From 6970f8885f12230c45c97ce59ecf4eb1c549aaaf Mon Sep 17 00:00:00 2001
From: Oguzhan Ergin <4419532+oguzhane@users.noreply.github.com>
Date: Sun, 28 Jul 2024 06:19:07 +0100
Subject: [PATCH] Migrate Build Pipeline to MAUI (#13)

---
 .github/secrets/app_fdroid-keystore.jks.gpg | Bin 0 -> 2548 bytes
 .github/workflows/build.yml                 | 627 ++------------------
 src/App/App.csproj                          |   2 +-
 3 files changed, 38 insertions(+), 591 deletions(-)
 create mode 100644 .github/secrets/app_fdroid-keystore.jks.gpg

diff --git a/.github/secrets/app_fdroid-keystore.jks.gpg b/.github/secrets/app_fdroid-keystore.jks.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..647507358a122efd54720e824fa0ade1ccf78993
GIT binary patch
literal 2548
zcmV<Q2@Cd&4Fm}T0wc{ELjsmKAOF(p0Uc!1zqn|i5S08wex+hc7zBgU4f7_3G^+h8
zns|U%AUP<~{g<(bg%LtVySA=Xz_3Lo@^6kBN?Xe_(YwLS1sm(XY;}%f6b5p_?K_WC
zp|p)=bVL(cSr)0*bk<GT%J{S}B=Qnb3rhw+-nP*!95!V>j4nrPlW0ksWj_OeH{-Jn
znOVm0jUC2-1)LG`88$Q3ymbdkW!F_RJcNs<*nx<K52L)L%s+15(k%tssLi*(qz31N
z6Igm&>U(&4f6Y2mkple<Q8~c_Mg{u!!-r_$8ow7yK=nWqG5za{Ebf+_w3)qeU8Pr1
zwz6@s&rC0PgrP1H98U0Dy$Vefd6HcGOTdrueQdzVxoWW9eY^6Dw+ibb=pi!xs)RFs
z(=GT<CfguibYffs0P~O>TQ$w_N|oE_+u>XnCL!Q<*+`gHu*P@t<FA=FbZ5Y_lr~C)
zG3|Yc0*ABCnK^O45nF~xm-RW`X0y+7{PcHud@u0i@iX+5v+LG%j0?Khes9Kh>BU9f
zsG%$c>7<9l?TV?N-K0BHF!d-JAZsY4^|97l*3I24I~8x)`XA}_C2m5WXiTSRB0Sje
zX}R(Sja}k%Lu_W-D(3@5NzukG5FehjX#7kC=~4*7lg~>Is<?z$0L-W!M}TW-=&82v
z?cjJ6<xO(m{Anb&RYGLZbMiV7!{v&ChRP|;tg{`Q@hQpitr8xXC44|7HL4I4)Qc+c
zqKTV6af+~U<D4y&*HYX^Yn}lerpYf?ZPxWD(QM3o#nSarl&?E4kVp|m(j0{>3N$LX
z3^1H%l0cem8r}vL6qj{7cUWhE(nVeyHiZ>?wmEh5%;Q!mx^$^EDlO5TcW(cVmnKdg
zj1b$FoaQrV@Tw?cz+|hnPrtf`6)n~;bX$_5Ue#4;-5x2(pjzI6VV!g3^YXcnvbUY@
zA<w1_Kb&|Q&P2Q^2DY{h{F-E{<!?=}uIHzD!a@VJ*vL<732rCuxS=xsGMBd29wo5D
zITn+GHUkt$-~K)MU*ZLkuLQ0~bli4k9`m2ngCr*O^xTCnvTA~_9+o6cROPb-bP{Gx
z8W^(A8|U=aD#1E_Tkxv%i$Nd;oF#{00u53wae=mEhS9iE2&Gm!Ag=`2M#TRfjxr<w
zq;~DN?+|J@tl>p8<CeBcCny#ERWO<o>4H;!U;!UFLSI%<>^Ayk6*Uyc*6;^MQMU^t
zOQ?Z8$(CjgzzkOd^fgPlF%y2VKLOhE%>9^fwK=`PYaMLn+Rn*VA)!A2Jcob43U(AU
z=h)||#>375D(amV(lHvo8H-Ly6s5+6?(rM{XM3HQ^}@Bsb_)q5y$zB*XKrUKs$8ap
z^>T3}b@3I}xX$VX2>J3A7M!Vo_;A<5>%M4RryVTTVOEw!gcE0w$Ty!DqF$}?#-E^^
zQifFQp!}adHHZ?zShZHGn+-qxYxL&#H1EM$`m%JbQhkv2VnMMYv)Ky3jF0=Oj_p-I
zrEhWn9nxE+w8;gZJ36<y8`h-kq0MrD(a!Y+dH!Do0c6C)>wIAo&I6!&z6{8~@n!`w
zYB>_M(B=+g7Q7EE!E6`?Si7&U@7f_0=*cJCAfNe+WnlgA_)=lb&^z&@2Q%J!mG9&&
zVLP+t>Q}8|g%LCu!JZdjrv?H;763fAQOM_tEX#3$U43q<zdu-5XHf1BmRU&J|A<%8
zQq^HDkY87mI7jmtoDCPJp(x6{M;<cpU<5ewU5lO;{&ww<3d*?&OeN3LzteY}^(sd)
zd3cFkc;hkUK#sd>cW&!|ts*P46BCJFMPY`>FJE)8n+;4s4d*&)K@V^Ynz#f^@B9Dx
z+nMKq_b5P|6YjNj$ni>rdU(!vKAh|+@Z_qur37ElvO^SFrew^;nrxMs?}}TvHr;rG
zc&cti1=~6eAljdMN~$;05oJ(s6f)a#?~o$x$r1&Z^{0ImTyNh>^wX2&3JW1vh*j#U
z&-I&?&R%u42)U}SZkem5H=JhNAsT{iOL~N58W5&gQYJ^OJr$^>qoq`Yw5@TzO*Y$T
zL*9|y(cY}nUX&h1iDZC}io|pzp$7^Xx1-P{KT`)3=v#AoO(^!4!yE4$jYVq2@RYa~
zUZce96Q#)dK(t>LGw@a=NiqmbKNQ6(;M@)AF*Mfs|7m>1IZ8$HO<~kxHZSyRzZ<=S
zYWvp<T?oH=g!buAs3&D>(g6cMXIC66yXEY<auq=r7syEJzg``C4fPP`K;!y&sW{@8
zgBWL$`7qtWetBY1LRJIoN6MTKh-hai_}VJQq`!wM-0168MOd!Nw9CVMD)^a$iv1M;
z62ctG=H@&8uNxtxo6?4erkLjE9Y_ko%WyASi)oq#J$ZJSUA^q)(z7YGzEBuvtZu2#
zCimOL0M`=SE1`G{3o|M|(zLo;U5e8M(B?19iob0>PMUbla@HuR7$kb#fL()aqFMPD
zl#@!R5>r89<ws*`)M7$KR3|ls)yEe*5#{u<O+QT-z&S#UW~s7Pa?M%x(~cNO<WijX
zgvh|wGNbO_E5^y4iAKaE8$N`+9q-<AMGJ9gmGjv&_)Pi1f=Ll5nO*(jE$Cv!hJM`0
z`n*LBW4K-U{iXGqlGsyuDsgr$Q%gPIe!;YL`%^hQpCo((Nz{wOlR{gtP*p+v47F*l
z_pO#&ySvQm;}4)WAQe95jB7#^N0i(I`L1Samr6uC4Iw+=ZssY{gz;^l!66rsWGGon
zsphXEm~1?>6)+p!j^<szm;%14?oOFi|Nl!N)=#B)dZ&w>_}+E1jB(C?gSkx#G=JT5
z5$Rx@#t#5Cms}UD&jw;@wp)PFh@`LJLTVlF78X!~eS3xh{P*?=yRVhk7wgYwBo)mi
ztO3w31(@o?+9O&K>1-^UL&Qx{q9mUvtgE{f;B5o5ce8)8;@QvO`wmeK^kbhc>jZvD
z2}5H+Rw>)^M_5%~SMDlT$h3CHp-mv}-DqEG#G3lwdJP1b1kC^McOu+mr70?0?_M;p
