xcrun xcodebuild -version: 9.2
run_loop: 2.6.4
calabash-ios version: 0.20.5
iOS version: 11.2.6
Command- /Users/testmaskin/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/run_loop-2.6.4/lib/run_loop/device_agent/bin/iOSDeviceManager install /Users/testmaskin/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/run_loop-2.6.4/lib/run_loop/device_agent/ipa/DeviceAgent-Runner.app --device-id 61b08575d55927c0dd0b9192e37a2c1f421cd000
Output:
Terminating app due to uncaught exception 'CBXException',
reason: 'Unable to find appropriate codesign identity for device 61b08575d55927c0dd0b9192e37a2c1f421cd000 / app com.apple.test.DeviceAgent-Runner combo'
Output of tail -F ~/.calabash/iOSDeviceManager/logs/current.log
2018-03-20 16:46:04.676 INFO ShellRunner:70 | EXEC: /usr/bin/xcrun codesign -d --entitlements :- /Users/testmaskin/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/run_loop-2.6.4/lib/run_loop/device_agent/ipa/DeviceAgent-Runner.app
2018-03-20 16:46:05.171 INFO ShellRunner:70 | EXEC: /usr/bin/xcrun codesign -d --entitlements :- /Users/testmaskin/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/run_loop-2.6.4/lib/run_loop/device_agent/ipa/DeviceAgent-Runner.app
2018-03-20 16:46:05.258 INFO ShellRunner:70 | EXEC: /usr/bin/xcrun security find-identity -v -p codesigning
2018-03-20 16:46:05.466 ERROR ConsoleWriter:32 | No valid iOSDeveloperIdentities found on system.
However, the profile exists in the /Users/testmaskin/Library/MobileDevice/Provisioning Profiles directory as well as the device UDID exists in that profile. See the output below.
$ /usr/bin/xcrun security find-identity -v -p codesigning
1) 95CC7E649668236B68C7D309A07AAC5E3C9B409B "iPhone Distribution: Polly Lal (***********)"
1 valid identities found
Not sure what I'm missing here. I have a bunch of such test devices attached to their own Mac Mini hosts. Each of those setup are exhibiting this problem. So I'm sure its not because of a faulty device. Any help is appreciated.
I was using a distribution certificate. Someone pointed out that's not the right one. I generated a new developer certificate, regenerated the provisioning profile for that certificate and it worked!
Related
I am exporting App archives using the command line tools (xcodebuild). Essentially this is what I running:
xcodebuild -workspace "${WORKSPACE_PATH}" \
-scheme "${SCHEME_NAME}" \
-archivePath "${PROJECT_ARCHIVE}" \
-configuration "${CONFIGURATION}" \
-sdk "${TARGET_SDK}" \
DEVELOPMENT_TEAM="XXXXXXXX" \
OTHER_CODE_SIGN_FLAGS="--keychain /Users/user/Library/Keychains/jenkins.keychain" \
archive
And this is the result:
Check dependencies
No signing certificate "iOS Development" found: No "iOS Development" signing certificate matching team ID "XXXXXXX" with a private key was found.
Code signing is required for product type 'Application' in SDK 'iOS 10.2'
** ARCHIVE FAILED **
The following build commands failed:
Check dependencies
(1 failure)
$ echo $?
65
The code signing fails because codesign ignores the --keychain parameter. Now here is the interesting part. The keychain I want to use is jenkins.keychain-db (as specified above). That certainly does not work. Here is my keychain search list:
$ security list-keychains
"/Users/user/Library/Keychains/login.keychain-db"
"/Library/Keychains/System.keychain"
Obviously jenkins.keychain-db is not in there as it should be. If I am adding the jenkins.keychain-db in the search list it starts working.
Unfortunately this is not a solution for me because I do have multiple keychains with the same private keys and certificates. That leads xcodebuild to pick up the first right certificate that it can find which will fails because the keychain is probably not unlocked.
You can make codesign prefer using your custom keychain with the following commands:
security list-keychains -d user -s jenkins.keychain
security default-keychain -s jenkins.keychain
# to unlock the kechain:
security unlock-keychain -p $PW jenkins.keychain
Put this right before xcodebuild ...
You can omit the -db extension. It's not necessary to use it and will lead to confusing behavior.
You might want to clean this up after the build has finished:
security list-keychains -d user -s login.keychain
security default-keychain -s login.keychain
I am able to archive ios project using below commands
cordova build ios --device --debug
and
cordova build ios --device --release
But when i try to do same from jenkins i am getting below error.
