I am able to archive ios project using below commands
cordova build ios --device --debug
and
cordova build ios --device --release
But when i try to do same from jenkins i am getting below error.
11:08:01 SecKey API returned: -25308, (null)/Users/Jenkins/Library/Developer/Xcode/DerivedData/GRC_Pulse-ebufuetkmalmfxbiegclmzuryhrm/Build/Intermediates/ArchiveIntermediates/GRC Pulse/InstallationBuildProductsLocation/Applications/GRC Pulse.app: unknown error -1=ffffffffffffffff
11:08:01 Command /usr/bin/codesign failed with exit code 1
11:08:01
11:08:01 ** ARCHIVE FAILED **
11:08:01
11:08:01
11:08:01 The following build commands failed:
11:08:01 CodeSign /Users/Jenkins/Library/Developer/Xcode/DerivedData/GRC_Pulse-ebufuetkmalmfxbiegclmzuryhrm/Build/Intermediates/ArchiveIntermediates/GRC\ Pulse/InstallationBuildProductsLocation/Applications/GRC\ Pulse.app
11:08:01 (1 failure)
11:08:01 Error: Error code 65 for command: xcodebuild with args: -xcconfig,/Users/Jenkins/projects/grc-pulse-hybrid-custom/platforms/ios/cordova/build-debug.xcconfig,-workspace,GRC Pulse.xcworkspace,-scheme,GRC Pulse,-configuration,Debug,-destination,generic/platform=iOS,-archivePath,GRC Pulse.xcarchive,archive,CONFIGURATION_BUILD_DIR=/Users/Jenkins/projects/grc-pulse-hybrid-custom/platforms/ios/build/device,SHARED_PRECOMPS_DIR=/Users/Jenkins/projects/grc-pulse-hybrid-custom/platforms/ios/build/sharedpch
You should unlock your keychain before running the command when using ssh (connection from the master to a slave)
security unlock-keychain -p "" ${keychain}
Take a look on this link for more details
I had this error with Xcode 8.3:
unknown error -1=ffffffffffffffff
Command /usr/bin/codesign failed with exit code 1
** ARCHIVE FAILED **
And
security unlock-keychain -p "mypass" ${mykeychain}
solved it, too.
I am going to chip in as well as I had to try a few more things than the ones mentioned here: the problem (for me) was that keychain doesn't like SSH sessions. I had to execute these in my session to fix it:
security unlock-keychain -p MY_PASS ~/Library/Keychains/login.keychain
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k MY_PASS ~/Library/Keychains/login.keychain
security set-keychain-settings ~/Library/Keychains/login.keychain
I've also removed my current certificates system/account certificates by removing my account from XCode (I use fastlane to do building) but I suspect that this shouldn't have impacted it.
This is now my third post about this or so but I sure hope it is going to help to save 8h of work for somebody...
Related
I have been struggling with this Github Action using Fastlane and match for iOS deployment to TestFlight of a flutter app.
Everything started to break when I changed laptop and forgot the keychain password. I nuked all previous certificates and profiles (using match) and regenerated them.
Everything seems to be going fine in match, however the build fails with a 65 error code and no clear error
This is the lane code
platform :ios do
lane :closed_beta do
setup_ci(verbose: true)
match(
type: 'appstore',
app_identifier: "#{BUNDLE_IDENTIFIER}",
git_basic_authorization: Base64.strict_encode64(ENV["GIT_AUTH_TOKEN"]),
readonly: true,
verbose: true,
)
build_app(
scheme: "Runner",
export_method: "app-store",
verbose: true,
)
pilot(
apple_id: "#{APPLICATON_ID}",
app_identifier: "#{BUNDLE_IDENTIFIER}",
skip_waiting_for_build_processing: true,
skip_submission: true,
distribute_external: false,
notify_external_testers: false,
ipa: "./Runner.ipa",
itc_provider: "CN7XB83K76"
)
end
end
Relevant logs are
INFO [2023-02-15 14:22:09.12]: ▸ ** ARCHIVE FAILED **
Run script build phase 'Run Script' will be run during every build because it does not specify any outputs. To address this warning, either add output dependencies to the script phase, or configure it to run in every build by unchecking "Based on dependency analysis" in the script phase. (in target 'Runner' from project 'Runner')
Run script build phase 'Thin Binary' will be run during every build because it does not specify any outputs. To address this warning, either add output dependencies to the script phase, or configure it to run in every build by unchecking "Based on dependency analysis" in the script phase. (in target 'Runner' from project 'Runner')
Run script build phase 'Run Script' will be run during every build because it does not specify any outputs. To address this warning, either add output dependencies to the script phase, or configure it to run in every build by unchecking "Based on dependency analysis" in the script phase. (in target 'Runner' from project 'Runner')
** ARCHIVE FAILED **
ERROR [2023-02-15 14:22:09.14]: Exit status: 65
INFO [2023-02-15 14:22:09.15]:
and there is something above logged as error by match (but I don't think it's a problem)
INFO [2023-02-15 14:21:44.80]: ▸ "/Users/runner/Library/Keychains/fastlane_tmp_keychain-db"
DEBUG [2023-02-15 14:21:44.80]: Installing WWDR Cert: curl -f -o /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/AppleWWDRCAG6.cer20230215-42299-x0khh8 https://www.apple.com/certificateauthority/AppleWWDRCAG6.cer && security import /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/AppleWWDRCAG6.cer20230215-42299-x0khh8 -k /Users/runner/Library/Keychains/fastlane_tmp_keychain-db
INFO [2023-02-15 14:21:45.15]: ▸ 1 certificate imported.
