Use CircleCI version 2.1 at the top of your .circleci/config.yml file.
1
version: 2.1
Add the orbs
stanza below your version, invoking the orb:
1
2
orbs:
microsoft-msix: circleci/microsoft-msix@1.1.1
Use microsoft-msix
elements in your existing workflows and jobs.
Create an MSIX installer from a given AppManifest and prebuilt executable. msix/sign expects a certificate to be imported, either through environment variables or some other means.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
version: '2.1'
orbs:
msix: circleci/microsoft-msix@1.0
win: circleci/windows@2.4.0
jobs:
using-sln:
executor:
name: win/default
steps:
- checkout
- msix/pack:
manifest-file: appxmanifest.xml
mapping-file: mapping.txt
using-sln: false
- msix/sign:
import-cert: true
workflows:
build:
jobs:
- using-sln
Create an MSIX installer from a given Visual Studio Solution. msix/pack expects a certificate to be imported, either through environment variables or some other means.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
version: '2.1'
orbs:
msix: circleci/microsoft-msix@1.0
win: circleci/windows@2.4.0
jobs:
using-sln:
executor:
name: win/default
steps:
- checkout
- msix/pack:
import-cert: true
workflows:
build:
jobs:
- using-sln
Create a 32-bit MSIX installer from a given Visual Studio Solution.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
version: '2.1'
orbs:
msix: circleci/microsoft-msix@1.0
win: circleci/windows@2.4.0
jobs:
using-sln:
executor:
name: win/default
steps:
- checkout
- msix/pack:
import-cert: true
parameters: /p:Platform=x86
workflows:
build:
jobs:
- using-sln
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
certificate-password | Environment variable containing the password used to decrypt the
certificate file.
| No | MSIX_CERTIFICATE_PASSWORD | env_var_name |
import-cert | Automatically import a certificate into the machine's store based on the
values of signing-cert and certificate-password. Set this to false if you
will be importing your certificate in some other way (e.g Hashicorp
Vault).
| No | true | boolean |
manifest-file | Manifest file to use when building MSIX without source code. | No | '' | string |
mapping-file | Mapping file to use when building MSIX without source code. | No | '' | string |
package-name | Output package name | No | package | string |
parameters | Parameters to pass to either Makeappx.exe or MSBuild.exe, depending on the
value of using-sln.
| No | '' | string |
sdk-version | Windows SDK version to use when invoking Makeappx.exe. | No | 10.0.17763.0 | string |
signing-cert | Environment variable name for the base64-encoded signing certificate.
| No | MSIX_SIGNING_CERTIFICATE | env_var_name |
using-sln | Build an MSIX package from a solution file. Set this to false if you have
a prebuilt or existing executable file. This determine whether your
package is built using msbuild or makeappx.
| No | true | boolean |
working-dir | Working directory | No | ~/project | string |
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
certificate-fingerprint | Fingerprint of the certificate to sign the application with. | No | '' | string |
certificate-password | Environment variable containing the password used to decrypt the
certificate file.
| No | MSIX_CERTIFICATE_PASSWORD | env_var_name |
import-cert | Automatically import a certificate into the machine's store based on the
values of signing-cert and certificate-password. Set this to false if you
will be importing your certificate in some other way (e.g Hashicorp
Vault).
| No | true | boolean |
package-name | Name of the package to sign. | Yes | - | string |
parameters | Parameters to pass to SignTool.exe.
| No | '' | string |
sdk-version | Windows SDK version to use when invoking Makeappx.exe. | No | 10.0.17763.0 | string |
signing-cert | Environment variable name for the base64-encoded signing certificate.
| No | MSIX_SIGNING_CERTIFICATE | env_var_name |
working-dir | Working directory | No | ~/project | string |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
# This code is licensed from CircleCI to the user under the MIT license.
# See here for details: https://circleci.com/developer/orbs/licensing
version: 2.1
description: |
Easily build MSIX and AppX packages on CircleCI.
display:
home_url: https://docs.microsoft.com/en-us/windows/msix/overview
source_url: https://www.github.com/CircleCI-Public/microsoft-msix-orb
orbs:
win: circleci/windows@2
commands:
pack:
parameters:
certificate-password:
default: MSIX_CERTIFICATE_PASSWORD
description: |
Environment variable containing the password used to decrypt the
certificate file.
type: env_var_name
import-cert:
default: true
description: |
Automatically import a certificate into the machine's store based on the
values of signing-cert and certificate-password. Set this to false if you
will be importing your certificate in some other way (e.g Hashicorp
Vault).
type: boolean
manifest-file:
default: ""
description: Manifest file to use when building MSIX without source code.
type: string
mapping-file:
default: ""
description: Mapping file to use when building MSIX without source code.
