-level: 9
 
+    - name: Notify Discord for pending build
+      uses: sarisia/[email protected]
+      if: always()
+      continue-on-error: true
+      with:
+        webhook: ${{ secrets.DISCORD_WEBHOOK_CIRELEASENOTIFIER }}
+        title: Collapse Launcher Release CI build is PENDING!
+        nofail: true
+        color: 0xFF0000
+        url: https://github.com/CollapseLauncher/Collapse/actions/runs/${{ github.run_id }}
+        description: |
+          Commit `${{ github.sha }}` by ${{ github.actor }} in branch `${{ github.ref_name }}`
+          Version: ${{ env.VERSION }}
+          [Click here to view the run](https://github.com/CollapseLauncher/Collapse/actions/runs/${{ github.run_id }})
+          For core maintainers, go to SignPath to sign the build!
+
     - name: Sign Build Artifact with SignPath
-      uses: signpath/github-action-submit-signing-request@v1.1
+      uses: signpath/github-action-submit-signing-request@v1.3
       with:
         api-token: '${{ secrets.SIGNPATH_API_TOKEN }}'
         organization-id: ${{ secrets.SIGNPATH_ORG_ID }}
         project-slug: 'Collapse'
         signing-policy-slug: ${{ env.SIGNING_POLICY_SLUG }}
         github-artifact-id: '${{ steps.upload-unsigned-artifact.outputs.artifact-id }}'
         wait-for-completion: true
-        output-artifact-directory: '/SignedArtifact/'
+        wait-for-completion-timeout-in-seconds: 1200
+        output-artifact-directory: '${{ runner.temp }}/SignedArtifact/'
+        artifact-configuration-slug: ${{ env.SIGNPATH_ARTIFACT_SLUG}}
 
     - name: Process Signed Build
       run: |
-        $buildDir = '\SignedArtifact\BuildArtifact-${{ env.VERSION }}'
-        echo Re-checking build version
-        echo ((Get-Item $buildDir\CollapseLauncher.exe).VersionInfo.FileVersion).TrimEnd(".0")
+        $buildDir = '${{ runner.temp }}\SignedArtifact\BuildArtifact-${{ env.VERSION }}'
+        echo "Re-checking build version"
+        $versionFinal = ((Get-Item $buildDir\CollapseLauncher.exe).VersionInfo.FileVersion)
+        if ($versionFinal.EndsWith(".0")) {
+            $versionFinal = $versionFinal.Substring(0, $versionFinal.Length - 2)
+        }
+        echo "::notice::Final build version: $versionFinal"
+        echo "VERSION=$versionFinal" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+
+    - name: Verify Signed Artifacts
+      run: |
+        $buildDir = '${{ runner.temp }}\SignedArtifact\BuildArtifact-${{ env.VERSION }}'
+        $files = Get-ChildItem -Path "$buildDir" -Recurse -Include "*.exe","*.dll"
+        foreach ($file in $files) {
+          $signature = Get-AuthenticodeSignature $file.FullName
+          if ($signature.Status -ne "Valid") {
+            echo "::error::Invalid signature on $($file.Name): $($signature.Status)"
+          }
+          echo "✓ $($file.Name): $($signature.SignerCertificate.Subject)"
+        }
 
     - name: Re-upload Signed Artifact to GitHub
       uses: actions/upload-artifact@v4
       with:
-          name: (SIGNED)collapse_${{ env.SIGNING_POLICY_SLUG }}-${{ env.CONFIGURATION_STRATEGY }}_${{ env.PUBLISH_PROFILE }}
-          path: /SignedArtifact
+          name: SIGNED_collapse-v${{ env.VERSION }}_${{ env.SIGNING_POLICY_SLUG }}-${{ env.CONFIGURATION_STRATEGY }}_${{ env.PUBLISH_PROFILE }}
+          path: ${{ runner.temp }}/SignedArtifact
           compression-level: 9
 