11:08:01 SecKey API returned: -25308, (null)/Users/Jenkins/Library/Developer/Xcode/DerivedData/GRC_Pulse-ebufuetkmalmfxbiegclmzuryhrm/Build/Intermediates/ArchiveIntermediates/GRC Pulse/InstallationBuildProductsLocation/Applications/GRC Pulse.app: unknown error -1=ffffffffffffffff
11:08:01 Command /usr/bin/codesign failed with exit code 1
11:08:01
11:08:01 ** ARCHIVE FAILED **
11:08:01
11:08:01
11:08:01 The following build commands failed:
11:08:01 CodeSign /Users/Jenkins/Library/Developer/Xcode/DerivedData/GRC_Pulse-ebufuetkmalmfxbiegclmzuryhrm/Build/Intermediates/ArchiveIntermediates/GRC\ Pulse/InstallationBuildProductsLocation/Applications/GRC\ Pulse.app
11:08:01 (1 failure)
11:08:01 Error: Error code 65 for command: xcodebuild with args: -xcconfig,/Users/Jenkins/projects/grc-pulse-hybrid-custom/platforms/ios/cordova/build-debug.xcconfig,-workspace,GRC Pulse.xcworkspace,-scheme,GRC Pulse,-configuration,Debug,-destination,generic/platform=iOS,-archivePath,GRC Pulse.xcarchive,archive,CONFIGURATION_BUILD_DIR=/Users/Jenkins/projects/grc-pulse-hybrid-custom/platforms/ios/build/device,SHARED_PRECOMPS_DIR=/Users/Jenkins/projects/grc-pulse-hybrid-custom/platforms/ios/build/sharedpch
You should unlock your keychain before running the command when using ssh (connection from the master to a slave)
security unlock-keychain -p "" ${keychain}
Take a look on this link for more details
I had this error with Xcode 8.3:
unknown error -1=ffffffffffffffff
Command /usr/bin/codesign failed with exit code 1
** ARCHIVE FAILED **
And
security unlock-keychain -p "mypass" ${mykeychain}
solved it, too.
I am going to chip in as well as I had to try a few more things than the ones mentioned here: the problem (for me) was that keychain doesn't like SSH sessions. I had to execute these in my session to fix it:
security unlock-keychain -p MY_PASS ~/Library/Keychains/login.keychain
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k MY_PASS ~/Library/Keychains/login.keychain
security set-keychain-settings ~/Library/Keychains/login.keychain
I've also removed my current certificates system/account certificates by removing my account from XCode (I use fastlane to do building) but I suspect that this shouldn't have impacted it.
This is now my third post about this or so but I sure hope it is going to help to save 8h of work for somebody...
I have follow the guideline from the following websites to use Jenkins to build iOS apps.
https://wiki.jenkins-ci.org/display/JENKINS/Xcode+Plugin
http://savvyapps.com/blog/continuous-integration-ios-jenkins
I have exported my developer profile and imported it to Jekins and call before the Xcode build. From the console log, Jenkins installed the provisioning during the build.
$ security import /Users/Shared/Jenkins/Home/developer-profiles/957b9655-81ce-46a0-8686-1f67f7d17a41/developer/identities/18BAD5E662ED3759CD8D7C85E33390324BBD130E.p12 -k jenkins-testApp-1-DevBuild -P ******** -T /usr/bin/codesign -T /usr/bin/productsign jenkins-testApp-1-DevBuild
$ security import /Users/Shared/Jenkins/Home/developer-profiles/957b9655-81ce-46a0-8686-1f67f7d17a41/developer/identities/7A5A56DA487E33DE5D16567DC8868B7CD9A865D6.p12 -k jenkins-testApp-1-DevBuild -P ******** -T /usr/bin/codesign -T /usr/bin/productsign jenkins-testApp-1-DevBuild
$ security import /Users/Shared/Jenkins/Home/developer-profiles/957b9655-81ce-46a0-8686-1f67f7d17a41/developer/identities/F19D5511EC904BA5CC9D65F306B8CD4D2B0BB19B.p12 -k jenkins-testApp-1-DevBuild -P ******** -T /usr/bin/codesign -T /usr/bin/productsign jenkins-testApp-1-DevBuild
$ security show-keychain-info jenkins-testApp-1-DevBuild
Keychain "jenkins-testApp-1-DevBuild" lock-on-sleep timeout=300s
Installing 0b3a6836-af47-4afd-9484-9ca4ccec6c6d.mobileprovision
Installing 0ef7bac8-0408-4c38-bf6c-3afb004ee451.mobileprovision
Installing 193e9795-97b1-4d4a-981d-a51714e381a4.mobileprovision
However the build is fail because of code sign error. Does anyone how to solve this issue? Thanks.