type: string
package-name:
default: package
description: Output package name
type: string
parameters:
default: ""
description: |
Parameters to pass to either Makeappx.exe or MSBuild.exe, depending on the
value of using-sln.
type: string
sdk-version:
default: 10.0.17763.0
description: Windows SDK version to use when invoking Makeappx.exe.
type: string
signing-cert:
default: MSIX_SIGNING_CERTIFICATE
description: |
Environment variable name for the base64-encoded signing certificate.
type: env_var_name
using-sln:
default: true
description: |
Build an MSIX package from a solution file. Set this to false if you have
a prebuilt or existing executable file. This determine whether your
package is built using msbuild or makeappx.
type: boolean
working-dir:
default: ~/project
description: Working directory
type: string
steps:
- when:
condition: <<parameters.using-sln>>
steps:
- run:
command: "$ErrorActionPreference = \"Stop\" \n\n$default_parameters = \"/p:Platform=x64\"\n\n$parameters = if (\"\" -ne $Env:PACK_PARAMETERS) {\n $Env:PACK_PARAMETERS\n} else { $default_parameters }\n\n$msbuild = \"'${Env:ProgramFiles(x86)}\\Microsoft Visual Studio\\2019\\Community\\MSBuild\\Current\\Bin\\MSBuild.exe'\"\n\nif ($Env:PACK_IMPORT_CERT -eq 1) {\n Import-Module -SkipEditionCheck PKI\n $certificate = $ExecutionContext.InvokeCommand.ExpandString($Env:PACK_SIGNING_CERT)\n $cert_pass = $ExecutionContext.InvokeCommand.ExpandString($Env:PACK_CERT_PASSWORD)\n\n [System.Convert]::FromBase64String($certificate) | Set-Content Temp:\\cert.pfx -AsByteStream\n Import-PfxCertificate -FilePath Temp:\\cert.pfx -Password (ConvertTo-SecureString -String \"$cert_pass\" -AsPlainText -Force) -CertStoreLocation Cert:\\CurrentUser\\My\n}\n\"& $msbuild $parameters\" | Invoke-Expression\n\n$compress = @{\n Path = \"AppPackages\"\n CompressionLevel = \"Fastest\"\n DestinationPath = \"AppPackages.zip\"\n}\nCompress-Archive @compress\n"
environment:
PACK_CERT_PASSWORD: $Env:<<parameters.certificate-password>>
PACK_IMPORT_CERT: <<parameters.import-cert>>
PACK_PACKAGE_NAME: <<parameters.package-name>>
PACK_PARAMETERS: <<parameters.parameters>>
PACK_SIGNING_CERT: $Env:<<parameters.signing-cert>>
PACK_WINDOWS_SDK: <<parameters.sdk-version>>
name: Build MSIX solution
shell: pwsh
working_directory: <<parameters.working-dir>>
- store_artifacts:
path: <<parameters.working-dir>>/AppPackages.zip
- persist_to_workspace:
paths:
- AppPackages
root: <<parameters.working-dir>>
- unless:
condition: <<parameters.using-sln>>
steps:
- run:
command: |
$ErrorActionPreference = "Stop"
$default_parameters = "/m $Env:PACK_MANIFEST_FILE /f $Env:PACK_MAP_FILE /p $Env:PACK_PACKAGE_NAME"
$parameters = if ("" -ne $Env:PACK_PARAMETERS) {
$Env:PACK_PARAMETERS
} else { $default_parameters }
$makeappx = "'${Env:ProgramFiles(x86)}\Windows Kits\10\bin\${Env:PACK_WINDOWS_SDK}\x64\makeappx.exe'"
"& $makeappx pack $parameters" | Invoke-Expression
environment:
PACK_CERT_PASSWORD: $Env:<<parameters.certificate-password>>
PACK_IMPORT_CERT: <<parameters.import-cert>>
PACK_MANIFEST_FILE: <<parameters.manifest-file>>
PACK_MAP_FILE: <<parameters.mapping-file>>
PACK_PACKAGE_NAME: <<parameters.package-name>>
PACK_PARAMETERS: <<parameters.parameters>>
PACK_SIGNING_CERT: $Env:<<parameters.signing-cert>>
PACK_WINDOWS_SDK: <<parameters.sdk-version>>
name: Build MSIX installer with executable
shell: pwsh
working_directory: <<parameters.working-dir>>
- store_artifacts:
path: <<parameters.working-dir>>/<<parameters.package-name>>.appx
- persist_to_workspace:
paths:
- '*.appx'
root: <<parameters.working-dir>>
sign:
parameters:
certificate-fingerprint:
default: ""
description: Fingerprint of the certificate to sign the application with.
