Merge branch 'main' into preview

Author: neon-nyan

.github/workflows/build.yml

@@ -7,6 +7,7 @@ on:
   push:
     branches:
         - 'main'
+        - '1.83.x-staging'
     paths-ignore:
         - '**.md'
         - 'Hi3Helper.Core/Lang/**.json'
@@ -22,8 +23,6 @@ on:
         - 'Hi3Helper.Core/Lang/**.json'
         - 'Docs/**'
         - '**/packages.lock.json'
-#  schedule:
-#    - cron: '0 0 * * 0' # At 00:00 on Sunday
 
 env:
   DOTNET_INSTALL_DIR: '.\.dotnet' 
@@ -33,13 +32,12 @@ env:
 
 jobs:
   build:
-    # runs-on: [self-hosted, linux]
     runs-on: windows-latest
     strategy:
       matrix:
         configuration: [Debug] # No need to distribute Debug builds
         platform: [x64]
-        framework: [net9.0-windows10.0.22621.0]
+        framework: [net9.0-windows10.0.26100.0]
 
     env:
       Configuration: ${{ matrix.configuration }}
@@ -79,7 +77,7 @@ jobs:
       matrix:
         configuration: [Debug]
         platform: [x64]
-        framework: [net9.0-windows10.0.22621.0]
+        framework: [net9.0-windows10.0.26100.0]
 
     env:
       Configuration: ${{ matrix.configuration }}

.github/workflows/qodana-scan-pr.yml

@@ -24,7 +24,7 @@ jobs:
       matrix:
         configuration: [Release] # No need to distribute Debug builds
         platform: [x64]
-        framework: [net9.0-windows10.0.22621.0]
+        framework: [net9.0-windows10.0.26100.0]
     env:
       Configuration: ${{ matrix.configuration }}
       Platform: ${{ matrix.platform }}

.github/workflows/qodana-scan.yml

@@ -15,7 +15,7 @@ jobs:
       matrix:
         configuration: [Release] # No need to distribute Debug builds
         platform: [x64]
-        framework: [net9.0-windows10.0.22621.0]
+        framework: [net9.0-windows10.0.26100.0]
     env:
       Configuration: ${{ matrix.configuration }}
       Platform: ${{ matrix.platform }}
@@ -59,7 +59,7 @@ jobs:
       #     refreshenv
       #     qodana scan --ide QDNET-EAP -o ${{ runner.temp }}\qodana\results --cache-dir ${{ runner.temp }}\qodana\cache
       - name: Qodana Scan
-        uses: JetBrains/qodana-action@v2024.3.3
+        uses: JetBrains/qodana-action@main
         continue-on-error: true
         with:
           args: --ide,QDNET

.github/workflows/release-signed.yml

@@ -4,20 +4,18 @@ name: Publish Signed Builds
 
 on:
   workflow_dispatch:
-    inputs:
-      branch:
-        description: 'Specify branch name (preview/stable/github-signpath-test)'
-        required: true
-        default: 'github-signpath-test'
 
 env:
  BRANCH_NAME: ${{ github.head_ref || github.ref_name }} 
  SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
  DOTNET_INSTALL_DIR: '.\.dotnet' 
- DOTNET_VERSION: '9.x'
+ DOTNET_VERSION: '9.0.2xx'
  DOTNET_QUALITY: 'ga'
  NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages
- SIGNPATH_ARTIFACT_SLUG: 'initial' # change this to 'aot-release' when releasing with AOT
+ SIGNPATH_ARTIFACT_SLUG: 'initial' # change this to 'aot-release' when releasing with AOT or 'initial' for normal release
+ BUILD_PROFILE_PREVIEW: 'Publish-PreviewRelease'
+ BUILD_PROFILE_STABLE: 'Publish-StableRelease'
+ BUILD_PROFILE_DEBUG: 'Publish-DebugCIRelease'
 
