Github Actions: No code signing identity found and can not create a new one because you enabled readonly
#18272
Answered
by
aprilmintacpineda
aprilmintacpineda
asked this question in
Q&A
-
What I am trying to doI'm trying to use github actions to automate the building and deployment to testflight (and also google internal track after this). What I have doneI have been able to run fastlane deployment on my macbook for several releases in the past weeks, but I can't make it work on github actions, I've been able to make modifications to take it this far. The error currently I'm trying to solveRelevant filesFolder structuregithub workflow yaml file name: ios-testflight-deployment
# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the dev branch
on:
push:
branches:
- master
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: macos-latest
continue-on-error: false
env:
MATCH_PASSWORD: password
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@master
- uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.MATCH_REPO_KEY }}
- uses: ruby/setup-ruby@v1
with:
ruby-version: 2.6
bundler-cache: true
- name: Versions
run: |
echo "Yarn: $(yarn --version)"
echo "Node: $(node --version)"
echo "Ruby: $(ruby --version)"
echo "Bundler: $(bundle --version)"
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- uses: actions/cache@v2
with:
path: Pods
key: ${{ runner.os }}-pods-${{ hashFiles('ios/Podfile.lock') }}
restore-keys: |
${{ runner.os }}-pods-
- name: Setup dependencies
run: |
yarn
npx pod-install
echo "${{ secrets.myAuthKey }}" > myAuthKey.p8
- name: Fastlane
run: |
ls -lha
bundle exec fastlane ios devAppfile app_identifier("<hidden value>") # The bundle identifier of your app
apple_id("<hidden value>") # Your Apple email address
itc_team_id("<hidden value>") # App Store Connect Team ID
team_id("<hidden value>") # Developer Portal Team ID
# For more information about the Appfile, see:
# https://docs.fastlane.tools/advanced/#appfileFastfile # This file contains the fastlane.tools configuration
# You can find the documentation at https://docs.fastlane.tools
#
# For a list of all available actions, check out
#
# https://docs.fastlane.tools/actions
#
# For a list of all available plugins, check out
#
# https://docs.fastlane.tools/plugins/available-plugins
#
# Uncomment the line if you want fastlane to automatically update itself
# update_fastlane
default_platform(:ios)
platform :ios do
desc "Push a new beta build to TestFlight"
lane :dev do
begin
setup_ci
process_start_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
# slack_url = "<hidden value>"
info_plist_path = "ios/my_app/Info.plist"
version = get_info_plist_value(path: info_plist_path, key: "CFBundleShortVersionString")
build_number = get_info_plist_value(path: info_plist_path, key: "CFBundleVersion")
groups = ["App Store Connect Users"]
api_key = app_store_connect_api_key(
key_id: "<hidden value>",
issuer_id: "<hidden value>",
key_filepath: "myAuthKey.p8",
in_house: true
)
match(api_key: api_key)
# slack(
# message: "iOS: build has started for v#{version}(#{build_number})\n" +
# "Groups: #{groups.join(", ")}",
# slack_url: slack_url
# )
changelog = read_changelog(
changelog_path: "CHANGELOG.md",
section_identifier: "[#{version}]"
)
build_start_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
build_app(
workspace: "ios/my_app.xcworkspace",
scheme: "staging",
clean: true,
configuration: 'StagingRelease'
)
build_end_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
total_build_seconds = build_end_time - build_start_time
build_minutes = total_build_seconds / 60
build_seconds = total_build_seconds % 60
# slack(
# message: "iOS: build completed for v#{version}(#{build_number}). Now uploading to testflight.",
# slack_url: slack_url
# )
upload_start_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
upload_to_testflight(api_key: api_key, groups: groups, changelog: changelog)
clean_build_artifacts
upload_end_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
total_upload_seconds = upload_end_time - upload_start_time
upload_minutes = total_upload_seconds / 60
upload_seconds = total_upload_seconds % 60
process_end_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
total_process_seconds = process_end_time - process_start_time
total_minutes = total_process_seconds / 60
total_seconds = total_process_seconds % 60
# slack(
# message: "iOS: successfully uploaded v#{version}(#{build_number}) to testflight.\n\n" +
# "Build Time: #{build_minutes.floor}:#{build_seconds.floor}\n" +
# "Upload Time: #{upload_minutes.floor}:#{upload_seconds.floor}\n" +
# "Total time: #{total_minutes.floor}:#{total_seconds.floor}\n" +
# "Groups: #{groups.join(", ")}",
# slack_url: slack_url
# )
rescue => error
# slack(
# message: "Building failed:\n\n```\n#{error}```\n",
# slack_url: slack_url,
# success: false
# )
raise error
end
end
endMatch file git_url("<hidden value>")
storage_mode("git")
type("appstore") # The default type, can be: appstore, adhoc, enterprise or development
# app_identifier(["tools.fastlane.app", "tools.fastlane.app2"])
username("<hidden value>") # Your Apple Developer Portal username
# For all available options run `fastlane match --help`
# Remove the # in the beginning of the line to enable the other options
# The docs are available on https://docs.fastlane.tools/actions/match |
Beta Was this translation helpful? Give feedback.
