Simply I have 2 lanes in AppFile:
for_lane :app_dev do
apple_id "email#email1.com"
team_id "KLMNOPGRST"
end
for_lane :app_prod do
apple_id "email#email2.com"
team_id "ABCDEFGHIJ"
end
And for team_id ABCDEFGHIJ there is certificate BCERT and for team_id KLMNOPGRST there is ACERT certificate. Both of them are installed on CI machine... but for the first lane app_test CI founds certificate BCERT instead of ACERT. Why?
+-------------------------+---------------------------------------------------+
| Summary for cert 2.180.1 |
+-------------------------+---------------------------------------------------+
| api_key | ******** |
| development | false |
| force | false |
| generate_apple_certs | true |
| username | email#email1.com |
| team_id | KLMNOPGRST |
| keychain_path | /Users/me/Library/Keychains/login.keychain-db |
| skip_set_partition_list | false |
| platform | ios |
+-------------------------+---------------------------------------------------+
[11:29:00]: Creating authorization token for App Store Connect API
[11:29:01]: Found the certificate 56JF6H2Y6G (BCERT) which is installed on the local machine. Using this one.
[11:29:01]: Verifying the certificate is properly installed locally...
[11:29:01]: Successfully installed certificate 56JF6H2Y6G
[11:29:01]: Use signing certificate '56JF6H2Y6G' from now on!
[11:29:01]: ------------------
[11:29:01]: --- Step: sigh ---
[11:29:01]: ------------------
Related
Currently, I am using the same process for building in XCode directly and in Fastlane. But while it is working perfectly in XCode (building and archiving both working fine), in Fastlane it throw an error and tells me ARCHIVE FAILED. It looks like the Fastlane is trying to find the iOS App Development provisioning profile while it only finds App Distribution profiles I assume. Is there a way to get around it, like if I can build the app with command line (without Fastlane) and use Fastlane to deploy the .ipa file I have created?
The error shown in Fastlane log:
+--------------------------------------+-----------------------------------------------------------+
| Summary for gym 2.208.0 |
+--------------------------------------+-----------------------------------------------------------+
| workspace | ./platforms/ios/myproject.xcworkspace |
| configuration | Release |
| scheme | myproject |
| output_directory | . |
| output_name | output |
| clean | true |
| export_method | app-store |
| skip_profile_detection | false |
| destination | generic/platform=iOS |
| silent | false |
| skip_package_ipa | false |
| skip_package_pkg | false |
| build_path | /Users/runner/Library/Developer/Xcode/Archives/2022-08-01 |
| result_bundle | false |
| buildlog_path | ~/Library/Logs/gym |
| xcodebuild_formatter | xcpretty |
| xcodebuild_command | xcodebuild |
| skip_package_dependencies_resolution | false |
| disable_package_automatic_updates | false |
| use_system_scm | false |
| xcode_path | /Applications/Xcode_13.2.1.app |
+--------------------------------------+-----------------------------------------------------------+
[20:25:28]: $ set -o pipefail && xcodebuild -workspace ./platforms/ios/myproject.xcworkspace -scheme myproject -configuration Release -destination 'generic/platform=iOS' -archivePath /Users/runner/Library/Developer/Xcode/Archives/2022-08-01/output\ 2022-08-01\ 20.25.28.xcarchive clean archive | tee /Users/runner/Library/Logs/gym/myproject-myproject.log | xcpretty
[20:25:35]: ▸ Clean Succeeded
[20:25:46]: ▸ ❌ error: No profiles for 'com.myprojectapp.myproject' were found: Xcode couldn't find any iOS App Development provisioning profiles matching 'com.myprojecttapp.myproject'. Automatic signing is disabled and unable to generate a profile. To enable automatic signing, pass -allowProvisioningUpdates to xcodebuild. (in target 'myproject' from project 'myproject')
[20:25:46]: ▸ ** ARCHIVE FAILED **
Code signing settings:
+-----------------------+-------------------------------------+
| Summary for code signing settings |
+-----------------------+-------------------------------------+
| use_automatic_signing | true |
| path | ./platforms/ios/myproject.xcodeproj |
+-----------------------+-------------------------------------+
Seems that you don't have automatic signing disabled and you need to either enable it or go to your Xcode project and select the right provisioning profile for what you're trying to build via Fastlane by going to Your target>Signing & Capabilities and select the proper provisioning profiles and development teams
I'm trying to setup fastlane for an iOS project which has one Git repo for the project and the project contains multiple targets for "different" apps based on the same source code.
I created a second git repo for the signing certificates which should be synced with match, but i don't know where to set the auth stuff for it, because my lane throws the error below.
