Voeg build script en workflows toe

.github/workflows/build-packages.yml

@@ -0,0 +1,131 @@
+name: Build & Release IntuneWin package
+
+on:
+  push:
+    paths:
+      - 'apps/**'
+      - 'scripts/Build-And-UpdateReadme.ps1'
+      - '.github/workflows/build-packages.yml'
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: windows-latest
+    defaults:
+      run:
+        shell: pwsh
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Zoek gewijzigde apps
+        id: appdir
+        run: |
+          $diff = git diff --name-only ${{ github.sha }} ${{ github.sha }}~1
+          $apps = $diff | Select-String '^apps/([^/]+)/' | ForEach-Object { $_.Matches.Groups[1].Value } | Sort-Object -Unique
+          if (-not $apps) { Write-Error "Geen wijziging in apps gedetecteerd"; exit 1 }
+          "appname=$($apps[0])" | Out-File -Append $env:GITHUB_ENV
+        shell: pwsh
+
+      - name: Build intunewin package + update README.md
+        id: build
+        run: |
+          $appdir = "apps/${{ steps.appdir.outputs.appname }}"
+          $result = .\scripts\Build-And-UpdateReadme.ps1 -AppPath $appdir -BuildIntuneWin
+          $outlines = ($result | Out-String) -split "`n"
+          foreach ($line in $outLines) {
+            if ($line -like "*::set-output*") {
+              $parts = $line -replace "::set-output name=", "" -split "::"
+              Write-Host "$($parts[0])=$($parts[1])"
+              "::set-output name=$($parts[0])::$($parts[1])"
+            }
+          }
+      
+      - name: Create or update GitHub release
+        id: create_release
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: '${{ steps.appdir.outputs.appname }}-v${{ steps.build.outputs.app_version }}'
+          name: '${{ steps.appdir.outputs.appname }} v${{ steps.build.outputs.app_version }}'
+          draft: false
+          prerelease: false
+          files: apps/${{ steps.appdir.outputs.appname }}/build/*.intunewin
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      
+      - name: Update README.md met definitieve downloadlink
+        run: |
+          $appdir = "apps/${{ steps.appdir.outputs.appname }}"
+          $ver = "${{ steps.build.outputs.app_version }}"
+          $release_url = "https://github.com/${{ github.repository }}/releases/download/${{ steps.appdir.outputs.appname }}-v$ver/${{ steps.build.outputs.package_name }}"
+          # Lees bestaande REAMDE in, vervang de downloadregel
+          $readme = Get-Content "$appdir/README.md" -Raw
+          pattern = "(?ms)(\*\*Laatste intunewin package:\*\* ).*?(\r?\n)"
+          $newreadme = [regex]::Replace($readme, $pattern, "`$1`$release_url`$2")
+          Set-Content "$appdir/README.md" $newreadme -Encoding UTF8
+
+      - name: Commit en push gewijzigde README.md (indien aangepast)
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git add apps/${{ steps.appdir.outputs.appname }}/README.md
+          git diff --cached --quiet || git commit -m "README.md: update downloadlink na release [skip ci]"
+          git push
+
+      # Later te testen, momenteel niet in gebruik: Push naar intune omgeving
+
+      # - name: Install IntuneWin32App module
+      #   run: |
+      #     Install-Module IntuneWin32App -Scope CurrentUser -Force -AllowClobber
+      
+      # - name: Deploy naar intune win32-app
+      #   env:
+      #     CLIENT_ID: ${{ secrets.INTUNE_CLIENT_ID }}
+      #     TENANT_ID: ${{ secrets.INTUNE_TENANT_ID }}
+      #     CLIENT_SECRET: ${{ secrets.INTUNE_CLIENT_SECRET }}
+      #   run: |
+      #     $ErrorActionPreference = "Stop"
+      #     $appdir = "apps/${{ steps.appdir.outputs.appname }}"
+      #     $metaPath = "$appdir/app-meta.json"
+      #     $meta = Get-Content $metaPath | ConvertFrom-Json
+
+      #     $iconPath = if ($meta.icon) { Join-Path $appdir $meta.icon } else { $null }
+      #     if ($iconPath -and -not (Test-Path $iconPath)) { $iconPath = $null }
+
+      #     # Authenticatie
+      #     Import-Module IntuneWin32App
+      #     $secureSecret = ConvertTo-SecureString $env:CLIENT_SECRET -AsPlainText -Force
+      #     $creds = New-Object System.Management.Automation.PSCredential($env:CLIENT_ID, $secureSecret)
+      #     Connect-MSGraph -ClientId $env:CLIENT_ID -TenantId $env:TENANT_ID -ClientSecret $env:CLIENT_SECRET
+
+      #     # Build detectie block
+      #     $detection = $meta.detection
+      #     $detectionRule = $null
+      #     if ($null -ne $detection -and $detection.type -eq 'File') {
+      #       $filePath = Split-Path $detection.path
+      #       $fileName = Split-Path $detection.path -Leaf
+      #       $detectionRule = @{
+      #         DetectionType = "File"
+      #         Path = $filePath
+      #         FileOrFolder = $fileName
+      #         DetectionMethod = "Exists"
+      #       }
+      #     }
+      #     # Add more logic here if you want to support other detection types (Registry, etc.)
+
+      #     # Deploy Win32 app
+      #     $package = Get-ChildItem "$appdir/build" -Filter *.intunewin | Sort-Object LastWriteTime -Descending | Select-Object -First 1
+
+      #     Add-IntuneWin32App `
+      #       -FilePath $package.FullName `
+      #       -DisplayName $meta.displayName `
+      #       -Description $meta.description `
+      #       -Publisher $meta.publisher `
+      #       -InstallCommandLine ("powershell.exe -ExecutionPolicy Bypass -File " + $meta.installScript) `
+      #       -UninstallCommandLine $meta.uninstallCommand `
+      #       -DetectionRule $detectionRule `
+      #       -Icon $iconPath `
+      #       -Force
+
+      #     Disconnect-MSIntuneGraph

