I am trying to setup fastlane match but am having trouble understanding this step:
After running fastlane match init you can run the following to generate new certificates and profiles:
fastlane match appstore
fastlane match development
What exactly is appstore and development? Are they supposed be assumed scheme names? My app has two schemes (both have different bundle identifiers) they are called MyApp and MyApp UAT do I need to run fastlane match MyApp and fastlane match MyApp UAT?
No, they are not schemes, they are cert/prov of some types.
Yes, you need to create the cert of any kind for each BundId.
Each certificate represent a BundleID and each prov. profile is dependent of a certificate so... yes, you need to create each cert, and then each prov. profile, as you will do manually on iTC.
Run fastlane match --help and it clarify your question
adhoc Run match for a adhoc provisioning profile
appstore Run match for a appstore provisioning profile
change_password Re-encrypt all files with a different password
decrypt Decrypts the repository and keeps it on the filesystem
development Run match for a development provisioning profile
enterprise Run match for a enterprise provisioning profile
[...]
You see, development mean which is not distribution, you could create also adhoc, etc.. and appStore mean distribution for not the enterprise bundleID.
Any doubt, please ask me ;)
Related
Our app has multiple configurations and uses an enterprise developer account for some use cases and an appstore account for other use cases. I'm able to use match with both accounts by managing environment files, but run into a blocker when it comes to creating the developer certificate for the appstore account - it's attempting to use the Enterprise Account's certificate which obviously isn't available in the appstore account's portal.
I ran fastlane match development --env enterprise_all to match our enterprise bundleIds and generate a development provisioning profile for our enterprise account for each configuration and match that to a signing certificate.
I also ran fastlane match enterprise --env enterprise_all to do the same for the enterprise (In-House) certificate
I then ran fastlane match appstore --env appstore_all to get distribution assets for our appstore account
But when I run fastlane match development --env appstore_all to get dev assets for our appstore account, it's using the development certificate created for the enterprise account.
Certificate 'VALUE' (stored in your storage) is not available on the Developer Portal
[16:17:09]: for the user USER
How can I generate development certificates using fastlane for 2 different accounts using the same app?
I was able to resolve this by using a different branch for the appstore environment. Using this method after having already synced enterprise signing certificates (including development certificates), match will only use appstore signing resources for environments using the appstore branch and enterprise resources otherwise.
.env.appstore_all:
MATCH_GIT_BRANCH=appstore
fastlane match appstore --env appstore_all
fastlane match development --env appstore_all
I have used Fastlane to manage our enterprise certificates and profiles.
Now the enterprise certificates are expiring next month.
My questions are:
If I nuke the enterprise certificates & profiles using "fastlane match nuke enterprise" and recreate new profiles and certificates then do my currently deployed apps (to more than 5000 users) stop working on their iPad?
How can I create another distribution certificate using Fastlane and renew all the profiles using the new certificate and keeping the old certificate as it is so that my already deployed apps do not get affected?
Finally, this is what I did and it worked in Production.
Apple Developer Account Type: Enterprise.
Delete the Enterprise certificate files from the git repository where Fastlane pushes the certificates and profiles.
Run "fastlane match enterprise".
This will create a new Enterprise certificate. Note Apple only allows 2 production certificates per account. So at this point, your account should show your old and the newly created Distribution (Enterprise) certificate.
Now run "fastlane match enterprise --force"
This will re-create the profiles using the new certificate and push it to the Git repository. Pass the bundle identifiers of all the profiles which you wish to renew.
You could skip Step 2 technically and just execute Step 3 but I didn't do that and I didn't want to redo this again.
So this will keep your current deployed apps active. You can create new builds or re-sign the old builds, with the new certificate and profiles and push out the new builds.
Once you are sure that all the users have the updated builds you can delete the old certificate from the Apple Developer account or let it expire on its own and then delete it, once expired.
Above process will renew the certificate for 3 years and profile for 1 year.
My iOS certificate is stored in GitHub and it is expired, the failure message in circleci progress is that ‘Your certificate 'xxxxxxx.cer' is not valid, please check end date and renew it if necessary’.
