.github/workflows/build-windows-pupnet.yaml

name: Build Windows (PupNet)

on:
  workflow_call:
    inputs:
      AppVersion:
        type: string
        required: false
        description: "The version of the application to build"
        default: "1.0.0"
      Target:
        description: "The git ref to base the release on (eg: '1957a8e7', default: current head of the branch the workflow is run on)"
        required: false
        type: string
      PupNetRepo:
        type: string
        required: false
        description: "The URL of the PupNet repository"
        default: "https://github.com/kuiperzone/PupNet-Deploy.git"
      PupNetBranch:
        type: string
        required: false
        description: "The branch or commit of PupNet to use"
        default: "dabed0cc2063c5a2d2c4f780bb6718f4b90cfd16"
      ProjectFile:
        type: string
        required: true
        description: "The relative path to the project to build"
      RetentionDays:
        type: number
        required: false
        default: 1
        description: "The amount of days for the artifact to persist"
      BuildInnoSetup:
        type: boolean
        description: "Build an Inno Setup?"
        required: false
        default: true
      BuildArchive:
        type: boolean
        description: "Build an Archive?"
        required: false
        default: true
      SignExecutable:
        type: boolean
        description: "Sign the executable on Windows?"
        required: false
        default: false
    secrets:
      ES_USERNAME:
        description: "The SSL.com account username."
        required: false
      ES_PASSWORD:
        description: "The SSL.com account password."
        required: false
      ES_CREDENTIAL_ID:
        description: "The Credential ID for signing certificate."
        required: false
      ES_TOTP_SECRET:
        description: "The OAuth TOTP secret."
        required: false
    outputs:
      ArtifactNameWindowsArchive:
        description: "Name of the Artifact that contains the Windows Archive"
        value: ${{ jobs.build-archive.outputs.artifactName }}
      ArtifactUrlWindowsArchive:
        description: "URL to download the Windows Archive artifact"
        value: ${{ jobs.build-archive.outputs.artifactUrl }}
      ArtifactNameWindowsInnoSetup:
        description: "Name of the Artifact that contains the Windows Inno Setup"
        value: ${{ jobs.build-setup.outputs.artifactName }}
      ArtifactUrlWindowsInnoSetup:
        description: "URL to download the Windows InnoSetup artifact"
        value: ${{ jobs.build-setup.outputs.artifactUrl }}

jobs:
  build-archive:
    if: inputs.BuildArchive
    runs-on: windows-latest
    outputs:
      artifactName: ${{ steps.setOutputs.outputs.artifactName }}
      artifactUrl: ${{ steps.upload.outputs.artifact-url }}

    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.Target || github.sha }}
          submodules: "recursive"
          
      - name: Setup .NET 9.x
        uses: actions/setup-dotnet@v4
        id: stepid
        with:
          dotnet-version: '9.x'

      - name: Print debug info
        run: dotnet --info          

      - name: Transform inputs
        id: transformInputs
        shell: pwsh
        env:
          ProjectFile: ${{ inputs.ProjectFile }}
        run: |
          $projectDir = [System.IO.Path]::GetDirectoryName("$env:ProjectFile")
          $projectName = [System.IO.Path]::GetFileNameWithoutExtension("$env:ProjectFile")
          echo "projectDir=$projectDir" >> $env:GITHUB_OUTPUT
          echo "projectName=$projectName" >> $env:GITHUB_OUTPUT

      - name: Build & Install PupNet
        run: |
          # Our use of central package management may cause PupNet to fail build
          # so we lift it out to a separate directory and build it there
          mkdir ../PupNet
          cd ../PupNet
          git clone ${{ inputs.PupNetRepo }} .
          git checkout ${{ inputs.PupNetBranch }}
          dotnet pack -c Release -o . -p:Version=0.0.0-nma
          dotnet tool install --global --add-source . KuiperZone.PupNet --version 0.0.0-nma

      - name: Download CodeSignTool
        id: downloadCodeSignTool
        shell: pwsh
        run: ./scripts/download-codesigntool.ps1

      - name: Create Archive
        working-directory: ${{ steps.transformInputs.outputs.projectDir }}
        run: pupnet -y -v ${{ inputs.AppVersion }} -k zip -p DefineConstants=INSTALLATION_METHOD_ARCHIVE
        env:
          SignExecutable: ${{ inputs.SignExecutable }}
          CodeSignToolDir: ${{ steps.downloadCodeSignTool.outputs.codeSignToolDir }}
          ES_USERNAME: ${{ secrets.ES_USERNAME }}
          ES_PASSWORD: ${{ secrets.ES_PASSWORD }}
          ES_CREDENTIAL_ID: ${{ secrets.ES_CREDENTIAL_ID }}
          ES_TOTP_SECRET: ${{ secrets.ES_TOTP_SECRET }}