z{4&XRo!uA&EJgfcKN!rNnC^2XH^PGBL~-dtx3G!K(5s-=8(yOiBOg-<74y^c_+yK{
zMVGrhK-{4q&_gCc(MXl%<NS{ktT(Ba^K@zmO_u^^dSY#c$xfW6m(x4vl?IE=V$X5o
zBSR7lovws$5Q0EHA#8vS%*<k_Dvw|G2e+&EaaX3D7Vs&7X|AT@x*4y7837DJIcIpg
z2?CB*>TciQP>00h#u?a1P{#G{_DzbeJTA2AtQ6{wUE5x_S{C*dpYI~vV7MP1b7S?N
z#Vw}{o9LiVefA2o9`oag7kgI>rry}}smivz{qN;WD&$~IwsjE{M-*M2Ur1GCJ@S1f
Ko_#Z89&vP9An?@y

literal 0
HcmV?d00001

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 249c67a3aed..1b52dd6dc7e 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -2,13 +2,18 @@
 name: Build
 
 on:
+  schedule:
+    - cron: '48 9 * * 4'
+  pull_request:
+    branches:
+      - "main"
   push:
-    branches-ignore:
-      - "l10n_master"
-      - "gh-pages"
+    branches:
+      - "main"
     paths-ignore:
       - ".github/workflows/**"
   workflow_dispatch:
+    inputs: {}
 
 env:
   main_app_folder_path: src/App
@@ -59,233 +64,6 @@ jobs:
             echo "hotfix_branch_exists=0" >> $GITHUB_OUTPUT
           fi
 
-
-  android:
-    name: Android
-    runs-on: windows-2022
-    needs: setup
-    strategy:
-      fail-fast: false
-      matrix:
-        variant: ["prod", "qa"]
-    env:
-      android_folder_path: src\App\Platforms\Android
-      android_folder_path_bash: src/App/Platforms/Android
-    steps:
-      - name: Setup NuGet
-        uses: nuget/setup-nuget@a21f25cd3998bf370fde17e3f1b4c12c175172f9 # v2.0.0
-        with:
-          nuget-version: 6.4.0
-
-      - name: Set up .NET
-        uses: actions/setup-dotnet@6bd8b7f7774af54e05809fcc5431931b3eb1ddee # v4.0.1
-        with:
-          dotnet-version: '8.0.x'
-
-      - name: Set up MSBuild
-        uses: microsoft/setup-msbuild@6fb02220983dee41ce7ae257b6f4d8f9bf5ed4ce # v2.0.0
-
-      - name: Setup Windows builder
-        run: choco install checksum --no-progress
-
-      - name: Install Microsoft OpenJDK 11
-        run: |
-          choco install microsoft-openjdk11 --no-progress
-          Write-Output "JAVA_HOME=$(Get-ChildItem -Path 'C:\Program Files\Microsoft\jdk*' | `
-            Select -First 1 -ExpandProperty FullName)" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          Write-Output "Java Home: $env:JAVA_HOME"
-
-      - name: Print environment
-        run: |
-          nuget help | grep Version
-          msbuild -version
-          dotnet --info
-          echo "GitHub ref: $GITHUB_REF"
-          echo "GitHub event: $GITHUB_EVENT"
-
-      - name: Checkout repo
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-        with:
-          fetch-depth: 0
-
-      - name: Login to Azure - CI Subscription
-        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
-        with:
-          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-
-      - name: Download secrets
-        env:
-          ACCOUNT_NAME: bitwardenci
-          CONTAINER_NAME: mobile
-        run: |
-          mkdir -p $HOME/secrets
-
-          az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
-          --name app_play-keystore.jks --file ./${{ env.android_folder_path_bash }}/app_play-keystore.jks --output none
-          az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
-          --name app_upload-keystore.jks --file ./${{ env.android_folder_path_bash }}/app_upload-keystore.jks --output none
-          az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
-          --name play_creds.json --file $HOME/secrets/play_creds.json --output none
-        shell: bash
-
-      - name: Download secrets - Google Services
-        if: ${{ matrix.variant == 'prod' }}
-        env:
-          ACCOUNT_NAME: bitwardenci
-          CONTAINER_NAME: mobile
-        run: |
-          az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
-          --name google-services.json --file ./${{ env.android_folder_path_bash }}/google-services.json --output none
