This repository has been archived by the owner on May 3, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy pathstep.yml
244 lines (226 loc) · 12.9 KB
/
step.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
title: iOS Auto Provision with Apple ID (Deprecated)
summary: Automatically manages your iOS Provisioning Profiles for your Xcode project.
description: |-
### This Step has been deprecated in favour of the new automatic code signing options on Bitrise.
You can read more about these changes in our blog post: [https://blog.bitrise.io/post/simplifying-automatic-code-signing-on-bitrise](https://blog.bitrise.io/post/simplifying-automatic-code-signing-on-bitrise).
#### Option A)
The latest versions of the [Xcode Archive & Export for iOS](https://www.bitrise.io/integrations/steps/xcode-archive), [Xcode Build for testing for iOS](https://www.bitrise.io/integrations/steps/xcode-build-for-test), and the [Export iOS and tvOS Xcode archive](https://www.bitrise.io/integrations/steps/xcode-archive) Steps have built-in automatic code signing.
We recommend removing this Step from your Workflow and using the automatic code signing feature in the Steps mentioned above.
#### Option B)
If you are not using any of the mentioned Xcode Steps, then you can replace
this iOS Auto Provision Step with the [Manage iOS Code signing](https://www.bitrise.io/integrations/steps/manage-ios-code-signing) Step.
### Description
The [Step](https://devcenter.bitrise.io/getting-started/configuring-bitrise-steps-that-require-apple-developer-account-data/#ios-auto-provision-with-apple-id-step) uses session-based authentication to connect to an Apple Developer account. In addition to an Apple ID and password, it also stores the 2-factor authentication (2FA) code you provide.
Please note that the [iOS Auto Provision with App Store Connect API](https://app.bitrise.io/integrations/steps/ios-auto-provision-appstoreconnect) Step uses the official [App Store Connect API](https://developer.apple.com/documentation/appstoreconnectapi/generating_tokens_for_api_requests) instead of the old session-based method.
The **iOS Auto Provision with Apple ID** Step supports in Xcode managed and manual code signing in the following ways:
In the case of Xcode managed code signing projects, the Step:
- Downloads the Xcode managed Provisioning Profiles and installs them for the build.
- Installs the provided code signing certificates into the Keychain.
In the case of manual code signing projects, the Step:
- Ensures that the Application Identifier exists on the Apple Developer Portal.
- Ensures that the project's Capabilities are set correctly in the Application Identifier.
- Ensures that the Provisioning Profiles exist on the Apple Developer Portal and are installed for the build.
- Ensures that all the available Test Devices exist on the Apple Developer Portal and are included in the Provisioning Profiles.
- Installs the provided code signing certificates into the Keychain.
### Configuring the Step
Before you start configuring the Step, make sure you've completed the following requirements:
- You've [defining your Apple Developer Account to Bitrise](https://devcenter.bitrise.io/getting-started/configuring-bitrise-steps-that-require-apple-developer-account-data/#defining-your-apple-developer-account-to-bitrise-1).
- You've [assigned an Apple Developer Account for your app](https://devcenter.bitrise.io/getting-started/configuring-bitrise-steps-that-require-apple-developer-account-data/#assigning-an-apple-developer-account-for-your-app-1).
To configure the Step:
Once you've completed the above requirements, there is very little configuration needed to this Step.
1. Add the **iOS Auto Provision with Apple ID** Step after any dependency installer Step in your Workflow, such as **Run CocoaPods install** or **Carthage**.
2. Click the Step to edit its input fields. You can see that the **Distribution type**, **Xcode Project (or Workspace) path**, and the **Scheme name** inputs are automatically filled out for you.
3. If your Developer Portal Account belongs to multiple development teams, add the **Developer Portal team ID** to manage the project's code signing files, for example '1MZX23ABCD4'. If that's not the case, you can still add it to manage the Provisioning Profiles with a different team than the one set in your project. If you leave it empty, the team defined by the project will be used.
