diff --git a/ios/fastlane/Fastfile b/ios/fastlane/Fastfile index 594a65d..9fa2115 100644 --- a/ios/fastlane/Fastfile +++ b/ios/fastlane/Fastfile @@ -1,3 +1,4 @@ +require "fileutils" require "shellwords" default_platform(:ios) @@ -8,6 +9,10 @@ TEAM_ID = "DQQH5H6GBD" PROFILE_NAME = "Sybil AppStore CI" SIGNING_IDENTITY_NAME = "Apple Distribution: James Magahern (DQQH5H6GBD)" SIGNING_IDENTITY_SHA1 = "6B74B268C4761720FB2051D01D8BB3E47B55D9F5" +CI_KEYCHAIN_DIR = "/private/var/lib/act_runner/Library/Keychains" +CI_LOGIN_KEYCHAIN = File.join(CI_KEYCHAIN_DIR, "login.keychain") +CI_LOGIN_KEYCHAIN_DB = "#{CI_LOGIN_KEYCHAIN}-db" +CI_KEYCHAIN_PASSWORD = "sybil-ci-keychain-password" MATCH_BRANCH = "master" IOS_ROOT = File.expand_path("..", __dir__) PROJECT_FILE = File.join(IOS_ROOT, "Sybil.xcodeproj") @@ -32,7 +37,7 @@ def release_version end def ci_login_keychain_path - return "/private/var/lib/act_runner/Library/Keychains/login.keychain-db" if ENV["CI"] + return CI_LOGIN_KEYCHAIN_DB if ENV["CI"] candidates = [ "/private/var/lib/act_runner/Library/Keychains/login.keychain-db", @@ -61,8 +66,16 @@ platform :ios do private_lane :prepare_ci_keychain do next unless ENV["CI"] + FileUtils.mkdir_p(CI_KEYCHAIN_DIR) + unless File.file?(CI_LOGIN_KEYCHAIN_DB) + sh("security create-keychain -p #{CI_KEYCHAIN_PASSWORD.shellescape} #{CI_LOGIN_KEYCHAIN.shellescape}", log: false) + end + ENV["MATCH_KEYCHAIN_NAME"] = ci_login_keychain_path - ENV.delete("MATCH_KEYCHAIN_PASSWORD") + ENV["MATCH_KEYCHAIN_PASSWORD"] = CI_KEYCHAIN_PASSWORD + sh("security unlock-keychain -p #{CI_KEYCHAIN_PASSWORD.shellescape} #{ENV.fetch("MATCH_KEYCHAIN_NAME").shellescape}", log: false) + sh("security set-keychain-settings -t 3600 #{ENV.fetch("MATCH_KEYCHAIN_NAME").shellescape}", log: false) + sh("security login-keychain -s #{ENV.fetch("MATCH_KEYCHAIN_NAME").shellescape}", log: false) sh("security list-keychains -d user -s #{ENV.fetch("MATCH_KEYCHAIN_NAME").shellescape}", log: false) cleanup_ci_signing_identity end