Do I need to create a new certificate, or download an existing one? I don’t remember how this was originally created, I thought it was done by Fastlane as part of the build.
But I don't know how to modify the Fastlane command, I have tried to add the 'cert', but it fails.
You can use fastlane match development after deleting the development profiles and certificates from your git repo. Alternatively, you can delete everything from git repo and run fastlane match
If you do not care about existing profiles and certificates, just run fastlane match nuke development and fastlane match nuke appstore, then fastlane match development and fastlane match appstore. These commands will first delete everything from your git repo and apple developer portal and the next two commands will create everything on your apple developer portal and push them to your git repo.
Read up this
Before start ensure you got certificates repo in github
https://docs.fastlane.tools/actions/match/
Clearing old certificates
fastlane match nuke development
fastlane match nuke distribution
After clearing, we need to re-create new certificates
fastlane match development
fastlane match appstore
and restart your Xcode
I renewed expired certificate by deleting it from the Git repository and then running fastlane match. If you append --force it will also renew the profiles to use the new certificate.
Steps:
Delete expired certificate from Git repository.
Run fastlane match development --force to renew certificate and profiles. (Replace development with appstore or adhoc depending on your certificate type.
I find the simplest way is to delete the expire .cer on Develop portal and run match again.
I'm having trouble with the basic understanding of iOS app signing and getting these apps ready for testflight and deployment using Fastlane.
I've been to tasked to automate the deployment steps of apps we have and we have an Ionic Cordova setup currently that was used to build iOS and Android projects for 18 different apps that are currently on the app store, but I'm looking to streamline the whole process using Fastlane and I'm stumped at the Certification stages of the process.
I've no access to the existing apps private keys or know how to go about setting up the project using Fastlane as I keep receiving the errors shown below.
I've tried to follow the concepts on Fastlane Codesigning concepts, using the Fastlane projects (cert, sigh and match) and following https://codesigning.guide/ while still making no progress.
How can I go about setting up the certs on the Mac to enable it to build and push the apps to Testflight and pushing the apps fundamentally to the app store?
Thank you
Errors Recieved
Could not create another Distribution certificate, reached the maximum number of available Distribution certificates.
Could not find the newly generated certificate installed fastlane
Security find-identity -v -p codesigning return 0 valid identities found
You already have existing distribution certificates, you will have to revoke them via the developer portal or automatically via fast lane with:
fastlane match nuke distribution
BE WARNED: this will remove all certificates and provisioning profiles for distribution (development or enterprise is unaffected). Apps that are already released to the App Store and ready for sale are UNAFFECTED, this only affects packages you sign for the App Store and submit with OLD certificates, but since you have no access to them you are fine anyway.
fast lane can then create its own when you invoke it (its fairly automated).
I'm starting to have an issue with fastlane. When I run a custom lane that runs pilot the app starts to compile but eventually terminates with an error. In the fastlane log I have:
Provisioning profile "match AppStore com.mycompany.myapp-test" doesn't include signing certificate "iPhone Developer: Bob Trotter (XXXXXXXXX)".
Code signing is required for product type 'Application' in SDK 'iOS 10.0'.
I have logged into the apple developer website. Gone into the provisioning profile and added myself. I have tried doing a project clean and downloading the certificates in xocode. I have also run fastlane certs. Any idea what I am doing wrong here? Any pointers on this would be great!!
It seems that you are trying to use pilot with a developer certificate.
As pilot is used to submit your app to TestFlight and subsequently to ApStore, it seems consistent that the error message saying match AppStore ... for the provisioning profile and iPhone Developer: ... for the certificate would generate errors.
It looks like you are setting the correct provisioning profile but not the correct certificate to match. You can check that on XCode by going to you project target -> Build settings -> Code Signing Identity (Release) and selecting iPhone Distribution
If you are using cert you might as well create Distribution certificates, which your App Store provisioning should be matching.
Alternatively (and personally my option of choice today) you can use match to create you provisioning profiles for both development and distribution, which will also configure your sigh environment variables to be used by XCode.
Based on your example bundle identifier, you could do this by executing the following command(s)
$ sudo gem install match
$ match appstore -a com.mycompany.myapp-test