-        shell: bash
-
-      - name: Increment version
-        run: |
-          BUILD_NUMBER=$((11000 + $GITHUB_RUN_NUMBER))
-          echo "##### Setting Android Version Code to $BUILD_NUMBER" | tee -a $GITHUB_STEP_SUMMARY
-
-          sed -i "s/android:versionCode=\"1\"/android:versionCode=\"$BUILD_NUMBER\"/" \
-            ./${{ env.android_folder_path_bash }}/AndroidManifest.xml
-        shell: bash
-
-      - name: Restore packages
-        run: nuget restore
-
-      - name: Restore tools
-        run: dotnet tool restore
-
-      # - name: Run Core tests
-      #   run: |
-      #     dotnet test test/Core.Test/Core.Test.csproj --logger "trx;LogFileName=test-results.trx" `
-      #       /p:CustomConstants=UT
-
-      # - name: Report test results
-      #   uses: dorny/test-reporter@eaa763f6ffc21c7a37837f56cd5f9737f27fc6c8 # v1.8.0
-      #   if: always()
-      #   with:
-      #     name: Test Results
-      #     path: "**/test-results.trx"
-      #     reporter: dotnet-trx
-      #     fail-on-error: true
-
-      - name: Build Play Store publisher
-        if: ${{ matrix.variant == 'prod' }}
-        run: dotnet build .\store\google\Publisher\Publisher.csproj /p:Configuration=Release
-
-      - name: Setup Android build  (${{ matrix.variant }})
-        run: dotnet cake build.cake --target Android --variant ${{ matrix.variant }}
-
-      - name: Build & Sign Android
-        env:
-          PLAY_KEYSTORE_PASSWORD: ${{ secrets.PLAY_KEYSTORE_PASSWORD }}
-          UPLOAD_KEYSTORE_PASSWORD: ${{ secrets.UPLOAD_KEYSTORE_PASSWORD }}
-        run: |
-          $projToBuild = "$($env:GITHUB_WORKSPACE)/${{ env.main_app_project_path }}";
-          $packageName = "com.x8bit.bitwarden";
-
-          if ("${{ matrix.variant }}" -ne "prod")
-          {
-            $packageName = "com.x8bit.bitwarden.${{ matrix.variant }}";
-          }
-          Write-Output "##### Sign Google Play Bundle Release Configuration"
-
-          $signingUploadKeyStore = "$($env:GITHUB_WORKSPACE)\${{ env.android_folder_path }}\app_upload-keystore.jks"
-          dotnet publish $projToBuild -c Release -f ${{ env.target-net-version }}-android `
-            /p:AndroidPackageFormats=aab `
-            /p:AndroidKeyStore=true `
-            /p:AndroidSigningKeyStore=$signingUploadKeyStore `
-            /p:AndroidSigningKeyAlias=upload `
-            /p:AndroidSigningKeyPass="$($env:UPLOAD_KEYSTORE_PASSWORD)" `
-            /p:AndroidSigningStorePass="$($env:UPLOAD_KEYSTORE_PASSWORD)" --no-restore
-
-          Write-Output "##### Copy Google Play Bundle to project root"
-
-          $signedAabPath = "$($env:GITHUB_WORKSPACE)\${{ env.main_app_folder_path }}\bin\Release\${{ env.target-net-version }}-android\publish\$($packageName)-Signed.aab";
-          $signedAabDestPath = "$($env:GITHUB_WORKSPACE)\$($packageName).aab";
-          Copy-Item $signedAabPath $signedAabDestPath
-
-          Write-Output "##### Sign APK Release Configuration"
-
-          $signingPlayKeyStore = "$($env:GITHUB_WORKSPACE)\${{ env.android_folder_path }}\app_play-keystore.jks"
-          dotnet publish $projToBuild -c Release -f ${{ env.target-net-version }}-android `
-            /p:AndroidKeyStore=true `
-            /p:AndroidSigningKeyStore=$signingPlayKeyStore `
-            /p:AndroidSigningKeyAlias=bitwarden `
-            /p:AndroidSigningKeyPass="$($env:PLAY_KEYSTORE_PASSWORD)" `
-            /p:AndroidSigningStorePass="$($env:PLAY_KEYSTORE_PASSWORD)" --no-restore
-
-          Write-Output "##### Copy Release APK to project root"
-
-          $signedApkPath = "$($env:GITHUB_WORKSPACE)\${{ env.main_app_folder_path }}\bin\Release\${{ env.target-net-version }}-android\publish\$($packageName)-Signed.apk";
