[question] How to keep push notification certificates in shared git repo with match?

[okonon]

Thank you for great tools!
How to keep push notification certificates in shared git repo with match?

[okonon]

✅ fastlane environment ✅

Stack

Key	Value
OS	10.12.4
Ruby	2.2.4
Bundler?	false
Git	git version 2.11.0 (Apple Git-81)
Installation Source	~/.fastlane/bin/bundle/bin/fastlane
Host	Mac OS X 10.12.4 (16E195)
Ruby Lib Dir	~/.fastlane/bin/bundle/lib
OpenSSL Version	OpenSSL 1.0.2g 1 Mar 2016
Is contained	true
Is homebrew	false
Is installed via Fabric.app	false
Xcode Path	/Applications/Xcode.app/Contents/Developer/
Xcode Version	8.3

System Locale

Variable	Value
LANG	en_US.UTF-8	✅
LC_ALL	en_US.UTF-8	✅
LANGUAGE	en_US.UTF-8	✅

fastlane files:

`./fastlane/Fastfile`

# Customise this file, documentation can be found here:
# https://github.com/fastlane/fastlane/tree/master/fastlane/docs
# All available actions: https://docs.fastlane.tools/actions
# can also be listed using the `fastlane actions` command

# Change the syntax highlighting to Ruby
# All lines starting with a # are ignored when running `fastlane`

# If you want to automatically update fastlane if a new version is available:
# update_fastlane

# This is the minimum version number required.
# Update this, if you use features of a newer version
fastlane_version "2.26.0"

# NOTE: If building on Teamcity and you see this error "security: cert import failed:" then update the LaunchDaemon
# plist file according to this page: http://stackoverflow.com/a/9482707/1074558

# username "appliedtechrequest@baystatehealth.org" # Your Apple Developer Portal username

default_platform :ios

app_name = "BHAppStore"
git_url = "git@bitbucket.org:okonon/bhcerts.git"

team_id = CredentialsManager::AppfileConfig.try_fetch_value(:team_id)
app_identifier = CredentialsManager::AppfileConfig.try_fetch_value(:app_identifier)

cert_path = "certs"
keychain_path = "~/Library/Keychains/login.keychain-db"

platform :ios do

  lane :profiles_development do
    # sh("mkdir -p #{cert_path}/development")
    cert(
      # keychain_path: "#{keychain_path}",
      # keychain_password: ENV['KC_PW'],
      development: true
      # output_path: "#{cert_path}/development"
    )
    sigh(
      development: true
      # output_path: "#{cert_path}/development"
    )
  end

  # lane :profiles_release do
  #   sh("mkdir -p #{cert_path}/release")
  #   cert(
  #     keychain_path: "#{keychain_path}",
  #     keychain_password: ENV['KC_PW'],
  #     development: false,
  #     output_path: "#{cert_path}/release"
  #   )
  #   sigh(
  #     development: false,
  #     output_path: "#{cert_path}/release"
  #   )
  # end

  lane :build_development do
    if is_ci?
      unlock_keychain(
        path: "#{keychain_path}",
        password: ENV['KC_PW']
      )
    end
    profiles_development
    gym(
      clean: true,
      configuration: "Debug",
      output_directory: "builds/" + Time.now.strftime('%F'),
      output_name: "#{app_name}-development.ipa",
      project: "platforms/ios/#{app_name}.xcodeproj",
      scheme: "#{app_name}",
      toolchain: "swift_2_3"
    )
  end

  # lane :build_release do
  #   if is_ci?
  #     unlock_keychain(
  #       path: "#{keychain_path}",
  #       password: ENV['KC_PW']
  #     )
  #   end
  #   profiles_release
  #   gym(
  #     clean: true,
  #     configuration: "Release",
  #     output_directory: "builds/" + Time.now.strftime('%F'),
  #     output_name: "#{app_name}-release.ipa",
  #     project: "platforms/ios/#{app_name}.xcodeproj",
  #     scheme: "#{app_name}",
  #     toolchain: "swift_2_3"
  #   )
  # end

  # lane :beta do
  #   build_release
  #   ENV["DELIVER_ITMSTRANSPORTER_ADDITIONAL_UPLOAD_PARAMETERS"] = "-t DAV"
  #   pilot
  # end