 #  schedule:
 #    - cron: '0 0 * * 0' # At 00:00 on Sunday
@@ -28,48 +26,44 @@ jobs:
     strategy:
       matrix:
         platform: [x64]
-        framework: [net9.0-windows10.0.22621.0]
+        framework: [net9.0-windows10.0.26100.0]
 
     env:
       CONFIGURATION_STRATEGY: ""
       PUBLISH_PROFILE: ""
       SIGNING_POLICY_SLUG: ""
       VERSION: ""
       Platform: ${{ matrix.platform }}
-
+      SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
 
     steps:
     - name: Set Configuration and Environment Variables
       id: set_env
       run: |
-        if ($env:GITHUB_EVENT_NAME -eq "workflow_dispatch") {
-          $branch = $env:GITHUB_EVENT_INPUTS_BRANCH
-        } else {
-          $branch = $env:GITHUB_REF_NAME
-        }
+        $branch = $env:GITHUB_REF_NAME
 
         if ($branch -eq "preview") {
           echo "CONFIGURATION_STRATEGY=Release" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          echo "PUBLISH_PROFILE=Publish-PreviewRelease" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          echo "PUBLISH_PROFILE=${{ env.BUILD_PROFILE_PREVIEW }}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
           echo "SIGNING_POLICY_SLUG=release-signing" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
         } elseif ($branch -eq "stable") {
           echo "CONFIGURATION_STRATEGY=Publish" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          echo "PUBLISH_PROFILE=Publish-StableRelease" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          echo "PUBLISH_PROFILE=${{ env.BUILD_PROFILE_STABLE }}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
           echo "SIGNING_POLICY_SLUG=release-signing" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
         } elseif ($branch -eq "github-signpath-test") {
           echo "CONFIGURATION_STRATEGY=Debug" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          echo "PUBLISH_PROFILE=Publish-DebugCIRelease" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          echo "SIGNING_POLICY_SLUG=test-signing" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          echo "PUBLISH_PROFILE=${{ env.BUILD_PROFILE_DEBUG }}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          echo "SIGNING_POLICY_SLUG=test-signing-ci" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
         } else {
           Write-Error "Unknown branch or input: $branch"
           exit 1
         }
 
     - name: Print env
       run: |
-          echo Configuration Strategy: $env:CONFIGURATION_STRATEGY
-          echo Publish Profile: $env:PUBLISH_PROFILE
-          echo Signing Policy: $env:SIGNING_POLICY_SLUG
+          echo "::notice::Configuration Strategy: $env:CONFIGURATION_STRATEGY"
+          echo "::notice::Publish Profile: $env:PUBLISH_PROFILE"
+          echo "::notice::Signing Policy: $env:SIGNING_POLICY_SLUG"
 
     - name: Checkout
       uses: actions/checkout@v4
@@ -86,13 +80,20 @@ jobs:
 
     - name: Build
       run: |
+        dotnet workload update
         dotnet publish CollapseLauncher -c ${{ env.CONFIGURATION_STRATEGY }} -p:PublishProfile=${{ env.PUBLISH_PROFILE }} -p:PublishDir=".\build\"
 
     - name: Prepare publish artifacts
       run: |
+        cd CollapseLauncher
         .\build\CollapseLauncher.exe generatevelopackmetadata
-        $version = ((Get-Item .\build\CollapseLauncher.exe).VersionInfo.FileVersion).TrimEnd(".0")
-        echo Build version: $version
+
+        $version = ((Get-Item .\build\CollapseLauncher.exe).VersionInfo.FileVersion)
+        if ($version.EndsWith(".0")) {
+            $version = $version.Substring(0, $version.Length - 2)
+        }
+
+        echo "::notice::Build version: $version"
         echo "VERSION=$version" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
         mkdir SignArtifact
         mkdir SignArtifact\BuildArtifact-$version
@@ -102,10 +103,26 @@ jobs:
       id: upload-unsigned-artifact
       uses: actions/upload-artifact@v4
       with:
-          name: collapse_${{ env.SIGNING_POLICY_SLUG }}-${{ env.CONFIGURATION_STRATEGY }}_${{ env.PUBLISH_PROFILE }}
+          name: collapse-v${{ env.VERSION }}_${{ env.SIGNING_POLICY_SLUG }}-${{ env.CONFIGURATION_STRATEGY }}_${{ env.PUBLISH_PROFILE }}
           path: ./CollapseLauncher/SignArtifact
           compression-level: 9
 
