Figure 1 The App Installer and MSIX Installation Experience in Windows 10
MSIX adds a new feature called modification pack- ages. It’s a concept similar to MST transformations that enables IT administrators to customize an app, typically from a third-party vendor, without having to repack- age it from scratch each time a new feature or bug fix is released. The modification package is merged with the main application at run time and may disable some features of the app, by changing some registry settings, for example. From a developer’s point of view, this might not bring that much to the table, assuming you own both the source code and the build and release pipe- lines for your apps, but for large enterprises it may cut costs and prevent what’s known as package paralysis.
The definition of the MSIX format is open sourced on GitHub and Microsoft plans to provide an SDK that can be used to pack and unpack MSIX packages on all major OSes, including both Linux and macOS. MSIX was officially introduced with version 1809 of
official docs at bit.ly/2OvCcVW and should be addressed before you decide whether to package your applications. Some of them apply only to apps that are being published to the Store.
Figure 2 The YAML File That Defines the MSIX Build Pipeline
Windows 10 in October 2018, and Microsoft then added support for it to earlier versions—the April 2018 Update (version 1803) and the October 2017 Fall Creators Update (version 1709).
Packaging
If you have an existing installer, there’s an MSIX Packaging Tool available in the Store that lets you convert it to an MSIX. This enables administrators to package existing applications without even having access to the original source code. For developers, Visual Studio 2017 version 15.5 and higher provides a Windows Application Packaging Project that makes the process of packaging an existing application straightforward. You’ll find it under File | Add | New Project | Installed | Visual C# | Windows Universal. It includes an Application folder that you can right-click in the Solution Explorer and choose to add a reference to your Windows Presentation Foundation (WPF), Windows Forms (WinForms) or whatever desktop project you want to package. If you then right-click on the referenced application and choose Set as Entry Point, you’ll be able to build, run and debug your application just as you’re used to.
The difference between starting the original desktop process versus the packaging project is that the latter will run your appli- cation inside a modern app container. Behind the scenes, Visual Studio uses the MakeAppx and SignTool command-line tools from the Windows SDK to first create an .msix file, and then sign it with a certificate. This step isn’t optional. All MSIX packages must be signed with a certificate that chains to a trusted root authority on the machine where you intend to install and run the packaged app.
Digital Signing The packaging project includes a default password- protected personal information exchange (PFX) format file that you probably want to replace with your own. If your enterprise doesn’t provide you with a code-signing certificate, you can either buy one from a trusted authority or create a self-signed certificate. There’s a “Create test certificate” option and an import wizard in Visual Studio, which you’ll find if you open the Package.appxmanifest file in the default app manifest designer and look under the Packag- ing tab. If you’re not that into wizards and dialogs, you can use the New-SelfSignedCertificate PowerShell cmdlet to create a certificate:
pool:
vmImage: vs2017-win2016
variables:
buildPlatform: 'x86' buildConfiguration: 'release' major: 1
minor: 0
build: 0
revision: $[counter('rev', 0)]
steps:
- powershell: |
[Reflection.Assembly]::LoadWithPartialName("System.Xml.Linq") $path = "Msix/Package.appxmanifest"
$doc = [System.Xml.Linq.XDocument]::Load($path)
$xName =
[System.Xml.Linq.XName] "{http://schemas.microsoft.com/appx/manifest/foundation/windows10}Identity"
$doc.Root.Element($xName).Attribute("Version").Value = "$(major).$(minor).$(build).$(revision)";
$doc.Save($path)
displayName: 'Version Package Manifest'
- task: MSBuild@1 inputs:
solution: Msix/Msix.wapproj
platform: $(buildPlatform)
configuration: $(buildConfiguration) msbuildArguments: '/p:OutputPath=NonPackagedApp
/p:UapAppxPackageBuildMode=SideLoadOnly /p:AppxBundle=Never /p:AppxPackageOutput=$(Build.ArtifactStagingDirectory)\MsixDesktopApp.msix /p:AppxPackageSigningEnabled=false'
displayName: 'Package the App'
- task: DownloadSecureFile@1 inputs:
secureFile: 'certificate.pfx' displayName: 'Download Secure PFX File'
- script: '"C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0\x86\signtool" sign /fd SHA256 /f $(Agent.TempDirectory)/certificate.pfx /p secret $( Build.ArtifactStagingDirectory)/MsixDesktopApp.msix'
displayName: 'Sign MSIX Package'
- task: PublishBuildArtifacts@1 displayName: 'Publish Artifact: drop'
msdnmagazine.com
June 2019 33