Skip to content

feat(cli): iOS signing for CI usage#9963

Merged
lucasfernog merged 11 commits intodevfrom
feat/ios-ci-signing
Jul 12, 2024
Merged

feat(cli): iOS signing for CI usage#9963
lucasfernog merged 11 commits intodevfrom
feat/ios-ci-signing

Conversation

@lucasfernog
Copy link
Member

@lucasfernog lucasfernog commented Jun 4, 2024

This PR sets up our CLI to modify the iOS project and export options to support manual code signing for CI usage.

A new crate was added, tauri-macos-sign, which was donated by our partnership with CrabNebula, which did the research for this iOS CI packaging solution. This crate is now used internally in the tauri-bundler too.

Here's what needs to be added to our docs:

### Certificate

After enrolling, navigate to the [Certificates](https://developer.apple.com/account/resources/certificates/list) page to create a new Apple Distribution certificate. Download the new certificate and install it to the macOS Keychain.

To export the certificate key, open the "Keychain Access" app, expand the certificate's entry, right-click on the key item and select "Export <key-name>" item. Select the path of the exported .p12 file and remember its password.
Run `base64 -i <path-to-certificate.p12> | pbcopy` to convert the certificate to base64 and copy it to the clipboard and paste that value to the `IOS_CERTIFICATE` environment variable. The certificate password must be set to the `IOS_CERTIFICATE_PASSWORD` variable.

### Provisioning Profile

Additionally, you must provide the provisioning profile for your application. In the [Identifiers](https://developer.apple.com/account/resources/identifiers/list) page, create a new App ID and make sure its "Bundle ID" value matches the identifier set in the [`identifier`] configuration.

Navigate to the [Profiles](https://developer.apple.com/account/resources/profiles/list) page to create a new provisioning profile. For App Store distribution, it must be an "App Store Connect" profile. Select the appropriate App ID and link the certificate you previously created.

After creating the provisioning profile, download it and run `base64 -i <path-to-profile.mobileprovision> | pbcopy` to convert the profile to base64 and copy it to the clipboard. Set that value to the `IOS_MOBILE_PROVISION` environment variable.

@lucasfernog lucasfernog requested a review from a team as a code owner June 4, 2024 12:37
amrbashir
amrbashir reviewed Jun 4, 2024
View reviewed changes
@lyager
Copy link
Contributor

lyager commented Jun 10, 2024

This is a good I think. I've been in close dialogue with @lucasfernog on this one (thanks!), and it works for people who does not use a Company signature, but just a private one. For company distribution a resigning is needed - but the above is good, and I think it should me merged.

@ecmel
Copy link

ecmel commented Jul 1, 2024

Any time frame for merging this?

@github-actions
Copy link
Contributor

github-actions bot commented Jul 12, 2024

Package Changes Through 1472792

There are 11 changes which include tauri-cli with prerelease, @tauri-apps/cli with prerelease, tauri with prerelease, @tauri-apps/api with prerelease, tauri-bundler with prerelease, tauri-macros with prerelease, tauri-codegen with prerelease, tauri-build with prerelease, tauri-macos-sign with preminor, tauri-runtime-wry with prerelease, tauri-utils with prerelease

Planned Package Versions

The following package releases are the planned based on the context of changes in this pull request.

package current next
@tauri-apps/api 2.0.0-beta.14 2.0.0-beta.15
tauri-utils 2.0.0-beta.18 2.0.0-beta.19
tauri-macos-sign 0.0.0 0.1.0-beta.0
tauri-bundler 2.0.1-beta.17 2.0.1-beta.18
tauri-runtime 2.0.0-beta.19 2.0.0-beta.20
tauri-runtime-wry 2.0.0-beta.19 2.0.0-beta.20
tauri-codegen 2.0.0-beta.18 2.0.0-beta.19
tauri-macros 2.0.0-beta.18 2.0.0-beta.19
tauri-plugin 2.0.0-beta.18 2.0.0-beta.19
tauri-build 2.0.0-beta.18 2.0.0-beta.19
tauri 2.0.0-beta.23 2.0.0-beta.24
@tauri-apps/cli 2.0.0-beta.21 2.0.0-beta.22
tauri-cli 2.0.0-beta.21 2.0.0-beta.22

Add another change file through the GitHub UI by following this link.

Read about change files or the docs at github.com/jbolda/covector

@lucasfernog lucasfernog merged commit 7c7fa09 into dev Jul 12, 2024
@github-actions github-actions bot mentioned this pull request Jul 12, 2024
Merged
@ecmel
Copy link

ecmel commented Jul 13, 2024
edited
Loading

Thank you for the great PR, I am getting Provisioning profile is not an "iOS App Development" profile error when building for iOS. Tried with App Store Connect and Ad Hoc distribution profiles. Only iOS App Development profile works.

** EXPORT FAILED **

    Error command ["xcodebuild"] exited with code 70

I was able to fix it by manually editing src-tauri/gen/apple/ExportOptions.plist and modifying <key>method</key> to <string>release-testing</string> Possible values are development, app-store-connect, release-testing, enterprise, debugging, validation

@FabianLars FabianLars deleted the feat/ios-ci-signing branch December 5, 2024 12:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amrbashir amrbashir amrbashir approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@lucasfernog @lyager @ecmel @amrbashir