Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Many duplicate codesigning identities after running match #8020

Closed
iosdevben opened this Issue Jan 26, 2017 · 6 comments

Comments

Projects
None yet
4 participants
@iosdevben
Copy link

iosdevben commented Jan 26, 2017

Issue Description

I'm trying to use match on a build server with a build triggered by Bamboo.

gym fails to codesign with the following error:

No valid iOS Distribution signing identities belonging to team were found

I checked the keychain and discovered many duplicates when running the following command:

security find-identity -v -p codesigning

So I tried deleting all the private keys and distribution certificates from both System and login keychains then ran that security command again. It reported:

0 valid identities found.

Then I ran bundle exec fastlane match and security find-identity -v -p codesigning again and it reported 144 valid identities.

I only have one distribution certificate on developer.apple.com, it is shows as valid.

Complete output when running fastlane

CSDT167% bundle exec fastlane match
[09:40:36]: Successfully loaded '/Users//bamboo-agent-home/xml-data/build-dir/29753347-29818884//fastlane/Matchfile' 📄

+----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Detected Values from './fastlane/Matchfile' |
+----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| git_url | http://.git |
| app_identifier | ["", "", "", ".watchkitextension", ".watchkitapp"] |
| type | appstore |
| username | @gmail.com |
+----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+

+-----------------------+--------------------------------------------------------------------------+
| Summary for match 2.11.0 |
+-----------------------+--------------------------------------------------------------------------+
| git_url | http://.git |
| app_identifier | ["", "", " |
| type | appstore |
| username | |
| git_branch | master |
| keychain_name | login.keychain |
| readonly | false |
| team_id | |
| verbose | false |
| force | false |
| skip_confirmation | false |
| shallow_clone | false |
| force_for_new_devices | false |
| skip_docs | false |
+-----------------------+--------------------------------------------------------------------------+

[09:40:36]: Cloning remote git repo...
[09:41:04]: 🔓 Successfully decrypted certificates repo
[09:41:04]: You can also run match in readonly mode to not require any access to the
[09:41:04]: Developer Portal. This way you only share the keys and credentials
[09:41:04]: $ fastlane match --readonly
[09:41:04]: More information https://github.com/fastlane/fastlane/tree/master/match#access-control
[09:41:04]: Verifying that the certificate and profile are still valid on the Dev Portal...

The login information you enter will be stored in your macOS Keychain
You can also pass the password using the FASTLANE_PASSWORD environment variable
More information about it on GitHub: https://github.com/fastlane/fastlane/tree/master/credentials_manager

Password (for @gmail.com): ********
[09:41:34]: Installing certificate...
[09:41:35]: There are no local code signing identities found.
You can run security find-identity -v -p codesigning to get this output.
This Stack Overflow thread has more information: https://stackoverflow.com/q/35390072/774.
(Check in Keychain Access for an expired WWDR certificate: https://stackoverflow.com/a/35409835/774 has more info.)

+-------------------+-----------------------------------------------------+
| Installed Certificate |
+-------------------+-----------------------------------------------------+
| User ID | |
| Common Name | iPhone Distribution: Ltd. () |
| Organisation Unit | |
| Organisation | Ltd. |
| Country | US |
| Start Datetime | Jan 23 21:06:34 2017 GMT |
| End Datetime | Jan 23 21:06:34 2018 GMT |
+-------------------+-----------------------------------------------------+

[09:41:38]: Installing provisioning profile...
[09:41:40]: Installing provisioning profile...
[09:41:42]: Installing provisioning profile...
[09:41:43]: Installing provisioning profile...
[09:41:45]: Installing provisioning profile...

+---------------------+---------------------------------------------------+---------------------------------------+
| Installed Provisioning Profile |
+---------------------+---------------------------------------------------+---------------------------------------+
| Parameter | Environment Variable | Value |
+---------------------+---------------------------------------------------+---------------------------------------+
| App Identifier | | com. |
| Type | | appstore |
| Profile UUID | sigh_com._appstore | |
| Profile Name | sigh_com._appstore_profile-name | match AppStore com. |
| Development Team ID | sigh_com._appstore_team-id | |
+---------------------+---------------------------------------------------+---------------------------------------+

+---------------------+----------------------------------------------------------+----------------------------------------------+
| Installed Provisioning Profile |
+---------------------+----------------------------------------------------------+----------------------------------------------+
| Parameter | Environment Variable | Value |
+---------------------+----------------------------------------------------------+----------------------------------------------+
| App Identifier | | |
| Type | | appstore |
| Profile UUID | sigh_com._appstore | |
| Profile Name | sigh_com._appstore_profile-name | match AppStore com. |
| Development Team ID | sigh_com._appstore_team-id | |
+---------------------+----------------------------------------------------------+----------------------------------------------+

