I am trying to sign and archive my Unity application with Jenkins. I have the Xcode jenkins plugin installed and everything seems to run well except for a strange problem.
During the xcodebuild phase, when the archive should be signed, I get the following error:
error: No signing certificate "iOS Development" found: No "iOS
Development" signing certificate matching team ID "QF6V2M666X" with a
private key was found. (in target 'Unity-iPhone')
Now the problem is that I am not trying to build for development, but for production. I have a production provisioning profile used, which is pointing the production certificate. The team id is the production team id (changed here for security reasons). Here is another part of the build output:
Going to invoke xcodebuild:, scheme: Unity-iPhone, sdk: DEFAULT,
project: DEFAULT, configuration: Release, clean: NO, archive:YES,
consolelog:YES, symRoot: DEFAULT, buildDir: DEFAULT,
developmentTeamID: QF6V2M666X
[sr-ios] $ /usr/bin/xcodebuild -scheme
Unity-iPhone -configuration Release archive -archivePath
When I open the project in Xcode, I can see that for some reason Xcode selects "IOSDeveloper" in the code signing identities part and not "IOSDistribution" (or the actual certificate in the provisioning profile):
I don't know if this can be changed from Jenkins, but I think Xcode should pick this up from the provisioning profile.
So I managed to find the problem and solve it, here is the solution for others.
In Unity 2018 they added a new option to the iOS player settings, in the "Other settings" section, called IOS Provisioning Profile->Profile type:
This option is used to select the signing identity. I guess you can use "Automatic" but in my case, since I am using Jenkins, I am setting it on a build script like this:
PlayerSettings.iOS.iOSManualProvisioningProfileType =
ProvisioningProfileType.Distribution;
When this option is set, xcode is able to sign the app correctly for distribution.
Related
I have a question where and how to add allowProvisioningUpdates in Xcode? My Codemagic account is connected with App Store Connect, bundle id and app are also created.
Build process fails on the app archive, but Xcode build is successfully done.
Can I somehow add allowProvisioningUpdates to this command?
Execute "xcodebuild -workspace /Users/builder/clone/ios/Runner.xcworkspace -scheme Runner -config Release -archivePath build/ios/xcarchive/Runner_1pxkp9aq.xcarchive archive COMPILER_INDEX_STORE_ENABLE=NO"
Every time build process returns me this message after fail:
Error: No profiles for 'com.xxx.xxx' were found: Xcode couldn't find any iOS App Development provisioning profiles matching 'com.xxx.xxx'. Automatic signing is disabled and unable to generate a profile. To enable automatic signing, pass -allowProvisioningUpdates to xcodebuild. (in target 'Runner' from project 'Runner')
Do you have some suggestions, on how to resolve this?
Thanks.
The error itself is probably actually unrelated, and adding the flag will not change much.
If you're using .yaml and are trying to set up automatic code signing I would encourage you to add xcode-project use-profiles before your build step.
For automatic .yaml code signing with Flutter iOS the workflow should include:
a) keychain initialize
b) app-store-connect fetch-signing-files "your.bundle.id" --type IOS_APP_STORE --create
If you wish to use development certificate then IOS_APP_DEVELOPMENT as type.
d) keychain add-certificates
e) xcode-project use-profiles
f) flutter build ios
g) xcode-project build-ipa --workspace "ios/Runner.xcworkspace" --scheme "Runner" (change to your workspace and scheme)
In addition you should implement versioning, if you do not want to do it manually for each build.
If you're not using automatic code signing, then you will need to upload your provisioning profile and the process will be a bit different. But the process is somewhat similar, you can take a look at the documentation: https://docs.codemagic.io/code-signing-yaml/signing-ios/
My iOS builds are failing on CodeMagic after implementing Flavors. Here is the major error I can see in xcodebuild.log
Runner has conflicting provisioning settings. Runner is automatically signed for development, but a conflicting code signing identity iPhone Distribution has been manually specified. Set the code signing identity value to "iPhone Developer" in the build settings editor, or switch to manual signing in the project editor.
I did changed Code signing identity to iOS Developer as many stackoverflow questions lead to, but didn’t help.
First line in XCodebuild.log from failed build artifacts in CodeMagic has Runner scheme instead of my custom scheme uat.
From XCodebuild.log - /Applications/Xcode-10.3.app/Contents/Developer/usr/bin/xcodebuild -workspace /Users/builder/clone/ios/Runner.xcworkspace -scheme Runner -archivePath /Users/builder/build.xcarchive -config Release archive DEVELOPMENT_TEAM=xxxxx CODE_SIGN_IDENTITY='iPhone Distribution'
With the help of CodeMagic team I was able to figure out that FCI_FLUTTER_SCHEME environment variable should be configured in CI Job to the custom scheme. For me it's uat.