-          $signedApkDestPath = "$($env:GITHUB_WORKSPACE)\$($packageName).apk";
-          Copy-Item $signedApkPath $signedApkDestPath
-
-      - name: Upload Prod .aab artifact
-        if: ${{ matrix.variant == 'prod' }}
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
-        with:
-          name: com.x8bit.bitwarden.aab
-          path: ./com.x8bit.bitwarden.aab
-          if-no-files-found: error
-
-      - name: Upload Prod .apk artifact
-        if: ${{ matrix.variant == 'prod' }}
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
-        with:
-          name: com.x8bit.bitwarden.apk
-          path: ./com.x8bit.bitwarden.apk
-          if-no-files-found: error
-
-      - name: Upload Other .apk artifact
-        if: ${{ matrix.variant != 'prod' }}
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
-        with:
-          name: com.x8bit.bitwarden.${{ matrix.variant }}.apk
-          path: ./com.x8bit.bitwarden.${{ matrix.variant }}.apk
-          if-no-files-found: error
-
-      - name: Create checksum for Prod .apk artifact
-        if: ${{ matrix.variant == 'prod' }}
-        run: |
-          checksum -f="./com.x8bit.bitwarden.apk" `
-            -t sha256 | Out-File -Encoding ASCII ./bw-android-apk-sha256.txt
-
-      - name: Create checksum for Other .apk artifact
-        if: ${{ matrix.variant != 'prod' }}
-        run: |
-          checksum -f="./com.x8bit.bitwarden.${{ matrix.variant }}.apk" `
-            -t sha256 | Out-File -Encoding ASCII ./bw-android-${{ matrix.variant }}-apk-sha256.txt
-
-      - name: Upload .apk sha file for prod
-        if: ${{ matrix.variant == 'prod' }}
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
-        with:
-          name: bw-android-apk-sha256.txt
-          path: ./bw-android-apk-sha256.txt
-          if-no-files-found: error
-
-      - name: Upload .apk sha file for other
-        if: ${{ matrix.variant != 'prod' }}
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
-        with:
-          name: bw-android-${{ matrix.variant }}-apk-sha256.txt
-          path: ./bw-android-${{ matrix.variant }}-apk-sha256.txt
-          if-no-files-found: error
-
-      - name: Deploy to Play Store
-        if: ${{ matrix.variant == 'prod' && (( github.ref == 'refs/heads/main'
-          && needs.setup.outputs.rc_branch_exists == 0
-          && needs.setup.outputs.hotfix_branch_exists == 0)
-          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
-          || github.ref == 'refs/heads/hotfix-rc' ) }}
-        run: |
-          $publisherPath = "$($env:GITHUB_WORKSPACE)\store\google\Publisher\bin\Release\net8.0\Publisher.dll"
-          $credsPath = "$($HOME)\secrets\play_creds.json"
-          $aabPath = "$($env:GITHUB_WORKSPACE)\com.x8bit.bitwarden.aab"
-          $track = "internal"
-
-          dotnet $publisherPath $credsPath $aabPath $track
-
-
   f-droid:
     name: F-Droid Build
     runs-on: windows-2022
@@ -293,6 +71,8 @@ jobs:
       android_folder_path: src\App\Platforms\Android
       android_folder_path_bash: src/App/Platforms/Android
       android_manifest_path: src/App/Platforms/Android/AndroidManifest.xml
+    permissions:
+      checks: write
     steps:
       - name: Setup NuGet
         uses: nuget/setup-nuget@a21f25cd3998bf370fde17e3f1b4c12c175172f9 # v2.0.0
@@ -303,18 +83,18 @@ jobs:
         uses: actions/setup-dotnet@6bd8b7f7774af54e05809fcc5431931b3eb1ddee # v4.0.1
         with:
           dotnet-version: '8.0.x'
-
+          
       - name: Set up MSBuild
         uses: microsoft/setup-msbuild@6fb02220983dee41ce7ae257b6f4d8f9bf5ed4ce # v2.0.0
 
       - name: Setup Windows builder
         run: choco install checksum --no-progress
 