+---------------------+--------------------------------------------------+--------------------------------------+
| Installed Provisioning Profile |
+---------------------+--------------------------------------------------+--------------------------------------+
| Parameter | Environment Variable | Value |
+---------------------+--------------------------------------------------+--------------------------------------+
| App Identifier | | com. |
| Type | | appstore |
| Profile UUID | sigh_com._appstore | |
| Profile Name | sigh_com._appstore_profile-name | match AppStore com. |
| Development Team ID | sigh_com._appstore_team-id | |
+---------------------+--------------------------------------------------+--------------------------------------+

+---------------------+--------------------------------------------------------------------+--------------------------------------------------------+
| Installed Provisioning Profile |
+---------------------+--------------------------------------------------------------------+--------------------------------------------------------+
| Parameter | Environment Variable | Value |
+---------------------+--------------------------------------------------------------------+--------------------------------------------------------+
| App Identifier | | com..watchkitextension |
| Type | | appstore |
| Profile UUID | sigh_com..watchkitextension_appstore | |
| Profile Name | sigh_com..watchkitextension_appstore_profile-name | match AppStore com..watchkitextension |
| Development Team ID | sigh_com..watchkitextension_appstore_team-id | |
+---------------------+--------------------------------------------------------------------+--------------------------------------------------------+

+---------------------+--------------------------------------------------------------+--------------------------------------------------+
| Installed Provisioning Profile |
+---------------------+--------------------------------------------------------------+--------------------------------------------------+
| Parameter | Environment Variable | Value |
+---------------------+--------------------------------------------------------------+--------------------------------------------------+
| App Identifier | | com..watchkitapp |
| Type | | appstore |
| Profile UUID | sigh_com..watchkitapp_appstore | |
| Profile Name | sigh_com..watchkitapp_appstore_profile-name | match AppStore com..watchkitapp |
| Development Team ID | sigh_com..watchkitapp_appstore_team-id | |
+---------------------+--------------------------------------------------------------+--------------------------------------------------+

[09:41:46]: All required keys, certificates and provisioning profiles are installed 🙌
[09:41:46]: 🔒 Successfully encrypted certificates repo
CSDT167% security find-identity -v -p codesigning

  1. A8C94D89776FB454078AD231F3EF7CBB8BC45E8F "iPhone Distribution: Ltd. ()"
  2. A8C94D89776FB454078AD231F3EF7CBB8BC45E8F "iPhone Distribution: Ltd. ()"
    .
    .
    .
  3. A8C94D89776FB454078AD231F3EF7CBB8BC45E8F "iPhone Distribution: Ltd. ()"
    144 valid identities found

Environment

fastlane environment

Stack

Key Value
OS 10.12.2
Ruby 2.4.0
Bundler? true
Git git version 2.10.1 (Apple Git-78)
Installation Source ~/.rbenv/versions/2.4.0/bin/fastlane
Host Mac OS X 10.12.2 (16C67)
Ruby Lib Dir ~/.rbenv/versions/2.4.0/lib
OpenSSL Version OpenSSL 1.0.2j 26 Sep 2016
Is contained false
Xcode Path /Applications/Xcode.app/Contents/Developer/
Xcode Version 8.2.1

System Locale

Variable Value
LANG en_US.UTF-8
LC_ALL en_US.UTF-8
LANGUAGE en_US.UTF-8

fastlane files:

`./fastlane/Fastfile`
default_platform :ios

build_dir = "../../build"

bundle_identifiers = { 
  "<REDACTED>" => "com.<REDACTED>",
  "<REDACTED>" => "com.<REDACTED>",
  "<REDACTED>" => "com.<REDACTED>"
}

test_schemes = {
  "<REDACTED>" => "<REDACTED>",
  "<REDACTED>" => "<REDACTED>",
  "<REDACTED>" => "<REDACTED>"
}

release_schemes = {
  "<REDACTED>" => "<REDACTED>",
  "<REDACTED>" => "<REDACTED>",
  "<REDACTED>" => "<REDACTED>"
}

platform :ios do
  before_all do
    carthage(
      command: "bootstrap",     # One of: build, bootstrap, update, archive. (default: bootstrap)
      platform: "iOS",          # Define which platform to build for (one of 'all', 'Mac', 'iOS', 'watchOS', 'tvOS', or comma-separated values of the formers except for 'all')
      configuration: "Release", # Build configuration to use when building
    )
  end

  desc "Runs all the tests"
  lane :test do
    app = ENV["IOS_APP"]
    UI.user_error!("No IOS_APP environment variable specified") if app == nil

    scheme = test_schemes[app]
    
    # build the source code and run the unit tests
    scan(scheme: scheme,
      clean: false,
      device: "iPhone 5s",
      skip_build: true,
      derived_data_path: build_dir,
      output_directory: build_dir
    )
  end

  desc "Submit a new build to TestFlight"
  desc "This will also make sure the profile is up to date"
  lane :release do
    app = ENV["IOS_APP"]
    puts "DEBUG: app: #{app}"
    UI.user_error!("No IOS_APP environment variable specified") if app == nil

    build_number = ENV["bamboo_buildNumber"]
    puts "DEBUG: build number: #{build_number}"
    UI.user_error!("No bamboo_buildNumber environment variable specified") if build_number == nil

    scheme = release_schemes[app]
    puts "DEBUG: scheme: #{scheme}"
    
    bundle_identifier = bundle_identifiers[app]
    puts "DEBUG: bundle identifier: #{bundle_identifier}"
    
    ipa_name = "#{scheme}.ipa"
    ipa_path = "#{build_dir}/#{ipa_name}"

    unlock_keychain(
      password: "<REDACTED>",
      path: "~/Library/Keychains/login.keychain"
    )
    