I start the lane signing which contains sync_code_signing
% fastlane signing --env ENVIRONMENTNAME
and i get the following output
[⠙] 🚀 Ignoring ffi-1.12.2 because its extensions are not built. Try: gem pristine ffi --version 1.12.2
[✔] 🚀
[07:43:16]: Loading from './fastlane/.env.ENVIRONMENTNAME'
[07:43:16]: fastlane detected a Gemfile in the current directory
[07:43:16]: However, it seems like you didn't use `bundle exec`
[07:43:16]: To launch fastlane faster, please use
[07:43:16]:
[07:43:16]: $ bundle exec fastlane signing
[07:43:16]:
[07:43:16]: Get started using a Gemfile for fastlane https://docs.fastlane.tools/getting-started/ios/setup/#use-a-gemfile
[07:43:18]: ------------------------------
[07:43:18]: --- Step: default_platform ---
[07:43:18]: ------------------------------
[07:43:18]: Driving the lane 'signing' 🚀
[07:43:18]: -------------------------------
[07:43:18]: --- Step: sync_code_signing ---
[07:43:18]: -------------------------------
[07:43:18]: Successfully loaded 'PROJECTDIR/fastlane/Matchfile' 📄
+--------------+----------------------------------------------------+
| Detected Values from './fastlane/Matchfile' |
+--------------+----------------------------------------------------+
| git_url | https://gitlab.com/TEAMID/apple-certificates.git |
| storage_mode | git |
+--------------+----------------------------------------------------+
+--------------------------------+----------------------------------------------------+
| Summary for match 2.198.1 |
+--------------------------------+----------------------------------------------------+
| type | development |
| readonly | false |
| generate_apple_certs | true |
| skip_provisioning_profiles | false |
| app_identifier | ["APPID"] |
| username | USERID |
| team_id | TEAMID |
| team_name | TEAMNAME |
| storage_mode | git |
| git_url | https://gitlab.com/TEAMID/apple-certificates.git |
| git_branch | master |
| shallow_clone | false |
| clone_branch_directly | false |
| keychain_name | login.keychain |
| force | false |
| force_for_new_devices | false |
| include_all_certificates | false |
| force_for_new_certificates | false |
| skip_confirmation | false |
| skip_docs | false |
| platform | ios |
| derive_catalyst_app_identifier | false |
| fail_on_name_taken | false |
| skip_certificate_matching | false |
| skip_set_partition_list | false |
| verbose | false |
+--------------------------------+----------------------------------------------------+
[07:43:18]: Cloning remote git repo...
[07:43:18]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.
Cloning into '/var/folders/wf/_fzyy4y52hq4ssl02xmwwkx80000gn/T/d20211118-79026-m9y5x8'...
remote: The project you were looking for could not be found or you don't have permission to view it.
fatal: repository 'https://gitlab.com/TEAMID/apple-certificates.git/' not found
[07:43:19]: Exit status: 128
[07:43:19]: Error cloning certificates repo, please make sure you have read access to the repository you want to use
[07:43:19]: Run the following command manually to make sure you're properly authenticated:
[07:43:19]: $ git clone https://gitlab.com/TEAMID/apple-certificates.git /var/folders/wf/_fzyy4y52hq4ssl02xmwwkx80000gn/T/d20211118-79026-m9y5x8
+------------------+---------+
| Lane Context |
+------------------+---------+
| ENVIRONMENT | ENVIRONMENTNAME |
| DEFAULT_PLATFORM | ios |
| PLATFORM_NAME | |
| LANE_NAME | signing |
+------------------+---------+
[07:43:19]: Error cloning certificates git repo, please make sure you have access to the repository - see instructions above
+------+-------------------+-------------+
| fastlane summary |
+------+-------------------+-------------+
| Step | Action | Time (in s) |
+------+-------------------+-------------+
| 1 | default_platform | 0 |
| 💥 | sync_code_signing | 0 |
+------+-------------------+-------------+
[07:43:19]: fastlane finished with errors
[!] Error cloning certificates git repo, please make sure you have access to the repository - see instructions above
Do I have to install gitlab-runner locally for that?
I do not need to automate the process with gitlab-ci file right now, i'm fine calling the fastlane commands via console.
Do I have to install gitlab-runner locally for that? I - of course not.
You obviously don't have access to the git repository that the match uses.
Try cloning match repository directly, you may simply not be in VPN.
I am maintaining an app that is deployed to the app store. We are using Fastlane and our certificate and provisional profile has expired.
I'm trying to use fastlane match to generate a new certificate. I have deleted the expired certificates in the Git repo that Fastlane points to.
Running fastlane match, I get the following error:
[16:50:09]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.
[16:50:10]: Checking out branch master...
