Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(cli): iOS signing for CI usage #9963

Merged
merged 11 commits into from
Jul 12, 2024
Merged

feat(cli): iOS signing for CI usage #9963

merged 11 commits into from
Jul 12, 2024

Conversation

lucasfernog
Copy link
Member

This PR sets up our CLI to modify the iOS project and export options to support manual code signing for CI usage.

A new crate was added, tauri-macos-sign, which was donated by our partnership with CrabNebula, which did the research for this iOS CI packaging solution. This crate is now used internally in the tauri-bundler too.

Here's what needs to be added to our docs:

### Certificate

After enrolling, navigate to the [Certificates](https://developer.apple.com/account/resources/certificates/list) page to create a new Apple Distribution certificate. Download the new certificate and install it to the macOS Keychain.

To export the certificate key, open the "Keychain Access" app, expand the certificate's entry, right-click on the key item and select "Export <key-name>" item. Select the path of the exported .p12 file and remember its password.
Run `base64 -i <path-to-certificate.p12> | pbcopy` to convert the certificate to base64 and copy it to the clipboard and paste that value to the `IOS_CERTIFICATE` environment variable. The certificate password must be set to the `IOS_CERTIFICATE_PASSWORD` variable.

### Provisioning Profile

Additionally, you must provide the provisioning profile for your application. In the [Identifiers](https://developer.apple.com/account/resources/identifiers/list) page, create a new App ID and make sure its "Bundle ID" value matches the identifier set in the [`identifier`] configuration.

Navigate to the [Profiles](https://developer.apple.com/account/resources/profiles/list) page to create a new provisioning profile. For App Store distribution, it must be an "App Store Connect" profile. Select the appropriate App ID and link the certificate you previously created.

After creating the provisioning profile, download it and run `base64 -i <path-to-profile.mobileprovision> | pbcopy` to convert the profile to base64 and copy it to the clipboard. Set that value to the `IOS_MOBILE_PROVISION` environment variable.

@lucasfernog lucasfernog requested a review from a team as a code owner June 4, 2024 12:37
.changes/ios-signing.md Show resolved Hide resolved
tooling/cli/src/mobile/ios/build.rs Outdated Show resolved Hide resolved
@lyager
Copy link
Contributor

lyager commented Jun 10, 2024

This is a good I think. I've been in close dialogue with @lucasfernog on this one (thanks!), and it works for people who does not use a Company signature, but just a private one. For company distribution a resigning is needed - but the above is good, and I think it should me merged.

@ecmel
Copy link

ecmel commented Jul 1, 2024

Any time frame for merging this?

Copy link
Contributor

Package Changes Through 1472792

There are 11 changes which include tauri-cli with prerelease, @tauri-apps/cli with prerelease, tauri with prerelease, @tauri-apps/api with prerelease, tauri-bundler with prerelease, tauri-macros with prerelease, tauri-codegen with prerelease, tauri-build with prerelease, tauri-macos-sign with preminor, tauri-runtime-wry with prerelease, tauri-utils with prerelease

Planned Package Versions

The following package releases are the planned based on the context of changes in this pull request.

package current next
@tauri-apps/api 2.0.0-beta.14 2.0.0-beta.15
tauri-utils 2.0.0-beta.18 2.0.0-beta.19
tauri-macos-sign 0.0.0 0.1.0-beta.0
tauri-bundler 2.0.1-beta.17 2.0.1-beta.18
tauri-runtime 2.0.0-beta.19 2.0.0-beta.20
tauri-runtime-wry 2.0.0-beta.19 2.0.0-beta.20
tauri-codegen 2.0.0-beta.18 2.0.0-beta.19
tauri-macros 2.0.0-beta.18 2.0.0-beta.19
tauri-plugin 2.0.0-beta.18 2.0.0-beta.19
tauri-build 2.0.0-beta.18 2.0.0-beta.19
tauri 2.0.0-beta.23 2.0.0-beta.24
@tauri-apps/cli 2.0.0-beta.21 2.0.0-beta.22
tauri-cli 2.0.0-beta.21 2.0.0-beta.22

Add another change file through the GitHub UI by following this link.


Read about change files or the docs at github.com/jbolda/covector

@lucasfernog lucasfernog merged commit 7c7fa09 into dev Jul 12, 2024
20 checks passed
@ecmel
Copy link

ecmel commented Jul 13, 2024

Thank you for the great PR, I am getting Provisioning profile is not an "iOS App Development" profile error when building for iOS. Tried with App Store Connect and Ad Hoc distribution profiles. Only iOS App Development profile works.

** EXPORT FAILED **

    Error command ["xcodebuild"] exited with code 70

I was able to fix it by manually editing src-tauri/gen/apple/ExportOptions.plist and modifying <key>method</key> to <string>release-testing</string> Possible values are development, app-store-connect, release-testing, enterprise, debugging, validation

@FabianLars FabianLars deleted the feat/ios-ci-signing branch December 5, 2024 12:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants