Xcode's automatic code signing option doesn't work for CI.
I've set it all up, and it creates the certificate it needs in the portal (I can see it), and then promptly tells me:
Revoke certificate: Your account already has an Apple Development signing certificate for this machine, but its private key is not installed in your keychain. Xcode can create a new one after revoking your existing certificate.
Does anyone even try this shit out before they release it anymore?
@tonyarnold Automatic code signing in CI is a mess, but fastlane match works great for that application, and you don't even have to use fastlane for the rest of your build automation (but match integrates with it if you do).
@tonyarnold If you have an enterprise account it’s even worse: Apple gave us the middle finger, we can’t create a certificate.
We can use a password based auth but Apple broke it multiple times, so we’re back to uploading certs (or worse, uploading my auth cookie on the CI)
And that’s with bitrise handling a lot of the complexity for me, I can’t imagine on GHA
I’m getting tired of Apple’s bs, my coworkers enjoy fast and easy CI for their Go backends.
@tonyarnold I know almost nothing about this, but it feels like the kind of problem that a lot of people would have, so maybe there are good workarounds out there? (This is a message of hope and not much else)
@tonyarnold For better or worse, I use it in CI. I have to do an initial manual build of previously unseen projects on the machine before it will work on subsequent hands-free runs, though. Still better than dozens of lines of Keychain scripting prior to building.
Add comment