Fix MSIX build logic and make the debug package be self-signed#1409
Fix MSIX build logic and make the debug package be self-signed#1409andyleejordan wants to merge 1 commit intoPowerShell:mainfrom
Conversation
|
@andyleejordan pick up latest from main to get the CI fix. Also, update the release pipeline to use this instead of the legacy file to validate it works. Don't delete the old packging.ps1 yet until we know it works completely. |
There was a problem hiding this comment.
Pull request overview
This PR corrects MSIX packaging behavior in the PowerShell build module by fixing the Windows gating logic and adjusting MSIX manifest publisher/output messaging to better support local debug installation.
Changes:
- Fix the OS check so
Build-DscMsixPackageerrors only when not on Windows. - Set MSIX manifest publisher differently for Release vs debug builds (Microsoft publisher vs a developer/unsigned identity).
- Update the post-build message to print an
Add-AppxPackage -AllowUnsignedinstall command for debug builds.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # For debug builds, use a self-signed developer identity per | ||
| # https://learn.microsoft.com/en-us/windows/msix/package/unsigned-package | ||
| $publisher = 'CN=AppModelSamples, OID.2.25.311729368913984317654407730594956997722=1' | ||
| } |
There was a problem hiding this comment.
The debug branch comment says “self-signed developer identity”, but this code still produces an unsigned package (and the printed install command uses -AllowUnsigned). To avoid confusion (and mismatch with the PR title/intent), consider updating the comment/output text to explicitly say “unsigned” (or actually add a signing step with a generated self-signed cert if the goal is truly self-signed).
| if ($Release) { | ||
| Write-Host -ForegroundColor Green "`nMSIX package is created at $packageName" | ||
| } else { | ||
| Write-Host -ForegroundColor Green "`nInstall the debug MSIX package with:`nAdd-AppxPackage -AllowUnsigned -Path $packageName" |
There was a problem hiding this comment.
The suggested Add-AppxPackage command interpolates $packageName without quotes; if the path contains spaces, copy/paste install will fail. Consider quoting the path (and/or using -LiteralPath) in the message so it’s robust.
| Write-Host -ForegroundColor Green "`nInstall the debug MSIX package with:`nAdd-AppxPackage -AllowUnsigned -Path $packageName" | |
| Write-Host -ForegroundColor Green "`nInstall the debug MSIX package with:`nAdd-AppxPackage -AllowUnsigned -LiteralPath `"$packageName`"" |
The logic here was a little wrong, and then in order to test, I had to add self-signed logic to the debug build (and left a note on how to install that for testing).