Skip to content

Instantly share code, notes, and snippets.

@darvin
Forked from davidjrice/.travis.yml
Last active September 26, 2022 16:07
Show Gist options
  • Save darvin/96a3af399d0b970a59b1 to your computer and use it in GitHub Desktop.
Save darvin/96a3af399d0b970a59b1 to your computer and use it in GitHub Desktop.
Travis CI + iOS code signing

Build ios app for iphoneos sdk with signing using Travis ci.

  1. Export your private key that you are going to use for signing from Keychain Access app to ~/privateKey.p12 with export password __YourRandomPass22
  2. Fetch script and run it from your Travis-enabled target iOS app repo: IOS_IDENTITY_KEY=~/privateKey.p12 IOS_IDENTITY_KEY_PASSWORD=__YourRandomPass22 bash <(curl -s https://gist.githubusercontent.com/darvin/96a3af399d0b970a59b1/raw/setup_travis_ios_signing.sh)
  3. Review changes and commit. It suppose to work now.
#!/bin/sh
if [ -z "$IOS_IDENTITY_KEY" ] || [ -z "$IOS_IDENTITY_KEY_PASSWORD" ] ; then
echo "Export identity key and set path to it at IOS_IDENTITY_KEY and IOS_IDENTITY_KEY_PASSWORD env"
exit 40;
fi
xcode-select --install
if ! gem query -i -n cupertino; then
sudo gem install cupertino
fi
if ! gem query -i -n travis; then
sudo gem install travis
fi
travis login --auto
echo "Enter your appleID & pass"
ios login
WORKDIR=$HOME/TRAVIS_IOS_SIGNING
mkdir $WORKDIR
pushd $WORKDIR
echo "Working directory for secret files is `pwd`"
ios profiles:download --type development
mv *.mobileprovision profile.mobileprovision
ios certificates:download --type development
mv *.cer certificate.cer
cp $IOS_IDENTITY_KEY ./certificate.p12
PROV_UUID=`/usr/libexec/PlistBuddy -c "Print UUID" /dev/stdin <<< $(security cms -D -i profile.mobileprovision)`
echo "Your provisioning profile id: $PROV_UUID"
CODE_SIGNING_ARGS="CODE_SIGN_IDENTITY=\"iPhone Developer\" PROVISIONING_PROFILE=\"$PROV_UUID\""
echo "Proper parameters for xctool/xcodebuild: $CODE_SIGNING_ARGS"
tar cvf secrets.tar profile.mobileprovision certificate.p12 certificate.cer
popd
mkdir .travis
mv $WORKDIR/secrets.tar .travis/secrets.tar
travis encrypt KEY_PASSWORD="$IOS_IDENTITY_KEY_PASSWORD" --add
travis encrypt-file .travis/secrets.tar .travis/secrets.tar.enc --add
rm .travis/secrets.tar
rm -Rf $WORKDIR
cat > .travis/add_signing_key.sh <<- EOM
#!/bin/sh
pushd .travis/
tar xvf secrets.tar
KEY_CHAIN=ios-build.keychain
security create-keychain -p travis \$KEY_CHAIN
security default-keychain -s \$KEY_CHAIN
security unlock-keychain -p travis \$KEY_CHAIN
security set-keychain-settings -t 3600 -u \$KEY_CHAIN
wget https://developer.apple.com/certificationauthority/AppleWWDRCA.cer
security import AppleWWDRCA.cer -k ~/Library/Keychains/\$KEY_CHAIN -T /usr/bin/codesign
security import certificate.cer -k ~/Library/Keychains/\$KEY_CHAIN -T /usr/bin/codesign
security import certificate.p12 -k ~/Library/Keychains/\$KEY_CHAIN -P \$KEY_PASSWORD -T /usr/bin/codesign
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp profile.mobileprovision ~/Library/MobileDevice/Provisioning\ Profiles/
EOM
chmod +x .travis/add_signing_key.sh
cat > .travis/remove_signing_key.sh <<- EOM
#!/bin/sh
security delete-keychain ios-build.keychain
rm -f ~/Library/MobileDevice/Provisioning\ Profiles/*
EOM
chmod +x .travis/remove_signing_key.sh
echo "Add to your .travis.yml:"
echo ""
echo "script: xctool <your parameters> -sdk iphoneos $CODE_SIGNING_ARGS"
echo "before_script:"
echo "- .travis/add_signing_key.sh"
echo "after_script:"
echo "- .travis/remove_signing_key.sh"
echo ""
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment