#ios #swift #xcode #code-signing #fastlane
#iOS #swift #xcode #подписание кода #fastlane
Вопрос:
Я должен настроить соответствие fastlane без отзыва существующих профилей и сертификатов. Итак, я провел свое исследование и нашел этот отличный учебник здесь: Medium и официальный документ от fastlane (нажмите на инструкции внизу страницы).
Через некоторое время мне удалось создать свой репозиторий, расшифровать его, добавить свои сертификаты и профили, зашифровать их и отправить обратно в репозиторий. Пока все хорошо!
При запуске fastlane match --readonly --verbose (только для чтения, потому что, опять же, я не хочу заменять существующие сертификаты) Я получаю этот результат:
[!] Error packaging up the application
*******-MacBook-Pro:*******-3 *******$ fastlane match --readonly --verbose
[✔] 🚀
[12:53:34]: Get started using a Gemfile for fastlane https://docs.fastlane.tools/getting-started/ios/setup/#use-a-gemfile
WARNING: You are running Ruby 2.3.7, which is nearing end-of-life.
The Google Cloud API clients work best on supported versions of Ruby. Consider upgrading to Ruby 2.4 or later.
See https://www.ruby-lang.org/en/downloads/branches/ for more info on the Ruby maintenance schedule.
To suppress this message, set the GOOGLE_CLOUD_SUPPRESS_RUBY_WARNINGS environment variable.
INFO [2019-03-12 12:53:35.72]: Successfully loaded '/Users/*******/Documents/work/*******/fastlane/Matchfile' 📄
---------------- --------------------------------------------------------------
| Detected Values from './fastlane/Matchfile' |
---------------- --------------------------------------------------------------
| git_url | git@bitbucket.org:******.git |
| storage_mode | git |
| type | development |
| app_identifier | com.******** |
| username | ******* |
| git_branch | ******* |
---------------- --------------------------------------------------------------
----------------------- --------------------------------------------------------------
| Summary for match 2.117.1 |
----------------------- --------------------------------------------------------------
| verbose | true |
| readonly | true |
| type | development |
| app_identifier | ["*******"] |
| username | ******* |
| storage_mode | git |
| git_url | git@bitbucket.org:******* |
| git_branch | ******* |
| shallow_clone | false |
| clone_branch_directly | false |
| keychain_name | login.keychain |
| force | false |
| force_for_new_devices | false |
| skip_confirmation | false |
| skip_docs | false |
| platform | ios |
----------------------- --------------------------------------------------------------
INFO [2019-03-12 12:53:35.74]: Cloning remote git repo...
INFO [2019-03-12 12:53:35.74]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.
INFO [2019-03-12 12:53:35.74]: $ git clone git@bitbucket.org:******* /var/folders/qf/2fgm_41x0pj6mytxdd8ksgnh0000gn/T/d20190312-39387-3rq3n2
INFO [2019-03-12 12:53:35.77]: ▸ Cloning into '/var/folders/qf/2fgm_41x0pj6mytxdd8ksgnh0000gn/T/d20190312-39387-3rq3n2'...
INFO [2019-03-12 12:53:38.15]: ▸ remote: Counting objects: 42, done.
INFO [2019-03-12 12:53:38.47]: ▸ remote: Compressing objects: 100% (37/37), done.
INFO [2019-03-12 12:53:38.87]: ▸ remote: Total 42 (delta 1), reused 0 (delta 0)
INFO [2019-03-12 12:53:38.87]: ▸ Receiving objects: 100% (42/42), 221.58 KiB | 575.00 KiB/s, done.
INFO [2019-03-12 12:53:38.87]: ▸ Resolving deltas: 100% (1/1), done.
INFO [2019-03-12 12:53:38.89]: $ git --no-pager branch --list origin/******* --no-color -r
INFO [2019-03-12 12:53:38.90]: ▸ origin/*******
INFO [2019-03-12 12:53:38.90]: Checking out branch *******...
INFO [2019-03-12 12:53:38.90]: $ git checkout *******
INFO [2019-03-12 12:53:38.92]: ▸ Branch '*******' set up to track remote branch '*******' from 'origin'.
