Error building ClickOnce application in TFS with Certificate - tfs

I have a ClickOnce application that is run through TFS and Release Management for build. I have got it building fine until I introduce a Signing Certificate to the application. The certificate works fine with publishing the application but just wont have anything to do with the Build:
It is suggested that I try importing the certificate again or import it manually into the current users personal certificate store. I have tried the first but not sure how I go about doing the second.
Has anyone else encountered this problem and overcome it? I am seeing instances of this error on the web but not yet come across one where a build was being carried out on TFS/RM.

Rather simple answer that will teach me to read the error messages a bit more clearly. I just had to install the certificate on the machine running TFS under the user that is used by TFS... All good then!

Related

How can I correctly provision an Xamarin Forms iOS app with (or without) a ShareExtension?

I've had hours and hours of problems with Xamarin Forms iOS provisioning for my app with and without a ShareExtension.
I have had it working in the past with various combinations and permutations of configuring simulator/device/debug/release/certs/ids/auto or manual provisioning...etc. which I didn't record at the time, but it is very fickle and unpredictable and there are a large number of moving parts.
As such the following is a systematic record of the steps I've taken with questions when things have behaved in unexpected ways and my app hasn't run or deployed correctly.
NOTE: The following steps are for development but if I can get dev running, I will then continue to update this question for the distribution process.
The 3 main elements and their interaction that causes me most confusion are below:
Online Apple Developer Portal
MacOS with Xcode and keychain
Windows Visual Studio Xamarin
STEPS TAKEN
A) DELETE EVERYTHING FOR A FRESH START
I deleted all my certificates, identifiers and profiles from the above 3 (with the exception of the main app id which is in the app store and couldn't be deleted). For the physical devices I removed via:
Xcode
VS (Win)
relevant folder locations on Win and Mac
keychain
B) CREATE A DEV CERT, AUTO PROVISION, RUN THE APP
In visual studio login to my Apple account via Options -> Apple Accounts
Then View details -> Create certificate
Outcome: This works fine. The new cert appears on Windows, Mac and on the Apple Dev Portal. The app runs successfully with auto provisioning.
However, no profiles can be seen in the online Apple Dev Portal - why? - UPDATE: They now appear around 30 mins after they were created
C) ADD A SHARE EXTENSION
Add ShareExtension project and reference it to my main app.
Use Automatic Provisioning
Outcome:
Auto Provisioning gives: "Invalid request, Service mapping to the requested URL is not available.". As a result I go into the Apple Dev Portal and manually create an ID, then retry Auto Provisioning, which is now successful. Try to run the app again but: app runs ok, but share extension can't be seen.
I have double checked:
Main app has ShareExtension reference
Main app info.plist has:
<key>NSExtensionPointIdentifier</key><string>com.apple.share-services</string>
App group is set in VS for both projects and both App IDs in online portal
What is going on here?
---UPDATE---
D) TRY MANUAL PROVISIONING INSTEAD
I did the following:
Created two manual provisions, one for container and one for extension
As Visual Studio Apple Account didn't reflect these, I downloaded the provisions from the portal, put them in the relevant Windows folder and now they appear
Tried to build:
What is happening here?
Why is the error about Auto Prov, when I have clearly set it to Manual Prov
Why is the 2nd error about the profile not found when it shows in above drop-down, and in the portal that it very clearly exists?
After much pain, I have finally stumbled upon a combination of steps that seems to work. Given the unpredictable and what seems to be buggy nature of VS, I cannot guarantee that this will work for everyone, or even guarantee that it will even work for me again for my next build, but it has been working for the past 12 hours or so over several builds and deployments. I can only pray that it continues to work.
Anyway, here are keypoints that I used to get it working:
Follow my step A) above and delete everything as often as possible. New certs and profiles in the Portal tend to accumulate after a while, possibly when creating via the Portal, Xcode and VS, so it's good to remove everything every so often and start from afresh.
VS for Mac is I believe a much cut-down and less capable version of VS for Windows. As such when doing development, VS Windows is a far better tool, if you can get around development provisioning. I struck upon a combination where I created the Cert in VS Windows (this is preferable to creating in the Portal because it avoids having to download the cert and ensure it is installed correctly on your local machine), and used Automatic provisioning for debug that seemed to work for me. It didn't work for a while, nor did manual provisioning, but somehow for now its working.
Once the app is stable in debug mode, and you want to deploy to App Store Connect:
a) manually create your distribution certs on Xcode, and create profiles in the portal
b) move your code onto VS Mac
c) build and archive using the new distr profiles
d) Goto Xcode -> Window -> Organizer
e) Locate your archive and click Distribute App
f) From here the wizard will guide you again into selecting relevant profiles for distribution for both container and ext and give you a lot of feedback on the upload process until the upload is complete.
Anyway, once again, no guarantees that will work for all, but it's working for me now.
Cheers!
I have also tried using Visual Studio 2022 to finish an iOS development process but cannot reproduce your stepD. The following is the main step:
1. Create App ID for container and extension, Create an AppGroup ID
This is for my container, with App Group enabled.
This is for my extension App ID, also enable the same App Group.
2. Create certificate and profiles
You could create a iOS development certificate in Visual Studio or in Apple Dev Portal. Then you could find it in your Certificates.
3.Generate your profiles for both container and extension. (Remember to register your physical device in Devices, and in your profiles, includes your device on which your app is installed)
This is for my container with the container's App ID
this is for my extension with the extension's App ID
4. In Visual Studio, select the proper provisioning file.
Before this step, also download the provisioning files from the portal as VS does not automatically download them. Put them in the relevant Windows folder.
This is for my container, with the certificate and the provisioning file
This is for my extension:
Also, my info.plist for container and extension:
5. Pair to mac and run on your device
Now the App could install on your device~

