Enterprise Account - Ad Hoc cert issues.

[logancautrell]

New Issue Checklist

• Updated fastlane to the latest version - fastlane 2.86.2
• I read the Contribution Guidelines
• I read docs.fastlane.tools
• I searched for existing GitHub issues

Issue Description

I have an enterprise account and attempting a fastlane match --verbose adhoc --force.

When issuing this command fastlane will generate the cert in the developer portal and it is installed correctly in my keychain. However, Spaceship is reporting the certs in Spaceship.provisioning_profile.InHouse not in Spaceship.certificate.production source file fastlane-2.86.2/sigh/lib/sigh/runner.rb

Here is the debug code i added to print the info.

      case Sigh.config[:platform].to_s
      when 'ios', 'tvos'
        if profile_type == Spaceship.provisioning_profile.Development
          puts 'Spaceship.provisioning_profile.Development'
          certificates = Spaceship.certificate.development.all
        elsif profile_type == Spaceship.provisioning_profile.InHouse
          puts 'Spaceship.provisioning_profile.InHouse'
          certificates = Spaceship.certificate.in_house.all
        else
          puts 'Spaceship.provisioning_profile.all'
          certificates = Spaceship.certificate.production.all # Ad hoc or App Store
        end

      puts Spaceship.certificate.development.all.inspect
      puts Spaceship.certificate.in_house.all.inspect
      puts Spaceship.certificate.production.all.inspect

      puts certificates.inspect

Yeilds:

[<Spaceship::Portal::Certificate::Development 
	id="LRJPG8XW7G", 
	name="iOS Development", 
	status="Issued", 
	created=2018-03-21 21:21:07 UTC, 
	expires=2019-03-21 21:11:08 UTC, 
	owner_type="teamMember", 
	owner_name="REDACTED", 
	owner_id="52LLY822W4", 
	type_display_id="5QPB9NHCEI", 
	can_download=true>]
[<Spaceship::Portal::Certificate::InHouse 
	id="CS3L3HF2C4", 
	name="iOS Distribution", 
	status="Issued", 
	created=2018-03-21 21:27:54 UTC, 
	expires=2021-03-20 21:17:54 UTC, 
	owner_type="team", 
	owner_name="REDACTED.", 
	owner_id="ZUGN6YC87V", 
	type_display_id="9RQEK7MSXA", 
	can_download=true>, <Spaceship::Portal::Certificate::InHouse 
	id="XVRAT7M3QX", 
	name="iOS Distribution", 
	status="Issued", 
	created=2018-03-21 21:32:17 UTC, 
	expires=2021-03-20 21:22:17 UTC, 
	owner_type="team", 
	owner_name="REDACTED.", 
	owner_id="ZUGN6YC87V", 
	type_display_id="9RQEK7MSXA", 
	can_download=true>]
[]
[]

Complete output when running fastlane, including the stack trace and command used

REDACTED$ fastlane match --verbose adhoc --force
[16:32:03]: Get started using a Gemfile for fastlane https://docs.fastlane.tools/getting-started/ios/setup/#use-a-gemfile
Successfully loaded Appfile at path '/Users/REDACTED/Development/Code/REDACTED/fastlane/Appfile'
- app_identifier: 'REDACTED'
- apple_id: 'REDACTED'
- team_name: 'REDACTED'
- team_id: 'ZUGN6YC87V'
-------
INFO [2018-03-21 16:32:04.67]: Successfully loaded '/Users/REDACTED/fastlane/Matchfile' 📄

+----------------+--------------------------------------+
|      Detected Values from './fastlane/Matchfile'      |
+----------------+--------------------------------------+
| git_url        | git@github.com: REDACTED/certificat  |
|                | es.git                               |
| git_branch     | REDACTED                      |
| type           | development                          |
| app_identifier | ["REDACTED",        |
|                | "REDACTED"]    |
| username       | REDACTED            |
+----------------+--------------------------------------+


+-----------------------+--------------------------------------+
|                   Summary for match 2.86.2                   |
+-----------------------+--------------------------------------+
| verbose               | true                                 |
| force                 | true                                 |
| type                  | adhoc                                |
| git_url               | REDACTED/certificat  |
|                       | es.git                               |
| git_branch            | REDACTED                      |
| app_identifier        | ["REDACTED",        |
|                       | "REDACTED"]    |
| username              | REDACTED            |
| keychain_name         | login.keychain                       |
| readonly              | false                                |
| team_id               | ZUGN6YC87V                           |
| team_name             | REDACTED                  |
| skip_confirmation     | false                                |
| shallow_clone         | false                                |
| clone_branch_directly | false                                |
| force_for_new_devices | false                                |
| skip_docs             | false                                |
| platform              | ios                                  |
+-----------------------+--------------------------------------+

