I'm trying to build Xcode project with Jenkins. Project for Xcode generated by Unity Engine.
I am able to build this project directly from Xcode GUI, but when trying to build project through Jenkins i'm getting following error at the end of build:
Signing Identity: "iPhone Developer: MyName MySurname (XXXXXXXXXX)"
Provisioning Profile: "iOS Team Provisioning Profile: *"
(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX)
/usr/bin/codesign --force --sign 37DF6AF254E5A4856B1BA024D199DEE3CE596A58 --entitlements /Users/Shared/Jenkins/Home/workspace/Xcode_Input/build/Unity-iPhone.build/Release-iphoneos/Unity-iPhone.build/myapplication.app.xcent --timestamp=none /Users/Shared/Jenkins/Home/workspace/Xcode_Input/build/Release-iphoneos/myapplication.app
/Users/Shared/Jenkins/Home/workspace/Xcode_Input/build/Release-iphoneos/myapplication.app: errSecInternalComponent
Command CodeSign failed with a nonzero exit code
** BUILD FAILED **
The following build commands failed:
CodeSign /Users/Shared/Jenkins/Home/workspace/Xcode_Input/build/Release-iphoneos/myapplication.app
(1 failure)
Build step 'Xcode' marked build as failure
Finished: FAILURE
I tried to reproduce following command in terminal, and it woked fine without any errors:
/usr/bin/codesign --force --sign 37DF6AF254E5A4856B1BA024D199DEE3CE596A58 --entitlements /Users/Shared/Jenkins/Home/workspace/Xcode_Input/build/Unity-iPhone.build/Release-iphoneos/Unity-iPhone.build/myapplication.app.xcent --timestamp=none /Users/Shared/Jenkins/Home/workspace/Xcode_Input/build/Release-iphoneos/myapplication.app
It asked me for my password two times(and same password specified in Jenkins job settings for Xcode), and finished without any errors.
Keychain i used to sign project is unlocked with: security unlock-keychain login.keychain
The question is - what could be the reason of following behavior? How can i solve this problem?
Thanks in advance!
Jenkins is SSHing into the box and not receiving access to your keychain. Jenkins needs to unlock the keychain before performing the build. It looks like you already understand how to unlock your keychain via password prompt. You need to have Jenkins perform the unlock without a prompt.
Have Jenkins run the following before your build command:
security unlock-keychain -p <YourPassword> ~/Library/Keychains/login.keychain
If you'd rather not store the password in cleartext script area of your build, Jenkins offers various ways to store secrets and retrieve them as variables. Here's a decent write-up on doing that: https://support.cloudbees.com/hc/en-us/articles/203802500-Injecting-Secrets-into-Jenkins-Build-Jobs
Alternatively:
security unlock-keychain -p `cat ~/.file_with_your_password` ~/Library/Keychains/login.keychain
Related
Im trying to build ci/cd ios App with jenkins using ec2 mac instance of AWS.
I set up all my certificates/private key using the command
security import ./myfile.p12 or security add-certificate
I also added my Provisionning Profile successfully.
The build is running but at the final step Im getting an error during the codesign --force step. I read a lot of question over there but non of the solution provided worked for me..
Error details of the Build
For info: when I run security default-keychain command, I get as the default keychain : /Library/Keychains/System.keychain
And running :
security find-identity -v -p codesigning /Library/Keychains/System.keychain
gaves me result like:
XXXXXXXXXXXXXXXXXXXXX "iPhone Distribution: corp (Land) LTD."
XXXXXXXXXXXXXXXXXXXXX "iPhone Developer: John Doe (XXXXX)"
I already tried to lock/unlock my keychain without success..
Is anyone has an idea how to resolve this issue please ?
After a weeks of research, I just deleted all my certificates form the System.keychain (the corp one and the two of Apple authority - those who expire in 2023 and 2030 ) and reinstall them !
This made the job at the end
I have a script that builds and archives an iOS App using xcodebuild. Running it manually on the CI server works perfectly, but it always fails if run as a task in Bamboo:
/Users/bamboo/Library/Developer/Xcode/DerivedData/MyApp-fznnexbqdbnwoebohwwvajvtmcdf/Build/Intermediates/ArchiveIntermediates/LIVE/InstallationBuildProductsLocation/Applications/MyApp.app: unknown error -1=ffffffffffffffff
Command /usr/bin/codesign failed with exit code 1
** ARCHIVE FAILED **
the archive command looks like this:
xcodebuild -workspace "${workspace}" -scheme "${scheme}" -archivePath "${archive_path}" clean archive
I did try:
using security unlock-keychain before the xcodebuild command
chaining security unlock-keychain and xcodebuild commands with &&
manually unlocking keychain
moving the signing certificate and key to System keychain
setting Allow all applications to access this item in keychain
searching SO and everything else (even asking the janitor :) )
If this is of any help, the project uses manual signing, the profile and certificate are specified in build settings because those change quite often, nevertheless the logs show that the right signing identity is picked up.