-      - name: Install Microsoft OpenJDK 11
-        run: |
-          choco install microsoft-openjdk11 --no-progress
-          Write-Output "JAVA_HOME=$(Get-ChildItem -Path 'C:\Program Files\Microsoft\jdk*' | Select -First 1 -ExpandProperty FullName)" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-          Write-Output "Java Home: $env:JAVA_HOME"
+      - name: Setup Java 11
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'microsoft'
+          java-version: '11'
 
       - name: Print environment
         run: |
@@ -327,24 +107,19 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
-      - name: Login to Azure - CI Subscription
-        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
-        with:
-          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-
-      - name: Download secrets
+      - name: Decrypt secrets
         env:
-          ACCOUNT_NAME: bitwardenci
-          CONTAINER_NAME: mobile
-          FILE: app_fdroid-keystore.jks
+          DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }}
         run: |
-          az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME --name $FILE \
-            --file ${{ env.android_folder_path_bash }}/$FILE --output none
+          mkdir -p ~/secrets
+
+          gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \
+            --output ${{ env.android_folder_path_bash }}/app_fdroid-keystore.jks ./.github/secrets/app_fdroid-keystore.jks.gpg
         shell: bash
 
       - name: Increment version
         run: |
-          BUILD_NUMBER=$((11000 + $GITHUB_RUN_NUMBER))
+          BUILD_NUMBER=$((12000 + $GITHUB_RUN_NUMBER))
           echo "##### Setting F-Droid Version Code to $BUILD_NUMBER" | tee -a $GITHUB_STEP_SUMMARY
 
           sed -i "s/android:versionCode=\"1\"/android:versionCode=\"$BUILD_NUMBER\"/" \
@@ -382,6 +157,7 @@ jobs:
       - name: Build & Sign F-Droid
         env:
           FDROID_KEYSTORE_PASSWORD: ${{ secrets.FDROID_KEYSTORE_PASSWORD }}
+          FDROID_KEY_PASSWORD: ${{ secrets.FDROID_KEY_PASSWORD }}
         run: |
           $projToBuild = "$($env:GITHUB_WORKSPACE)\${{ env.main_app_project_path }}";
           $packageName = "com.x8bit.bitwarden";
@@ -392,8 +168,8 @@ jobs:
           dotnet build $projToBuild -c Release -f ${{ env.target-net-version }}-android `
             /p:AndroidKeyStore=true `
             /p:AndroidSigningKeyStore=$signingFdroidKeyStore `
-            /p:AndroidSigningKeyAlias=bitwarden `
-            /p:AndroidSigningKeyPass="$($env:FDROID_KEYSTORE_PASSWORD)" `
+            /p:AndroidSigningKeyAlias=nibblewarden `
+            /p:AndroidSigningKeyPass="$($env:FDROID_KEY_PASSWORD)" `
             /p:AndroidSigningStorePass="$($env:FDROID_KEYSTORE_PASSWORD)" ` --no-restore
 
           Write-Output "##### Copy FDroid apk to project root"
@@ -423,354 +199,25 @@ jobs:
           if-no-files-found: error
 
 
-  ios:
-    name: Apple iOS
-    runs-on: macos-14
-    needs: setup
-    env:
-      ios_folder_path: src/App/Platforms/iOS
-      app_output_name: App
-      app_ci_output_filename: App_x64_Debug
-    steps:
-      - name: Set XCode version
-        uses: maxim-lobanov/setup-xcode@60606e260d2fc5762a71e64e74b2174e8ea3c8bd # v1.6.0
-        with:
-          xcode-version: 15.1
-
-      - name: Setup NuGet
-        uses: nuget/setup-nuget@a21f25cd3998bf370fde17e3f1b4c12c175172f9 # v2.0.0
-        with:
-          nuget-version: 6.4.0
-
-      - name: Set up .NET
-        uses: actions/setup-dotnet@6bd8b7f7774af54e05809fcc5431931b3eb1ddee # v4.0.1
-        with:
-          dotnet-version: '8.0.x'
-
-      # This step might be obsolete at some point as .NET MAUI workloads
-      # are starting to come pre-installed on the GH Actions build agents.