      - name: Set outputs
        id: setOutputs
        shell: pwsh
        run: |
          echo "artifactName=${{ steps.transformInputs.outputs.projectName }}-${{ inputs.Target || github.sha }}-Windows-Archive" >> $env:GITHUB_OUTPUT

      - name: Upload
        id: upload
        uses: actions/upload-artifact@v4
        with:
          name: ${{ steps.setOutputs.outputs.artifactName }}
          path: ${{ steps.transformInputs.outputs.projectDir }}/Deploy/OUT/*.zip
          if-no-files-found: error
          retention-days: ${{ inputs.RetentionDays }}

  build-setup:
    runs-on: windows-latest
    if: inputs.BuildInnoSetup
    outputs:
      artifactName: ${{ steps.setOutputs.outputs.artifactName }}
      artifactUrl: ${{ steps.upload.outputs.artifact-url }}

    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.Target || github.sha }}
          submodules: "recursive"

      - name: Transform inputs
        id: transformInputs
        shell: pwsh
        env:
          ProjectFile: ${{ inputs.ProjectFile }}
        run: |
          $projectDir = [System.IO.Path]::GetDirectoryName("$env:ProjectFile")
          $projectName = [System.IO.Path]::GetFileNameWithoutExtension("$env:ProjectFile")
          echo "projectDir=$projectDir" >> $env:GITHUB_OUTPUT
          echo "projectName=$projectName" >> $env:GITHUB_OUTPUT
          
      - name: Setup .NET 9.x
        uses: actions/setup-dotnet@v4
        id: stepid
        with:
          dotnet-version: '9.x'

      - name: Print debug info
        run: dotnet --info

      - name: Build & Install PupNet
        run: |
          # Our use of central package management may cause PupNet to fail build
          # so we lift it out to a separate directory and build it there
          mkdir ../PupNet
          cd ../PupNet
          git clone ${{ inputs.PupNetRepo }} .
          git checkout ${{ inputs.PupNetBranch }}
          dotnet pack -c Release -o . -p:Version=0.0.0-nma
          dotnet tool install --global --add-source . KuiperZone.PupNet --version 0.0.0-nma

      - name: Download CodeSignTool
        id: downloadCodeSignTool
        shell: pwsh
        run: ./scripts/download-codesigntool.ps1

      - name: Create Setup
        working-directory: ${{ steps.transformInputs.outputs.projectDir }}
        run: pupnet -y -v ${{ inputs.AppVersion }} -k Setup -p DefineConstants=INSTALLATION_METHOD_INNO_SETUP
        env:
          SignExecutable: ${{ inputs.SignExecutable }}
          CodeSignToolDir: ${{ steps.downloadCodeSignTool.outputs.codeSignToolDir }}
          ES_USERNAME: ${{ secrets.ES_USERNAME }}
          ES_PASSWORD: ${{ secrets.ES_PASSWORD }}
          ES_CREDENTIAL_ID: ${{ secrets.ES_CREDENTIAL_ID }}
          ES_TOTP_SECRET: ${{ secrets.ES_TOTP_SECRET }}

      - name: Sign Setup
        if: inputs.SignExecutable == true
        working-directory: ${{ steps.transformInputs.outputs.projectDir }}
        run: ../../scripts/sign.ps1 Deploy/OUT
        env:
          SignExecutable: ${{ inputs.SignExecutable }}
          CodeSignToolDir: ${{ steps.downloadCodeSignTool.outputs.codeSignToolDir }}
          ES_USERNAME: ${{ secrets.ES_USERNAME }}
          ES_PASSWORD: ${{ secrets.ES_PASSWORD }}
          ES_CREDENTIAL_ID: ${{ secrets.ES_CREDENTIAL_ID }}
          ES_TOTP_SECRET: ${{ secrets.ES_TOTP_SECRET }}

      - name: Set outputs
        id: setOutputs
        shell: pwsh
        run: |
          echo "artifactName=${{ steps.transformInputs.outputs.projectName }}-${{ inputs.Target || github.sha }}-Windows-Setup" >> $env:GITHUB_OUTPUT

      - name: Upload
        id: upload
        uses: actions/upload-artifact@v4
        with:
          name: ${{ steps.setOutputs.outputs.artifactName }}
          path: ${{ steps.transformInputs.outputs.projectDir }}/Deploy/OUT/*.exe
          if-no-files-found: error
          retention-days: ${{ inputs.RetentionDays }}