-  notify-discord:
-    runs-on: ubuntu-latest
-    if: always()
-    needs: [build]
-    steps:
-    - name: Notify Discord
-      uses: sarisia/[email protected]
+    - name: Final Notify Discord
+      uses: sarisia/[email protected]
       if: always()
       continue-on-error: true
       with:
-        webhook: ${{ secrets.DISCORD_WEBHOOK_NIGHTLY }}
-        title: Collapse Launcher CI build is complete!
+        webhook: ${{ secrets.DISCORD_WEBHOOK_CIRELEASENOTIFIER }}
+        title: Collapse Launcher Release CI build is complete!
         status: ${{ job.status }}
+        nofail: true
+        url: https://github.com/CollapseLauncher/Collapse/actions/runs/${{ github.run_id }}
         description: |
-          Commit `${{ github.sha }}` by ${{ github.actor }}
+          Commit `${{ github.sha }}` by ${{ github.actor }} in branch `${{ github.ref_name }}`
           Click [here](https://nightly.link/CollapseLauncher/Collapse/actions/runs/${{ github.run_id }}) to download!
+
+    - name: Install Sentry CLI
+      uses: MinoruSekine/[email protected]
+      with:
+        buckets: extras
+        apps: sentry-cli
+
+    - name: Upload Debug artifact to Sentry
+      run: |
+        sentry-cli debug-files upload --org collapse --project collapse-launcher --include-sources '.\SignedArtifact\BuildArtifact-${{ env.VERSION }}'
+

CollapseLauncher/packages.lock.json

@@ -105,6 +105,12 @@
         "resolved": "0.41.3",
         "contentHash": "BB+2H62tQNcLU4depukiuok96UMqV4zOAtSGPM4UiO1OKbgEnpmIscHVJ4qir1LWjWzODLugfD8qs2RWxmA9JA=="
       },
+      "Microsoft.DotNet.ILCompiler": {
+        "type": "Direct",
+        "requested": "[9.0.7, )",
+        "resolved": "9.0.7",
+        "contentHash": "FpvJ2rCpj2CB/4hZt0cmB3hCPMNZV2vrisQis3hR9itTEjLzeggi0AShrgJIZ5+3Y7433K7ESSsJ6+8T+nE2nQ=="
+      },
       "Microsoft.Extensions.DependencyInjection.Abstractions": {
         "type": "Direct",
         "requested": "[9.0.7, )",
@@ -131,9 +137,9 @@
       },
       "Microsoft.NET.ILLink.Tasks": {
         "type": "Direct",
-        "requested": "[9.0.3, )",
-        "resolved": "9.0.3",
-        "contentHash": "1rqGTfubVg0qj2PsK6esyq3PIxtYJYrN3LsYUV9RrvH3anmt3fT3ozYdAZZH4U8JU/pt5pPIUk8NBSu26wtekA=="
+        "requested": "[9.0.7, )",
+        "resolved": "9.0.7",
+        "contentHash": "SZ1brSGoLnhLbE8QUZrtN6YwzN2gDT1wbx9qDBEfFFJcstiDTjJ6ygNuTPBV/K7SjGfx2YNbcJi5+ygbPOZpDg=="
       },
       "Microsoft.NETCore.Targets": {
         "type": "Direct",
@@ -601,9 +607,9 @@
         "dependencies": {
           "CommunityToolkit.Common": "[8.4.0, )",
           "CommunityToolkit.WinUI.Extensions": "[8.2.250402, )",
-          "Microsoft.Web.WebView2": "[1.0.3344-prerelease, )",
-          "Microsoft.Windows.SDK.BuildTools": "[10.0.26100.4188, )",
-          "Microsoft.WindowsAppSDK": "[1.8.250515001-experimental2, )"
+          "Microsoft.Web.WebView2": "[1.0.3415-prerelease, )",
+          "Microsoft.Windows.SDK.BuildTools": "[10.0.26100.4654, )",
+          "Microsoft.WindowsAppSDK": "[1.8.250702007-experimental4, )"
         }
       },
       "innosetuphelper": {
@@ -634,6 +640,15 @@
         "resolved": "0.5.0",
         "contentHash": "5Tw6O9sBDAN1aV+kpOSVvqvFk6Ahk6bYz0TTx3808Dp40M45gKTtzTzI9SS1VeAkljE6BAOeKaykpPnG36oOgw=="
       },
+      "Microsoft.DotNet.ILCompiler": {
+        "type": "Direct",
+        "requested": "[9.0.7, )",
+        "resolved": "9.0.7",
+        "contentHash": "FpvJ2rCpj2CB/4hZt0cmB3hCPMNZV2vrisQis3hR9itTEjLzeggi0AShrgJIZ5+3Y7433K7ESSsJ6+8T+nE2nQ==",
+        "dependencies": {
+          "runtime.win-x64.Microsoft.DotNet.ILCompiler": "9.0.7"
+        }
+      },
       "Microsoft.Graphics.Win2D": {
         "type": "Direct",
         "requested": "[1.3.2, )",
@@ -683,6 +698,11 @@
           "Microsoft.WindowsAppSDK.Base": "1.8.250509001-experimental",
           "Microsoft.WindowsAppSDK.InteractiveExperiences": "1.8.250626001-experimental"
         }
+      },
+      "runtime.win-x64.Microsoft.DotNet.ILCompiler": {
+        "type": "Transitive",
+        "resolved": "9.0.7",
+        "contentHash": "nftDR4604AcQawEWSfb7pcZWoNfaB+vnKQL3P2LUfzRoA8S6K+YObgotgJVNopMBMXLxQN0VSKGEdRa+WFlN/g=="
       }
     }
   }