Any suggestions of what could be wrong are welcome.
Open Terminal and paste this two:
cd ~/Library/Developer/Xcode/DerivedData
xattr -rc .
I've got a weird serious problem with Xcode 8.3.2 on macOS Sierra. I could build the app locally on build machine with fastlane or manually executing commands. Both development and ad-hoc build can be created locally.
$ fastlane <lane_name>
But when tried the same from TeamCity it throws following error.
[exec]/usr/bin/codesign --force --sign 5609CEE02FBF256EDBF60DB28C1A2995A2153B5B --entitlements /Users/<username>/Library/Developer/Xcode/DerivedData/<AppName>-frpvxgdtafatrrgbjqbbepgfzvak/Build/Intermediates/ArchiveIntermediates/SabaMeeting/IntermediateBuildFilesPath/<AppName>.build/Release-iphoneos/<AppName>.build/<AppName>.app.xcent --timestamp=none /Users/<username>/Library/Developer/Xcode/DerivedData/<AppName>-frpvxgdtafatrrgbjqbbepgfzvak/Build/Intermediates/ArchiveIntermediates/SabaMeeting/InstallationBuildProductsLocation/Applications/<AppName>.app
[exec] /Users/<username>/Library/Developer/Xcode/DerivedData/SabaMeeting-frpvxgdtafatrrgbjqbbepgfzvak/Build/Intermediates/ArchiveIntermediates/SabaMeeting/InstallationBuildProductsLocation/Applications/<AppName>.app: unknown error -1=ffffffffffffffff
[exec] Command /usr/bin/codesign failed with exit code 1
[exec]
[exec] ** ARCHIVE FAILED **
[exec]
[exec]
[exec] The following build commands failed:
[exec] CodeSign /Users/<username>/Library/Developer/Xcode/DerivedData/SabaMeeting-frpvxgdtafatrrgbjqbbepgfzvak/Build/Intermediates/ArchiveIntermediates/<AppName>/InstallationBuildProductsLocation/Applications/SabaMeeting.app
[exec] (1 failure)
TeamCity pulls the code and even executes the commands but fails.
Build Step: Command Line is set TeamCity with a custom script.
Tried following ways but not working:
Xcode Preferences ->Accounts->Delete already added account and add it again
Generated new Distribution and Developer Certificate and installed in KeyChain. New Provisioning Profiles and installed in Xcode.
Verified keychain access to private keys by "Allow all applications to access this item". Moved Certificates from login to System with access control to all.
Reinstalled xcode 8.3.2, restarted the machine.
Apple Worldwide Developer Relations Certificate Authority is installed.
Verified resource fork, finder information, or similar detritus not allowed in the app and derived data directory. https://developer.apple.com/library/content/qa/qa1940/_index.html
The project doesn't use CocoaPods.
Tried clearing DerivedData.
Any many more r&d. Any help will be appreciated.
How does your lane look like on your fastfile? Please share it...
My guess;
3 Verified keychain access to private keys by "Allow all applications to access this item". Moved Certificates from login to System with access control to all.
Teamcity is probably not accessing to your certificates and failing.
Try this;
Move certificates back to login from system.
Add following before your gym or whatever fastlane command is building the .ipa. This will let teamcity unlock and access to keychain.
lane :beta do |options|
unlock_keychain(path:"login.keychain", password:"yoursystempassword")
sh "security set-keychain-settings -t 3600 -l ~/Library/Keychains/login.keychain"
gym(scheme: "yourapp", workspace:"probably you dont have a wokrspace so no need")
end
We build ios using xamarin, the build hangs on signing and didn't throw any exception about 2.5 hours
Sign and provision profile is good. What could be?