type: string
certificate-password:
default: MSIX_CERTIFICATE_PASSWORD
description: |
Environment variable containing the password used to decrypt the
certificate file.
type: env_var_name
import-cert:
default: true
description: |
Automatically import a certificate into the machine's store based on the
values of signing-cert and certificate-password. Set this to false if you
will be importing your certificate in some other way (e.g Hashicorp
Vault).
type: boolean
package-name:
description: Name of the package to sign.
type: string
parameters:
default: ""
description: |
Parameters to pass to SignTool.exe.
type: string
sdk-version:
default: 10.0.17763.0
description: Windows SDK version to use when invoking Makeappx.exe.
type: string
signing-cert:
default: MSIX_SIGNING_CERTIFICATE
description: |
Environment variable name for the base64-encoded signing certificate.
type: env_var_name
working-dir:
default: ~/project
description: Working directory
type: string
steps:
- run:
command: "$ErrorActionPreference = \"Stop\" \n\n$default_parameters = \"${Env:SIGN_PACKAGE_NAME}.appx\"\n\n$p = if (\"\" -ne $Env:SIGN_PARAMETERS) {\n $Env:SIGN_PARAMETERS\n} else { $default_parameters }\n\nif ($Env:SIGN_FINGERPRINT -ne \"\") {\n $parameters = \"/sha1 $Env:SIGN_FINGERPRINT \" + $p\n} else {\n $parameters = \"/a \" + $p\n}\n\nif ($Env:SIGN_IMPORT_CERT -eq 1) {\n Import-Module -SkipEditionCheck PKI\n\n $certificate = $ExecutionContext.InvokeCommand.ExpandString($Env:SIGN_SIGNING_CERT)\n $cert_pass = $ExecutionContext.InvokeCommand.ExpandString($Env:SIGN_CERT_PASSWORD)\n\n [System.Convert]::FromBase64String($certificate) | Set-Content Temp:\\cert.pfx -AsByteStream\n Import-PfxCertificate -FilePath Temp:\\cert.pfx -Password (ConvertTo-SecureString -String \"$cert_pass\" -AsPlainText -Force) -CertStoreLocation Cert:\\LocalMachine\\My\n}\n\n$signtool = \"'${Env:ProgramFiles(x86)}\\Windows Kits\\10\\bin\\${Env:SIGN_WINDOWS_SDK}\\x64\\signtool.exe'\"\n\n\"& $signtool sign $parameters\" | Invoke-Expression\n"
environment:
SIGN_CERT_PASSWORD: $Env:<<parameters.certificate-password>>
SIGN_FINGERPRINT: <<parameters.certificate-fingerprint>>
SIGN_IMPORT_CERT: <<parameters.import-cert>>
SIGN_PACKAGE_NAME: <<parameters.package-name>>
SIGN_PARAMETERS: <<parameters.parameters>>
SIGN_SIGNING_CERT: $Env:<<parameters.signing-cert>>
SIGN_WINDOWS_SDK: <<parameters.sdk-version>>
name: Sign <<parameters.package-name>>
shell: pwsh
working_directory: <<parameters.working-dir>>
- store_artifacts:
path: <<parameters.working-dir>>/<<parameters.package-name>>.appx
- persist_to_workspace:
paths:
- '*.appx'
root: <<parameters.working-dir>>
examples:
pack_executable:
description: |
Create an MSIX installer from a given AppManifest and prebuilt executable.
msix/sign expects a certificate to be imported, either through environment
variables or some other means.
usage:
version: "2.1"
orbs:
msix: circleci/microsoft-msix@1.0
win: circleci/windows@2.4.0
jobs:
using-sln:
executor:
name: win/default
steps:
- checkout
- msix/pack:
manifest-file: appxmanifest.xml
mapping-file: mapping.txt
using-sln: false
- msix/sign:
import-cert: true
workflows:
build:
jobs:
- using-sln
pack_solution:
description: |
Create an MSIX installer from a given Visual Studio Solution.
msix/pack expects a certificate to be imported, either through environment
variables or some other means.
usage:
version: "2.1"
orbs:
msix: circleci/microsoft-msix@1.0
win: circleci/windows@2.4.0
jobs:
using-sln:
executor:
name: win/default
steps:
- checkout
- msix/pack:
import-cert: true
workflows:
build:
jobs:
- using-sln
pack_solution_with_parameters:
description: Create a 32-bit MSIX installer from a given Visual Studio Solution.
usage:
version: "2.1"
orbs:
msix: circleci/microsoft-msix@1.0
win: circleci/windows@2.4.0
jobs:
using-sln:
executor:
name: win/default
steps:
- checkout
- msix/pack:
import-cert: true
parameters: /p:Platform=x86
workflows:
build:
jobs:
- using-sln