name: WinUI 3 MSIX app

on:
  # Triggers the workflow on push or pull request events but only for the master branch
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:
  
env:
  Unsigned_Artifact_Name: MSIX Package

jobs:
  build:
    strategy:
      matrix:
        configuration: [Release]
        platform: [x64, x86, ARM64]

    runs-on: windows-latest
    
    env:
      Solution_Name: MyPhone

    steps:
      - uses: actions/checkout@v3

      # Install the .NET Core workload
      - name: Install .NET Core
        uses: actions/setup-dotnet@v1
        with:
          dotnet-version: 6.0.x

      # Add MSBuild to the PATH: https://github.com/microsoft/setup-msbuild
      - name: Setup MSBuild
        uses: microsoft/setup-msbuild@v1.0.2

      # Restore the application to populate the obj folder with RuntimeIdentifiers
      - name: Restore the application
        run: msbuild $env:Solution_Name /t:Restore /p:Configuration=$env:Configuration
        env:
          Configuration: ${{ matrix.configuration }}

      # Create the app package by building and packaging the project
      - name: Create the app package
        run: |
            msbuild $env:Solution_Name `
                /p:Configuration=$env:Configuration `
                /p:Platform=$env:Platform `
                /p:UapAppxPackageBuildMode=$env:Appx_Package_Build_Mode `
                /p:AppxBundle=$env:Appx_Bundle `
                /p:AppxPackageDir="$env:Appx_Package_Dir" `
                /p:GenerateAppxPackageOnBuild=true
        env:
          Appx_Bundle: Never
          Appx_Package_Build_Mode: SideloadOnly
          Appx_Package_Dir: Packages\
          Configuration: ${{ matrix.configuration }}
          Platform: ${{ matrix.platform }}

      # Upload the MSIX package: https://github.com/marketplace/actions/upload-a-build-artifact
      - name: Upload MSIX package
        uses: actions/upload-artifact@v2
        with:
          name: ${{ env.Unsigned_Artifact_Name }}
          path: ${{ env.Solution_Name }}\\Packages
          
          
          
          
          
  bundle:
    name: Bundle and sign the MSIX package
    runs-on: windows-latest
    needs: build
    
    env:
      Bundling_Workspace_Path: BundlingWorkspace
      Bundle_Install_Path: BundlePackage
      Unsigned_Packages_Path: Packages
    
    steps:
      - name: Setup VS Dev Environment
        uses: seanmiddleditch/gha-setup-vsdevenv@v4
        
      - name: Download build artifacts
        uses: actions/download-artifact@v3.0.0
        with: 
          name: ${{ env.Unsigned_Artifact_Name }}
          path: ${{ env.Unsigned_Packages_Path }}
        
      - name: Prepare workspace
        run: |
          mkdir $env:Bundle_Install_Path
          mkdir $env:Bundling_Workspace_Path
          Write-Output "Current worksapce structure:"
          ls
        
      - name: Bundle package
        run: |
          cp "${env:Unsigned_Packages_Path}\*\*.msix" $env:Bundling_Workspace_Path -Verbose
          $files = ls $env:Bundling_Workspace_Path | Sort-Object -Property Name -Descending
          $bundleName = $files[0].Name
          $bundleName = $bundleName.Substring(0, $bundleName.LastIndexOf('_'))
          foreach ($f in $files) {
            $beginIndex = $f.Name.LastIndexOf('_')
            $endIndex = $f.Name.LastIndexOf('.')
            $bundleName += $f.Name.Substring($beginIndex, $endIndex - $beginIndex)
          }
          $bundleName += ".msixbundle"
          Write-Output "Making MSIX bundle ${bundleName}"
          MakeAppx bundle /d $env:Bundling_Workspace_Path /p "${env:Bundle_Install_Path}\${bundleName}"
          "MSIX_Bunde_FileName=$bundleName" >> $env:GITHUB_ENV
         
      # Decode the base 64 encoded pfx and save the Signing_Certificate
      - name: Decode the pfx
        id: decode-pfx
        run: |
          $pfx_cert_byte = [System.Convert]::FromBase64String("${{ secrets.TESTING_PFX_BASE64_ENCODED }}")
          $certificatePath = "GitHubActionsWorkflow.pfx"
          [IO.File]::WriteAllBytes($certificatePath, $pfx_cert_byte)
          
      - name: Sign the bundle
        run: |
          SignTool sign /fd SHA256 /a /f GitHubActionsWorkflow.pfx /p "${{ secrets.TESTING_PFX_PASSPHRASE }}" "${env:Bundle_Install_Path}\${{ env.MSIX_Bunde_FileName }}"
      
      # Remove the pfx
      - name: Post Decode the pfx
        if: ${{ steps.decode-pfx.outcome == 'success' || steps.decode-pfx.outcome == 'failure' }}
        run: Remove-Item -path GitHubActionsWorkflow.pfx
          
      - name: Prepare for upload
        run: |
          $files = ls $env:Unsigned_Packages_Path | Sort-Object -Property Name -Descending
          $contentPath = $files[0].Name
          $contentPath = "${env:Unsigned_Packages_Path}\$contentPath"
          Write-Output "Content source path: $contentPath"
          Write-Output "Copying install scripts"
          cp "$contentPath\*.ps1" $env:Bundle_Install_Path -Verbose
          Write-Output "Copying debug symbols"
          cp "${env:Unsigned_Packages_Path}\*\*.msixsym" $env:Bundle_Install_Path -Verbose
          Write-Output "Copying dependencies and resources"
          ls $contentPath | Where-Object -Property Attributes -eq Directory |  cp -Recurse -Destination $env:Bundle_Install_Path -Verbose
          Write-Output "Downloading public certificate"
          $public_cert_byte = [System.Convert]::FromBase64String("${{ secrets.TESTING_PUBLIC_CERT_BASE64_ENCODED }}")
          $public_cert_path = "${env:Bundle_Install_Path}\MyPhoneTestingCert_GithubAction.cer"
          [IO.File]::WriteAllBytes("$public_cert_path", $public_cert_byte)
          Write-Output "Downloaded public certificate at $public_cert_path"
          $artifactName = $env:MSIX_Bunde_FileName.Substring(0, $env:MSIX_Bunde_FileName.LastIndexOf('.'))
          "Bundle_Artifact_Name=$artifactName" >> $env:GITHUB_ENV

      - name: Delete old unsigned artifact
        uses: GeekyEggo/delete-artifact@v1.0.0
        with:
          name: ${{ env.Unsigned_Artifact_Name }}
          
      - name: Upload signed MSIX package bundle
        uses: actions/upload-artifact@v2
        with:
          name: ${{ env.Bundle_Artifact_Name }}
          path: ${{ env.Bundle_Install_Path }}