4. If you wish to overwrite the configuration defined in your Scheme (for example, Debug, Release), you can do so in the **Configuration name** input.
5. If Xcode managed signing is enabled in the iOS app, check the value of the **Should the step try to generate Provisioning Profiles even if Xcode managed signing is enabled in the Xcode project?** input.
- If it’s set to 'no', the Step will look for an Xcode Managed Provisioning Profile on the Apple Developer Portal.
- If it’s set to 'yes', the Step will generate a new manual provisioning profile on the Apple Developer portal for the project.
This input has no effect in the case of Manual code signing projects.
6. **The minimum days the Provisioning Profile should be valid** lets you specify how long a Provisioning Profile should be valid to sign an iOS app. By default it will only renew the Provisioning Profile when it expires.
### Troubleshooting
Please note that the 2FA code is only valid for 30 days.
When the 2FA code expires, you will need to re-authenticate to provide a new code.
Go to the Apple Developer Account of the **Account settings** page, it will automatically ask for the 2FA code to authenticate again.
There will be a list of the Apple Developer accounts that you have defined. To the far right of each, there are 3 dots.
Click the dots and select **Re-authenticate (2SA/2FA)**.
### Useful links
- [Managing code signing files - automatic provisioning](https://devcenter.bitrise.io/code-signing/ios-code-signing/ios-auto-provisioning/#configuring-ios-auto-provisioning)
- [iOS code signing troubleshooting](https://devcenter.bitrise.io/code-signing/ios-code-signing/ios-code-signing-troubleshooting/)
### Related Steps
- [iOS Auto Provision with App Store Connect API](https://app.bitrise.io/integrations/steps/ios-auto-provision-appstoreconnect)
- [Xcode Archive & Export](https://www.bitrise.io/integrations/steps/xcode-archive)
website: https://github.com/bitrise-steplib/steps-ios-auto-provision
source_code_url: https://github.com/bitrise-steplib/steps-ios-auto-provision
support_url: https://github.com/bitrise-steplib/steps-ios-auto-provision/issues
project_type_tags:
- ios
- cordova
- ionic
- react-native
- flutter
type_tags:
- code-sign
is_requires_admin_user: true
is_always_run: false
is_skippable: false
run_if: ".IsCI"
inputs:
- distribution_type: development
opts:
title: Distribution type
description: Describes how Xcode should sign your project.
value_options:
- "development"
- "app-store"
- "ad-hoc"
- "enterprise"
is_required: true
- team_id:
opts:
title: The Developer Portal team ID
description: |-
The Developer Portal team to manage the project's code signing files.
__If your Developer Portal Account belongs to multiple development team, this input is required!__
Otherwise specify this input if you want to manage the Provisioning Profiles with a different team than the one set in your project.
If you leave it empty the team defined by the project will be used.
__Example:__ `1MZX23ABCD4`
- project_path: $BITRISE_PROJECT_PATH
opts:
title: Xcode Project (or Workspace) path
description: A `.xcodeproj` or `.xcworkspace` path.
is_required: true
- scheme: $BITRISE_SCHEME
opts:
title: Scheme name
description: The Xcode Scheme to use.
is_required: true
- configuration:
opts:
title: Configuration name
description: |-
The Xcode Configuration to use.
By default your Scheme defines which Configuration (Debug, Release, ...) should be used,
but you can overwrite it with this option.
- generate_profiles: "no"
opts:
title: Should the step try to generate Provisioning Profiles even if Xcode managed signing is enabled in the Xcode project?
description: |-
In the case of __Xcode managed code signing__ projects, by default the step downloads and installs the Xcode managed Provisioning Profiles.
If this input is set to: `yes`, the step will try to manage the Provisioning Profiles by itself (__like in the case of Manual code signing projects__),
the step will fall back to use the Xcode managed Provisioning Profiles if there is an issue.
__This input has no effect in the case of Manual codesigning projects.__
value_options:
- "yes"
- "no"
- register_test_devices: "no"
opts:
title: Should the step register test devices with the Apple Developer Portal?
description: |-
If set the step will register known test devices on Bitrise from team members with the Apple Developer Portal.
