name: WinUI 3 MSIX app on: # Triggers the workflow on push or pull request events but only for the master branch push: branches: [ master ] pull_request: branches: [ master ] # Allows you to run this workflow manually from the Actions tab workflow_dispatch: env: Unsigned_Artifact_Name: MSIX Package jobs: build: strategy: matrix: configuration: [Release] platform: [x64, x86, ARM64] runs-on: windows-latest env: Solution_Name: MyPhone steps: - uses: actions/checkout@v3 # Install the .NET Core workload - name: Install .NET Core uses: actions/setup-dotnet@v1 with: dotnet-version: 6.0.x # Add MSBuild to the PATH: https://github.com/microsoft/setup-msbuild - name: Setup MSBuild uses: microsoft/setup-msbuild@v1.0.2 # Restore the application to populate the obj folder with RuntimeIdentifiers - name: Restore the application run: msbuild $env:Solution_Name /t:Restore /p:Configuration=$env:Configuration env: Configuration: ${{ matrix.configuration }} # Create the app package by building and packaging the project - name: Create the app package run: | msbuild $env:Solution_Name ` /p:Configuration=$env:Configuration ` /p:Platform=$env:Platform ` /p:UapAppxPackageBuildMode=$env:Appx_Package_Build_Mode ` /p:AppxBundle=$env:Appx_Bundle ` /p:AppxPackageDir="$env:Appx_Package_Dir" ` /p:GenerateAppxPackageOnBuild=true env: Appx_Bundle: Never Appx_Package_Build_Mode: SideloadOnly Appx_Package_Dir: Packages\ Configuration: ${{ matrix.configuration }} Platform: ${{ matrix.platform }} # Upload the MSIX package: https://github.com/marketplace/actions/upload-a-build-artifact - name: Upload MSIX package uses: actions/upload-artifact@v2 with: name: ${{ env.Unsigned_Artifact_Name }} path: ${{ env.Solution_Name }}\\Packages bundle: name: Bundle and sign the MSIX package runs-on: windows-latest needs: build env: Bundling_Workspace_Path: BundlingWorkspace Bundle_Install_Path: BundlePackage Unsigned_Packages_Path: Packages steps: - name: Setup VS Dev Environment uses: seanmiddleditch/gha-setup-vsdevenv@v4 - name: Download build artifacts uses: actions/download-artifact@v3.0.0 with: name: ${{ env.Unsigned_Artifact_Name }} path: ${{ env.Unsigned_Packages_Path }} - name: Prepare workspace run: | mkdir $env:Bundle_Install_Path mkdir $env:Bundling_Workspace_Path Write-Output "Current worksapce structure:" ls - name: Bundle package run: | cp "${env:Unsigned_Packages_Path}\*\*.msix" $env:Bundling_Workspace_Path -Verbose $files = ls $env:Bundling_Workspace_Path | Sort-Object -Property Name -Descending $bundleName = $files[0].Name $bundleName = $bundleName.Substring(0, $bundleName.LastIndexOf('_')) foreach ($f in $files) { $beginIndex = $f.Name.LastIndexOf('_') $endIndex = $f.Name.LastIndexOf('.') $bundleName += $f.Name.Substring($beginIndex, $endIndex - $beginIndex) } $bundleName += ".msixbundle" Write-Output "Making MSIX bundle ${bundleName}" MakeAppx bundle /d $env:Bundling_Workspace_Path /p "${env:Bundle_Install_Path}\${bundleName}" "MSIX_Bunde_FileName=$bundleName" >> $env:GITHUB_ENV # Decode the base 64 encoded pfx and save the Signing_Certificate - name: Decode the pfx id: decode-pfx run: | $pfx_cert_byte = [System.Convert]::FromBase64String("${{ secrets.TESTING_PFX_BASE64_ENCODED }}") $certificatePath = "GitHubActionsWorkflow.pfx" [IO.File]::WriteAllBytes($certificatePath, $pfx_cert_byte) - name: Sign the bundle run: | SignTool sign /fd SHA256 /a /f GitHubActionsWorkflow.pfx /p "${{ secrets.TESTING_PFX_PASSPHRASE }}" "${env:Bundle_Install_Path}\${{ env.MSIX_Bunde_FileName }}" # Remove the pfx - name: Post Decode the pfx if: ${{ steps.decode-pfx.outcome == 'success' || steps.decode-pfx.outcome == 'failure' }} run: Remove-Item -path GitHubActionsWorkflow.pfx - name: Prepare for upload run: | $files = ls $env:Unsigned_Packages_Path | Sort-Object -Property Name -Descending $contentPath = $files[0].Name $contentPath = "${env:Unsigned_Packages_Path}\$contentPath" Write-Output "Content source path: $contentPath" Write-Output "Copying install scripts" cp "$contentPath\*.ps1" $env:Bundle_Install_Path -Verbose Write-Output "Copying debug symbols" cp "${env:Unsigned_Packages_Path}\*\*.msixsym" $env:Bundle_Install_Path -Verbose Write-Output "Copying dependencies and resources" ls $contentPath | Where-Object -Property Attributes -eq Directory | cp -Recurse -Destination $env:Bundle_Install_Path -Verbose Write-Output "Downloading public certificate" $public_cert_byte = [System.Convert]::FromBase64String("${{ secrets.TESTING_PUBLIC_CERT_BASE64_ENCODED }}") $public_cert_path = "${env:Bundle_Install_Path}\MyPhoneTestingCert_GithubAction.cer" [IO.File]::WriteAllBytes("$public_cert_path", $public_cert_byte) Write-Output "Downloaded public certificate at $public_cert_path" $artifactName = $env:MSIX_Bunde_FileName.Substring(0, $env:MSIX_Bunde_FileName.LastIndexOf('.')) "Bundle_Artifact_Name=$artifactName" >> $env:GITHUB_ENV - name: Delete old unsigned artifact uses: GeekyEggo/delete-artifact@v1.0.0 with: name: ${{ env.Unsigned_Artifact_Name }} - name: Upload signed MSIX package bundle uses: actions/upload-artifact@v2 with: name: ${{ env.Bundle_Artifact_Name }} path: ${{ env.Bundle_Install_Path }}