    # get/create the required certificates and provisioning profiles
    match

    sh("security show-keychain-info ~/Library/Keychains/login.keychain")
    
    # Create the archive
    gym(
      scheme: scheme,
      derived_data_path: build_dir,
      output_directory: build_dir,
      clean: false,
      xcargs: "BUILD_NUMBER=#{build_number}",
      output_name: ipa_name,
      export_team_id: "<REDACTED>",
      verbose: true
    )

    # upload the archive to Testflight
    pilot(
      app_identifier: bundle_identifier,
      skip_submission: true,
      skip_waiting_for_build_processing: true,
      ipa: ipa_path,
      verbose: true
    )

    # upload the DSYM to Crashlytics
    crashlytics(
      ipa_path: ipa_path,
      api_token: "<REDACTED>",
      build_secret: "<REDACTED>",
      crashlytics_path: "../../Frameworks/Fabric/Crashlytics.framework"
    )
  end
end
`./fastlane/Appfile`
apple_id "<REDACTED>@gmail.com" # Your Apple email address

team_id "<REDACTED>"  # Developer Portal Team ID

# you can even provide different app identifiers, Apple IDs and team names per lane:
# More information: https://github.com/fastlane/fastlane/blob/master/fastlane/docs/Appfile.md

fastlane gems

Gem Version Update-Status
fastlane 2.11.0 Up-To-Date

Loaded fastlane plugins:

No plugins Loaded

Loaded gems
Gem Version
did_you_mean 1.1.0
bundler 1.13.7
io-console 0.4.6
openssl 2.0.2
CFPropertyList 2.3.4
i18n 0.7.0
json 1.8.6
minitest 5.10.1
thread_safe 0.3.5
tzinfo 1.2.2
activesupport 4.2.7.1
public_suffix 2.0.5
addressable 2.5.0
babosa 1.0.2
claide 1.0.1
colored 1.2
highline 1.7.8
commander 4.4.3
unf_ext 0.0.7.2
unf 0.1.4
domain_name 0.5.20161129
dotenv 2.1.2
excon 0.54.0
multipart-post 2.0.0
faraday 0.11.0
http-cookie 1.0.3
faraday-cookie_jar 0.0.6
faraday_middleware 0.11.0.1
fastimage 2.0.1
gh_inspector 1.0.3
jwt 1.5.6
little-plugger 1.1.4
multi_json 1.12.1
logging 2.1.0
memoist 0.15.0
os 0.9.6
signet 0.7.3
googleauth 0.5.1
httpclient 2.8.3
hurley 0.2
mime-types-data 3.2016.0521
mime-types 3.1
uber 0.0.15
representable 2.3.0
retriable 2.1.0
google-api-client 0.9.23
mini_magick 4.5.1
multi_xml 0.6.0
plist 3.2.0
rubyzip 1.2.0
security 0.1.3
slack-notifier 1.5.1
terminal-notifier 1.7.1
unicode-display_width 1.1.3
terminal-table 1.7.3
word_wrap 1.0.0
nanaimo 0.2.3
xcodeproj 1.4.2
rouge 1.11.1
xcpretty 0.2.4
xcpretty-travis-formatter 0.0.4

generated on: 2017-01-27

@fastlane-bot

This comment has been minimized.

Copy link

fastlane-bot commented Jan 26, 2017

It seems like this issue might be related to code signing 🚫

Have you seen our new Code Signing Troubleshooting Guide? It will help you resolve the most common code signing issues 👍

@iosdevben

This comment has been minimized.

Copy link
Author

iosdevben commented Jan 27, 2017

Thanks @fastlane-bot. I've looked at that but it doesn't help this problem.

@iosdevben

This comment has been minimized.

Copy link
Author

iosdevben commented Jan 27, 2017

Praying that @KrauseFx has some suggestions. :)

@chwebb1

This comment has been minimized.

Copy link

chwebb1 commented Mar 27, 2017

I am also having a similar issue where Match generates a duplicate development cert, and I hope someone has some suggestions.

@nafu nafu added the tool: match label Apr 8, 2017

@fastlane-bot

This comment has been minimized.

Copy link

fastlane-bot commented Jun 7, 2017

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.

Please make sure to update to the latest fastlane version and check if that solves the issue. Let us know if that works for you by adding a comment 👍

@fastlane-bot

This comment has been minimized.

Copy link

fastlane-bot commented Jun 19, 2017

This issue will be auto-closed because there hasn't been any activity for a few months. Feel free to open a new one if you still experience this problem 👍

@fastlane fastlane locked and limited conversation to collaborators Sep 17, 2017

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.