INFO [2019-03-12 12:53:38.92]: ▸ Switched to a new branch '*******'
INFO [2019-03-12 12:53:38.97]: 🔓 Decrypted '5DDF2PK5F3.cer'
INFO [2019-03-12 12:53:39.01]: 🔓 Decrypted '5DDF2PK5F3.cer'
INFO [2019-03-12 12:53:39.05]: 🔓 Decrypted '5DDF2PK5F3.cer'
INFO [2019-03-12 12:53:39.09]: 🔓 Decrypted '5DDF2PK5F3.p12'
INFO [2019-03-12 12:53:39.13]: 🔓 Decrypted '5DDF2PK5F3.p12'
INFO [2019-03-12 12:53:39.17]: 🔓 Decrypted '5DDF2PK5F3.p12'
INFO [2019-03-12 12:53:39.21]: 🔓 Decrypted '*******_Appstore.mobileprovision'
INFO [2019-03-12 12:53:39.25]: 🔓 Decrypted '*******_Development.mobileprovision'
INFO [2019-03-12 12:53:39.29]: 🔓 Decrypted '*******_APP_Development.mobileprovision'
INFO [2019-03-12 12:53:39.33]: 🔓 Decrypted '*******_APP_Adhoc.mobileprovision'
INFO [2019-03-12 12:53:39.37]: 🔓 Decrypted '*******_DEV_Adhoc.mobileprovision'
INFO [2019-03-12 12:53:39.37]: 🔓 Successfully decrypted certificates repo
DEBUG [2019-03-12 12:53:39.37]: Your certificate '5DDF2PK5F3.cer' is valid
INFO [2019-03-12 12:53:39.37]: Installing certificate...
INFO [2019-03-12 12:53:39.37]: $ security list-keychains -d user
INFO [2019-03-12 12:53:39.39]: ▸ "/Users/*******/Library/Keychains/login.keychain-db"
INFO [2019-03-12 12:53:39.39]: $ security find-certificate -c 'Apple Worldwide Developer Relations Certification Authority' /Users/*******/Library/Keychains/login.keychain-db
INFO [2019-03-12 12:53:39.42]: ▸ keychain: "/Users/*******/Library/Keychains/login.keychain-db"
INFO [2019-03-12 12:53:39.42]: ▸ version: 512
INFO [2019-03-12 12:53:39.42]: ▸ class: 0x80001000
INFO [2019-03-12 12:53:39.42]: ▸ attributes:
INFO [2019-03-12 12:53:39.42]: ▸ "alis"<blob>="Apple Worldwide Developer Relations Certification Authority"
INFO [2019-03-12 12:53:39.42]: ▸ "cenc"<uint32>=0x00000003
INFO [2019-03-12 12:53:39.42]: ▸ "ctyp"<uint32>=0x00000001
INFO [2019-03-12 12:53:39.42]: ▸ "hpky"<blob>=0x88271709A9B618608BECEBBAF64759C55254A3B7 "210'271125126630`213354353272366GY305RT243267"
INFO [2019-03-12 12:53:39.42]: ▸ "issu"<blob>=0x3062310B300906035504061302555331133011060355040A130A4150504C4520494E432E31263024060355040B131D4150504C452043455254494649434154494F4E20415554484F52495459311630140603550403130D4150504C4520524F4F54204341 "0b1130110603U04062302US1230210603U04122312APPLE INC.1amp;0$0603U04132335APPLE CERTIFICATION AUTHORITY1260240603U04032315APPLE ROOT CA"
INFO [2019-03-12 12:53:39.42]: ▸ "labl"<blob>="Apple Worldwide Developer Relations Certification Authority"
INFO [2019-03-12 12:53:39.42]: ▸ "skid"<blob>=0x88271709A9B618608BECEBBAF64759C55254A3B7 "210'271125126630`213354353272366GY305RT243267"
INFO [2019-03-12 12:53:39.42]: ▸ "snbr"<blob>=0x01DEBCC4396DA010 "013362743049m24020"
INFO [2019-03-12 12:53:39.42]: ▸ "subj"<blob>=0x308196310B300906035504061302555331133011060355040A0C0A4170706C6520496E632E312C302A060355040B0C234170706C6520576F726C647769646520446576656C6F7065722052656C6174696F6E733144304206035504030C3B4170706C6520576F726C647769646520446576656C6F7065722052656C6174696F6E732043657274696669636174696F6E20417574686F72697479 "02012261130110603U04062302US1230210603U04121412Apple Inc.1,0*0603U041314#Apple Worldwide Developer Relations1D0B0603U040314;Apple Worldwide Developer Relations Certification Authority"
DEBUG [2019-03-12 12:53:40.96]: Certificate '5DDF2PK5F3.cer' is already installed on this machine
INFO [2019-03-12 12:53:40.96]: $ security import /var/folders/qf/2fgm_41x0pj6mytxdd8ksgnh0000gn/T/d20190312-39387-3rq3n2/certs/development/5DDF2PK5F3.p12 -k '/Users/*******/Library/Keychains/login.keychain-db' -P '' -T /usr/bin/codesign -T /usr/bin/security
INFO [2019-03-12 12:53:41.05]: ▸ 1 identity imported.