Reference - https://docs.codemagic.io/troubleshooting/common-ios-issues/
I've been able to successfully build the Debug version of this IOS app. However, I'd like to create an IPA to make sure it works on various iphones. The first thing I did was go product->scheme->edit scheme. I then switched from Debug to Release. After cleaning, and attempting to build the release version of the app. I immediately get an error: "MYapp has conflicting provisioning settings. MYapp is automatically signed, but provisioning profile MYApp Distribution has been manually specified. Set the provisioning profile value to "automatic" in the build settings editor, or switch to manual signing in the project editor(in target MYapp).
The first thing I tried was switching Code Signing Style to manual in build settings. This resulted in a new error:
error: Provisioning profile "MYApp Distribution" doesn't include signing certificate "iPhone Developer: Name here (XXXXXXXX)". (in target 'MYApp')
I went back to the General tab in Targets and clicked on "automatically manage signing". I tried to rebuild and got the same error the first time I tried to build.
I'm not sure where the conflict is coming from. This post indicated that simply clicking the automatic signing would do the trick.
I'm quite new to using Xcode and understanding provisioning profiles.
You simply can not build a release edition. The process of giving a release version is quite different. It goes from Xcode(local) to App Store(testFlight for testing) and then into App Store(Official Release).
I found this link and can relate to this situation.
Your provisioning profile isn't valid. It doesn't have a valid distribution certificate. You have to go to apple developer and it to certificates and profiles. Create it there and install it via keychain on your macbook. Othervise you can't build an ipa. More info here
I'm building an iOS app locally using Fastlane, without any problems.
I'm using match with a separate repo, to keep track of certificates and provisioning profiles.
Locally it works fine.
On Bitrise, however, I get this error:
[05:23:16]: All required keys, certificates and provisioning profiles are installed 🙌
[05:23:16]: Setting Provisioning Profile type to 'app-store'
[05:23:16]: -----------------------
[05:23:16]: --- Step: build_app ---
[05:23:16]: -----------------------
[05:23:16]: $ xcodebuild -list -workspace Myapp.xcworkspace -configuration Debug
[05:23:17]: $ xcodebuild -showBuildSettings -workspace Myapp.xcworkspace -scheme Myapp -configuration Debug
[05:23:20]: Couldn't automatically detect the provisioning profile mapping
[05:23:20]: Since Xcode 9 you need to provide an explicit mapping of what
[05:23:20]: provisioning profile to use for each target of your app
[05:23:20]: No such file or directory # rb_sysopen - /Users/vagrant/git/Pods/Target Support Files/Pods-Myapp/Pods-Myapp.debug.xcconfig
[05:23:20]: Detected provisioning profile mapping: {:"com.myapp.myapp"=>"match AppStore com.myapp.myapp"}
I tried explicitly mapping the provisioning profile in my Fastfile:
lane :beta do
clear_derived_data
increment_build_number
match(app_identifier: "com.myapp.myapp", type: "appstore", clone_branch_directly: true)
build_app(
workspace: "Myapp.xcworkspace",
scheme: "Myapp",
configuration: "Debug",
export_options: {
method: "app-store",
provisioningProfiles: {
"com.myapp.myapp" => "match AppStore com.myapp.myapp"
}
}
)
upload_to_testflight(skip_waiting_for_build_processing: true)
end
Any idea what I need to resolve this?
Part 1: Resolving this and understanding what is happening
In order to reproduce locally / resolve this, I would suggest to disable automatic signing. This way, you will be much closer to your CI/CD configuration. You might locally have access to certificates that allow you to make it work locally. Disabling automatic code signing will show you exactly which certificates your XCode is using. In order to achieve that, you can use the disable_automatic_code_signing command.
disable_automatic_code_signing(
path: "demo-project/demo/demo.xcodeproj"
)
Once this is done, you can go in your local XCode see what profile it is using. This is the first step. I would also suggest to remove all local provisioning profiles from your library. (Much more Closer to Bitrise configuration that does not have any loaded profiles once you start a flow).
The following commands will achieve that:
cd ~/Library/MobileDevice/Provisioning\ Profiles
rm -fr *
Once this is done, it is very likely that it will not allow you to export an archive using the target (and configuration) you want. Hopefully, it will fail locally the same way it is failing remotely. From then you can go in your XCode to see the different provisioning profiles that were downloaded with match and figure out why it is not able to automatically resolve it.
Part 2: an educated guess on what is happening and how to resolve it
My suspicion is that you are trying to code sign with an iPhone Developer code sign identity but the match command you are using retrieves a distribution certificate (iOS Distribution signing identity).
Using automatic signing, XCode is looking for provisioning profiles that match your target and configuration. It attempts to find an iOS Developer certificate, but this is not what you are fetching using match.
