Fix dotnet dev-certs https --trust failures on Ubuntu with exit code checking#1131
Merged
aaronpowell merged 6 commits intomainfrom Feb 17, 2026
Merged
Fix dotnet dev-certs https --trust failures on Ubuntu with exit code checking#1131aaronpowell merged 6 commits intomainfrom
aaronpowell merged 6 commits intomainfrom
Conversation
The --trust flag causes failures on GitHub Actions ubuntu-latest runners with .NET SDK 10.0.103+ due to a bug in ASP.NET Core. Since the trust functionality doesn't work properly on Linux anyway, we remove the flag. Fixes: dotnet/aspnetcore#65391 Co-authored-by: aaronpowell <434140+aaronpowell@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Fix CI jobs failure due to issue 65391
Remove --trust flag from dotnet dev-certs on Ubuntu
Feb 17, 2026
Member
|
@copilot that wasn't the right fix, we need to add this: env:
WSL_INTEROP: "" |
The correct fix for the dotnet dev-certs https --trust issue on Ubuntu is to set the WSL_INTEROP environment variable to an empty string, which prevents the WSL interop layer from interfering with the command. This reverts the previous approach of removing --trust and implements the recommended workaround from: dotnet/aspnetcore#65391 (comment) Co-authored-by: aaronpowell <434140+aaronpowell@users.noreply.github.com>
The same fix is needed in the devcontainer post-create script to prevent the same issue from occurring when setting up development environments. Co-authored-by: aaronpowell <434140+aaronpowell@users.noreply.github.com>
Contributor
Author
Copilot
AI
changed the title
Remove --trust flag from dotnet dev-certs on Ubuntu
Fix dotnet dev-certs https --trust failures on Ubuntu with WSL_INTEROP workaround
Feb 17, 2026
Member
|
@copilot looks like that one didn't work, try the workaround in dotnet/aspnetcore#65391 (comment) |
The WSL_INTEROP workaround didn't work. Instead, use the recommended approach of checking exit codes. Exit code 4 indicates partial trust (which is acceptable), while other non-zero exit codes indicate failure. This allows the certificate setup to succeed when it's partially trusted but still fail on actual errors. Based on: dotnet/aspnetcore#65391 (comment) Co-authored-by: aaronpowell <434140+aaronpowell@users.noreply.github.com>
Contributor
Author
Applied the exit code checking workaround in commit d17e12a. The command now succeeds with exit code 0 or 4 (partial trust), but fails on other non-zero codes. |
Copilot
AI
changed the title
Fix dotnet dev-certs https --trust failures on Ubuntu with WSL_INTEROP workaround
Fix dotnet dev-certs https --trust failures on Ubuntu with exit code checking
Feb 17, 2026
aaronpowell
approved these changes
Feb 17, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Updates CI/devcontainer setup scripts to tolerate the .NET SDK 10.0.103+ Ubuntu dotnet dev-certs https --trust “partial trust” behavior (exit code 4), preventing spurious failures while still failing on real errors.
Changes:
- Add exit-code capture/validation around
dotnet dev-certs https --trustin the composite GitHub Action for Ubuntu CI runs. - Add the same exit-code capture/validation in the devcontainer post-create script.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
.github/actions/setup-runtimes-caching/action.yml |
Wraps dotnet dev-certs https --trust with exit code handling to accept code 4 on Ubuntu. |
.devcontainer/post-create.sh |
Mirrors the CI workaround in local devcontainer initialization to avoid setup failures. |
aaronpowell
approved these changes
Feb 17, 2026
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Contributor
Minimum allowed line rate is |
aaronpowell
temporarily deployed
to
azure-artifacts
GitHub Actions
Inactive
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
CI failing on ubuntu-latest with .NET SDK 10.0.103+ due to aspnetcore#65391. The
--trustflag triggers an EventSource bug causing exit code 4.Changes
.github/actions/setup-runtimes-caching/action.yml: Add exit code checking to handle partial trust scenario.devcontainer/post-create.sh: Add exit code checking to handle partial trust scenarioThe fix applies the recommended workaround from the upstream issue by checking exit codes. Exit code 4 indicates partial trust (certificate is trusted by some clients but not others), which is acceptable. Other non-zero exit codes indicate actual failures.
- name: Setup .NET dev certs shell: bash if: ${{ matrix.os == 'ubuntu-latest' }} run: | + EXIT_CODE=0 + dotnet dev-certs https --trust || EXIT_CODE=$? + if [ $EXIT_CODE -ne 0 ] && [ $EXIT_CODE -ne 4 ]; then + echo "dotnet dev-certs https --trust failed with exit code $EXIT_CODE" + exit $EXIT_CODE + fi - dotnet dev-certs https --trust✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.