[16:50:10]: [32m🔓 Successfully decrypted certificates repo[0m
[16:50:10]: Verifying that the certificate and profile are still valid on the Dev Portal...
[16:50:10]: Creating authorization token for App Store Connect API
[16:50:11]: [33mCouldn't find a valid code signing identity for distribution... creating one for you now[0m
+-------------------------+-----------------------------------------------------------------------------------------------------------------+
| [32mSummary for cert 2.177.0[0m |
+-------------------------+-----------------------------------------------------------------------------------------------------------------+
| platform | ios |
| development | false |
| generate_apple_certs | true |
| force | true |
| api_key_path | **** |
| username | redacted |
| team_id | redacted
| keychain_path | /Users/jenkins/Library/Keychains/login.keychain-db |
| keychain_password | ******** |
| skip_set_partition_list | false |
+-------------------------+-----------------------------------------------------------------------------------------------------------------+
[16:50:11]: Creating authorization token for App Store Connect API
+---------------+------+
| [33mLane Context[0m |
+---------------+------+
| PLATFORM_NAME | |
| LANE_NAME | beta |
+---------------+------+
[16:50:11]: [31mCannot determine if team is App Store or Enterprise via the App Store Connect API (yet). Set 'in_house' on your Spaceship::ConnectAPI::Token. Or set 'in_house' in your App Store Connect API key JSON file. Or set the 'SPACESHIP_CONNECT_API_IN_HOUSE' environment variable to 'true'. View more info in the docs at https://docs.fastlane.tools/app-store-connect-api/[0m
Wondering if anyone has seen this before and has any idea what it means?
Thanks
PS - first time posting so appreciate any tips
UPDATE
I have managed to resolve this issue. Our build goes through Jenkins so I had to add in_house:false to our App Store Connect API key JSON file.
UPDATE
I have managed to resolve this issue. Our build goes through Jenkins so I had to add in_house:false to our App Store Connect API key JSON file.
I have problem with fastlane using Jenkins.
Runing this command in terminal works fastlane provide_crashlytics_build testing:false check_xcode:false --env xxx, but from Jenkins not working
Error message:
There are no local code signing identities found.
You can run `security find-identity -v -p codesigning` to get this output.
This Stack Overflow thread has more information: https://stackoverflow.com/q/35390072/774.
(Check in Keychain Access for an expired WWDR certificate: https://stackoverflow.com/a/35409835/774 has more info.)
[14:03:30]: No certificates for filter: Certificate ID: '7D72F7MC75'
[14:03:30]: something bad happened: Could not find a matching code signing identity for type 'AdHoc'.
fastlane version 2.141.0
Tracing steps:
I run this command security find-identity -v -p codesigning
and here is the result: 2 valid identities found
I checked Apple Worldwide Developer certificate and its valid and trusted
I checked distribution certificate in Keychain and Apple Developer account and both are there
Here is Jenkins Execute Shell:
#!/bin/zsh
export TERM=xterm-256color
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
export GIT_TRACE_PACKET=1
export GIT_CURL_VERBOSE=1
source /Users/Shared/Jenkins/.rvm/scripts/rvm
rvm use 2.6.3
fastlane provide_crashlytics_build testing:false check_xcode:false --env xxx
Here is faslane lane:
########## Upload testbuild to crashlytics ##########
desc "Upload testbuild to crashlytics"
lane :provide_crashlytics_build do |options|
if options[:check_xcode]
verify_xcode
end
if options[:add_badge]
if ENV['DARK_BADGE']
badge(dark: true)
else
badge
end
end
build_preparations
if options[:testing]
start_tests
end
pem
match(
type: "adhoc",
app_identifier: [ENV['APP_IDENTIFIER'], ENV['APP_NOTIFICATION_EXTENSION_IDENTIFIER']],
force_for_new_devices: true
)
gym(
xcargs: "ARCHIVE=NO",
output_name: "#{ENV['OUTPUT_NAME_TESTING']}"
)
verify_build(
provisioning_type: 'distribution',
bundle_identifier: ENV['APP_IDENTIFIER']
)
version = get_ipa_info_plist_value(ipa: "#{ENV['OUTPUT_NAME_TESTING']}.ipa", key: "CFBundleShortVersionString")
crashlytics(
api_token: ENV['CRASHLYTICS_API_TOKEN'],
build_secret: ENV['CRASHLYTICS_BUILD_SECRET'],
emails: ENV['CRASHLYTICS_EMAILS'],
notifications: false,
notes: "#{change_log_last_five_commits}"
)
if ENV['SLACK_URL']
sh ("say 'Yippee! What a awsome day. Thanks to #{lastCommitAuthor} something great happend. A new build is born.'")
