Msbuild: Where should signtool.exe be installed for MSBuild 15.0 to find it?
Our build on VSTS was failing because it couldn't find signtool.exe to sign a ClickOnce project. We have (in addition to the VS 2017 build tools) the Individual components -> Code tools -> ClickOnce Publishing component installed, so signtool.exe is in the C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignTool directory. But it seems that this directory is not searched by MSBuild.
I worked around the issue with a PowerShell build step to copy signtool.exe to the project's directory, since that is the last location to be searched:
$source = "C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignTool\signtool.exe"
$target = "MyProject\signtool.exe"
Write-Host "Copy signtool.exe to project directory"
Write-Host "Current directory: $((Get-Item -Path ".\" -Verbose).FullName)"
Write-Host "Source: $($source)"
Write-Host "Target: $($target)"
Copy-Item $source $target
I'm guessing MSBuild tries to find signtool.exe in one of the C:\Program Files (x86)\Microsoft SDKs\Windows directories, but this is all internal stuff (see #425) unknown to us consumers. It shouldn't be this hard to get a build working for a ClickOnce project.
stijnherreman
All 5 comments
Signtool.exe is a part of the ClickOnce Publishing package which is not included in the Build Tools 2017 SKU. However, the package is a part of the full Visual Studio installation packages. So SignTool.exe or the full ClickOnce Publishing package should really be an optional package for the Build Tools SKU.
daghb
on 22 Nov 2017
@daghb Indeed, it should be part of the Build Tools. Are you saying that this issue would resolve itself when ClickOnce Publishing is included in the Build Tools?
stijnherreman
on 23 Nov 2017
@stijnherreman To my knowledge, yes. I managed to run a separate standalone installation of this component directly on an MSBuild installation using a few tricks, and my builds seem to run. But still this is a workaround, exactly like yours is. Actually - that workaround of yours is simpler and I have changed my build pipeline to run a signtool.exe in the project folder. Thanks for the tip.
daghb
on 24 Nov 2017
To any one who finds this, I think this has made it's way into the build tools.
If you check: https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2017
You will find a component id for Microsoft.Component.ClickOnce.MSBuild
With this RUN directive in a windows container
RUN C:\TEMP\vs_buildtools.exe --quiet --wait --norestart --nocache `
--installPath C:\BuildTools `
--add Microsoft.Component.ClickOnce.MSBuild `
|| IF "%ERRORLEVEL%"=="3010" EXIT 0
I ended up getting signtool
C:\>dir /S /B signtool.exe
C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignTool\signtool.exe
HakShak
on 4 Jan 2019
Thanks for following up, @HakShak. Closing since this was fixed by the ClickOnce folks who added their workload to Build Tools.
rainersigwald
on 4 Jan 2019
Related issues
paleocomburo
路
96Comments
debanne
路
38Comments
davkean
路
58Comments
tmat
路
53Comments
weltkante
路
72Comments
Most helpful comment
To any one who finds this, I think this has made it's way into the build tools.
If you check: https://docs.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools?view=vs-2017
You will find a component id for
Microsoft.Component.ClickOnce.MSBuildWith this RUN directive in a windows container
I ended up getting signtool