-      - name: Install MAUI Workload
-        run: dotnet workload install maui --ignore-failed-sources
-
-      - name: Print environment
-        run: |
-          nuget help | grep Version
-          dotnet --info
-          echo "GitHub ref: $GITHUB_REF"
-          echo "GitHub event: $GITHUB_EVENT"
-
-      - name: Checkout repo
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-        with:
-          submodules: 'true'
-
-      - name: Login to Azure - CI Subscription
-        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
-        with:
-          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-
-      - name: Retrieve secrets
-        id: retrieve-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: "bitwarden-ci"
-          secrets: "appcenter-ios-token"
-
-      - name: Download Provisioning Profiles secrets
-        env:
-          ACCOUNT_NAME: bitwardenci
-          CONTAINER_NAME: profiles
-        run: |
-          mkdir -p $HOME/secrets
-          profiles=(
-              "dist_autofill.mobileprovision"
-              "dist_bitwarden.mobileprovision"
-              "dist_extension.mobileprovision"
-              "dist_share_extension.mobileprovision"
-              "dist_bitwarden_watch_app.mobileprovision"
-              "dist_bitwarden_watch_app_extension.mobileprovision"
-          )
-
-          for FILE in "${profiles[@]}"
-          do
-            az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME --name $FILE \
-              --file $HOME/secrets/$FILE --output none
-          done
-
-      - name: Download Google Services secret
-        env:
-          ACCOUNT_NAME: bitwardenci
-          CONTAINER_NAME: mobile
-          FILE: GoogleService-Info.plist
-        run: |
-          mkdir -p $HOME/secrets
-          az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME --name $FILE \
-            --file src/watchOS/bitwarden/$FILE --output none
-
-      - name: Increment version
-        run: |
-          BUILD_NUMBER=$((8000 + $GITHUB_RUN_NUMBER))
-          echo "##### Setting iOS CFBundleVersion to $BUILD_NUMBER" | tee -a $GITHUB_STEP_SUMMARY
-
-          perl -0777 -pi.bak -e 's/<key>CFBundleVersion<\/key>\s*<string>1<\/string>/<key>CFBundleVersion<\/key>\n\t<string>'"$BUILD_NUMBER"'<\/string>/' ./${{ env.ios_folder_path }}/Info.plist
-          perl -0777 -pi.bak -e 's/<key>CFBundleVersion<\/key>\s*<string>1<\/string>/<key>CFBundleVersion<\/key>\n\t<string>'"$BUILD_NUMBER"'<\/string>/' ./src/iOS.Extension/Info.plist
-          perl -0777 -pi.bak -e 's/<key>CFBundleVersion<\/key>\s*<string>1<\/string>/<key>CFBundleVersion<\/key>\n\t<string>'"$BUILD_NUMBER"'<\/string>/' ./src/iOS.Autofill/Info.plist
-          perl -0777 -pi.bak -e 's/<key>CFBundleVersion<\/key>\s*<string>1<\/string>/<key>CFBundleVersion<\/key>\n\t<string>'"$BUILD_NUMBER"'<\/string>/' ./src/iOS.ShareExtension/Info.plist
-          cd src/watchOS/bitwarden
-          agvtool new-version -all $BUILD_NUMBER
-
-      - name: Update Entitlements
-        run: |
-          echo "##### Updating Entitlements"
-          perl -0777 -pi.bak -e 's/<key>aps-environment<\/key>\s*<string>development<\/string>/<key>aps-environment<\/key>\n\t<string>production<\/string>/' ./${{ env.ios_folder_path }}/Entitlements.plist
-
-      - name: Get certificates
-        run: |
-          mkdir -p $HOME/certificates
-          az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/ios-distribution |
-            jq -r .value | base64 -d > $HOME/certificates/ios-distribution.p12
-
-      - name: Set up Keychain
-        env:
-          KEYCHAIN_PASSWORD: ${{ secrets.IOS_KEYCHAIN_PASSWORD }}
-        run: |
-          security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
-          security default-keychain -s build.keychain
-          security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain
-          security set-keychain-settings -lut 1200 build.keychain
-
-          security import $HOME/certificates/ios-distribution.p12 -k build.keychain -P "" -T /usr/bin/codesign \
-            -T /usr/bin/security
-          security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain
-
-      - name: Set up provisioning profiles
-        run: |
-          AUTOFILL_PROFILE_PATH=$HOME/secrets/dist_autofill.mobileprovision
-          BITWARDEN_PROFILE_PATH=$HOME/secrets/dist_bitwarden.mobileprovision
-          EXTENSION_PROFILE_PATH=$HOME/secrets/dist_extension.mobileprovision
-          SHARE_EXTENSION_PROFILE_PATH=$HOME/secrets/dist_share_extension.mobileprovision
-          WATCH_APP_PROFILE_PATH=$HOME/secrets/dist_bitwarden_watch_app.mobileprovision
-          WATCH_APP_EXTENSION_PROFILE_PATH=$HOME/secrets/dist_bitwarden_watch_app_extension.mobileprovision
-          PROFILES_DIR_PATH=$HOME/Library/MobileDevice/Provisioning\ Profiles
-
-          mkdir -p "$PROFILES_DIR_PATH"
-
-          AUTOFILL_UUID=$(grep UUID -A1 -a $AUTOFILL_PROFILE_PATH | grep -io "[-A-F0-9]\{36\}")
-          cp $AUTOFILL_PROFILE_PATH "$PROFILES_DIR_PATH/$AUTOFILL_UUID.mobileprovision"
-
