I have a pipeline that builds an ipa and an xcarchive. Currently, I have to download the xcarchive onto my Mac and open it, distribute the app and sign it using codesign. Ideally, I would like to achieve this in an Azure Devops Pipeline. Is there an easy way to distribute the xcarchive, grab the ipa, sign it and publish the ipa to the pipeline artifact?
If you want to sign app in Azure Pipelines, you could try with the Signing and provisioning options in Xcode pipeline task.
First, you could store your Apple certificate and Provisioning Profile as the secure files in Azure DevOps.
Then, you could use the Install Apple Certificate and Install Apple Provisioning Profile tasks install them from the secure files and make them available to Xcode during a build.
When you use Xcode task, please fill the inputs for Signing and provisioning options, such as selecting the signingoptions and other details. Meanwhile, the Xcode task also helps you build the project.
After that, you could publish the build output to your pipeline artifact.
Related
I am implementing github actions in my project for Build, test and Deploy.
While Building the app, it gives me an error,
"Code Signing Error: No profile for team 'XXXX' matching 'XXXX' found"
Xcode couldn't find any provisioning profiles matching 'XXXX/XXXX'. Install the profile (by dragging and dropping it onto Xcode's dock item) or select a different one in the Signing & Capabilities tab of the target editor.
Tried to build the project with distribution certificates.
I have tried to upload the certificates and provisioning profiles on a different repository in my account, but it doesn't work.
Where do we upload the certificates?
Hi As per your question it's seem that you are trying to implement CI/CD in your project. You can integrate fastlane that will take care of uploading certificates on a git repo. It will upload all your certificates and provisioning profile on git repo and help's to fetch on your device's keychain.
I'm having trouble with the basic understanding of iOS app signing and getting these apps ready for testflight and deployment using Fastlane.
I've been to tasked to automate the deployment steps of apps we have and we have an Ionic Cordova setup currently that was used to build iOS and Android projects for 18 different apps that are currently on the app store, but I'm looking to streamline the whole process using Fastlane and I'm stumped at the Certification stages of the process.
I've no access to the existing apps private keys or know how to go about setting up the project using Fastlane as I keep receiving the errors shown below.
I've tried to follow the concepts on Fastlane Codesigning concepts, using the Fastlane projects (cert, sigh and match) and following https://codesigning.guide/ while still making no progress.
How can I go about setting up the certs on the Mac to enable it to build and push the apps to Testflight and pushing the apps fundamentally to the app store?
Thank you
Errors Recieved
Could not create another Distribution certificate, reached the maximum number of available Distribution certificates.
Could not find the newly generated certificate installed fastlane
Security find-identity -v -p codesigning return 0 valid identities found
You already have existing distribution certificates, you will have to revoke them via the developer portal or automatically via fast lane with:
fastlane match nuke distribution
BE WARNED: this will remove all certificates and provisioning profiles for distribution (development or enterprise is unaffected). Apps that are already released to the App Store and ready for sale are UNAFFECTED, this only affects packages you sign for the App Store and submit with OLD certificates, but since you have no access to them you are fine anyway.
fast lane can then create its own when you invoke it (its fairly automated).
Is it possible to deploy a TestFlight build using MDM?
We'd like to deploy the app for testing with a config file.
We don't have the app in the App Store yet and want to control who can run it.
We are using a standard developer account, not an enterprise developer account.
Thanks
I'm trying to build a Xamarin Touch project from a Jenkins build it fails at the code signing phase.
My certificates and keys are in the System keychain so should be accessible to Jenkins. I have no code signing issues when I build the project:
Using Xamarin Studio.
Using /bin/bash and xbuild logged in as the Jenkins user.
Using /bin/sh and xbuild logged in as the Jenkins user.
The only time the code signing issue is seen is when the Jenkins build itself.
The error is "User interaction is not allowed", I'm at a loss as to explain what is going wrong for the Jenkins build when everything is working as the Jenkins user when I run the same command from a shell.
You could try importing your credentials in the Jenkins credentials area.
from here:
Allowing Jenkins to stage developer profile This plugin builds on top
of Credentials Plugin to allow you to store your Apple Developer
Profile (*.developerprofile) file. This file contains a code signing
private key, corresponding developer/distribution certificates, and
mobile provisioning profiles. You can create this file from your
XCode.
To upload the developer profile into Jenkins, go to "Manage
Credentials" in the system configuration page, and select "Apple
Developer Profile" from the "Add" button. See Credentials Plugin for
further details.
To use this profile for signing, add "Import developer profile" as a
build step before you run xcode, and select the developer profile to
import into the build machine. This build step will install the
developer profile into the slave's keychain.
So it turns out my problem was that my code signing keys were still in the login keychain as well as the system keychain.
I'm guessing this meant the build saw the keys in the login keychain first but then failed because that wasn't unlocked.
Once I deleted them from the login keychain, so they were only in the system keychain, it started working.
I'm still not sure why this was only a problem from within Jenkins as everything was working fine using a shell logged in as Jenkins.
I can build an ad hoc release from command line but I struggle with building an App Store release from command line. How do you do that?
Ideally, I'd like to take an ad hoc release and transform that into an App Store release (resigning it?). That way I can test the ad hoc release and know the App Store release is identical.
If you can, please provide code examples.
Ad-Hoc and AppStore builds have differences in provisioning profile only which is included within the app. The cert is the same. So you don't need to build Ad-hoc, then resign. Just build AppStore and you will able to install this build on device which have Ad-Hoc provisioning profile installed. That's what we always do.