This commit is contained in:
@@ -47,7 +47,7 @@ jobs:
|
||||
|
||||
security unlock-keychain -p "" "${login_keychain}" 2>/dev/null || \
|
||||
security unlock-keychain -p "sybil-ci-keychain-password" "${login_keychain}" 2>/dev/null || true
|
||||
security default-keychain -s "${login_keychain}"
|
||||
security default-keychain -d user -s "${login_keychain}"
|
||||
security list-keychains -d user -s "${login_keychain}-db"
|
||||
security delete-keychain "${HOME}/Library/Keychains/sybil_ci_keychain" >/dev/null 2>&1 || true
|
||||
rm -f "${HOME}/Library/Keychains/sybil_ci_keychain" "${HOME}/Library/Keychains/sybil_ci_keychain-db"
|
||||
|
||||
@@ -15,6 +15,8 @@ PROJECT_FILE = File.join(IOS_ROOT, "Sybil.xcodeproj")
|
||||
PROJECT_SPEC = File.join(IOS_ROOT, "project.yml")
|
||||
CI_KEYCHAIN_PATH = File.join(File.expand_path("~/Library/Keychains"), CI_KEYCHAIN_NAME)
|
||||
CI_KEYCHAIN_DB_PATH = "#{CI_KEYCHAIN_PATH}-db"
|
||||
LOGIN_KEYCHAIN_PATH = File.expand_path("~/Library/Keychains/login.keychain")
|
||||
LOGIN_KEYCHAIN_DB_PATH = "#{LOGIN_KEYCHAIN_PATH}-db"
|
||||
|
||||
def present?(value)
|
||||
!value.to_s.strip.empty?
|
||||
@@ -63,13 +65,16 @@ platform :ios do
|
||||
create_keychain(
|
||||
path: CI_KEYCHAIN_PATH,
|
||||
password: CI_KEYCHAIN_PASSWORD,
|
||||
default_keychain: true,
|
||||
default_keychain: false,
|
||||
unlock: true,
|
||||
timeout: 3600,
|
||||
lock_when_sleeps: true,
|
||||
add_to_search_list: true
|
||||
add_to_search_list: false
|
||||
)
|
||||
|
||||
sh("security default-keychain -d user -s #{CI_KEYCHAIN_PATH.shellescape}", log: false)
|
||||
sh("security list-keychains -d user -s #{ci_keychain_path.shellescape}", log: false)
|
||||
|
||||
ENV["MATCH_KEYCHAIN_NAME"] = CI_KEYCHAIN_PATH
|
||||
ENV["MATCH_KEYCHAIN_PASSWORD"] = CI_KEYCHAIN_PASSWORD
|
||||
ENV["MATCH_READONLY"] = "true"
|
||||
@@ -78,7 +83,13 @@ platform :ios do
|
||||
private_lane :cleanup_ci_signing do
|
||||
next unless ci?
|
||||
|
||||
delete_keychain(keychain_path: ci_keychain_path)
|
||||
if File.file?(LOGIN_KEYCHAIN_DB_PATH) || File.file?(LOGIN_KEYCHAIN_PATH)
|
||||
sh("security default-keychain -d user -s #{LOGIN_KEYCHAIN_PATH.shellescape} || true", log: false)
|
||||
sh("security list-keychains -d user -s #{LOGIN_KEYCHAIN_DB_PATH.shellescape} || true", log: false)
|
||||
end
|
||||
sh("security delete-keychain #{ci_keychain_path.shellescape} || true", log: false)
|
||||
FileUtils.rm_f(CI_KEYCHAIN_PATH)
|
||||
FileUtils.rm_f(CI_KEYCHAIN_DB_PATH)
|
||||
rescue => error
|
||||
UI.message("Unable to delete temporary CI keychain: #{error.message}")
|
||||
ensure
|
||||
@@ -155,17 +166,24 @@ platform :ios do
|
||||
sync_signing(api_key: api_key, readonly: true)
|
||||
verify_ci_signing
|
||||
|
||||
xcargs = [
|
||||
"DEVELOPMENT_TEAM=#{TEAM_ID.shellescape}",
|
||||
"CODE_SIGN_STYLE=Manual",
|
||||
"CODE_SIGN_IDENTITY=#{SIGNING_IDENTITY.shellescape}",
|
||||
"PROVISIONING_PROFILE_SPECIFIER=#{PROFILE_NAME.shellescape}"
|
||||
]
|
||||
|
||||
if ci?
|
||||
xcargs << "CODE_SIGN_KEYCHAIN=#{ci_keychain_path.shellescape}"
|
||||
xcargs << "OTHER_CODE_SIGN_FLAGS=#{("--keychain #{ci_keychain_path}").shellescape}"
|
||||
end
|
||||
|
||||
build_app(
|
||||
project: PROJECT_FILE,
|
||||
scheme: SCHEME,
|
||||
export_method: "app-store",
|
||||
codesigning_identity: SIGNING_IDENTITY,
|
||||
xcargs: [
|
||||
"DEVELOPMENT_TEAM=#{TEAM_ID.shellescape}",
|
||||
"CODE_SIGN_STYLE=Manual",
|
||||
"CODE_SIGN_IDENTITY=#{SIGNING_IDENTITY.shellescape}",
|
||||
"PROVISIONING_PROFILE_SPECIFIER=#{PROFILE_NAME.shellescape}"
|
||||
].join(" "),
|
||||
xcargs: xcargs.join(" "),
|
||||
export_options: {
|
||||
signingStyle: "manual",
|
||||
teamID: TEAM_ID,
|
||||
|
||||
Reference in New Issue
Block a user