[⠋] Setting key partition list... (this can take a minute if there are a lot of keys installed) INFO [2019-03-12 12:53:41.06]: $ security set-key-partition-list -S apple-tool:,apple: -k '' /Users/*******/Library/Keychains/login.keychain-db 1> /dev/null
WARN [2019-03-12 12:53:41.10]:
WARN [2019-03-12 12:53:41.10]: Could not configure imported keychain item (certificate) to prevent UI permission popup when code signing
Check if you supplied the correct `keychain_password` for keychain: `/Users/*******/Library/Keychains/login.keychain-db`
security: SecKeychainItemSetAccessWithPassword: The user name or passphrase you entered is not correct.
WARN [2019-03-12 12:53:41.10]:
WARN [2019-03-12 12:53:41.10]: Please look at the following docs to see how to set a keychain password:
WARN [2019-03-12 12:53:41.10]: - https://docs.fastlane.tools/actions/sync_code_signing
WARN [2019-03-12 12:53:41.10]: - https://docs.fastlane.tools/actions/get_certificates
[✔] Setting key partition list... (this can take a minute if there are a lot of keys installed)
------------------- --------------------------------------------
| Installed Certificate |
------------------- --------------------------------------------
| User ID | 959S873XG9 |
| Common Name | iPhone Developer: ******* (*******) |
| Organisation Unit | ******* |
| Organisation | ******* |
| Country | DE |
| Start Datetime | 2019-01-15 13:57:48 UTC |
| End Datetime | 2020-01-15 13:57:48 UTC |
------------------- --------------------------------------------
ERROR [2019-03-12 12:53:41.11]: No matching provisioning profiles found for 'Development_com.*******'
ERROR [2019-03-12 12:53:41.11]: A new one cannot be created because you enabled `readonly`
ERROR [2019-03-12 12:53:41.11]: Provisioning profiles in your repo for type `development`:
ERROR [2019-03-12 12:53:41.11]: - '*******_DEV_Development.mobileprovision'
ERROR [2019-03-12 12:53:41.11]: - '*******_APP_Development.mobileprovision'
ERROR [2019-03-12 12:53:41.11]: If you are certain that a profile should exist, double-check the recent changes to your match repository
/Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/fastlane_core/lib/fastlane_core/ui/interface.rb:141:in `user_error!': [!] No matching provisioning profiles found and can not create a new one because you enabled `readonly`. Check the output above for more information. (FastlaneCore::Interface::FastlaneError)
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/fastlane_core/lib/fastlane_core/ui/ui.rb:17:in `method_missing'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/runner.rb:254:in `fetch_provisioning_profile'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/runner.rb:98:in `block (2 levels) in run'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/runner.rb:97:in `loop'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/runner.rb:97:in `block in run'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/runner.rb:96:in `each'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/runner.rb:96:in `run'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/commands_generator.rb:51:in `block (2 levels) in run'
from /Library/Ruby/Gems/2.3.0/gems/commander-fastlane-4.4.6/lib/commander/command.rb:178:in `call'
from /Library/Ruby/Gems/2.3.0/gems/commander-fastlane-4.4.6/lib/commander/command.rb:153:in `run'
from /Library/Ruby/Gems/2.3.0/gems/commander-fastlane-4.4.6/lib/commander/runner.rb:476:in `run_active_command'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/fastlane_core/lib/fastlane_core/ui/fastlane_runner.rb:76:in `run!'
from /Library/Ruby/Gems/2.3.0/gems/commander-fastlane-4.4.6/lib/commander/delegates.rb:15:in `run!'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/commands_generator.rb:172:in `run'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/match/lib/match/commands_generator.rb:24:in `start'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/fastlane/lib/fastlane/cli_tools_distributor.rb:111:in `take_off'
from /Library/Ruby/Gems/2.3.0/gems/fastlane-2.117.1/bin/fastlane:23:in `<top (required)>'
from /usr/local/bin/fastlane:22:in `load'
from /usr/local/bin/fastlane:22:in `<main>' Итак, мои вопросы:
-
Есть ли общая известная проблема, которую вы видите из-за подробного журнала?
-
Возможно ли вообще использовать этот метод, используя автоматически сгенерированные Xcode сертификаты (автоматическая подпись)?
- Если нет, есть ли у вас какие-либо другие идеи, как использовать match, не вмешиваясь в существующие сертификаты?
Ответ №1:
Похоже, что ваши .mobileprovision файлы названы неправильно. Правильный формат
CertType_bundleid.mobileprovision
Например
Development_com.apple.podcasts.mobileprovision
Этот файл должен находиться в /profiles/development каталоге репозитория соответствия.
Не связано и не уверен, но, похоже, у вас также может возникнуть проблема с использованием цепочки для ключей, вы можете захотеть взглянуть на unlock_keychain действие, если это окажется так.
Комментарии:
1. Существуют ли документы о правильном именовании и структуре папок?
2. Насколько я знаю, нет, но это был бы желанный запрос на извлечение в репозиторий docs :). В противном случае вам придется взглянуть на исходный код и тесты.