Update the projects to .NET 8, drop support for .Net Framework, clean up unreachable code.

.github/workflows/continuous-integration.yml

@@ -21,7 +21,7 @@ jobs:
     - name: Setup .NET
       uses: actions/[email protected]
       with:
-        dotnet-version: 6.0.201
+        dotnet-version: 8.0.x
 
     - name: Install dependencies
       run: dotnet restore
@@ -37,9 +37,9 @@ jobs:
       shell: bash
       run: |
         mkdir -p artifacts/bin
-        mv out/windows/Installer.Windows/bin/Release/net472/win-x86 artifacts/bin/
-        cp out/windows/Installer.Windows/bin/Release/net472/win-x86.sym/* artifacts/bin/win-x86/
-        mv out/windows/Installer.Windows/bin/Release/net472/gcm*.exe artifacts/
+        mv out/windows/Installer.Windows/bin/Release/net8.0/win-x86 artifacts/bin/
+        cp out/windows/Installer.Windows/bin/Release/net8.0/win-x86.sym/* artifacts/bin/win-x86/
+        mv out/windows/Installer.Windows/bin/Release/net8.0/gcm*.exe artifacts/
 
     - name: Upload artifacts
       uses: actions/upload-artifact@v4
@@ -61,7 +61,7 @@ jobs:
     - name: Setup .NET
       uses: actions/[email protected]
       with:
-        dotnet-version: 6.0.201
+        dotnet-version: 8.0.x
 
     - name: Install dependencies
       run: dotnet restore
@@ -102,7 +102,7 @@ jobs:
     - name: Setup .NET
       uses: actions/[email protected]
       with:
-        dotnet-version: 6.0.201
+        dotnet-version: 8.0.x
 
     - name: Install dependencies
       run: dotnet restore

.github/workflows/release.yml

@@ -200,7 +200,7 @@ jobs:
           /p:PayloadPath=$env:GITHUB_WORKSPACE\payload /p:NoLayout=true `
           --configuration=WindowsRelease
         mkdir installers
-        Move-Item -Path .\out\windows\Installer.Windows\bin\Release\net472\*.exe `
+        Move-Item -Path .\out\windows\Installer.Windows\bin\Release\net8.0\*.exe `
          -Destination $env:GITHUB_WORKSPACE\installers
 
     - name: Sign installers with Azure Code Signing
@@ -331,7 +331,6 @@ jobs:
 
   dotnet-tool-payload-sign:
     name: Sign .NET tool payload
-    # ESRP service requires signing to run on Windows
     runs-on: windows-latest
     environment: release
     needs: dotnet-tool-build
@@ -343,49 +342,44 @@ jobs:
       with:
         name: tmp.dotnet-tool-build
 
-    - name: Zip unsigned payload
-      shell: pwsh
-      run: |
-        Compress-Archive -Path payload payload/payload.zip
-        cd payload
-        Get-ChildItem -Exclude payload.zip | Remove-Item -Recurse -Force
-
     - name: Log into Azure
       uses: azure/login@v1
       with:
         client-id: ${{ secrets.AZURE_CLIENT_ID }}
         tenant-id: ${{ secrets.AZURE_TENANT_ID }}
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
-    - name: Set up ESRP client
-      shell: pwsh
+    - name: Download/extract Sign CLI tool
       env:
-        AZURE_VAULT: ${{ secrets.AZURE_VAULT }}
-        AZURE_STORAGE_ACCOUNT: ${{ secrets.AZURE_STORAGE_ACCOUNT }}
-        AZURE_STORAGE_CONTAINER: ${{ secrets.AZURE_STORAGE_CONTAINER }}
-        ESRP_TOOL: ${{ secrets.ESRP_TOOL }}
-        AUTH_CERT: ${{ secrets.AZURE_VAULT_AUTH_CERT_NAME }}
-        REQUEST_SIGNING_CERT: ${{ secrets.AZURE_VAULT_REQUEST_SIGNING_CERT_NAME }}
+        AST: ${{ secrets.AZURE_STORAGE_ACCOUNT }}
+        ASC: ${{ secrets.AZURE_STORAGE_CONTAINER }}
+        SCT: ${{ secrets.SIGN_CLI_TOOL }}
       run: |
-        .github\set_up_esrp.ps1
+        az storage blob download --file sign-cli.zip --auth-mode login `
+          --account-name $env:AST --container-name $env:ASC --name $env:SCT
+        Expand-Archive -Path sign-cli.zip -DestinationPath .\sign-cli
 
