Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add MSIX installer to GitHub workflow #3331

Open
wants to merge 14 commits into
base: main
Choose a base branch
from
84 changes: 84 additions & 0 deletions .github/workflows/git-artifacts.yml
Original file line number Diff line number Diff line change
Expand Up @@ -516,3 +516,87 @@ jobs:
with:
name: nuget-x86_64
path: artifacts
msix:
runs-on: windows-latest
needs: artifacts
steps:
- name: Download portable-arm64 artifacts
uses: actions/download-artifact@v1
with:
name: portable-arm64
path: portable
- name: Download portable-x86_64 artifacts
uses: actions/download-artifact@v1
with:
name: portable-x86_64
path: portable
- name: Download portable-i686 artifacts
uses: actions/download-artifact@v1
with:
name: portable-i686
path: portable
- name: Find filenames
run: |
$filename_arm64 = (Get-ChildItem portable\*arm64.7z.exe)[0].FullName
$filename_x64 = (Get-ChildItem portable\*64-bit.7z.exe)[0].FullName
$filename_x86 = (Get-ChildItem portable\*32-bit.7z.exe)[0].FullName
rimrul marked this conversation as resolved.
Show resolved Hide resolved
Write-Output "FILENAMEX64=$($filename_x64)" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
Write-Output "FILENAMEX86=$($filename_x86)" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
Write-Output "FILENAMEARM64=$($filename_arm64)" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
- name: Extract portable x64 artifacts
uses: DuckSoft/extract-7z-action@v1.0
with:
pathSource: ${{ env.FILENAMEX64 }}
pathTarget: build/x64
- name: Extract portable x86 artifacts
uses: DuckSoft/extract-7z-action@v1.0
with:
pathSource: ${{ env.FILENAMEX86 }}
pathTarget: build/x86
- name: Extract portable arm64 artifacts
uses: DuckSoft/extract-7z-action@v1.0
with:
pathSource: ${{ env.FILENAMEARM64 }}
pathTarget: build/arm64
- name: Show content of build
run: |
gci build
- name: Clone build-extra
run: git clone --single-branch -b msix https://github.com/davidanthoff/build-extra build-extra
- name: Create folder for store and msix version
run: |
md buildmsix
md buildstore
- name: Write packaging layout files
run: |
. build-extra\msix\create_packaginglayout_file.ps1
Write-PackageLayoutFile "1.0.0.0" (Join-Path -Path $pwd -ChildPath "buildmsix\PackagingLayout.xml")
Write-PackageLayoutFile "1.0.0.0" (Join-Path -Path $pwd -ChildPath "buildstore\PackagingLayout.xml")
Write-AppxManifest "1.0.0.0" "CN=Johannes Schindelin, O=Johannes Schindelin, L=Köln, S=North Rhine-Westphalia, C=DE" (Join-Path -Path $pwd -ChildPath "buildmsix\appxmanifest.xml")
Write-AppxManifest "1.0.0.0" "CN=82A13EFD-FE37-4EFC-8BA4-1C3E9EFE5F23" (Join-Path -Path $pwd -ChildPath "buildstore\appxmanifest.xml")
- name: Delete WebView2Loader.dll
run: |
Remove-Item build\x64\mingw64\libexec\git-core\WebView2Loader.dll
Remove-Item build\x86\mingw32\libexec\git-core\WebView2Loader.dll
Remove-Item build\arm64\mingw32\libexec\git-core\WebView2Loader.dll
- name: Build Standalone MSIX
run: |
push-location buildmsix
&"C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x64\MakeAppx.exe" build /f PackagingLayout.xml /op . /pv 1.0.0.0 /bv 1.0.0.0
pop-location
- name: Build Store MSIX
run: |
push-location buildstore
&"C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x64\MakeAppx.exe" build /f PackagingLayout.xml /op . /pv 1.0.0.0 /bv 1.0.0.0
pop-location
- name: Sign standalone MSIX
run: |
Write-Output "Here we should sign the appxbundle that is in the buildstore folder with signtool."
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can use the signtool.exe, but I don't know where to find it. Maybe there is a default location, or an environment variable to find it?

Also, this step should be conditional on finding the secret variables, just like it was done here:

- name: Prepare home directory for code-signing
env:
CODESIGN_P12: ${{secrets.CODESIGN_P12}}
CODESIGN_PASS: ${{secrets.CODESIGN_PASS}}
if: env.SKIP != 'true' && env.CODESIGN_P12 != '' && env.CODESIGN_PASS != ''
shell: bash
run: |
cd home &&
mkdir -p .sig &&
echo -n "$CODESIGN_P12" | tr % '\n' | base64 -d >.sig/codesign.p12 &&
echo -n "$CODESIGN_PASS" >.sig/codesign.pass
git config --global alias.signtool '!sh "/usr/src/build-extra/signtool.sh"'

Sadly, you won't be able to use the sign-tool.sh from build-extra as in the linked workflow: it uses osslsigncode, which is unable to sign .appx/.msix files. But you should be able to use signtool.exe because the workflow is designed to run in GitHub Actions' agents, which have all kinds of software preinstalled, including the Windows Software Kit (or however it is called).

- uses: actions/upload-artifact@v2
with:
name: msixinstallerstandalone
path: buildmsix\*.appxbundle
- uses: actions/upload-artifact@v2
with:
name: msixinstallerstore
path: buildstore\*.appxbundle