Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(cli): support manual signing on build command #7769

Open
wants to merge 14 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion cli/src/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -267,7 +267,11 @@ async function loadIOSConfig(rootDir: string, extConfig: ExternalConfig): Promis
const podPath = lazy(() => determineGemfileOrCocoapodPath(rootDir, platformDirAbs, nativeProjectDirAbs));
const webDirAbs = lazy(() => determineIOSWebDirAbs(nativeProjectDirAbs, nativeTargetDirAbs, nativeXcodeProjDirAbs));
const cordovaPluginsDir = 'capacitor-cordova-ios-plugins';

const buildOptions = {
xcodeSigningStyle: extConfig.ios?.buildOptions?.signingStyle,
signingCertificate: extConfig.ios?.buildOptions?.signingCertificate,
provisioningProfile: extConfig.ios?.buildOptions?.provisioningProfile,
};
return {
name,
minVersion: '14.0',
Expand All @@ -287,6 +291,7 @@ async function loadIOSConfig(rootDir: string, extConfig: ExternalConfig): Promis
webDir: lazy(async () => relative(platformDirAbs, await webDirAbs)),
webDirAbs,
podPath,
buildOptions,
};
}

Expand Down
22 changes: 22 additions & 0 deletions cli/src/declarations.ts
Original file line number Diff line number Diff line change
Expand Up @@ -478,6 +478,28 @@ export interface CapacitorConfig {
* @default true
*/
initialFocus?: boolean;

buildOptions?: {
/**
* The signing style to use when building the app for distribution.
*
* @since 7.0.0
* @default 'automatic'
*/
signingStyle?: 'automatic' | 'manual';
/**
* A certificate name, SHA-1 hash, or automatic selector to use for signing for iOS builds.
*
* @since 7.0.0
*/
signingCertificate?: string;
/**
* A provisioning profile name or UUID for iOS builds.
*
* @since 7.0.0
*/
provisioningProfile?: string;
};
};

server?: {
Expand Down
5 changes: 5 additions & 0 deletions cli/src/definitions.ts
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,11 @@ export interface IOSConfig extends PlatformConfig {
readonly nativeXcodeProjDirAbs: string;
readonly nativeXcodeWorkspaceDir: Promise<string>;
readonly nativeXcodeWorkspaceDirAbs: Promise<string>;
readonly buildOptions: {
xcodeSigningStyle?: 'automatic' | 'manual';
signingCertificate?: string;
provisioningProfile?: string;
};
}

export type WebConfig = PlatformConfig;
Expand Down
24 changes: 24 additions & 0 deletions cli/src/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,24 @@ export function runProgram(config: Config): void {
'jarsigner',
]),
)
.addOption(
new Option(
'--xcode-signing-style <xcodeSigningStyle>',
'The iOS signing style to use when building the app for distribution (default: automatic)',
).choices(['automatic', 'manual']),
)
.addOption(
new Option(
'--xcode-signing-certificate <xcodeSigningCertificate>',
'A certificate name, SHA-1 hash, or automatic selector to use for signing for iOS builds',
),
)
.addOption(
new Option(
'--xcode-provisioning-profile <xcodeProvisioningProfile>',
'A provisioning profile name or UUID for iOS builds',
),
)
.action(
wrapAction(
telemetryAction(
Expand All @@ -163,6 +181,9 @@ export function runProgram(config: Config): void {
androidreleasetype,
signingType,
configuration,
xcodeSigningStyle,
xcodeSigningCertificate,
xcodeProvisioningProfile,
},
) => {
const { buildCommand } = await import('./tasks/build');
Expand All @@ -176,6 +197,9 @@ export function runProgram(config: Config): void {
androidreleasetype,
signingtype: signingType,
configuration,
xcodeSigningType: xcodeSigningStyle,
xcodeSigningCertificate,
xcodeProvisioningProfile,
});
},
),
Expand Down
18 changes: 18 additions & 0 deletions cli/src/ios/build.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,13 @@ export async function buildiOS(config: Config, buildOptions: BuildCommandOptions
projectName = basename(await config.ios.nativeXcodeProjDirAbs);
}

if (
buildOptions.xcodeSigningType == 'manual' &&
(!buildOptions.xcodeSigningCertificate || !buildOptions.xcodeProvisioningProfile)
) {
throw 'Manually signed Xcode builds require a signing certificate and provisioning profile.';
}

await runTask('Building xArchive', async () =>
runCommand(
'xcodebuild',
Expand All @@ -45,12 +52,23 @@ export async function buildiOS(config: Config, buildOptions: BuildCommandOptions
),
);

const manualSigningContents = `<key>provisioningProfiles</key>
<dict>
<key>${config.app.appId}</key>
<string>${buildOptions.xcodeProvisioningProfile ?? ''}</string>
</dict>
<key>signingCertificate</key>
<string>${buildOptions.xcodeSigningCertificate ?? ''}</string>`;
Comment on lines +57 to +61
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will these be OK as empty strings, or would it fail the build?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, that block is only added if signing style is manual, and if that's chosen, presumably, the developer would be supplying a provisioning profile and/or signing certificate. If what they supply is wrong (or if it's empty), then it won't work.

I believe the signing certificate can be optional, so I may push up a change to remove that key and string if the value is empty.


const archivePlistContents = `<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>method</key>
<string>app-store-connect</string>

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This method will depend on the provisioning profiles used, 'app-store-connect' is for a distribution profile. It would be good to support the development and ad-hoc profiles also.

<key>signingStyle</key>
<string>${buildOptions.xcodeSigningType}</string>
${buildOptions.xcodeSigningType == 'manual' ? manualSigningContents : ''}
</dict>
</plist>`;

Expand Down
6 changes: 6 additions & 0 deletions cli/src/tasks/build.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ export interface BuildCommandOptions {
androidreleasetype?: 'AAB' | 'APK';
signingtype?: 'apksigner' | 'jarsigner';
configuration: string;
xcodeSigningType?: 'automatic' | 'manual';
xcodeSigningCertificate?: string;
xcodeProvisioningProfile?: string;
}

export async function buildCommand(
Expand Down Expand Up @@ -42,6 +45,9 @@ export async function buildCommand(
androidreleasetype: buildOptions.androidreleasetype || config.android.buildOptions.releaseType || 'AAB',
signingtype: buildOptions.signingtype || config.android.buildOptions.signingType || 'jarsigner',
configuration: buildOptions.configuration || 'Release',
xcodeSigningType: buildOptions.xcodeSigningType || config.ios.buildOptions.xcodeSigningStyle || 'automatic',
xcodeSigningCertificate: buildOptions.xcodeSigningCertificate || config.ios.buildOptions.signingCertificate,
xcodeProvisioningProfile: buildOptions.xcodeProvisioningProfile || config.ios.buildOptions.provisioningProfile,
};

try {
Expand Down
Loading