-    - name: Run ESRP client
-      shell: pwsh
+    - name: Sign payload
       env:
-        AZURE_AAD_ID: ${{ secrets.AZURE_AAD_ID }}
-        NUGET_KEY_CODE: ${{ secrets.NUGET_KEY_CODE }}
-        NUGET_OPERATION_CODE: ${{ secrets.NUGET_OPERATION_CODE }}
+        ACST: ${{ secrets.AZURE_TENANT_ID }}
+        ACSI: ${{ secrets.AZURE_CLIENT_ID }}
+        ACSS: ${{ secrets.AZURE_CLIENT_SECRET }}
       run: |
-        python .github\run_esrp_signing.py payload `
-         $env:NUGET_KEY_CODE $env:NUGET_OPERATION_CODE
+        ./sign-cli/sign.exe code azcodesign payload/* `
+          -acsu https://wus2.codesigning.azure.net/ `
+          -acsa git-fundamentals-signing `
+          -acscp git-fundamentals-windows-signing `
+          -d "Git Fundamentals Windows Signing Certificate" `
+          -u "https://github.com/git-ecosystem/git-credential-manager" `
+          -acst $env:ACST `
+          -acsi $env:ACSI `
+          -acss $env:ACSS
 
     - name: Lay out signed payload, images, and symbols
       shell: bash
       run: |
         mkdir dotnet-tool-payload-sign
-        rm -rf payload
-        mv images payload.sym -t dotnet-tool-payload-sign
-        unzip signed/payload.zip -d dotnet-tool-payload-sign
+        mv images payload.sym payload -t dotnet-tool-payload-sign
 
     - name: Upload signed payload
       uses: actions/upload-artifact@v4
@@ -427,7 +421,6 @@ jobs:
 
   dotnet-tool-sign:
     name: Sign .NET tool package
-    # ESRP service requires signing to run on Windows
     runs-on: windows-latest
     environment: release
     needs: dotnet-tool-pack
@@ -440,52 +433,44 @@ jobs:
         name: tmp.dotnet-tool-package-unsigned
         path: nupkg
 
-    - name: Zip unsigned package
-      shell: pwsh
-      run: |
-        Compress-Archive -Path nupkg/*.nupkg nupkg/gcm-nupkg.zip
-        cd nupkg
-        Get-ChildItem -Exclude gcm-nupkg.zip | Remove-Item -Recurse -Force
-
     - name: Log into Azure
       uses: azure/login@v1
       with:
         client-id: ${{ secrets.AZURE_CLIENT_ID }}
         tenant-id: ${{ secrets.AZURE_TENANT_ID }}
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
-    - name: Set up ESRP client
-      shell: pwsh
+    - name: Download/extract Sign CLI tool
       env:
-        AZURE_VAULT: ${{ secrets.AZURE_VAULT }}
-        AZURE_STORAGE_ACCOUNT: ${{ secrets.AZURE_STORAGE_ACCOUNT }}
-        AZURE_STORAGE_CONTAINER: ${{ secrets.AZURE_STORAGE_CONTAINER }}
-        ESRP_TOOL: ${{ secrets.ESRP_TOOL }}
-        AUTH_CERT: ${{ secrets.AZURE_VAULT_AUTH_CERT_NAME }}
-        REQUEST_SIGNING_CERT: ${{ secrets.AZURE_VAULT_REQUEST_SIGNING_CERT_NAME }}
+        AST: ${{ secrets.AZURE_STORAGE_ACCOUNT }}
+        ASC: ${{ secrets.AZURE_STORAGE_CONTAINER }}
+        SCT: ${{ secrets.SIGN_CLI_TOOL }}
       run: |
-        .github\set_up_esrp.ps1
+        az storage blob download --file sign-cli.zip --auth-mode login `
+          --account-name $env:AST --container-name $env:ASC --name $env:SCT
+        Expand-Archive -Path sign-cli.zip -DestinationPath .\sign-cli
 
