Search code examples
iosautomationcocoapodstrunk

Can CocoaPods public spec pushing be more friendly for automation?

From https://groups.google.com/forum/#!topic/cocoapods/i7dwMV4EqZ8

I'm a bit of a CocoaPods newbie and have never created a Pod before, but I'm looking into how one would be able to automate publishing of public podspecs from within my organization's continuous deployment infrastructure, which has some properties about it that makes using Trunk difficult. They are:

  • The account/owner that does the publishing is a non-human system account.
  • The aforementioned system account does not have a home directory on the machine that it runs on, which will hamper usage of a .netrc file (what Trunk uses for storing session tokens). This should be able to be worked around by creating a fake home directory and setting the HOME environment variable to it, since that's what the netrc gem looks for.
  • The machine that does the publishing is assumed to have "no state," meaning the publish could always occur on a different machine that has never been registered.

I've thought about creating the initial .netrc for this account, storing the token from that in our secure storage, and retrieving it to build a .netrc file when publishing. There's a few things about this that I don't think work well:

  • The tokens returned by Trunk appear to expire, which would mean having a human to periodically create a new token and update our secure storage.
  • Trunk sessions appear to be tracking the IP address of the machine they were created from, which I assume publishing requests are validated against and fail if the IP addresses do not match. Because publishing takes places on different machines, this would imply requiring to create a new session every time this publishing automation is ran. Practically speaking, I would hope that the IP addresses for these machines would come from the same external IP address, but that's not an assumption I can live with.

The next alternative I would have is much more complex: having the publish automation register a new session, wait for the registration email, then verify the session with the link in the email before proceeding with the publish. I don't know how to actually accomplish this off the top of my head, but I think it's a viable, if not time-consuming to implement, solution. Any suggestions on how to accomplish that are welcome.

Are there any alternatives for publishing public podspecs? It seems to me that Trunk doesn't really support this use case; it'd be great if there was a way to accommodate for it in Trunk.

Solution

  • No until now.

    But I issued Question to be possible to automate pod trunk push with CI service like travisCI.

    And then, a developer merged the commit (Allow specifying a Trunk token via the COCOAPODS_TRUNK_TOKEN environment variable) that will allow to automate publishing.

    I don't try it, but maybe can push automatically.

    [Added] After I wrote above, I tried it and it worked well.