Skip to content

Commit 82609dc

Browse files
diegolmellodiegolmello
committed
chore: refine Fastlane keychain settings for improved code signing
Updated Fastlane configuration to allow codesigning access without prompting by unlocking the keychain and adjusting keychain settings. Set timeout to 0 for the keychain and added commands to enhance keychain management during the build process.
1 parent be822c5 commit 82609dc

File tree

1 file changed

+11
-3
lines changed

1 file changed

+11
-3
lines changed

ios/fastlane/Fastfile

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ platform :ios do
2121
create_keychain(
2222
name: ENV["MATCH_KEYCHAIN_NAME"],
2323
password: ENV["MATCH_KEYCHAIN_PASSWORD"],
24-
timeout: 1200,
24+
timeout: 0,
2525
lock_when_sleeps: false,
2626
unlock: true
2727
)
@@ -61,7 +61,11 @@ platform :ios do
6161
get_provisioning_profile(app_identifier: "chat.rocket.reactnative.NotificationService", platform: "ios")
6262
get_provisioning_profile(app_identifier: "chat.rocket.reactnative.watchkitapp", platform: "ios")
6363
# pem(api_key: api_key) # still uses Spaceship http://docs.fastlane.tools/actions/pem/#how-does-it-work
64-
sh "security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k \"#{ENV['MATCH_KEYCHAIN_PASSWORD']}\" ~/Library/Keychains/#{ENV['MATCH_KEYCHAIN_NAME']}-db"
64+
# Allow codesign to access keys without prompting
65+
keychain_path = "~/Library/Keychains/#{ENV['MATCH_KEYCHAIN_NAME']}-db"
66+
sh "security unlock-keychain -p \"#{ENV['MATCH_KEYCHAIN_PASSWORD']}\" #{keychain_path}"
67+
sh "security set-keychain-settings -lut 3600 #{keychain_path}"
68+
sh "security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k \"#{ENV['MATCH_KEYCHAIN_PASSWORD']}\" #{keychain_path}"
6569
gym(
6670
scheme: "RocketChatRN",
6771
workspace: "RocketChatRN.xcworkspace",
@@ -81,7 +85,11 @@ platform :ios do
8185
output_path: './'
8286
)
8387

84-
sh "security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k \"#{ENV['MATCH_KEYCHAIN_PASSWORD']}\" ~/Library/Keychains/#{ENV['MATCH_KEYCHAIN_NAME']}-db"
88+
# Allow codesign to access keys without prompting
89+
keychain_path = "~/Library/Keychains/#{ENV['MATCH_KEYCHAIN_NAME']}-db"
90+
sh "security unlock-keychain -p \"#{ENV['MATCH_KEYCHAIN_PASSWORD']}\" #{keychain_path}"
91+
sh "security set-keychain-settings -lut 3600 #{keychain_path}"
92+
sh "security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k \"#{ENV['MATCH_KEYCHAIN_PASSWORD']}\" #{keychain_path} || true"
8593

8694
update_code_signing_settings(
8795
profile_name: "match AppStore chat.rocket.ios.NotificationService",

0 commit comments

Comments
 (0)