  # lane :release_app do
  #   deliver(
  #     ipa: "builds/#{Time.now.strftime('%F')}/#{app_name}-release.ipa",
  #     force: true,
  #     skip_metadata: true,
  #     skip_screenshots: true
  #   )
  # end
end

platform :android do

  lane :build_development do
    Dir.chdir ".." do
      sh("platforms/android/cordova/clean")
    end
    gradle(
      task: "cdvBuildDebug",
      project_dir: "platforms/android/",
      properties: {
        'android.useDeprecatedNdk' => true
      }
    )
    Dir.chdir ".." do
      sh("mkdir -p builds/#{Time.now.strftime('%F')}/")
      sh("cp -f platforms/android/build/outputs/apk/android-armv7-debug.apk builds/#{Time.now.strftime('%F')}/")
      sh("cp -f platforms/android/build/outputs/apk/android-x86-debug.apk builds/#{Time.now.strftime('%F')}/")
    end
  end

  # lane :build_release do
  #   Dir.chdir ".." do
  #     sh("platforms/android/cordova/clean")
  #   end
  #   gradle(
  #     task: "cdvBuildRelease",
  #     project_dir: "platforms/android/",
  #     properties: {
  #       'android.useDeprecatedNdk' => true
  #     }
  #   )
  #   Dir.chdir ".." do
  #     sh("mkdir -p builds/#{Time.now.strftime('%F')}/")
  #     sh("cp -f platforms/android/build/outputs/apk/android-armv7-release.apk builds/#{Time.now.strftime('%F')}/")
  #     sh("cp -f platforms/android/build/outputs/apk/android-x86-release.apk builds/#{Time.now.strftime('%F')}/")
  #   end
  # end

  # lane :release_app do |options|
  #   supply(
  #     track: options[:track],
  #     apk_paths: ["builds/#{Time.now.strftime('%F')}/android-x86-release.apk", "builds/#{Time.now.strftime('%F')}/android-armv7-release.apk"],
  #     skip_upload_metadata: true,
  #     skip_upload_images: true,
  #     skip_upload_screenshots: true
  #   )
  # end
end

`./fastlane/Appfile`

app_identifier "org.baystatehealth.appstore" # The bundle identifier of your app
apple_id "appliedtechrequest@baystatehealth.org" # Your Apple email address

team_id "HJMX52WAVE"  # Developer Portal Team ID

# you can even provide different app identifiers, Apple IDs and team names per lane:
# More information: https://github.com/fastlane/fastlane/blob/master/fastlane/docs/Appfile.md

fastlane gems

Gem	Version	Update-Status
fastlane	2.26.0	✅ Up-To-Date

Loaded fastlane plugins:

No plugins Loaded

Loaded gems

Gem	Version
CFPropertyList	2.3.5
activesupport	4.2.7.1
addressable	2.5.0
babosa	1.0.2
bigdecimal	1.2.6
bundler	1.14.3
claide	1.0.1
colored	1.2
commander	4.4.3
commander-fastlane	4.4.4
domain_name	0.5.20161129
dotenv	2.2.0
excon	0.54.0
faraday	0.11.0
faraday-cookie_jar	0.0.6
faraday_middleware	0.11.0.1
fastimage	2.0.1
gh_inspector	1.0.3
google-api-client	0.9.26
googleauth	0.5.1
highline	1.7.8
http-cookie	1.0.3
httpclient	2.8.3
hurley	0.2
i18n	0.7.0
io-console	0.4.3
json	1.8.1
jwt	1.5.6
libxml-ruby	2.9.0
little-plugger	1.1.4
logging	2.1.0
memoist	0.15.0
mime-types	3.1
mime-types-data	3.2016.0521
mini_magick	4.5.1
minitest	5.4.3
multi_json	1.12.1
multi_xml	0.6.0
multipart-post	2.0.0
nanaimo	0.2.3
nokogiri	1.5.6
os	0.9.6
plist	3.2.0
power_assert	0.2.2
psych	2.0.8
public_suffix	2.0.5
rake	10.4.2
rdoc	4.2.0
representable	2.3.0
retriable	2.1.0
rouge	1.11.1
rubygems-update	2.5.2
rubyzip	1.2.0
security	0.1.3
signet	0.7.3
slack-notifier	1.5.1
sqlite3	1.3.13
terminal-notifier	1.7.1
terminal-table	1.7.3
test-unit	3.0.8
thread_safe	0.3.5
tty-screen	0.5.0
tzinfo	1.2.2
uber	0.0.15
unf	0.1.4
unf_ext	0.0.7.2
unicode-display_width	1.1.3
word_wrap	1.0.0
xcodeproj	1.4.2
xcpretty	0.2.4
xcpretty-travis-formatter	0.0.4

