Add README and sync docs with restructured 4-job pipeline

- Add engaging README with badges, pipeline diagram, and quick start
- Update quick-start-release.md for merged release job
- Update github-workflows-guide.md for 4-job structure and installer-only releases

Made-with: Cursor

Author: Hongwei-MB

README.md

@@ -0,0 +1,151 @@
+# dotnet.CI.template
+
+[![CI and Release](https://github.com/AGIBuild/dotnet.CI.template/actions/workflows/ci.yml/badge.svg)](https://github.com/AGIBuild/dotnet.CI.template/actions/workflows/ci.yml)
+[![CodeQL](https://github.com/AGIBuild/dotnet.CI.template/actions/workflows/codeql.yml/badge.svg)](https://github.com/AGIBuild/dotnet.CI.template/actions/workflows/codeql.yml)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
+
+**Stop wiring CI from scratch.** Start with a production-grade pipeline that builds, tests, packages, and releases your .NET projects across platforms -- with a single approval click.
+
+---
+
+## What You Get
+
+Use this template and you instantly have:
+
+```
+Push to main
+  |
+  v
+resolve-version ── Reads VersionPrefix, computes matrix, outputs version info
+  |
+  v
+build-and-test ─── Matrix build (linux / windows / macos)
+  |                 + Pack NuGet + Publish + Package installers
+  |
+  v
+release ────────── [requires approval] NuGet push + Git tag + GitHub Release
+  |
+  v
+deploy-docs ────── DocFX to GitHub Pages (optional)
+```
+
+On **pull requests**, only a fast linux build + test runs. On **main**, the full multi-platform pipeline kicks in.
+
+### Pipeline Highlights
+
+| Feature | Details |
+|---------|---------|
+| **NUKE Build** | All build logic lives in C# targets -- no scattered shell scripts in YAML |
+| **Single Approval** | One `release` environment gate controls the entire release flow |
+| **Multi-Platform Matrix** | linux-x64, win-x64, osx-arm64 (+ optional Android/iOS) |
+| **NuGet Publishing** | Auto-push to NuGet.org with SHA256 manifest verification |
+| **Installer Packages** | Platform-specific zip archives attached to GitHub Releases |
+| **Version from Code** | `VersionPrefix` in `Directory.Build.props` is the single source of truth |
+| **Four-Part Release Tags** | `v0.2.0.42` format ensures unique tags per build |
+| **CodeQL Security** | Automated vulnerability scanning on every push and weekly |
+| **Graceful Degradation** | Missing NuGet key? Skipped. No DocFX config? Skipped. Nothing breaks. |
+
+---
+
+## Quick Start
+
+### 1. Create your repo from this template
+
+Click **[Use this template](https://github.com/AGIBuild/dotnet.CI.template/generate)** on GitHub.
+
+### 2. Configure environments
+
+Go to **Settings > Environments** and create a `release` environment with at least one required reviewer.
+
+### 3. Set secrets (optional)
+
+| Secret | Purpose |
+|--------|---------|
+| `NUGET_API_KEY` | Push packages to NuGet.org |
+
+### 4. Push code and watch it go
+
+```bash
+git push origin main
+```
+
+The pipeline runs automatically. When `build-and-test` completes, go to **Actions > Review deployments** to approve the release.
+
+---
+
+## Project Structure
+
+```
+.
+├── .github/workflows/
+│   ├── ci.yml              # CI + Release pipeline
+│   └── codeql.yml          # Security analysis
+├── build/
+│   ├── BuildTask.*.cs      # NUKE targets (Build, Test, Pack, Publish, PackageApp, ...)
+│   └── _build.csproj
+├── src/                    # Your application code
+├── tests/                  # Your test projects
+├── docs/                   # Guides (add docfx.json for auto-deploy)
+├── Directory.Build.props   # Version + shared build properties
+└── global.json             # SDK version pinning
+```
+
+---
+
+## Version Management
+
+Versions follow a simple rule:
+
+- **Edit `VersionPrefix`** in `Directory.Build.props` via PR (e.g., `0.2.0` -> `1.0.0`)
+- **CI appends the build number** on release: `0.2.0` becomes `0.2.0.42`
+- **Tags are created automatically**: `v0.2.0.42`
+
+No manual tagging. No version input fields. Just change the number in one file.
+
+---
+
+## Extending the Build
+
+Build logic is in `build/BuildTask.*.cs` using [NUKE](https://nuke.build). Add new targets in C# and call them from workflows:
+
+```csharp
+Target MyTarget => _ => _
+    .DependsOn(Build)
+    .Executes(() =>
+    {
+        // your build logic here
+    });
+```
+
+```yaml
+# in ci.yml
+- run: ./build.sh MyTarget
+```
+
+---
+
+## Mobile Platform Support
+
+Android and iOS builds are supported but disabled by default. Toggle them in `ci.yml`:
+
+```yaml
+env:
+  ENABLE_ANDROID: 'true'
+  ENABLE_IOS: 'true'
+```
+
+---
+
+## Documentation Deployment
+
+To enable automatic documentation deployment to GitHub Pages:
+
+1. Add a `docs/docfx.json` configuration file
+2. Enable GitHub Pages in **Settings > Pages > Source: GitHub Actions**
+3. The `deploy-docs` job will automatically build and deploy after each release
+
+---
+
+## License
+
+[MIT](LICENSE)

docs/github-workflows-guide.md

@@ -10,9 +10,8 @@ push / PR to main
   └─ CI and Release
        ├─ resolve-version
        ├─ build-and-test (matrix: PR=linux, main=全平台)
-       ├─ release-packages (需 approval，推 NuGet)
-       ├─ deploy-docs (GitHub Pages)
-       └─ create-release (tag + GitHub Release)
+       ├─ release (需 approval，NuGet 推送 + tag + GitHub Release)
+       └─ deploy-docs (GitHub Pages)
 
