1+ name : Build App
2+
3+ on :
4+ push :
5+ branches : [ master ]
6+ pull_request :
7+ branches : [ master ]
8+
9+ jobs :
10+ build :
11+ runs-on : windows-latest
12+ concurrency :
13+ group : ${{ github.workflow }}-${{ github.ref }}-${{ matrix.arch }}
14+ cancel-in-progress : true
15+ strategy :
16+ matrix :
17+ arch : [x64, arm64]
18+ max-parallel : 1 # 防止证书导入冲突
19+
20+ env :
21+ BuildVersion : 2.4.${{ github.run_number }}
22+
23+ steps :
24+ - name : Checkout code
25+ uses : actions/checkout@v4
26+
27+ - name : Setup .NET 8
28+ uses : actions/setup-dotnet@v4
29+ with :
30+ dotnet-version : ' 8.0.x'
31+
32+ - name : Setup MSBuild
33+ uses : microsoft/setup-msbuild@v2
34+
35+ - name : Restore dependencies
36+ run : dotnet restore NetworkSelector/NetworkSelector.csproj
37+
38+ # ==================== 生成 Code Signing 证书 ====================
39+ - name : Generate Code Signing Certificate
40+ shell : pwsh
41+ run : |
42+ $pfxName = "NetworkSelector_CI_${{ matrix.arch }}.pfx"
43+ $pfxPath = "$env:RUNNER_TEMP\$pfxName"
44+ $password = "NetworkSelector2025"
45+
46+ # 生成具备 Code Signing EKU 的证书
47+ $cert = New-SelfSignedCertificate `
48+ -Subject "CN=NetworkSelector CI ${{ matrix.arch }}" `
49+ -KeyUsage DigitalSignature `
50+ -KeySpec Signature `
51+ -CertStoreLocation "Cert:\CurrentUser\My" `
52+ -NotAfter (Get-Date).AddYears(1) `
53+ -KeyExportPolicy Exportable `
54+ -KeyLength 2048 `
55+ -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" `
56+ -HashAlgorithm SHA256 `
57+ -Type CodeSigningCert `
58+ -FriendlyName "NetworkSelector CI Code Signing"
59+
60+ # 导出 PFX
61+ $pwd = ConvertTo-SecureString -String $password -Force -AsPlainText
62+ Export-PfxCertificate -Cert $cert -FilePath $pfxPath -Password $pwd
63+
64+ # 导入到 LocalMachine\TrustedPeople(MSIX 打包器信任)
65+ certutil -importpfx -p $password "TrustedPeople" "$pfxPath" | Out-Null
66+
67+ # 输出 Thumbprint
68+ $thumb = $cert.Thumbprint
69+ echo "CERT_THUMBPRINT=$thumb" >> $env:GITHUB_ENV
70+ Write-Host "Certificate Thumbprint: $thumb"
71+
72+ # ==================== MSIX 打包 ====================
73+ - name : Package MSIX Bundle
74+ shell : pwsh
75+ run : |
76+ $proj = "NetworkSelector/NetworkSelector.csproj"
77+ $plat = "${{ matrix.arch }}"
78+
79+ msbuild $proj /restore /t:Publish `
80+ /p:Configuration=Release `
81+ /p:Platform=$plat `
82+ /p:TargetFramework=net8.0-windows10.0.19041.0 `
83+ /p:RuntimeIdentifier=win-$plat `
84+ /p:GenerateAppxPackageOnBuild=true `
85+ /p:AppxBundle=Always `
86+ /p:AppxBundlePlatforms=$plat `
87+ /p:PackageCertificateThumbprint="${{ env.CERT_THUMBPRINT }}" `
88+ /p:WindowsPackageType=MSIX `
89+ /p:AppxPackageSigningEnabled=true `
90+ /p:AppxPackageSigningTimestampUrl="http://timestamp.digicert.com" `
91+ /p:Version=${{ env.BuildVersion }} `
92+ /v:minimal
93+
94+ # ==================== 列出生成的包(调试用) ====================
95+ - name : List generated packages
96+ shell : pwsh
97+ run : |
98+ Write-Host "=== Generated MSIX Packages ==="
99+ Get-ChildItem -Path "NetworkSelector/bin/${{ matrix.arch }}/Release" -Recurse -Include *.msix, *.msixbundle, *.appxbundle | ForEach-Object {
100+ Write-Host $_.FullName
101+ }
102+
103+ # ==================== 上传产物 ====================
104+ - name : Upload MSIX Artifact
105+ uses : actions/upload-artifact@v4
106+ with :
107+ name : NetworkSelector-${{ matrix.arch }}-MSIX-v${{ env.BuildVersion }}
108+ path : |
109+ NetworkSelector/bin/${{ matrix.arch }}/Release/net8.0-windows*/win-${{ matrix.arch }}/AppPackages/**/NetworkSelector_*.msixbundle
110+ NetworkSelector/bin/${{ matrix.arch }}/Release/net8.0-windows*/win-${{ matrix.arch }}/AppPackages/**/NetworkSelector_*.msix
111+ if-no-files-found : error
0 commit comments