generated on: 2017-04-07

[hjanuschka]

hey @okonon 🤚

match is only for certificates and provisiong profiles. right now there is no out of the box solution for PEM's.

you may have a look at https://github.com/hjanuschka/fastlane-plugin-cryptex - this is baked by the same principals as match but supports any file.

[okonon]

@hjanuschka thanks for your response. So how would one manage their push notification certificates - use pem?

[rahulssoni]

Hello, Match command fails to push the certificates on Repo, As repo requires JIRA ID in commit message but Match using default commit message. Whats the solution for this @hjanuschka

[hjanuschka]

@rahulssoni the commit message is fixed inside the source code: https://github.com/fastlane/fastlane/blob/master/match/lib/match/git_helper.rb#L68

i guess the best solution would be to disable the jira-id requirement on the certificate repo (if that is possible; not a jira user :/).

[rahulssoni]

hjanuschka - Thanks for your quick reply.

[jdrouet]

@okonon did you find a way to push this certificate with match ?

[mpirri]

@jdrouet Can you let us know what you are looking to do with match? Or are you trying to use the cryptex plugin that @hjanuschka mentioned above?

Thanks!

[okonon]

@jdrouet i do not think match supports push certificates at the moment. I am using Pem And Cryptex plugin.
@mpirri it would be nice if match supported push sertificates. Because nowadays majority of apps utilize push notifications

[mpirri]

Correct, as @hjanuschka above said, match is currently not for PEMs. We don't currently have any plans to add support for push certs to match, but will keep it in mind for a future release of fastlane. Thanks for the request and I'm sorry I don't have better news for you! 🚀

[okonon]

@mpirri I am wondering if you could survey your users to see if supporting PEMs feature adds any value to them?

[mpirri]

@okonon Sure! We can leave this issue open and any folks who are interested can weight in on it. Again, no promises that we will be able to build it any time soon, but another option is to have a fastlane contributor take the lead on this functionality - we are always enthusiastic to review awesome PRs that add useful functionality to the tools.

Thanks again! 🚀

[xavier-villelegier]

@mpirri @okonon That would definitely be awesome, many applications use push notifications, and match makes the task much easier for other certificates. Combining these two features would be perfect ! 🔥

[okonon]

I agree with @xavier-villelegier - it would be really great to have this feature

[ohayon]

Hey everyone, great news! It looks like someone is working on this already. You can follow the PR here! #9752 🚀

[okonon]

w00t ! nice!
i will wait for official release and documentation! thanks @ohayon for the info

[okonon]

@ohayon is that for importing Signing certificates and for APNS certificates?

[KrauseFx]

The PR linked above is just for existing private keys for code signing, not for push from my understanding.

[okonon]

Ok. Let's see if this issue gets more popularity. I wonder why people do not want to request this feature to maintain push to the defecation certificates the match way

[okonon]

Anyways I've implemented a workaround using the https://github.com/hjanuschka/fastlane-plugin-cryptex

[KrauseFx]

Oh that's great, yeah @hjanuschka's plugin is awesome, that's a great workaround for this :)

[okonon]

Thanks. I am really surprised that no one requested this feature before. I think majority of apps use push notifications nowadays. Thai would be a killer feature. Well let's see if people notice this thread d
Thanks

[KrauseFx]

Yeah, most users will just upload the push certificate directly to their server I think

[fastlane-bot]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.

Please make sure to update to the latest fastlane version and check if that solves the issue. Let us know if that works for you by adding a comment 👍

[fastlane-bot]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.

Please make sure to update to the latest fastlane version and check if that solves the issue. Let us know if that works for you by adding a comment 👍

[fastlane-bot]

This issue will be auto-closed because there hasn't been any activity for a few months. Feel free to open a new one if you still experience this problem 👍