Answered by
aprilmintacpineda
Feb 25, 2021
Replies: 4 comments 7 replies
-
|
Thanks for creating this discussion! The detailedness of this is so 🔥 I’m slightly in love with this 😍 But anyway... The issue seems to be that Would you be able to post more of your console output for when [05:22:18]: -------------------
[05:22:18]: --- Step: match ---
[05:22:18]: -------------------
[05:22:18]: Successfully loaded '/Users/josh/Projects/Reuse/fastlane/Matchfile' 📄
+----------------------+----------------------+
| Detected Values from './fastlane/Matchfile' |
+----------------------+----------------------+
| readonly | false |
+----------------------+----------------------+
+--------------------------------+-------------------------------------------------------+
| Summary for match 2.172.0 |
+--------------------------------+-------------------------------------------------------+
| type | appstore |
| readonly | false |
| generate_apple_certs | true |
| skip_provisioning_profiles | false |
|
Beta Was this translation helpful? Give feedback.
4 replies
-
|
I made some changes Appfile - app_identifier("com.org.app.staging") # The bundle identifier of your app
+ # app_identifier("com.org.app.staging") # The bundle identifier of your appFastfile match(
api_key: api_key,
- app_identifier: "com.org.app.staging",
- type: "development"
+ app_identifier: "com.org.app.staging"
)Matchfile - # type("appstore") # The default type, can be: appstore, adhoc, enterprise or development
+ type("appstore") # The default type, can be: appstore, adhoc, enterprise or developmentLogs |
Beta Was this translation helpful? Give feedback.
-
|
I think the problem is that xcode is not being updated to use new provisioning profiles imported by match, so match will import |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for your help! 🙇🏻 |
Beta Was this translation helpful? Give feedback.
-
|
How did you do it ? @aprilmintacpineda ? |
Beta Was this translation helpful? Give feedback.
-
|
Found the answer here https://docs.fastlane.tools/codesigning/xcode-project/#xcode-8 I went to |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
aprilmintacpineda
-
|
For anyone looking, I created a guide for this |
Beta Was this translation helpful? Give feedback.
3 replies
-
|
so what is the solution? how do I disable readonly so I can let fastlane match create a new one ? |
Beta Was this translation helpful? Give feedback.
-
My mistake was I had a typo in my api key from apple |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for taking the time to share this insightful solution! |
Beta Was this translation helpful? Give feedback.
-
|
If you encounter the error "No code signing identity found and cannot create a new one because you enabled readonly" in GitHub Actions, it typically means that your build process is attempting to sign code (such as iOS apps) but is unable to find a valid code signing identity or provisioning profile. Here are steps to address this issue: Check Code Signing Settings: Review your code signing settings in your project configuration files (such as xcodeproj or xcworkspace files for iOS projects) to ensure they are correctly configured. Make sure the correct signing identity and provisioning profile are specified. Update GitHub Secrets: If you are using GitHub Secrets to store your code signing identity and provisioning profile, ensure that the secrets are correctly configured and accessible to your GitHub Actions workflow. Check for any typos or incorrect values in your secrets. Readonly Mode: If your repository is in readonly mode, you won't be able to create new code signing identities or provisioning profiles directly from GitHub Actions. You may need to obtain the necessary signing files manually and store them securely in your repository or CI environment. Manual Code Signing: If you cannot create new code signing identities in readonly mode, you may need to manually manage your code signing process outside of GitHub Actions. Obtain the required code signing files (such as .p12 certificate and .mobileprovision profile) from your development team or Apple Developer account, and securely store them in your CI environment. Debug Output: Enable verbose or debug output in your GitHub Actions workflow to get more details about the code signing process and any errors encountered. This can help you identify the specific cause of the issue. Valero Credit Card Consult Documentation: Refer to the documentation and guidelines for code signing in your target platform (e.g., iOS, macOS) to ensure you are following best practices and correctly configuring your code signing process. By following these steps and troubleshooting the code signing process in your GitHub Actions workflow, you should be able to address the "No code signing identity found" error and successfully sign your code during the build process. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Found the answer here https://docs.fastlane.tools/codesigning/xcode-project/#xcode-8 I went to
build settingsand set different profiles for eachdebugandreleaseconfigurations underProvisioning profile.