INFO [2023-02-15 14:21:45.15]: ▸ 100 794 100 794 0 0 2688 0 --:--:-- --:--:-- --:--:-- 2719
ERROR [2023-02-15 14:21:45.22]: There are no local code signing identities found.
You can run `security find-identity -v -p codesigning fastlane_tmp_keychain` to get this output.
This Stack Overflow thread has more information: https://stackoverflow.com/q/35390072/774.
(Check in Keychain Access for an expired WWDR certificate: https://stackoverflow.com/a/35409835/774 has more info.)
INFO [2023-02-15 14:21:45.30]: $ security import /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/d20230215-42299-tdvo05/certs/distribution/PY2SL32M49.cer -k '/Users/runner/Library/Keychains/fastlane_tmp_keychain-db' -P ******** -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild -T /usr/bin/productsign
INFO [2023-02-15 14:21:45.39]: ▸ 1 certificate imported.
INFO [2023-02-15 14:21:45.40]: Setting key partition list... (this can take a minute if there are a lot of keys installed)
INFO [2023-02-15 14:21:45.40]: $ security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k ******** /Users/runner/Library/Keychains/fastlane_tmp_keychain-db 1> /dev/null
ERROR [2023-02-15 14:21:45.44]: security: SecItemCopyMatching: The specified item could not be found in the keychain.
INFO [2023-02-15 14:21:45.44]: $ security import /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/d20230215-42299-tdvo05/certs/distribution/PY2SL32M49.p12 -k '/Users/runner/Library/Keychains/fastlane_tmp_keychain-db' -P ******** -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild -T /usr/bin/productsign
INFO [2023-02-15 14:21:45.54]: ▸ 1 key imported.
A full log of the failing run is here
I have a jenkins server connecting to a remote mac mini through ssh to execute a shell script that has to build an IPA from a unity project.
When the shell script is executed locally on the mac mini everything goes fine. But when the shell script is ran from jenkins (with the exact same parameter and the same user) it fails codesigning the archive.
I will share with you the obfuscated shell script as well as the build log.
Thank you for your help in advance.
The shell script :
#!/bin/bash
# Consider directory paths initialized in parameter here
#
#
# Consider git cleaning / fetching commit here
#
#
# Consider environment / version and build name controls here
#
#
# Start Unity Build :
/Applications/Unity2017.4.10f1/Unity.app/Contents/MacOS/Unity -batchmode -quit -projectPath "$SOURCE_PATH" -executeMethod "BuildManager.BuildPlayer" -logFile "$BUILD_LOG_FILE" -buildEnvironment "$ENVIRONMENT" -buildPlatform "IOS" -buildPath "$TARGET_BUILD_DIR" -overrideVersion "$OVERRIDE_VERSION"
if [ ! -d "${TARGET_BUILD_DIR}/Unity-iPhone.xcodeproj" ]
then
echo "[ERR]Exporting unity project to Xcode failed."
exit 1
else
echo "Build successfull"
fi
#
#
# Consider initializing a param for the provisioning profile file path
#
#
# Consider initializing a param for the plist file path
cd $TARGET_BUILD_DIR
# archive generated xcode project
xcodebuild -scheme "Unity-iPhone" -archivePath "${DEPLOY_DIR_ROOT}/${BUILD_NAME}_${FILE_FORMAT_VERSION}/archive.xcarchive" -sdk iphoneos -configuration Release PROVISIONING_PROFILE="${PROVISIONING_PROFILE_PATH}" archive
if [ $? != 0 ]; then
echo "FAILED ARCHIVING XCODE PROJECT"
exit 1
fi
# export ipa from archive
xcodebuild -exportArchive -archivePath "${DEPLOY_DIR_ROOT}/${BUILD_NAME}_${FILE_FORMAT_VERSION}/archive.xcarchive" -exportOptionsPlist "${PLIST_PATH}" -exportPath "${DEPLOY_DIR_ROOT}/${BUILD_NAME}_${FILE_FORMAT_VERSION}"
if [ $? != 0 ]; then
echo "FAILED EXPORTING IPA FROM ARCHIVE"
exit 1
fi
#
# Section reserved for uploading the ipa to relevant remote storage
#
exit 0
So everything works like a charm (even the build can be installed on a device) when the shell script is ran locally from the terminal on the mac mini.