+    - name: Notify Discord for pending build
+      uses: sarisia/[email protected]
+      if: always()
+      continue-on-error: true
+      with:
+        webhook: ${{ secrets.DISCORD_WEBHOOK_CIRELEASENOTIFIER }}
+        title: Collapse Launcher Release CI build is PENDING!
+        nofail: true
+        color: 0xFF0000
+        url: https://github.com/CollapseLauncher/Collapse/actions/runs/${{ github.run_id }}
+        description: |
+          Commit `${{ github.sha }}` by ${{ github.actor }} in branch `${{ github.ref_name }}`
+          Version: ${{ env.VERSION }}
+          [Click here to view the run](https://github.com/CollapseLauncher/Collapse/actions/runs/${{ github.run_id }})
+          For core maintainers, go to SignPath to sign the build!
+
     - name: Sign Build Artifact with SignPath
       uses: signpath/[email protected]
       with:
@@ -116,33 +133,59 @@ jobs:
         github-artifact-id: '${{ steps.upload-unsigned-artifact.outputs.artifact-id }}'
         wait-for-completion: true
         output-artifact-directory: '/SignedArtifact/'
+        artifact-configuration-slug: ${{ env.SIGNPATH_ARTIFACT_SLUG}}
 
     - name: Process Signed Build
       run: |
-        $buildDir = '\SignedArtifact\BuildArtifact-${{ env.VERSION }}'
-        echo Re-checking build version
-        echo ((Get-Item $buildDir\CollapseLauncher.exe).VersionInfo.FileVersion).TrimEnd(".0")
+        $buildDir = '.\SignedArtifact\BuildArtifact-${{ env.VERSION }}'
+        echo "Re-checking build version"
+        $versionFinal = ((Get-Item $buildDir\CollapseLauncher.exe).VersionInfo.FileVersion)
+        if ($versionFinal.EndsWith(".0")) {
+            $versionFinal = $versionFinal.Substring(0, $versionFinal.Length - 2)
+        }
+        echo "::notice::Final build version: $versionFinal"
+        echo "VERSION=$versionFinal" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+
+    - name: Verify Signed Artifacts
+      run: |
+        $buildDir = '.\SignedArtifact\BuildArtifact-${{ env.VERSION }}'
+        $files = Get-ChildItem -Path "$buildDir" -Recurse -Include "*.exe","*.dll"
+        foreach ($file in $files) {
+          $signature = Get-AuthenticodeSignature $file.FullName
+          if ($signature.Status -ne "Valid") {
+            echo "::error::Invalid signature on $($file.Name): $($signature.Status)"
+          }
+          echo "✓ $($file.Name): $($signature.SignerCertificate.Subject)"
+        }
 
     - name: Re-upload Signed Artifact to GitHub
       uses: actions/upload-artifact@v4
       with:
-          name: (SIGNED)collapse_${{ env.SIGNING_POLICY_SLUG }}-${{ env.CONFIGURATION_STRATEGY }}_${{ env.PUBLISH_PROFILE }}
-          path: /SignedArtifact
+          name: SIGNED_collapse-v${{ env.VERSION }}_${{ env.SIGNING_POLICY_SLUG }}-${{ env.CONFIGURATION_STRATEGY }}_${{ env.PUBLISH_PROFILE }}
+          path: ./SignedArtifact
           compression-level: 9
 
-  notify-discord:
-    runs-on: ubuntu-latest
-    if: always()
-    needs: [build]
-    steps:
-    - name: Notify Discord
-      uses: sarisia/[email protected]
+    - name: Final Notify Discord
+      uses: sarisia/[email protected]
       if: always()
       continue-on-error: true
       with:
-        webhook: ${{ secrets.DISCORD_WEBHOOK_NIGHTLY }}
-        title: Collapse Launcher CI build is complete!
+        webhook: ${{ secrets.DISCORD_WEBHOOK_CIRELEASENOTIFIER }}
+        title: Collapse Launcher Release CI build is complete!
         status: ${{ job.status }}
+        nofail: true
+        url: https://github.com/CollapseLauncher/Collapse/actions/runs/${{ github.run_id }}
         description: |
-          Commit `${{ github.sha }}` by ${{ github.actor }}
+          Commit `${{ github.sha }}` by ${{ github.actor }} in branch `${{ github.ref_name }}`
           Click [here](https://nightly.link/CollapseLauncher/Collapse/actions/runs/${{ github.run_id }}) to download!
+
+    - name: Install Sentry CLI
+      uses: MinoruSekine/[email protected]
+      with:
+        buckets: extras
+        apps: sentry-cli
+
+    - name: Upload Debug artifact to Sentry
+      run: |
+        sentry-cli debug-files upload --org collapse --project collapse-launcher --include-sources '.\SignedArtifact\BuildArtifact-${{ env.VERSION }}'
+