feat: add alpha msix support (#1051)

testdata/acceptance/create-test-cert.ps1

@@ -0,0 +1,20 @@
+$ErrorActionPreference = 'Stop'
+
+$cert = New-SelfSignedCertificate -Type Custom `
+    -Subject 'CN=TestCompany, O=TestCompany, C=US' `
+    -KeyUsage DigitalSignature `
+    -FriendlyName 'nfpm-test' `
+    -CertStoreLocation 'Cert:\CurrentUser\My' `
+    -TextExtension @('2.5.29.37={text}1.3.6.1.5.5.7.3.3', '2.5.29.19={text}')
+
+Export-PfxCertificate -Cert $cert `
+    -FilePath ./dist/test.pfx `
+    -Password (ConvertTo-SecureString -String 'test123' -Force -AsPlainText)
+
+Export-Certificate -Cert $cert -FilePath ./dist/test.cer
+
+# Self-signed cert must be trusted as both a root CA and a publisher
+Import-Certificate -FilePath ./dist/test.cer `
+    -CertStoreLocation 'Cert:\LocalMachine\Root'
+Import-Certificate -FilePath ./dist/test.cer `
+    -CertStoreLocation 'Cert:\LocalMachine\TrustedPeople'

testdata/acceptance/install-msix.ps1

@@ -0,0 +1,40 @@
+$ErrorActionPreference = 'Stop'
+
+# Check developer mode status
+$devMode = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" -ErrorAction SilentlyContinue
+Write-Host "Developer mode: AllowDevelopmentWithoutDevLicense = $($devMode.AllowDevelopmentWithoutDevLicense)"
+Write-Host "Sideloading: AllowAllTrustedApps = $($devMode.AllowAllTrustedApps)"
+
+# Show package info before install
+Write-Host "Package path: ./dist/foo.msix"
+Write-Host "Package size: $((Get-Item ./dist/foo.msix).Length) bytes"
+
+try {
+    Add-AppxPackage -Path ./dist/foo.msix -Verbose
+    Write-Host "Package installed successfully"
+} catch {
+    Write-Host "Install failed: $_"
+    Write-Host "Exception: $($_.Exception.Message)"
+    if ($_.Exception.InnerException) {
+        Write-Host "Inner: $($_.Exception.InnerException.Message)"
+    }
+
+    # Try to get the event log for more details
+    $activityId = $_.Exception.Message -match '\[ActivityId\]\s*([a-f0-9-]+)' | Out-Null
+    if ($Matches) {
+        Write-Host "ActivityId: $($Matches[1])"
+        Get-AppPackageLog -ActivityID $Matches[1] | Write-Host
+    }
+
+    exit 1
+}
+
+# Verify installation
+$pkg = Get-AppxPackage -Name "com.example.foo"
+if ($pkg) {
+    Write-Host "Verified: $($pkg.PackageFullName)"
+    Write-Host "InstallLocation: $($pkg.InstallLocation)"
+} else {
+    Write-Error "Package com.example.foo not found after installation"
+    exit 1
+}

testdata/acceptance/msix.basic.yaml

@@ -0,0 +1,28 @@
+name: com.example.foo
+arch: "${BUILD_ARCH}"
+version: 1.2.3
+license: MIT
+maintainer: "Foo Bar"
+description: "A test MSIX package"
+contents:
+  - src: ./testdata/fake
+    dst: /app/fake.exe
+  - src: ./testdata/acceptance/testapp/logo.png
+    dst: /Assets/logo.png
+msix:
+  publisher: "CN=TestCompany, O=TestCompany, C=US"
+  properties:
+    logo: Assets/logo.png
+  applications:
+    - id: App
+      executable: app/fake.exe
+      entry_point: Windows.FullTrustApplication
+      visual_elements:
+        display_name: "Foo App"
+        description: "A test application"
+        background_color: transparent
+  dependencies:
+    target_device_families:
+      - name: Windows.Desktop
+        min_version: "10.0.17763.0"
+        max_version_tested: "10.0.22621.0"

testdata/acceptance/msix.install.yaml

@@ -0,0 +1,28 @@
+name: com.example.foo
+arch: amd64
+version: 1.0.0
+license: MIT
+maintainer: "Test Company"
+description: "A test MSIX package for Windows installation"
+contents:
+  - src: ./dist/testapp.exe
+    dst: /app/testapp.exe
+  - src: ./testdata/acceptance/testapp/logo.png
+    dst: /Assets/logo.png
+msix:
+  publisher: "CN=TestCompany, O=TestCompany, C=US"
+  properties:
+    logo: Assets/logo.png
+  applications:
+    - id: TestApp
+      executable: app/testapp.exe
+      entry_point: Windows.FullTrustApplication
+      visual_elements:
+        display_name: "Test App"
+        description: "A test application"
+        background_color: transparent
+  dependencies:
+    target_device_families:
+      - name: Windows.Desktop
+        min_version: "10.0.17763.0"
+        max_version_tested: "10.0.22621.0"

testdata/acceptance/sign-msix.ps1

@@ -0,0 +1,23 @@
+$ErrorActionPreference = 'Stop'
+
+# Find signtool.exe from Windows SDK
+$signtool = Get-ChildItem -Path "${env:ProgramFiles(x86)}\Windows Kits\10\bin" -Recurse -Filter signtool.exe |
+    Where-Object { $_.FullName -match 'x64' } |
+    Sort-Object FullName -Descending |
+    Select-Object -First 1
+
+if (-not $signtool) {
+    Write-Error "signtool.exe not found"
+    exit 1
+}
+
+Write-Host "Using signtool: $($signtool.FullName)"
+
+& $signtool.FullName sign /fd SHA256 /a /f ./dist/test.pfx /p test123 ./dist/foo.msix
+
+if ($LASTEXITCODE -ne 0) {
+    Write-Error "signtool sign failed with exit code $LASTEXITCODE"
+    exit 1
+}
+
+Write-Host "MSIX package signed successfully"

testdata/acceptance/testapp/main.go

@@ -0,0 +1,7 @@
+package main
+
+import "fmt"
+
+func main() {
+	fmt.Println("nfpm-msix-test-ok")
+}