When it comes to run the shell script remotely through ssh it fails to codesign the archive. The user used over ssh is the same than the one used locally to run the script.
Here is the error :
CodeSign
/#######/Library/Developer/Xcode/DerivedData/Unity-iPhone-#########/Build/Intermediates.noindex/ArchiveIntermediates/Unity-iPhone/InstallationBuildProductsLocation/Applications/#########.app
(in target: Unity-iPhone) cd /#########/xcodeProjPath export
CODESIGN_ALLOCATE=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate
Signing Identity: "#########" Provisioning Profile: "iOS Team
Provisioning Profile: #########"
(#########)
/usr/bin/codesign --force --sign ######### --entitlements
/#########/Library/Developer/Xcode/DerivedData/Unity-iPhone-#########/Build/Intermediates.noindex/ArchiveIntermediates/Unity-iPhone/IntermediateBuildFilesPath/Unity-iPhone.build/Release-iphoneos/Unity-iPhone.build/#########.app.xcent
--timestamp=none /#########/Library/Developer/Xcode/DerivedData/Unity-iPhone-#########/Build/Intermediates.noindex/ArchiveIntermediates/Unity-iPhone/InstallationBuildProductsLocation/Applications/#########.app
/#########/Library/Developer/Xcode/DerivedData/Unity-iPhone-#########/Build/Intermediates.noindex/ArchiveIntermediates/Unity-iPhone/InstallationBuildProductsLocation/Applications/#########.app:
errSecInternalComponent
Command CodeSign failed with a nonzero exit code
** ARCHIVE FAILED **
I m kind of stuck right now since all my attempts didn't work at all ...
Thank you in advance for your help.
EDIT:
mac mini on macOS High Sierra Version 10.13.6 (17G65)
xcode Version 10.0 (10A255)
Ok so for all of you guys struggling around this tricky subject ( totally invisible if we don't know enough about macOS ) there is kind of security system that still makes the difference between a local user and a remote access to a user.
So the keychain handling your keys and certificates ( used by codesign to sign your build ) is not usable out of the box for the remote user. Its needs to be unlocked first !!!
To know about the available keychains on your system just type in on your terminal :
security list-keychains
You should see something like :
"/Users/'YOURUSER'/Library/Keychains/login.keychain-db"
"/Library/Keychains/System.keychain"
And you guessed it right there, you have to unlock the keychain of your user ! Juste run this :
security unlock-keychain -p 'USER_PASSWORD' 'PATH_TO_USER_KEYCHAIN'
And that's it.
N.B:
Please let me know if I understood something wrong about all this.
xcrun xcodebuild -version: 9.2
run_loop: 2.6.4
calabash-ios version: 0.20.5
iOS version: 11.2.6
Command- /Users/testmaskin/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/run_loop-2.6.4/lib/run_loop/device_agent/bin/iOSDeviceManager install /Users/testmaskin/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/run_loop-2.6.4/lib/run_loop/device_agent/ipa/DeviceAgent-Runner.app --device-id 61b08575d55927c0dd0b9192e37a2c1f421cd000
Output:
Terminating app due to uncaught exception 'CBXException',
reason: 'Unable to find appropriate codesign identity for device 61b08575d55927c0dd0b9192e37a2c1f421cd000 / app com.apple.test.DeviceAgent-Runner combo'
Output of tail -F ~/.calabash/iOSDeviceManager/logs/current.log
2018-03-20 16:46:04.676 INFO ShellRunner:70 | EXEC: /usr/bin/xcrun codesign -d --entitlements :- /Users/testmaskin/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/run_loop-2.6.4/lib/run_loop/device_agent/ipa/DeviceAgent-Runner.app
2018-03-20 16:46:05.171 INFO ShellRunner:70 | EXEC: /usr/bin/xcrun codesign -d --entitlements :- /Users/testmaskin/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/run_loop-2.6.4/lib/run_loop/device_agent/ipa/DeviceAgent-Runner.app
2018-03-20 16:46:05.258 INFO ShellRunner:70 | EXEC: /usr/bin/xcrun security find-identity -v -p codesigning
2018-03-20 16:46:05.466 ERROR ConsoleWriter:32 | No valid iOSDeveloperIdentities found on system.