Can't create Xcode Cloud flow from a Github.com repository

Since Xcode Cloud was launched last year I'd been able to connect from the Xcode wizard to my Github.com account and the CI worked like a charm, however today I'd been trying to create an Xcode Cloud for a new app and it doesn't finish the wizard flow throwing an error
Connecting Xcode Cloud with your source control provider was incomplete.
Repository not accessible
On the GitHub.com side everything seems to be working, did tried this from 2 different computers with the same results, has anyone else gone through this issue?, is there a solution for this or filing a radar to Apple is the only option here?.
I was facing same issue as I had two account connected in the Team for signing in capabilities.
my solution, remove other account and keep main account for Xcode Cloud.
-Tenant
I had this issue as I have two developer accounts - a work account and a personal account. The issue arose when the signing certificate used in the project in Xcode did not match the App Store Connect account that was signed in.
Check your signing certificate / team in Xcode and that you are logged into App Store Connect with the correct details.

iOS MDM creation Trust Issue

I am creating an in house MDM solution and have managed to create everything I need in terms of the MDM server, SCEP server etc in order to gather information about our devices.
However, I am having an issue pushing the Enterprise Apps that we create. I can push the apps to the device (and they install without issue) but I am still presented with the 'Do you Trust this developer' prompt.
I was under the impression that Enterprise Apps should be trusted by default when deployed by MDM. I have tested this using Apples Profile Manager and indeed the application is installing without issue and does not require the user to trust the developer.
I am obviously missing something obvious but have been chasing my tail trying to find out what it is!
Any help would be greatly appreciated.
Thanks in advance
David
OK. Turns out the issue was actually not much better that a typo!
Having uploaded the app to my server, I had a manual creation of the manifest for installation. The app identifier in the manifest did not mach the actual app!
So... weirdly the app was pushed via MDM, the manifest was downloaded (and appeared under the control of MDM briefly) then iOS realised mad things were afoot so booted the app out to the normal enterprise installation process (untrusted developer dialogue etc).
Fixing the manifest bundle identifier to match the app fixes the issue.
That's many hours I'll never get back!
I am guessing you are missing a CA certificate/root certificate that you used to sign your app. Due to this iOS might have been unable to trust the app since it was not able to confirm the validity of the signing cert.

Signing issue building using a bot

I'm setting up a CI machine and the problem I'm facing is that the build fails with a profile/signing error when built using the bot.
However if I manually clone the project onto the CI machine and build it manually from within XCode on the build machine then it is successful - this shows that the CI machine's keychain is correctly set up and the profiles/signing setting of the project are all ok.
That fact that I can manually build it on my dev machine and on the CI machine but not using the bot suggests to me that the bot is running as a different user?
So my question is how do I set up the X Code server account / bot to be the correct user? The Apple Xcode CI document isn't very clear on this area, I've followed the instructions for configuring the server, configuring the bot, adding group members to the XCode server etc. but something must have been incorrectly configured. Trouble is I've followed the documentation step by step but don't know where I could have gone wrong.
Anybody know of a good alternative bot tutorial as an alternative to Apple's documentation or have an idea what the problem might be?
Copy the relevant provisioning profiles from
~/Library/MobileDevice/Provisioning Profiles
to
/Library/Server/Xcode/Data/ProvisioningProfiles
and it'll build fine.
You might need admin permission to access that folder, though.
And if that doesn't work, copy the relevant certificates/private keys from the login keychain to the System keychain.
The reason behind this is because..Xcode only downloads provisioning profiles that are managed by Xcode, which are the Team Provisioning profiles.
So you would only need to copy the ones that are not managed, like Adhoc Distribution profiles, and other custom provisioning profiles that are not created by default after creating a new Application ID.

iOS on Jenkins: Provisioning profile can't be found

I know there are a lot of questions similar to mine on this site, but none seem to be what I am looking for with a few environment changes.
I'm running an osx Dumb Slave set up using Java Web Start. I'm not running as root, nor a specific user entitled 'jenkins,' but rather a normal user. I've installed the xcode plug-in on Jenkins. Everything seems to start up fine, and it's loading the files on the slave server, however, once I begin to build (post-clean), I run into this error:
Provisioning profile '<uuid>' can't be found
I've set the certificate to both login AND system and just login and just system. I copied the .p12 certificates that I was currently using on another machine. I'm at a loss. If anyone can possibly help or even link me to maybe some stackoverflow question I have yet to try, that would be great.
Thanks!
I had to search through my project.pbxproj to all the provisioning profiles. It seemed there was an old number and a new number (used in different apps). I had to realign the provisioning number to the new one.

Resources