slack(
message: "New crashlytics build of #{ENV['SCHEME']} v.#{version}(#{build})",
channel: "#{ENV['SLACK_CHANNEL']}",
success: true,
use_webhook_configured_username_and_icon: true,
default_payloads: [],
payload: {
'Release Notes' => change_log_last_five_commits
}
)
end
clean_build_artifacts
end
Here are fastlane logs:
Summary for match 2.141.0 |
+----------------------------+---------------------------------------------------------------------------------------+
| type | adhoc |
| app_identifier | ["xxxxxxxxxxxxxxxxxxxxxxxx", "xxxxxxxxxxxxxxxxxxxxxxxx.NotificationServiceExtension"] |
| force_for_new_devices | true |
| readonly | false |
| generate_apple_certs | false |
| skip_provisioning_profiles | false |
| username | xxxxxxxxxxxxxxx |
| team_id | R2Q6VXW97P |
| team_name | xxxxxxxxxxxxxxxxxxxxxxxxx |
| storage_mode | git |
| git_url | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
| git_branch | master |
| shallow_clone | false |
| clone_branch_directly | false |
| keychain_name | login.keychain |
| force | false |
| skip_confirmation | false |
| skip_docs | false |
| platform | ios |
| verbose | false |
+----------------------------+---------------------------------------------------------------------------------------+
+-------------------+-------------------------------------------------------------+
| Installed Certificate |
+-------------------+-------------------------------------------------------------+
| User ID | R2Q6VXW97P |
| Common Name | iPhone Distribution: xxxxxxxxxxxxxxxxxxxxxxxxx (R2Q6VXW97P) |
| Organisation Unit | R2Q6VXW97P |
| Organisation | xxxxxxxxxxxxxxxxxxxxxxxxx |
| Country | US |
| Start Datetime | 2020-02-04 11:56:01 UTC |
| End Datetime | 2021-02-03 11:56:01 UTC |
+-------------------+-------------------------------------------------------------+
+-------------------------------------+--------------------------------------+
| Summary for sigh 2.141.0 |
+-------------------------------------+--------------------------------------+
| app_identifier | xxxxxxxxxxxxxxxxxxxxxxxxx |
| username | xxxxxxxxxxxxxxxxxxxxxxxxx |
| force | false |
| cert_id | 7D72F7MC75 |
| provisioning_name | match AdHoc xxxxxxxxxxxxxxxxxxxxxxxx |
| ignore_profiles_with_different_name | true |
| team_id | R2Q6VXW97P |
| team_name | xxxxxxxxxxxxxxxxxxxxxxxxx |
| platform | ios |
| adhoc | true |
| developer_id | false |
| development | false |
| skip_install | false |
| skip_fetch_profiles | false |
| skip_certificate_verification | false |
| readonly | false |
+-------------------------------------+--------------------------------------+
Solution
As #Scriptable said in his comment:
Because the Jenkins service runs like a daemon, it cannot access the login keychain, it uses the system keychain. Please make sure that your signing certificates are in the system keychain and see if this helps your issue.
Certificate is never ever set as Always Trust, it must be Use System Default
While sending my application to the testflight via fastlane, I faced with this error:
Unauthorized Access
**FastLanelane summary**
| 1 | opt_out_usage | 0 |
| 2 | default_platform | 0 |
| 3 | update_fastlane | 0 |
| 4 | clear_derived_data | 0 |
| 5 | cocoapods | 3 |
| 6 | gym | 87 |
| 💥 | pilot | 3 |
ERROR [2019-03-01 15:51:34.03]: fastlane finished with errors
Looking for related GitHub issues on fastlane/fastlane... Search
query: The request could not be completed because: Unauthorized
Access
Here is my Fasfile:
platform :ios do
desc "Push a new beta build to TestFlight"
lane :beta do
update_fastlane
clear_derived_data
cocoapods(clean: true, use_bundle_exec: false)
# Build
gym(clean: true, suppress_xcode_output: true, workspace: "com.xxxx.xcworkspace", scheme: "com.xxxx")
# Submit to iTunes Connect (upload_to_testflight)
pilot(skip_submission: true, skip_waiting_for_build_processing: true)
upload_symbols_to_crashlytics # Upload dSYM symbolication files to Crashlytics
end
end
Common Case
be sure that your role permission should be at least the App Manager!
In My Case
I noticed that I entered the two-factor Authentication (6-digit code) code incorrectly.
Remember that, starting on February 27, 2019 Apple requiring all developers to have two-factor authentication enabled for their Apple IDs, with two-factor necessary for signing into Developer accounts after that date. Means it's necessary for our fastlane flows too.