A simple solution to this problem (if this is the problem) would be to change the sign identity method before and after you build_app. You can achieve it like this:
automatic_code_signing(
path: "demo.xcodeproj",
code_sign_identity: "iPhone Distribution"
)
Or directly inside your build_app / gym with the code_sign_identity parameter:
build_app(
workspace: "Myapp.xcworkspace",
scheme: "Myapp",
configuration: "Debug",
codesigning_identity: "iPhone Distribution" # or iPhone Developer
)
Since you are using Bitrise, why not use their integrations which can take care of code signing and deployment automatically? I recently moved from Fastlane steps to Bitrise steps. See my answer here: https://stackoverflow.com/a/60836343/1271474
I'm trying to run Facebook's WebDriverAgent, for testing on real devices: https://github.com/facebook/WebDriverAgent.
Our admin isn't a fan of Apple's automatic signing, so we're trying manual. When I put
xcodebuild -project WebDriverAgent.xcodeproj -scheme WebDriverAgentRunner -destination id='4xxx9' test DEVELOPMENT_TEAM=xxxx PROVISIONING_PROFILE=xxxxx
it says
Testing failed:
WebDriverAgentLib has conflicting provisioning settings. WebDriverAgentLib is automatically signed, but provisioning profile xxxx has been manually specified. Set the provisioning profile value to "Automatic" in the build settings editor, or switch to manual signing in the project editor.
I set manual signing on everything (in xcode), and try again:
xcodebuild -project WebDriverAgent.xcodeproj -scheme WebDriverAgentRunner -destination id='4xxx9' test DEVELOPMENT_TEAM=xxxx PROVISIONING_PROFILE=xxxxx
Testing failed:
WebDriverAgentLib does not support provisioning profiles. WebDriverAgentLib does not support provisioning profiles, but provisioning profile xxxx has been manually specified. Set the provisioning profile value to "Automatic" in the build settings editor.
It seems I need to decompose the 'test' action to build the library without the profile, but everything else with the profile, and then trigger testing.
Can this 'xcodebuild test' command be rewritten as several commands to effect such a build/test? I need a command-line solution because this is part of a continuous integration.
Thanks in advance!
This happened to me using manual signing and including Cocoapods dependencies. This is possibly a known issue with Cocoapods (https://github.com/CocoaPods/CocoaPods/pull/6964). Their workaround is to specify setting PROVISIONING_PROFILE_SPECIFIER to '' in the Podfile's post_install hook, but this didn't work for us because we commit our Pods, so the post_install hook doesn't run when we build.
However, in addition to passing the option PROVISIONING_PROFILE_SPECIFIER=xxxxx to xcodebuild, we were able to build by setting the following options in Pods.xcodeproj/project.pbxproj for each target/build configuration:
CODE_SIGNING_ALLOWED = NO;
CODE_SIGNING_REQUIRED = NO;
PROVISIONING_PROFILE = '';
PROVISIONING_PROFILE_SPECIFIER = '';
I am not primarily an iOS developer by trade, but from my understanding, PROVISIONING_PROFILE is deprecated and specifying both CODE_SIGNING_ALLOWED and CODE_SIGNING_REQUIRED may be redundant, but we do it anyway at the moment in our project.
Try using PROVISIONING_PROFILE_SPECIFIER=xxxxx instead of setting PROVISIONING_PROFILE, which is deprecated starting with Xcode8.
If the error then still occurs, try to set neither DEVELOPMENT_TEAM nor PROVISIONING_PROFILE_SPECIFIER, as these codesigning related buildsettings are only relevant, if you are actually building an app (but you are only executing an xcodebuild test on an already build app bundle).
If you want to build and test the app with one call of xcodebuild, you are encouraged to do a xcodebuild ... clean build test
EDIT
After taking a look at the WebDriverAgent project, the problem is related to the WebDriverAgentLib being a Dynamic Framework and a Target-Dependency of the WebDriverAgentRunner-Bundle. Dynamic Frameworks don't like codesigning during the build phase in Xcode8 at all (they now should be codesigned on the fly when being copied into the build product). With specifying code signing related build settings on the command line (DEVELOPMENT_TEAM etc.), Xcode8 will complain about this for Dynamic Framework targets and fail the build.
Solution 1: remove all codesigning related build settings from your xcodebuild call (PROVISIONING_PROFILE_SPECIFIER, PROVISIONING_PROFILE, DEVELOPMENT_TEAM, CODE_SIGN_IDENTITY) and just set these for the WebDriverAgentRunner-Target (either in the Xcode UI or via Command-Line with plistbuddy on the project.pbxproj).
Solution 2: don't test on a real device and instead just on the Simulator. As there is no need to codesign an Executable and/or Test-Bundle for Simulators, you can safely omit any codesigning related parameters from your xcodebuild call.
Solution 3: just stick with Automatic CodeSigning and assure that there a is valid login for the proper Developer Account in the build machine's Xcode.
I had this error and https://stackoverflow.com/a/39923121/713391 suggested i check "Enable Automatic Signing" then click cancel without doing anything, which did fix it. A code diff showed the change was to add
ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES;
or in Xcode it's called Always Embed Swift Standard Libraries