Target _CodesignAppBundle:
Codesign Task
CodesignAllocate: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoo Entitlements: obj/iPhone/Release/Entitlements.xcent
Resource: bin/iPhone/Release/App.app
ResourceRules: <null>
SigningKey: ECFF24B11990B9BXXXXXXX194A29B83E87776A7B
ExtraArgs: <null>
Tool /usr/bin/codesign execution started with arguments: -v --force --sign ECFF24B11990B9BXXXXXXX194A29B83E87776A7B --entitlements /Users/admin/buildAgent_2/temp/buildTmp/SOURCE/App/obj/iPhone/Release/Entitlements.xcent /Users/admin/buildAgent_2/temp/buildTmp/SOURCE/App/bin/iPhone/Release/App.app
Maybe it requires to unlock the keychain access : a popup waiting for the keychain password is prompted on your server, but you don't see it.
I had to deal with this kind of problem when configuring a Xamarin app on Jenkins CI.
If so, just unlock the keychain with a bash script :
KEYCHAIN=/Users/xxx/Keychains/xxx.keychain
security -v unlock-keychain -p mypassword $KEYCHAIN
Hi there.
I'm trying to configure continuous integration for my iOS app with xcode 5 and OS X Server. I added certificates and p12 to system KeyChain, I also copied provisioning profiles to server folder for profiles.
Integration fails and log shows error message
Short message:
Command /usr/bin/codesign failed with exit code 1
Full message:
CodeSign
/Library/Server/Xcode/Data/BotRuns/Cache/c60acccd-d128-d128-b0e3-070a65bdd9dc/DerivedData/Build/Intermediates/ArchiveIntermediates/MomentSeller/InstallationBuildProductsLocation/Applications/MomentSeller.app
cd /Library/Server/Xcode/Data/BotRuns/Cache/c60acccd-d128-d128-b0e3-070a65bdd9dc/source/Moment
setenv CODESIGN_ALLOCATE /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate
setenv PATH "/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Applications/Xcode.app/Contents/Developer/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin"
Using code signing identity "iPhone Distribution: Company Name. (ZX6C5SJYP9)" and provisioning profile "Moment Seller Production"
(E6FC8157-98F3-4A28-BFF3-36EFA6334019)
codesign --force --sign C2F81E886780437B90630A748111D3340DC8EFC8 --resource-rules=/Library/Server/Xcode/Data/BotRuns/Cache/c60acccd-d128-d128-b0e3-070a65bdd9dc/DerivedData/Build/Intermediates/ArchiveIntermediates/MomentSeller/InstallationBuildProductsLocation/Applications/MomentSeller.app/ResourceRules.plist
--entitlements /Library/Server/Xcode/Data/BotRuns/Cache/c60acccd-d128-d128-b0e3-070a65bdd9dc/DerivedData/Build/Intermediates/ArchiveIntermediates/MomentSeller/IntermediateBuildFilesPath/Moment.build/Release-iphoneos/MomentSeller.build/MomentSeller.xcent
/Library/Server/Xcode/Data/BotRuns/Cache/c60acccd-d128-d128-b0e3-070a65bdd9dc/DerivedData/Build/Intermediates/ArchiveIntermediates/MomentSeller/InstallationBuildProductsLocation/Applications/MomentSeller.app
/Library/Server/Xcode/Data/BotRuns/Cache/c60acccd-d128-d128-b0e3-070a65bdd9dc/DerivedData/Build/Intermediates/ArchiveIntermediates/MomentSeller/InstallationBuildProductsLocation/Applications/MomentSeller.app:
User interaction is not allowed. Command /usr/bin/codesign failed with
exit code 1
** ARCHIVE FAILED **
The following build commands failed: CodeSign
/Library/Server/Xcode/Data/BotRuns/Cache/c60acccd-d128-d128-b0e3-070a65bdd9dc/DerivedData/Build/Intermediates/ArchiveIntermediates/MomentSeller/InstallationBuildProductsLocation/Applications/MomentSeller.app
(1 failure)
Any ideas?
Thanks.
I've run into this problem myself. This blog helped me out. http://matt.vlasach.com/xcode-bots-hosted-git-repositories-and-automated-testflight-builds/
As posted by Dominik Kroutvar:
User interaction is not allowed. Command /usr/bin/codesign failed with
exit code 1
This error happens when the following setting is not made manually. As
described in one of the posts above you have to put the mobileprofile
for code signing in the system keychain. The certificate is called
iPhone Distribution:. This distribution certificate must have a
private key! Open the Settings dialog either by double click on the
private key or through the context menu>Get Info. Then go to Access
control and put /usr/bin/codesign in the table. This allows the
codesign application to sign your built application. After that
everything should work without the meaningless codesign error exit
code 1.
As already stated you simply need to run security -v unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN".
Run this before the build and the codesign succeeds.