Note that setting this to "yes" may cause devices to be registered against your limited quantity of test devices in the Apple Developer Portal, which can only be removed once annually during your renewal window.
value_options:
- "yes"
- "no"
- min_profile_days_valid: 0
opts:
title: The minimum days the Provisioning Profile should be valid
description: |-
Sometimes you want to sign an app with a Provisioning Profile that is valid for at least 'x' days.
For example, an enterprise app won't open if your Provisioning Profile is expired. With this parameter, you can have a Provisioning Profile that's at least valid for 'x' days.
By default (0) it just renews the Provisioning Profile when expired.
is_required: false
- verbose_log: "no"
opts:
category: Debug
title: Enable verbose logging?
description: Enable verbose logging?
is_required: true
value_options:
- "yes"
- "no"
- certificate_urls: $BITRISE_CERTIFICATE_URL
opts:
category: Debug
title: Certificate URL
description: |
URLs of the certificates to download.
Multiple URLs can be specified, separated by a pipe (`|`) character,
you can specify a local path as well, using the `file://` scheme.
__Provide a development certificate__ url, to ensure development code signing files for the project and __also provide a distribution certificate__ url, to ensure distribution code signing files for your project.
__Example:__ `file://./development/certificate/path|https://distribution/certificate/url`
is_required: true
is_sensitive: true
- passphrases: $BITRISE_CERTIFICATE_PASSPHRASE
opts:
category: Debug
title: Certificate passphrase
description: |
Certificate passphrases.
Multiple passphrases can be specified, separated by a pipe (`|`) character.
__Specified certificate passphrase count should match the count of the certificate URLs.__
For example, (1 certificate with empty passphrase, 1 certificate with non-empty passphrase) `|distribution-passphrase`.
is_required: true
is_sensitive: true
- keychain_path: $HOME/Library/Keychains/login.keychain
opts:
category: Debug
title: Keychain path
description: The Keychain path.
is_required: true
- keychain_password: $BITRISE_KEYCHAIN_PASSWORD
opts:
category: Debug
title: Keychain's password
description: The Keychain's password.
is_required: true
is_sensitive: true
- build_url: $BITRISE_BUILD_URL
opts:
category: Debug
title: Bitrise build URL
description: Bitrise build URL.
is_required: true
- build_api_token: $BITRISE_BUILD_API_TOKEN
opts:
category: Debug
title: Bitrise build API token
description: Bitrise build API token.
is_required: true
is_sensitive: true
outputs:
- BITRISE_EXPORT_METHOD:
opts:
title: "The selected distribution type"
description: |-
The selected distribution type.
One of these: `development`, `app-store`, `ad-hoc` or `enterprise`.
- BITRISE_DEVELOPER_TEAM:
opts:
title: "The development team's ID"
description: |-
The development team's ID.
Example: `1MZX23ABCD4`
- BITRISE_DEVELOPMENT_CODESIGN_IDENTITY:
opts:
title: "The development code signing identity's name"
description: |-
The development code signing identity's name.
For example, `iPhone Developer: Bitrise Bot (VV2J4SV8V4)`.
- BITRISE_PRODUCTION_CODESIGN_IDENTITY:
opts:
title: "The production code signing identity's name"
description: |-
The production code signing identity's name.
Example: `iPhone Distribution: Bitrise Bot (VV2J4SV8V4)`
- BITRISE_DEVELOPMENT_PROFILE:
opts:
title: "The main target's development provisioning profile's UUID"
description: |-
The main target's development provisioning profile's UUID.
Example: `c5be4123-1234-4f9d-9843-0d9be985a068`
- BITRISE_PRODUCTION_PROFILE:
opts:
title: "The main target's production provisioning profile UUID"
description: |-
The main target's production provisioning profile UUID.
Example: `c5be4123-1234-4f9d-9843-0d9be985a068`