Code Sign error: No codesigning identities found: No codesigning identities (i.e. certificate and private key pairs) that match the provisioning profile specified in your build settings (“Auth-Dev”) were found.
CodeSign error: code signing is required for product type 'Application' in SDK 'iOS 8.4'
** BUILD FAILED **
I finally solved this by copying the development cert from login to System in Keychain access.
Reference: http://code-dojo.blogspot.co.uk/2012/09/fix-ios-code-signing-issue-when-using.html
I have problem with using Export function in Xcode ("Your account already have distribution certificate") so I used solution with xcodebuild. It produce IPA file but I see this in console:
### Checking original app
+ /usr/bin/codesign --verify -vvvv /.../My.app
Program /usr/bin/codesign returned 1 : [/.../My.app: resource envelope is obsolete
]
Codesign check fails : /.../My.app: resource envelope is obsolete
Is it a problem from my side and how to solve it?
If you are using Mac OSX 10.9.5 or later, then there is an issue with OS codesigning with V2 signature.
So, use --no-strict flag with codesign --verify to getover this error.
If you're using PackageApplication to create an .ipa file, then
Edit the PackageApplication perl script tool using vi PackageApplication command and update codesign function occurrences to pass "--no-strict" parameter.
Example:
my $result = runCmd("/usr/bin/codesign", "--verify", "--no-strict",
"-vvvv", , $plugin );
I was facing same and got following response from Apple Dev Team. The issue is resolved for me.
The command line tool “codesign” has changed in 10.9.5 and 10.10, you need to pass “--no-strict” option to the command, (the problem has been reported and will be fixed).
To workaround the problem, please save a copy and modify PackageApplication to pass “—no-strict” to codesign, you can locate PackageApplication by running the following:-
xcrun -sdk iphoneos -f PackageApplication
I'm having trouble packaging an app as an IPA with PackageApplication. Codesign verification fails with "does not satisfy its designated Requirement":
+ /usr/bin/codesign --verify -vvvv -R=anchor apple generic and (certificate 1[field.1.2.840.113635.100.6.2.1] exists and (certificate leaf[field.1.2.840.113635.100.6.1.2] exists or certificate leaf[field.1.2.840.113635.100.6.1.4] exists)) /var/folders/8j/n5d5y1bj6wz3l8gs_djqn3400000gn/T/8xonyTiAuP/Payload/Planner.app
Program /usr/bin/codesign returned 3 : [/var/folders/8j/n5d5y1bj6wz3l8gs_djqn3400000gn/T/8xonyTiAuP/Payload/Planner.app: valid on disk
/var/folders/8j/n5d5y1bj6wz3l8gs_djqn3400000gn/T/8xonyTiAuP/Payload/Planner.app: does not satisfy its designated Requirement
/var/folders/8j/n5d5y1bj6wz3l8gs_djqn3400000gn/T/8xonyTiAuP/Payload/Planner.app: explicit requirement satisfied
What requirement is designated here?!?
I'm building with xcodebuild:
xcodebuild -workspace MyWorkspace.xcworkspace -scheme Planner -ask iphoneos clean build archive
which creates an Xcode archive for me inside ~/Library/Developer/Xcode/Archives So far so good.
Then I've read that people use PackageApplication but that fails for me:
xcrun -sdk iphoneos PackageApplication -v path/to/Planner.app -o Planner.ipa --sign 9990807058544973D70EA9A9F3BB3949D51C0983 --embed my_profile.mobileprovision
with the above error.
What part am I missing here? Is there another way to do this?
This is Xcode 4.5.
You can check what the designated requirements for your .app file are by running the following command:
codesign -d -r- path/to/file.app
Your output should include a line that starts with designated =>. What follows after are your designated requirements. An example of this output would be:
designated => identifier "com.organization.project" and certificate root = H"abcdef0123456789abcdef0123456789abcdef12"
The -d flag displays information and the -r- flag writes the requirements to stdout.
You can use Apple's page on Code Signing Requirement Language to interpret what these requirements mean.
If you want to narrow down which particular requirement is failing, you can run the tests individually by entering the following command:
codesign -v -R="certificate root = H\"abcdef0123456789abcdef0123456789abcdef12\"" /path/to/file.app
The -v flag performs verification on your app and the -R flag passes in an explicit requirement to test.