-          BITWARDEN_UUID=$(grep UUID -A1 -a $BITWARDEN_PROFILE_PATH | grep -io "[-A-F0-9]\{36\}")
-          cp $BITWARDEN_PROFILE_PATH "$PROFILES_DIR_PATH/$BITWARDEN_UUID.mobileprovision"
-
-          EXTENSION_UUID=$(grep UUID -A1 -a $EXTENSION_PROFILE_PATH | grep -io "[-A-F0-9]\{36\}")
-          cp $EXTENSION_PROFILE_PATH "$PROFILES_DIR_PATH/$EXTENSION_UUID.mobileprovision"
-
-          SHARE_EXTENSION_UUID=$(grep UUID -A1 -a $SHARE_EXTENSION_PROFILE_PATH | grep -io "[-A-F0-9]\{36\}")
-          cp $SHARE_EXTENSION_PROFILE_PATH "$PROFILES_DIR_PATH/$SHARE_EXTENSION_UUID.mobileprovision"
-
-          WATCH_APP_UUID=$(grep UUID -A1 -a $WATCH_APP_PROFILE_PATH | grep -io "[-A-F0-9]\{36\}")
-          cp $WATCH_APP_PROFILE_PATH "$PROFILES_DIR_PATH/$WATCH_APP_UUID.mobileprovision"
-
-          WATCH_APP_EXTENSION_UUID=$(grep UUID -A1 -a $WATCH_APP_EXTENSION_PROFILE_PATH | grep -io "[-A-F0-9]\{36\}")
-          cp $WATCH_APP_EXTENSION_PROFILE_PATH "$PROFILES_DIR_PATH/$WATCH_APP_EXTENSION_UUID.mobileprovision"
-
-      - name: Restore packages
-        run: dotnet restore
-
-      - name: Bulid WatchApp
-        run: |
-          echo "##### Build WatchApp with Release Configuration"
-          xcodebuild archive -workspace ./src/watchOS/bitwarden/bitwarden.xcodeproj/project.xcworkspace -configuration Release -scheme bitwarden\ WatchKit\ App -archivePath ./src/watchOS/bitwarden
-
-      - name: Archive Build for App Store
-        run: |
-          echo "##### Archive for Release ios-arm64"
-          dotnet publish ${{ env.main_app_project_path }} -c Release -f ${{ env.target-net-version }}-ios /p:RuntimeIdentifier=ios-arm64 /p:ArchiveOnBuild=true /p:MtouchUseLlvm=false
-
-      - name: Archive Build for Mobile Automation
-        run: |
-          echo "##### Archive Debug for iossimulator-x64"
-          dotnet build ${{ env.main_app_project_path }} -c Debug -f ${{ env.target-net-version }}-ios /p:RuntimeIdentifier=iossimulator-x64 /p:ArchiveOnBuild=true /p:MtouchUseLlvm=false
-          ls $HOME/Library/Developer/Xcode/Archives
-
-      - name: Export .ipa for App Store
-        env:
-          EXPORT_OPTIONS_PATH: ./.github/resources/export-options-app-store.plist
-          EXPORT_PATH: ./bitwarden-export
-        run: |
-          ARCHIVE_PATH="$HOME/Library/Developer/Xcode/Archives/*/*.xcarchive"
-          xcodebuild -exportArchive -archivePath $ARCHIVE_PATH -exportPath $EXPORT_PATH \
-            -exportOptionsPlist $EXPORT_OPTIONS_PATH
-
-      - name: Export .app for Automation CI
-        env:
-          ARCHIVE_PATH: ./${{ env.main_app_folder_path }}/bin/Debug/${{ env.target-net-version }}-ios/iossimulator-x64
-          EXPORT_PATH: ./bitwarden-export
-        run: |
-          zip -r -q ${{ env.app_ci_output_filename }}.app.zip $ARCHIVE_PATH
-          mv ${{ env.app_ci_output_filename }}.app.zip $EXPORT_PATH
-
-      - name: Copy all dSYMs files to upload
-        env:
-          EXPORT_PATH: ./bitwarden-export
-          WATCH_ARCHIVE_DSYMS_PATH: ./src/watchOS/bitwarden.xcarchive/dSYMs/
-          WATCH_DSYMS_EXPORT_PATH: ./bitwarden-export/Watch_dSYMs
-        run: |
-          ARCHIVE_DSYMS_PATH="$HOME/Library/Developer/Xcode/Archives/*/*.xcarchive/dSYMs"
-          cp -r -v $ARCHIVE_DSYMS_PATH $EXPORT_PATH
-          mkdir $WATCH_DSYMS_EXPORT_PATH
-          cp -r -v $WATCH_ARCHIVE_DSYMS_PATH $WATCH_DSYMS_EXPORT_PATH
-
-      - name: Upload App Store .ipa & dSYMs artifacts
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
-        with:
-          name: Bitwarden iOS
-          path: |
-            ./bitwarden-export/Bitwarden.ipa
-            ./bitwarden-export/dSYMs/*.*
-          if-no-files-found: error
-
-      - name: Upload .app file for Automation CI
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
-        with:
-          name: ${{ env.app_ci_output_filename }}.app.zip
-          path: ./bitwarden-export/${{ env.app_ci_output_filename }}.app.zip
-          if-no-files-found: error
-
-      - name: Install AppCenter CLI
-        if: |
-          (github.ref == 'refs/heads/main'
-            && needs.setup.outputs.rc_branch_exists == 0
-            && needs.setup.outputs.hotfix_branch_exists == 0)
-          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
-          || github.ref == 'refs/heads/hotfix-rc'
-        run: npm install -g appcenter-cli
-
-      - name: Upload dSYMs to App Center
-        if: |
-          (github.ref == 'refs/heads/main'
-            && needs.setup.outputs.rc_branch_exists == 0
-            && needs.setup.outputs.hotfix_branch_exists == 0)
-          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
-          || github.ref == 'refs/heads/hotfix-rc'
-        env:
-          APPCENTER_IOS_TOKEN: ${{ steps.retrieve-secrets.outputs.appcenter-ios-token }}
-        run: appcenter crashes upload-symbols -a bitwarden/bitwarden -s "./bitwarden-export/dSYMs" --token $APPCENTER_IOS_TOKEN
-
-      - name: Upload Watch dSYMs to Firebase Crashlytics
-        if: |
-          (github.ref == 'refs/heads/main'
