Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(cli): iOS signing for CI usage #9963

Open
wants to merge 9 commits into
base: dev
Choose a base branch
from
Open

feat(cli): iOS signing for CI usage #9963

wants to merge 9 commits into from

Conversation

lucasfernog
Copy link
Member

This PR sets up our CLI to modify the iOS project and export options to support manual code signing for CI usage.

A new crate was added, tauri-macos-sign, which was donated by our partnership with CrabNebula, which did the research for this iOS CI packaging solution. This crate is now used internally in the tauri-bundler too.

Here's what needs to be added to our docs:

### Certificate

After enrolling, navigate to the [Certificates](https://developer.apple.com/account/resources/certificates/list) page to create a new Apple Distribution certificate. Download the new certificate and install it to the macOS Keychain.

To export the certificate key, open the "Keychain Access" app, expand the certificate's entry, right-click on the key item and select "Export <key-name>" item. Select the path of the exported .p12 file and remember its password.
Run `base64 -i <path-to-certificate.p12> | pbcopy` to convert the certificate to base64 and copy it to the clipboard and paste that value to the `IOS_CERTIFICATE` environment variable. The certificate password must be set to the `IOS_CERTIFICATE_PASSWORD` variable.

### Provisioning Profile

Additionally, you must provide the provisioning profile for your application. In the [Identifiers](https://developer.apple.com/account/resources/identifiers/list) page, create a new App ID and make sure its "Bundle ID" value matches the identifier set in the [`identifier`] configuration.

Navigate to the [Profiles](https://developer.apple.com/account/resources/profiles/list) page to create a new provisioning profile. For App Store distribution, it must be an "App Store Connect" profile. Select the appropriate App ID and link the certificate you previously created.

After creating the provisioning profile, download it and run `base64 -i <path-to-profile.mobileprovision> | pbcopy` to convert the profile to base64 and copy it to the clipboard. Set that value to the `IOS_MOBILE_PROVISION` environment variable.

@lucasfernog lucasfernog requested a review from a team as a code owner June 4, 2024 12:37
amrbashir
amrbashir reviewed Jun 4, 2024
View reviewed changes
.changes/ios-signing.md Show resolved Hide resolved
tooling/cli/src/mobile/ios/build.rs Outdated Show resolved Hide resolved
@lyager
Copy link
Contributor

lyager commented Jun 10, 2024

This is a good I think. I've been in close dialogue with @lucasfernog on this one (thanks!), and it works for people who does not use a Company signature, but just a private one. For company distribution a resigning is needed - but the above is good, and I think it should me merged.

@ecmel
Copy link

ecmel commented Jul 1, 2024

Any time frame for merging this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amrbashir amrbashir amrbashir left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@lucasfernog @lyager @ecmel @amrbashir