app_template/app-meta.json

@@ -0,0 +1,14 @@
+{
+    "displayName": "VLC Player",
+    "publisher": "VideoLAN",
+    "instructions": "Wordt automatisch via Intune Win32 deployed met PSADT.",
+    "installScript": "install.ps1",
+    "uninstallCommand": "powershell.exe -ExecutionPolicy Bypass -File uninstall.ps1",
+    "detection": {
+      "type": "File",
+      "path": "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe",
+      "exists": true
+    },
+    "description": "VLC Player voor Windows, uitgerold met PSADT.",
+    "icon": "icon.png"
+  }

scripts/Build-And-UpdateReadme.ps1

@@ -0,0 +1,93 @@
+param(
+    [Parameter(Mandatory=$true)]
+    [string]$AppPath,
+    [string]$DownloadLink = "",
+    [switch]$BuildIntuneWin
+)
+
+Write-Host "== Start Build-And-UpdateReadme.ps1 voor $AppPath =="
+
+# 1. Lees meta.json uit
+$metaPath = Join-Path $AppPath 'app-meta.json'
+if (-not (Test-Path $metaPath)) { throw "meta.json niet gevonden ($metaPath)" }
+$meta = Get-Content $metaPath | ConvertFrom-Json
+
+$displayName   = $meta.displayName
+$instructies   = $meta.instructions
+$publisher     = $meta.publisher
+$installScript = $meta.installScript
+$uninstallCmd  = $meta.uninstallCommand
+$detection     = $meta.detection
+$icon          = $meta.icon
+$description   = $meta.description
+
+# 2. Zoek een EXE/MSI in files/
+$exeOrMsi = Get-ChildItem -Path (Join-Path $AppPath 'files') -Include *.exe,*.msi -File | Select-Object -First 1
+if (-not $exeOrMsi) {
+    Write-Warning "Geen EXE of MSI gevonden in $AppPath\files"
+    $appVersion = "onbekend"
+} else {
+    if ($exeOrMsi.Extension -ieq ".msi") {
+        $appVersion = (Get-ItemProperty $exeOrMsi.FullName).VersionInfo.ProductVersion
+    } else {
+        $appVersion = (Get-Item $exeOrMsi.FullName).VersionInfo.FileVersion
+        if (-not $appVersion) { $appVersion = (Get-Item $exeOrMsi.FullName).VersionInfo.ProductVersion }
+    }
+    if (-not $appVersion) { $appVersion = "onbekend" }
+}
+
+# 3. (Optioneel) Build .intunewin bestand
+if ($BuildIntuneWin) {
+    $intuneUtilPath = "$env:GITHUB_WORKSPACE/scripts/IntuneWinAppUtil.exe"
+    if (-not (Test-Path $intuneUtilPath)) {
+        Write-Host "Download de nieuwste IntuneWinAppUtil.exe"
+        Invoke-WebRequest -Uri "https://github.com/microsoft/Microsoft-Win32-Content-Prep-Tool/releases/latest/download/IntuneWinAppUtil.exe" -OutFile $intuneUtilPath
+    }
+    $outputFolder = Join-Path $AppPath 'build'
+    if (-not (Test-Path $outputFolder)) { New-Item -Path $outputFolder -ItemType Directory | Out-Null }
+    & $intuneUtilPath -c (Join-Path $AppPath 'files') -s $installScript -o $outputFolder
+    $packageName = "$($displayName.ToLower().Replace(' ', ''))-$appVersion.intunewin"
+    $srcIntunewin = Get-ChildItem -Path $outputFolder -Filter *.intunewin | Select-Object -Last 1
+    if ($srcIntunewin) {
+        Rename-Item -Path $srcIntunewin.FullName -NewName $packageName -Force
+    }
+} else {
+    $outputFolder = Join-Path $AppPath 'build'
+    $packageName = "$($displayName.ToLower().Replace(' ', ''))-$appVersion.intunewin"
+}
+
+# 4. README.md genereren
+$uninstText = if ($uninstallCmd) { "**Uninstall:** $uninstallCmd`n" } else { "" }
+$detectText = if ($detection) {
+    "**Detectie:** type `${($detection.type)}` - pad `${($detection.path)}``n"
+} else { "" }
+$iconText = if (($icon) -and (Test-Path "$AppPath/$icon")) {
+    "![App logo]($icon)`n"
+} else { "" }
+
+$readme = @"
+# $displayName
+
+$iconText
+**Versie:** $appVersion
+
+**Laatste intunewin package:** $DownloadLink
+
+**Uitgever:** $publisher  
+$uninstText$detectText
+**Beschrijving:** $description
+
+## Installatie-instructies
+$instructies
+
+## Changelog
+- Versie $appVersion : automatische build door GitHub Actions op $(Get-Date -Format 'yyyy-MM-dd HH:mm')
+"@
+
+Set-Content -Path (Join-Path $AppPath 'README.md') -Value $readme -Encoding UTF8
+
+Write-Host "::set-output name=app_version::$appVersion"
+Write-Host "::set-output name=package_name::$packageName"
+Write-Host "::set-output name=build_dir::$outputFolder"
+Write-Host "::set-output name=app_name::$($displayName.ToLower().Replace(' ', ''))"
+Write-Host "::set-output name=icon::$icon"