当前位置: 文江博客话题详情

OTHER_CODE_SIGN_FLAGS 钥匙串标志被忽略?

发布于 2024-12-04 02:16:48 字数 1291 浏览 0 评论 0原文

我刚刚了解了使用 OTHER_CODE_SIGN_FLAGS 来指定钥匙串的可能性,其中包括构建和签署应用程序所需的证书。但不幸的是我无法让它工作。

我的脚本看起来像这样:

#!/bin/bash
TARGET="MyProject"
CONFIGURATION="Release"
SDK="iphoneos"
IDENTITY="iPhone Developer: John Doe (XX22RR22O)"
KEYCHAIN="/Users/username/Library/Keychains/someKeyChain.keychain"
PASSWORD=""

security unlock-keychain -p ${PASSWORD} ${KEYCHAIN}
xcodebuild -target "${TARGET}" -configuration ${CONFIGURATION} -sdk $SDK CODE_SIGN_IDENTITY="${IDENTITY}" OTHER_CODE_SIGN_FLAGS="--keychain ${KEYCHAIN}"

但这失败了:

Check dependencies
[BEROR]Code Sign error: The identity 'iPhone Developer: John Doe (XX22RR22O)' doesn't match any valid certificate/private key pair in the default keychain

但是如果我首先切换到钥匙串,它可以工作,但在可能同时发生多个构建的构建服务器上不可用:

#!/bin/bash
TARGET="MyProject"
CONFIGURATION="Release"
SDK="iphoneos"
IDENTITY="iPhone Developer: John Doe (XX22RR22O)"
KEYCHAIN="/Users/username/Library/Keychains/someKeyChain.keychain"
PASSWORD=""

security unlock-keychain -p ${PASSWORD} ${KEYCHAIN}
security default-keychain -s ${KEYCHAIN}
xcodebuild -target "${TARGET}" -configuration ${CONFIGURATION} -sdk $SDK CODE_SIGN_IDENTITY="${IDENTITY}" OTHER_CODE_SIGN_FLAGS="--keychain ${KEYCHAIN}"

希望你们能帮忙 -莫滕

原文

I have just learned about the possibility to use OTHER_CODE_SIGN_FLAGS to specify the keychain which includes the cert needed for building and signing an app. But unfortunately I cannot get it to work.

My script looks something like this:

#!/bin/bash
TARGET="MyProject"
CONFIGURATION="Release"
SDK="iphoneos"
IDENTITY="iPhone Developer: John Doe (XX22RR22O)"
KEYCHAIN="/Users/username/Library/Keychains/someKeyChain.keychain"
PASSWORD=""

security unlock-keychain -p ${PASSWORD} ${KEYCHAIN}
xcodebuild -target "${TARGET}" -configuration ${CONFIGURATION} -sdk $SDK CODE_SIGN_IDENTITY="${IDENTITY}" OTHER_CODE_SIGN_FLAGS="--keychain ${KEYCHAIN}"

But that fails:

Check dependencies
[BEROR]Code Sign error: The identity 'iPhone Developer: John Doe (XX22RR22O)' doesn't match any valid certificate/private key pair in the default keychain

But if I switch to the keychain first it works but that is not useable on a build server where multiple builds could happen simultaneously:

#!/bin/bash
TARGET="MyProject"
CONFIGURATION="Release"
SDK="iphoneos"
IDENTITY="iPhone Developer: John Doe (XX22RR22O)"
KEYCHAIN="/Users/username/Library/Keychains/someKeyChain.keychain"
PASSWORD=""

security unlock-keychain -p ${PASSWORD} ${KEYCHAIN}
security default-keychain -s ${KEYCHAIN}
xcodebuild -target "${TARGET}" -configuration ${CONFIGURATION} -sdk $SDK CODE_SIGN_IDENTITY="${IDENTITY}" OTHER_CODE_SIGN_FLAGS="--keychain ${KEYCHAIN}"

Hope you guys can help
-Morten

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

金橙橙 2024-12-11 02:16:48

我发现如果我没有将钥匙串添加到钥匙串搜索列表中,xcodebuild 将不会遵循 OTHER_CODE_SIGN_FLAG --keychain 设置。我必须添加这段代码:

// Early in the script
ORIGINAL_KEYCHAINS=`security list-keychains -d user`

// After I create my keychain, add it to the list
security list-keychains -d user -s ${ORIGINAL_KEYCHAINS} "${KEYCHAIN_NAME}"

// On cleanup
security list-keychains -d user -s ${ORIGINAL_KEYCHAINS}

不用说,我花了几个小时才弄清楚这一点。

确保钥匙链在您的构建过程中保持打开状态也很有帮助。正如此处建议的

security -v set-keychain-settings -lut 7200 ${KEYCHAIN_NAME}

I found that if I didn't add the keychain to keychain search list, xcodebuild would not respect the OTHER_CODE_SIGN_FLAG --keychain setting. I had to add this code:

// Early in the script
ORIGINAL_KEYCHAINS=`security list-keychains -d user`

// After I create my keychain, add it to the list
security list-keychains -d user -s ${ORIGINAL_KEYCHAINS} "${KEYCHAIN_NAME}"

// On cleanup
security list-keychains -d user -s ${ORIGINAL_KEYCHAINS}

Needless to say, I lost hours figuring this out.

Also of help, making sure the keychain stays open for the length of your build. As advised here:

security -v set-keychain-settings -lut 7200 ${KEYCHAIN_NAME}
回复 原文
凉月流沐 2024-12-11 02:16:48

答案是升级:Xcode 4.3 在检查依赖项构建步骤期间遵循OTHER_CODE_SIGN_FLAGS标志。

The answer is to upgrade: Xcode 4.3 respects the OTHER_CODE_SIGN_FLAGS flag during the Check dependencies build step.

回复 原文
只有一腔孤勇 2024-12-11 02:16:48

我在尝试为 iOS 项目设置 CI 时遇到了同样的问题。我最终更新了 PackageApplication Perl 脚本以支持传递钥匙串选项。位置:

 /Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/PackageApplication

我仍在等待 Apple 的一些许可澄清,以便我可以将更新后的脚本发布到 GitHub。

I ran into the same problem while trying to set up CI for our iOS projects. I ended up updating the PackageApplication Perl script to support passing a keychain option. Location:

 /Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/PackageApplication

I'm still waiting for some licensing clarification from Apple so that I can publish my updated script to GitHub.

回复 原文
我乃一代侩神 2024-12-11 02:16:48

除非您进行最简单的脚本化构建,否则这些都不会真正起作用。就像@Tyler所说,PackageApplication不支持指定钥匙串,并且某些版本的xcode在检查依赖项时将要求钥匙串之间没有重复的证书。

不要浪费时间,只需致电 Apple 并要求他们重命名您的证书之一(他们实际上会重命名您的公司 — 通过附加后缀 — 而您只需重新生成您的证书并更新您的个人资料)。

None of these really works unless you have the simplest of scripted builds going. Like @Tyler said, PackageApplication doesn't support specifying the keychain, and some versions of xcode will require there be no duplicate certificates across keychains when they check dependencies.

Don't waste your times, just call Apple and ask them to rename one of your certificates (they will actually rename your company --- by appending a suffix --- and you just have to regenerate your certificates and update your profiles).

回复 原文
~没有更多了~

关于作者

北斗星光

暂无简介

0 文章
0 评论
25 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

胡图图

文章 0 评论 0

zt006

文章 0 评论 0

z祗昰~

文章 0 评论 0

冰葑

文章 0 评论 0

野の

文章 0 评论 0

天空

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文