     - name: Sign package
-      shell: pwsh
       env:
-        AZURE_AAD_ID: ${{ secrets.AZURE_AAD_ID }}
-        NUGET_KEY_CODE: ${{ secrets.NUGET_KEY_CODE }}
-        NUGET_OPERATION_CODE: ${{ secrets.NUGET_OPERATION_CODE }}
-      run: |
-        python .github\run_esrp_signing.py nupkg $env:NUGET_KEY_CODE $env:NUGET_OPERATION_CODE
-
-    - name: Unzip signed package
-      shell: pwsh
+        ACST: ${{ secrets.AZURE_TENANT_ID }}
+        ACSI: ${{ secrets.AZURE_CLIENT_ID }}
+        ACSS: ${{ secrets.AZURE_CLIENT_SECRET }}
       run: |
-        Expand-Archive -LiteralPath signed\gcm-nupkg.zip -DestinationPath .\signed -Force
-        Remove-Item signed\gcm-nupkg.zip -Force
+        ./sign-cli/sign.exe code azcodesign nupkg/* `
+          -acsu https://wus2.codesigning.azure.net/ `
+          -acsa git-fundamentals-signing `
+          -acscp git-fundamentals-windows-signing `
+          -d "Git Fundamentals Windows Signing Certificate" `
+          -u "https://github.com/git-ecosystem/git-credential-manager" `
+          -acst $env:ACST `
+          -acsi $env:ACSI `
+          -acss $env:ACSS
 
     - name: Publish signed package
       uses: actions/upload-artifact@v4
       with:
         name: dotnet-tool-sign
-        path: signed/*.nupkg
+        path: nupkg/*.nupkg
 
 # ================================
 #           Validate

.vscode/launch.json

@@ -10,7 +10,7 @@
             "request": "launch",
             "preLaunchTask": "build",
             // If you have changed target frameworks, make sure to update the program path.
-            "program": "${workspaceFolder}/out/shared/Git-Credential-Manager/bin/Debug/net7.0/git-credential-manager.dll",
+            "program": "${workspaceFolder}/out/shared/Git-Credential-Manager/bin/Debug/net8.0/git-credential-manager.dll",
             "args": ["get"],
             "cwd": "${workspaceFolder}/out/shared/Git-Credential-Manager",
             "console": "integratedTerminal",
@@ -22,7 +22,7 @@
             "request": "launch",
             "preLaunchTask": "build",
             // If you have changed target frameworks, make sure to update the program path.
-            "program": "${workspaceFolder}/out/shared/Git-Credential-Manager/bin/Debug/net7.0/git-credential-manager.dll",
+            "program": "${workspaceFolder}/out/shared/Git-Credential-Manager/bin/Debug/net8.0/git-credential-manager.dll",
             "args": ["store"],
             "cwd": "${workspaceFolder}/out/shared/Git-Credential-Manager",
             "console": "integratedTerminal",

.vscode/tasks.json

@@ -56,7 +56,7 @@
             "type": "shell",
             "group": "test",
             "args": [
-                "~/.nuget/packages/reportgenerator/*/*/net7.0/ReportGenerator.dll",
+                "~/.nuget/packages/reportgenerator/*/*/net8.0/ReportGenerator.dll",
                 "-reports:${workspaceFolder}/**/TestResults/**/coverage.cobertura.xml",
                 "-targetdir:${workspaceFolder}/out/code-coverage"
             ],
@@ -71,7 +71,7 @@
             "type": "shell",
             "group": "test",
             "args": [
-                "${env:USERROFILE}/.nuget/packages/reportgenerator/*/*/net7.0/ReportGenerator.dll",
+                "${env:USERROFILE}/.nuget/packages/reportgenerator/*/*/net8.0/ReportGenerator.dll",
                 "-reports:${workspaceFolder}/**/TestResults/**/coverage.cobertura.xml",
                 "-targetdir:${workspaceFolder}/out/code-coverage"
             ],