Retrieve file from keyvault instead of secure files in InstallAppleCertificate task on azure pipeline
According to the documentation of the InstallAppleCertificate task, there is a certSecureFile parameter that looks for the certificate in the "Secure Files": https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/install-apple-certificate?view=azure-devops
However in my organization I don't have the permission to upload secure files:
Any other way to select a certificate that isn't uploaded to "Secure Files" for this task?
They did gave me a separate keyvault which I can perfectly link to the pipeline build and get files/secrets from in bash scripts. Yet this InstallAppleCertificate task doesn't allow me to use those instead. I wouldn't even mind to put the certificate in my source repo (I know I shouldn't do this).
The certSecureFile field in InstallAppleCertificate task needs to use the .p12 file in secure file.
I am afraid that files that are not in the secure file cannot be used.
Based on my test, when I use the file from local machine, it will show the following error:
This means that before running the build, it will retrieve the files in the secure file. And the file needs to exist in secure file.
Since you could get the files/secrets , you could try to install the Apple Certificate(.p12 file) via script.
security import ./xxx.p12 -P secretPassword
Here is a thread about install .p12 or .cer in console macos.