However, the profile exists in the /Users/testmaskin/Library/MobileDevice/Provisioning Profiles directory as well as the device UDID exists in that profile. See the output below.
$ /usr/bin/xcrun security find-identity -v -p codesigning
1) 95CC7E649668236B68C7D309A07AAC5E3C9B409B "iPhone Distribution: Polly Lal (***********)"
1 valid identities found
Not sure what I'm missing here. I have a bunch of such test devices attached to their own Mac Mini hosts. Each of those setup are exhibiting this problem. So I'm sure its not because of a faulty device. Any help is appreciated.
I was using a distribution certificate. Someone pointed out that's not the right one. I generated a new developer certificate, regenerated the provisioning profile for that certificate and it worked!
I want to learn ARKit. I got apple's sample code and other sample codes in github.
There is a error, Xcode reports:
/Users/.../ARKitBasics-brwextbgckvaokheuvfoqkacalvx/Build/Products/Debug-iphoneos/ARKitBasics.app/Frameworks/libswiftARKit.dylib:
unknown error -1=ffffffffffffffff error: Task failed with exit 1
signal 0 { /usr/bin/codesign '--force' '--sign'
'B8FBC6429C19D8DBEDBAC1BD044D6D4D7B68D1CF' '--verbose'
'/Users/.../ARKitBasics-brwextbgckvaokheuvfoqkacalvx/Build/Products/Debug-iphoneos/ARKitBasics.app/Frameworks/libswiftARKit.dylib'
I guess it is about libswiftARKit.dylib ,I don't know where it is. i found ARKit.framework.
Any advice or explanation is welcomed.
Thanks in advance.
Try below command:
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k keychainPass keychainPath
keychainPass is your keychain password;
keychainPath is the file path of your keychain, normally it is ~/Library/Keychains/login.keychain and login.keychain-db
most answers using this command without codesign:, this is the tricky part
I have follow the guideline from the following websites to use Jenkins to build iOS apps.
https://wiki.jenkins-ci.org/display/JENKINS/Xcode+Plugin
http://savvyapps.com/blog/continuous-integration-ios-jenkins
I have exported my developer profile and imported it to Jekins and call before the Xcode build. From the console log, Jenkins installed the provisioning during the build.
$ security import /Users/Shared/Jenkins/Home/developer-profiles/957b9655-81ce-46a0-8686-1f67f7d17a41/developer/identities/18BAD5E662ED3759CD8D7C85E33390324BBD130E.p12 -k jenkins-testApp-1-DevBuild -P ******** -T /usr/bin/codesign -T /usr/bin/productsign jenkins-testApp-1-DevBuild
$ security import /Users/Shared/Jenkins/Home/developer-profiles/957b9655-81ce-46a0-8686-1f67f7d17a41/developer/identities/7A5A56DA487E33DE5D16567DC8868B7CD9A865D6.p12 -k jenkins-testApp-1-DevBuild -P ******** -T /usr/bin/codesign -T /usr/bin/productsign jenkins-testApp-1-DevBuild
$ security import /Users/Shared/Jenkins/Home/developer-profiles/957b9655-81ce-46a0-8686-1f67f7d17a41/developer/identities/F19D5511EC904BA5CC9D65F306B8CD4D2B0BB19B.p12 -k jenkins-testApp-1-DevBuild -P ******** -T /usr/bin/codesign -T /usr/bin/productsign jenkins-testApp-1-DevBuild
$ security show-keychain-info jenkins-testApp-1-DevBuild
Keychain "jenkins-testApp-1-DevBuild" lock-on-sleep timeout=300s
Installing 0b3a6836-af47-4afd-9484-9ca4ccec6c6d.mobileprovision
Installing 0ef7bac8-0408-4c38-bf6c-3afb004ee451.mobileprovision
Installing 193e9795-97b1-4d4a-981d-a51714e381a4.mobileprovision
However the build is fail because of code sign error. Does anyone how to solve this issue? Thanks.
Code Sign error: No codesigning identities found: No codesigning identities (i.e. certificate and private key pairs) that match the provisioning profile specified in your build settings (“Auth-Dev”) were found.
CodeSign error: code signing is required for product type 'Application' in SDK 'iOS 8.4'
** BUILD FAILED **
I finally solved this by copying the development cert from login to System in Keychain access.
Reference: http://code-dojo.blogspot.co.uk/2012/09/fix-ios-code-signing-issue-when-using.html