 push / PR to main + weekly
   └─ CodeQL (security scan)
@@ -27,8 +26,8 @@ push / PR to main + weekly
 ### `CI and Release`
 - 触发：`push` 到 `main`、对 `main` 的 `pull_request`、手动 `workflow_dispatch`
 - PR 行为：只在 ubuntu 上运行 Build + Test（带 prerelease suffix）
-- main push 行为：全平台矩阵 Build + Test + Pack + Publish → approval → NuGet 推送 → 文档部署 → GitHub Release
-- 产物：测试结果、NuGet 包（含 release manifest）、各平台安装包
+- main push 行为：全平台矩阵 Build + Test + Pack + Publish + PackageApp → approval → NuGet 推送 + tag + GitHub Release → 文档部署
+- 产物：测试结果、NuGet 包（含 release manifest）、各平台安装包 zip
 
 ### `CodeQL`
 - 触发：`push`/`pull_request` 到 `main`，以及每周定时任务
@@ -49,23 +48,20 @@ push / PR to main + weekly
 - PR：带 `--VersionSuffix "ci.<run_number>"`
 - main push：无 suffix（固化 release 版本）
 - linux runner 额外执行 Pack + GenerateReleaseManifest（生成 SHA256 manifest）
-- 各平台执行 Publish 生成安装包
+- 各平台执行 Publish + PackageApp，生成安装包 zip（`app-{runtime}.zip`）
 
-### `release-packages`
+### `release`
 - 需要 `release` environment approval（唯一的审批入口）
 - 下载 NuGet 包，验证 release manifest SHA256 完整性
-- 推送 NuGet 包到 nuget.org
+- 推送 NuGet 包到 nuget.org（如未配置 `NUGET_API_KEY` 则跳过）
+- 创建 git tag 并推送到 remote
+- 创建 GitHub Release，附带各平台安装包 zip（不含 NuGet 包）
 
 ### `deploy-docs`
-- 依赖 `release-packages` 成功后自动运行
+- 依赖 `release` 成功后自动运行
 - 如果存在 `docs/docfx.json`，构建 DocFX 并部署到 GitHub Pages
 - 如果不存在则跳过
 
-### `create-release`
-- 依赖 `release-packages` 和 `deploy-docs` 完成
-- 创建 git tag 并推送到 remote
-- 创建 GitHub Release，附带所有产物（NuGet 包 + 安装包 zip）
-
 ---
 
 ## 3) 最快上手路径（推荐）
@@ -77,8 +73,9 @@ push / PR to main + weekly
    审批 `release` environment。
 
 3. 去 Releases 页面确认：
-   - 已创建 tag（如 `v0.1.0`）
-   - 已生成 `.nupkg` / `.snupkg` + 安装包 zip
+   - 已创建 tag（如 `v0.2.0.42`）
+   - GitHub Release 中已生成各平台安装包 zip
+   - NuGet.org 上有对应版本的包（如已配置 `NUGET_API_KEY`）
 
 ---
 
@@ -108,7 +105,7 @@ push / PR to main + weekly
 通过 PR 修改 `VersionPrefix`（例如 `0.1.0 -> 0.2.0`），合并到 `main` 后 CI 自动基于新版本构建。
 
 ### Q3: 同一版本能否重新发布？
-不能。如果 tag 已存在，`create-release` 会直接失败。需要先提升 `VersionPrefix`。
+每次 main push 都会生成唯一的四段式版本号（如 `0.2.0.42`），因此同一 push 不会冲突。如果需要发新版本（如 `0.3.0`），通过 PR 修改 `VersionPrefix`。
 
 ### Q4: Release manifest 是什么？
 `release-manifest.json` 记录每个 NuGet 包的 SHA256 hash 和版本信息。发布阶段会验证包文件与 manifest 一致，防止产物在传递过程中被篡改或损坏。

docs/quick-start-release.md

@@ -16,16 +16,16 @@
 
 ## 1) Release 流程概览
 
-Release 集成在 `CI and Release` workflow 中，由 5 个 job 串联完成：
+Release 集成在 `CI and Release` workflow 中，由 4 个 job 串联完成：
 
 ```text
-resolve-version → build-and-test (matrix) → release-packages (需 approve) → deploy-docs → create-release
+resolve-version → build-and-test (matrix) → release (需 approve) → deploy-docs
 ```
 
 当代码 push 到 `main` 后：
-1. CI 自动构建、测试、打包（NuGet 包 + 安装包）
-2. `release-packages` job 等待 `release` environment 的 **reviewer approval**
-3. Approve 后自动完成：NuGet 推送 → 文档部署 → 创建 tag + GitHub Release
+1. CI 自动构建、测试、打包（NuGet 包 + 平台安装包 zip）
+2. `release` job 等待 `release` environment 的 **reviewer approval**
+3. Approve 后自动完成：NuGet 推送 → 创建 tag + GitHub Release（仅含安装包 zip） → 文档部署
 
 ---
 
@@ -41,9 +41,9 @@ resolve-version → build-and-test (matrix) → release-packages (需 approve) 
 
 运行成功后应看到：
 
-- 新 tag（例如 `v0.1.0`）
+- 新 tag（例如 `v0.2.0.42`）
 - 一个新的 GitHub Release
-- Release 附件里有 `.nupkg` / `.snupkg` 和各平台安装包 zip
+- Release 附件里有各平台安装包 zip（`app-linux-x64.zip`、`app-win-x64.zip` 等）
 - NuGet.org 上有对应版本的包（如已配置 `NUGET_API_KEY`）
 
 ---