Hi3Helper.CommunityToolkit/ImageCropper/packages.lock.json

@@ -41,9 +41,9 @@
       },
       "Microsoft.NET.ILLink.Tasks": {
         "type": "Direct",
-        "requested": "[9.0.3, )",
-        "resolved": "9.0.3",
-        "contentHash": "1rqGTfubVg0qj2PsK6esyq3PIxtYJYrN3LsYUV9RrvH3anmt3fT3ozYdAZZH4U8JU/pt5pPIUk8NBSu26wtekA=="
+        "requested": "[9.0.7, )",
+        "resolved": "9.0.7",
+        "contentHash": "SZ1brSGoLnhLbE8QUZrtN6YwzN2gDT1wbx9qDBEfFFJcstiDTjJ6ygNuTPBV/K7SjGfx2YNbcJi5+ygbPOZpDg=="
       },
       "Microsoft.Web.WebView2": {
         "type": "Direct",

Hi3Helper.CommunityToolkit/SettingsControls/packages.lock.json

@@ -20,9 +20,9 @@
       },
       "Microsoft.NET.ILLink.Tasks": {
         "type": "Direct",
-        "requested": "[9.0.3, )",
-        "resolved": "9.0.3",
-        "contentHash": "1rqGTfubVg0qj2PsK6esyq3PIxtYJYrN3LsYUV9RrvH3anmt3fT3ozYdAZZH4U8JU/pt5pPIUk8NBSu26wtekA=="
+        "requested": "[9.0.7, )",
+        "resolved": "9.0.7",
+        "contentHash": "SZ1brSGoLnhLbE8QUZrtN6YwzN2gDT1wbx9qDBEfFFJcstiDTjJ6ygNuTPBV/K7SjGfx2YNbcJi5+ygbPOZpDg=="
       },
       "Microsoft.Web.WebView2": {
         "type": "Direct",

Hi3Helper.Core/packages.lock.json

@@ -4,9 +4,9 @@
     "net9.0-windows10.0.26100": {
       "Microsoft.NET.ILLink.Tasks": {
         "type": "Direct",
-        "requested": "[9.0.3, )",
-        "resolved": "9.0.3",
-        "contentHash": "1rqGTfubVg0qj2PsK6esyq3PIxtYJYrN3LsYUV9RrvH3anmt3fT3ozYdAZZH4U8JU/pt5pPIUk8NBSu26wtekA=="
+        "requested": "[9.0.7, )",
+        "resolved": "9.0.7",
+        "contentHash": "SZ1brSGoLnhLbE8QUZrtN6YwzN2gDT1wbx9qDBEfFFJcstiDTjJ6ygNuTPBV/K7SjGfx2YNbcJi5+ygbPOZpDg=="
       },
       "Microsoft.Windows.CsWinRT": {
         "type": "Direct",

ImageEx

@@ -4,9 +4,9 @@
     "net9.0": {
       "Microsoft.NET.ILLink.Tasks": {
         "type": "Direct",
-        "requested": "[9.0.3, )",
-        "resolved": "9.0.3",
-        "contentHash": "1rqGTfubVg0qj2PsK6esyq3PIxtYJYrN3LsYUV9RrvH3anmt3fT3ozYdAZZH4U8JU/pt5pPIUk8NBSu26wtekA=="
+        "requested": "[9.0.7, )",
+        "resolved": "9.0.7",
+        "contentHash": "SZ1brSGoLnhLbE8QUZrtN6YwzN2gDT1wbx9qDBEfFFJcstiDTjJ6ygNuTPBV/K7SjGfx2YNbcJi5+ygbPOZpDg=="
       },
       "System.IO.Hashing": {
         "type": "Direct",

InnoSetupHelper/packages.lock.json

@@ -1,5 +1,7 @@
 {
   "sdk": {
-    "version": "9.0.202"
+    "version": "9.0.301",
+    "rollForward": "latestPatch",
+    "allowPrerelease": true
   }
 }