I am trying to use GitHub Actions for CI/CD, when trying to create the IPA file I get a failure when trying to find the provisioning profile.
I have the files stored in the secrets section of Github, and they appear to load properly.
env:
BUILD_CERTIFICATE_BASE64: ***
P12_PASSWORD: ***
BUILD_PROVISION_PROFILE_BASE64: ***
KEYCHAIN_PASSWORD: ***
1 identity imported.
I created a ExportOptions.plist file and tried printing that out to ensure GitHub was reading it properly.
{
"method" => "ad-hoc"
"provisioningProfiles" => {
"com.strykeout.Demo_CICD" => "PROFILE UUID"
}
"signingCertificate" => "iPhone Distribution: Nathan (XXXXXXX)"
"signingStyle" => "manual"
"teamID" => "XXXXXXXX"
}
2022-01-31 22:55:17.741 xcodebuild[1633:7990] [MT] IDEDistribution: -[IDEDistributionLogging _createLoggingBundleAtPath:]: Created bundle at path "/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/Demo_CICD_2022-01-31_22-55-17.740.xcdistributionlogs".
error: exportArchive: "Demo_CICD.app" requires a provisioning profile.
** EXPORT FAILED **
Error Domain=IDEProvisioningErrorDomain Code=9 ""Demo_CICD.app" requires a provisioning profile." UserInfo={IDEDistributionIssueSeverity=3, NSLocalizedDescription="Demo_CICD.app" requires a provisioning profile., NSLocalizedRecoverySuggestion=Add a profile to the "provisioningProfiles" dictionary in your Export Options property list.}
It seems like it can't find the provisioningProfiles section of the export options, but it's clearly there.
This is the full workflow:
name: Archive Workflow
on:
push:
branches: [ main ]
jobs:
build:
name: Archive File on merge to Main
runs-on: macos-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Build archive
env:
scheme: ${{ 'Demo_CICD' }}
run: |
xcodebuild \
-configuration Release \
-scheme $scheme \
-archivePath ./demo/Demo_CICD.xcarchive \
archive
- name: Build IPA
run: |
plutil -p exportOptions.plist
xcodebuild \
-configuration Release \
-exportArchive \
-archivePath ./demo/Demo_CICD.xcarchive \
-exportPath /demo/demoIPA.ipa \
-exportOptionsPlist exportOptions.plist
I figured out what my problem was:
apparently Xcode was updating my app bundle ID from demo_cicd to demo-cicd (underscore was changed to hyphen) and thus didn't match the exportOptions Plist Its working now.