INFO [2018-03-21 16:32:04.71]: Cloning remote git repo...
INFO [2018-03-21 16:32:04.71]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.
INFO [2018-03-21 16:32:04.71]: $ GIT_TERMINAL_PROMPT=0 git clone 'REDACTED/certificates.git' '/var/folders/dw/r8_qn1mx0v95px8xjy81_lrc0000gn/T/d20180321-7974-1xbhfx5'
INFO [2018-03-21 16:32:04.78]: ▸ Cloning into '/var/folders/dw/r8_qn1mx0v95px8xjy81_lrc0000gn/T/d20180321-7974-1xbhfx5'...
INFO [2018-03-21 16:32:08.32]: ▸ remote: Counting objects: 133, done.
INFO [2018-03-21 16:32:08.37]: ▸ remote: Compressing objects: 100% (62/62), done.
INFO [2018-03-21 16:32:09.33]: ▸ remote: Total 133 (delta 9), reused 76 (delta 4), pack-reused 52
INFO [2018-03-21 16:32:09.33]: ▸ Receiving objects: 100% (133/133), 183.45 KiB | 192.00 KiB/s, done.
INFO [2018-03-21 16:32:09.33]: ▸ Resolving deltas: 100% (20/20), done.
INFO [2018-03-21 16:32:09.67]: $ git --no-pager branch --list origin/REDACTED --no-color -r
INFO [2018-03-21 16:32:09.68]: ▸ origin/REDACTED
INFO [2018-03-21 16:32:09.68]: Checking out branch REDACTED...
INFO [2018-03-21 16:32:09.68]: $ git checkout REDACTED
INFO [2018-03-21 16:32:09.70]: ▸ Branch REDACTED set up to track remote branch REDACTED from origin.
INFO [2018-03-21 16:32:09.70]: ▸ Switched to a new branch 'REDACTED'
INFO [2018-03-21 16:32:09.77]: 🔓  Decrypted 'LRJPG8XW7G.cer'
INFO [2018-03-21 16:32:09.82]: 🔓  Decrypted 'LRJPG8XW7G.p12'
INFO [2018-03-21 16:32:09.86]: 🔓  Decrypted 'Development_ REDACTED'
INFO [2018-03-21 16:32:09.91]: 🔓  Decrypted 'Development_ REDACTED'
INFO [2018-03-21 16:32:09.91]: 🔓  Successfully decrypted certificates repo
INFO [2018-03-21 16:32:09.94]: Verifying that the certificate and profile are still valid on the Dev Portal...
Loading session from '/Users/REDACTED/.fastlane/spaceship/REDACTED/cookie'
WARN [2018-03-21 16:32:14.87]: Couldn't find a valid code signing identity in the git repo for distribution... creating one for you now

+---------------+--------------------------------------+
|               Summary for cert 2.86.2                |
+---------------+--------------------------------------+
| development   | false                                |
| force         | true                                 |
| username      | REDACTED            |
| team_id       | ZUGN6YC87V                           |
| keychain_path | /Users/REDACTED/Library/Keycha  |
|               | ins/login.keychain-db                |
| team_name     | REDACTED                  |
| platform      | ios                                  |
+---------------+--------------------------------------+

INFO [2018-03-21 16:32:14.89]: Starting login with user 'REDACTED'
Loading session from '/Users/REDACTED/.fastlane/spaceship/REDACTED/cookie'
INFO [2018-03-21 16:32:16.90]: Successfully logged in
INFO [2018-03-21 16:32:18.22]: $ security import /var/folders/dw/r8_qn1mx0v95px8xjy81_lrc0000gn/T/d20180321-7974-1xbhfx5/certs/distribution/XVRAT7M3QX.p12 -k '/Users/REDACTED/Library/Keychains/login.keychain-db' -P '' -T /usr/bin/codesign -T /usr/bin/security
INFO [2018-03-21 16:32:18.37]: ▸ 1 key imported.
INFO [2018-03-21 16:32:18.38]: $ security set-key-partition-list -S apple-tool:,apple: -k '' /Users/REDACTED/Library/Keychains/login.keychain-db
security: SecKeychainItemSetAccessWithPassword: The user name or passphrase you entered is not correct.
INFO [2018-03-21 16:32:18.67]: Successfully generated XVRAT7M3QX which was imported to the local machine.
INFO [2018-03-21 16:32:18.67]: $ security list-keychains -d user
INFO [2018-03-21 16:32:18.70]: $ security find-certificate -c 'Apple Worldwide Developer Relations Certification Authority' /Users/REDACTED/Library/Keychains/login.keychain-db
INFO [2018-03-21 16:32:19.09]: Verifying the certificate is properly installed locally...
INFO [2018-03-21 16:32:19.09]: Successfully installed certificate XVRAT7M3QX