-            && needs.setup.outputs.rc_branch_exists == 0
-            && needs.setup.outputs.hotfix_branch_exists == 0)
-          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
-          || github.ref == 'refs/heads/hotfix-rc'
-        run: |
-          echo "##### Uploading Watch dSYMs to Firebase"
-          find "$HOME/Library/Developer/XCode/DerivedData" -name "upload-symbols" -exec chmod +x {} \; -exec {} -gsp "./src/watchOS/bitwarden/GoogleService-Info.plist" -p ios "./bitwarden-export/Watch_dSYMs" \;
-
-      - name: Validate app in App Store
-        if: |
-          (github.ref == 'refs/heads/master'
-            && needs.setup.outputs.rc_branch_exists == 0
-            && needs.setup.outputs.hotfix_branch_exists == 0)
-          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
-          || github.ref == 'refs/heads/hotfix-rc'
-        env:
-          APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }}
-          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
-        run: |
-          xcrun altool --validate-app --type ios --file "./bitwarden-export/Bitwarden.ipa" \
-              --username "$APPLE_ID_USERNAME" --password "$APPLE_ID_PASSWORD"
-
-      - name: Deploy to App Store
-        if: |
-          (github.ref == 'refs/heads/main'
-            && needs.setup.outputs.rc_branch_exists == 0
-            && needs.setup.outputs.hotfix_branch_exists == 0)
-          || (github.ref == 'refs/heads/rc' && needs.setup.outputs.hotfix_branch_exists == 0)
-          || github.ref == 'refs/heads/hotfix-rc'
-        env:
-          APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }}
-          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
-        run: |
-          xcrun altool --upload-app --type ios --file "./bitwarden-export/Bitwarden.ipa" \
-              --username "$APPLE_ID_USERNAME" --password "$APPLE_ID_PASSWORD"
-
-
-  crowdin-push:
-    name: Crowdin Push
-    if: github.ref == 'refs/heads/main'
-    needs:
-      - android
-      - f-droid
-      - ios
-    runs-on: ubuntu-22.04
-    env:
-      _CROWDIN_PROJECT_ID: "269690"
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-
-      - name: Login to Azure - CI Subscription
-        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
-        with:
-          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-
-      - name: Retrieve secrets
-        id: retrieve-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        with:
-          keyvault: "bitwarden-ci"
-          secrets: "crowdin-api-token"
-
-      - name: Upload Sources
-        uses: crowdin/github-action@61ac8b980551f674046220c3e104bddae2916ac5 # v2.0.0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
-        with:
-          config: crowdin.yml
-          crowdin_branch_name: main
-          upload_sources: true
-          upload_translations: false
-
-
   check-failures:
     name: Check for failures
     if: always()
     runs-on: ubuntu-22.04
     needs:
       - cloc
-      - android
       - f-droid
-      - ios
-      - crowdin-push
     steps:
       - name: Check if any job failed
         if: |
-          (github.ref == 'refs/heads/main'
-          || github.ref == 'refs/heads/rc'
-          || github.ref == 'refs/heads/hotfix-rc')
-          && contains(needs.*.result, 'failure')
-        run: exit 1
-
-      - name: Login to Azure - CI Subscription
-        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
-        if: failure()
-        with:
-          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-
-      - name: Retrieve secrets
-        id: retrieve-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@main
-        if: failure()
-        with:
-          keyvault: "bitwarden-ci"
-          secrets: "devops-alerts-slack-webhook-url"
-
-      - name: Notify Slack on failure
-        uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d # v2.1.0
-        if: failure()
+          (github.ref == 'refs/heads/main')
+          || (github.ref == 'refs/heads/rc')
+          || (github.ref == 'refs/heads/hotfix-rc')
         env:
-          SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}
-        with:
-          status: ${{ job.status }}
+          CLOC_STATUS: ${{ needs.cloc.result }}
+          F_DROID_STATUS: ${{ needs.f-droid.result }}
+        run: |
+          if [ "$CLOC_STATUS" = "failure" ]; then
+              exit 1
+          elif [ "$F_DROID_STATUS" = "failure" ]; then
+              exit 1
+          fi
diff --git a/src/App/App.csproj b/src/App/App.csproj
index 6a873347717..23f6a0cf5e4 100644
--- a/src/App/App.csproj
+++ b/src/App/App.csproj
@@ -44,7 +44,7 @@
     <AndroidEnableMultiDex>True</AndroidEnableMultiDex>
     <UseInterpreter>False</UseInterpreter>
     <DebugSymbols>False</DebugSymbols>
-    <RunAOTCompilation>False</RunAOTCompilation>
+    <RunAOTCompilation>true</RunAOTCompilation>
     <AndroidSupportedAbis>armeabi-v7a;x86;x86_64;arm64-v8a</AndroidSupportedAbis>
     <JavaMaximumHeapSize>1G</JavaMaximumHeapSize>
     <EmbedAssembliesIntoApk>true</EmbedAssembliesIntoApk>