+-------------------------------------+---------------------------+
|                     Summary for sigh 2.86.2                     |
+-------------------------------------+---------------------------+
| app_identifier                      | REDACTED |
| username                            | REDACTED |
| force                               | true                      |
| cert_id                             | XVRAT7M3QX                |
| provisioning_name                   | match AdHoc               |
|                                     | REDACTED |
| ignore_profiles_with_different_name | true                      |
| team_id                             | ZUGN6YC87V                |
| platform                            | ios                       |
| adhoc                               | true                      |
| development                         | false                     |
| skip_install                        | false                     |
| team_name                           | REDACTED       |
| skip_fetch_profiles                 | false                     |
| skip_certificate_verification       | false                     |
| readonly                            | false                     |
+-------------------------------------+---------------------------+

INFO [2018-03-21 16:32:21.83]: Starting login with user 'REDACTED'
Loading session from '/Users/REDACTED/.fastlane/spaceship/REDACTED/cookie'
INFO [2018-03-21 16:32:24.97]: Successfully logged in
INFO [2018-03-21 16:32:24.97]: Fetching profiles...
INFO [2018-03-21 16:32:25.45]: Verifying certificates...
WARN [2018-03-21 16:32:25.45]: No existing profiles found, that match the certificates you have installed locally! Creating a new provisioning profile for you
Spaceship.provisioning_profile.all
[<Spaceship::Portal::Certificate::Development 
	id="LRJPG8XW7G", 
	name="iOS Development", 
	status="Issued", 
	created=2018-03-21 21:21:07 UTC, 
	expires=2019-03-21 21:11:08 UTC, 
	owner_type="teamMember", 
	owner_name="REDACTED", 
	owner_id="52LLY822W4", 
	type_display_id="5QPB9NHCEI", 
	can_download=true>]
[<Spaceship::Portal::Certificate::InHouse 
	id="CS3L3HF2C4", 
	name="iOS Distribution", 
	status="Issued", 
	created=2018-03-21 21:27:54 UTC, 
	expires=2021-03-20 21:17:54 UTC, 
	owner_type="team", 
	owner_name="REDACTED.", 
	owner_id="ZUGN6YC87V", 
	type_display_id="9RQEK7MSXA", 
	can_download=true>, <Spaceship::Portal::Certificate::InHouse 
	id="XVRAT7M3QX", 
	name="iOS Distribution", 
	status="Issued", 
	created=2018-03-21 21:32:17 UTC, 
	expires=2021-03-20 21:22:17 UTC, 
	owner_type="team", 
	owner_name="REDACTED.", 
	owner_id="ZUGN6YC87V", 
	type_display_id="9RQEK7MSXA", 
	can_download=true>]
[]
[]
Sigh.config[:cert_id]
"XVRAT7M3QX"
Sigh.config[:cert_owner_name]
nil
verifying stuff
[]
WARN [2018-03-21 16:32:28.97]: No certificates for filter: Certificate ID: 'XVRAT7M3QX' 
/Users/REDACTED/.fastlane/bin/bundle/lib/ruby/gems/2.2.0/gems/fastlane-2.86.2/fastlane_core/lib/fastlane_core/ui/interface.rb:133:in `user_error!': [!] Could not find a matching code signing identity for type 'AdHoc'. It is recommended to use match to manage code signing for you, more information on https://codesigning.guide. If you don't want to do so, you can also use cert to generate a new one: https://fastlane.tools/cert (FastlaneCore::Interface::FastlaneError)

[INSERT OUTPUT HERE]

Environment

[INSERT OUTPUT HERE]

[logancautrell]

There were 2 "distribution" certs in the portal at this time due to debugging this issue.

[logancautrell]

Apparently Apple has changed something in the APIs and all "distribution" profiles are now considered "in-house" for enterprise accounts.

Recommend certificates_for_profile_and_platform returns in_house.all in the else if enterprise account.

        if profile_type == Spaceship.provisioning_profile.Development
          certificates = Spaceship.certificate.development.all
        elsif profile_type == Spaceship.provisioning_profile.InHouse
          certificates = Spaceship.certificate.in_house.all
        else
          certificates = Spaceship.certificate.production.all # Ad hoc or App Store
        end

[joshdholtz]

@logancautrell Thanks for bringing this up! I will look into this 👌

[barrault01]

@joshdholtz any news about this issue I am not able to create an adhoc provisionning profile :(, if no one is looking at it, I can try to do a fix.

[logancautrell]

As a work around, you can manually modify production.all to in_house.all in fastlane-2.86.2/sigh/lib/sigh/runner.rb:

          puts 'Spaceship.provisioning_profile.all'
          certificates = Spaceship.certificate.production.all # Ad hoc or App Store
        end

That is how I've been working around the issue :)

[joshdholtz]

@barrault01 Ah sorry, this issue got lost in the shuffle! I 💯 agree this is misleading. I will look into fixing this one.

And @logancautrell's temporary solution will solve this (for now) 👌 Thanks for commenting that!

[barrault01]

I forced returned Spaceship.certificate.in_house.all in place of Spaceship.certificate.production.all on the last else of the part @logancautrell quote. It fixed it for the moment.

[joshdholtz]

Heyyy 👋 I have an open PR out for this fix ^