I've got a Mac Mini running as a CI/CD server; it's a game project, and every time we push a change to the repo, the server creates a build & uploads it to TestFlight. I've noticed that after running the server for around a week or so, the main drive is getting filled to the point of the machine becoming unresponsive (and our builds failing). After some investigation, I've determined that /private/var/folders/ is getting filled up with... something, related to the Xcode build/archive. It seems like we absolutely do not need this information, so I've periodically run rm -rf /private/var/folders/* to clean it out – some folders are permission-protected, but regardless, I'm able to recover >100GB with this method. Although this workaround does suffice, I'm just wondering what kinds of files Xcode is creating here, and whether there's a cleaner/best-practice method to remove them.

Hello! I have found a weird behavior change when running xcodebuild -create-xcframework in Xcode 15 compared to running it in Xcode 14.3.1. If I run the command like this in Xcode 15: xcodebuild -create-xcframework -framework "pathToFrameworkInATemporaryDirectory" -debug-symbols "pathToDebugSymbols" -output "Something.xcframework" I get this error: error: cannot compute path of binary 'Path(str: "temporaryPathToTheUnixExecutableFile")' relative to that of 'temporaryPathToTheFramework' But if I trace that path to the unix executable file in the framework, it is present. If I run that same command in Xcode 14.3.1, it works fine. I can create the xcframework successfully in Xcode 15 if I don't copy the framework to a temporary directory before calling xcodebuild -create-xcframework and I use that original path. Why is this problem happening now in Xcode 15? Any help is appreciated, thank you.

Hello, I'm trying to upload my code coverage to an external service. I've created a workflow on Xcode Cloud that build and run my test + a ci_post_xcodebuild script that uploads my Project.xcresult to an external service My problem here is that I need the repository source code the moment I upload my coverage file. I have two steps in my workflow: Build tests (Which contain the sources but not the coverage results) Run tests (Which contain the coverage result but not the sources) I found this in the Apple documentation: Lastly, it should be noted that in a test action, multiple environments are used to build and run your tests. Only the environment that is used for building your tests will have your source code cloned into it by default. The environments that run your tests won't have source code cloned into them. They'll only have the ci_scripts folder made available on them. As a result, the post-clone script won't run in these environments and your custom scripts and any of their dependencies, such as other shell scripts and small tools, must be entirely contained within the ci_scripts folder. Source: https://developer.apple.com/videos/play/wwdc2021/10269/ I feel a bit stuck here maybe Xcode cloud is not the way to go for this but I was wondering if by any way I could still check out my project sources after the test execution.

I'm having problems with UI tests on an M1 runner using Xcode 14.3.1. In my project, I need to build using the Rosetta simulator because I have a dependency that is not updated to support the arm simulator. This dependency relies on OpenCV." This is the command that I use when I want to run UI tests on CI: xcodebuild ARCHS=x86_64 clean test -scheme UITests -configuration Debug -destination 'id=50E9C593-9A40-4E4D-B58D-1DE437CFBE3A' -parallel-testing-enabled YES -parallel-testing-worker-count 3 -maximum-concurrent-test-simulator-destinations 4 -test-iterations 3 -retry-tests-on-failure And this code run only with 1 clone of simulator. Anyone know why?

Hi, My name is Bin, software engineer at VBreathe in Sydney. We have a mobile app developed in Ionic Angular framework and managed to use xcode cloud to build and deploy the app to TestFlight. It worked well, but the speed is a bit slow, takes around 1 hour to finish the build. After checking the logs, the ci_post_clone.sh script took over 20 minutes to finish, because it installs bunch of tools and node packages, which are necessary to build the app. My question is that is there a way to cache these tools and node packages on xcode cloud, so no need to download & install them in every build? Cheers, Bin

I'm trying to connect my Developer Account in App Store Connect with Slack for CI notifications from Xcode Cloud. Apple docs for reference: https://developer.apple.com/documentation/xcode/connecting-xcode-cloud-to-slack#Install-the-Slack-app-for-Xcode- Cloud-using-App-Store-Connect I've tried connecting to the Slack workplace from the App Store Connect User settings and from Xcode Cloud in Xcode and on App Store Connect but no luck so far. The process always goes through and the Xcode Cloud Slack app gets installed on the Slack workspace. However it does not show up on the App Store Connect. I’ve attached a screenshot of the App Store Connect Notification Settings page after I went through the “Slack | Connect” flow successfully. It states “Your Slack account for has been connected”. However The Slack account still does not show as connected on the same page under "Send To”. Any help appreciated! Was anyone able to connect successfully?

Hello guys, I was able to get code coverage and sonar-scanner working with Xcode Cloud. First in, in post-clone script I install sonar-scanner tool like this brew install sonar-scanner Then, in post-xcodebuild script, I do three things: (a) get current app version, (b) get app version, (c) run xcodebuild again with forced code coverage reporting, (d) find coverage data and convert it to the format that Sonarqube understands, and finally (e) run sonar-scanner, which uploads results to Sonarqube dashboard. cd $CI_WORKSPACE # declare variables SCHEME=[REMOVED] PRODUCT_NAME=[REMOVED] WORKSPACE_NAME=${PRODUCT_NAME}.xcworkspace APP_VERSION=$(sed -n '/MARKETING_VERSION/{s/MARKETING_VERSION = //;s/;//;s/^[[:space:]]*//;p;q;}' ./${PRODUCT_NAME}.xcodeproj/project.pbxproj) # clean, build and test project xcodebuild \ -workspace ${WORKSPACE_NAME} \ -destination 'platform=iOS Simulator,name=iPad (10th generation),OS=latest' \ -scheme ${SCHEME} \ -derivedDataPath DerivedData/ \ -enableCodeCoverage YES \ -resultBundlePath DerivedData/Logs/Test/ResultBundle.xcresult \ clean build test # find profdata and binary PROFDATA=$(find . -name "Coverage.profdata") BINARY=$(find . -path "*${PRODUCT_NAME}.app/${PRODUCT_NAME}") # check if we have profdata file if [[ -z $PROFDATA ]]; then echo "ERROR: Unable to find Coverage.profdata. Be sure to execute tests before running this script." exit 1 fi # extract coverage data from project using xcode native tool xcrun --run llvm-cov show -instr-profile=${PROFDATA} ${BINARY} > sonarqube-coverage.report # run sonar scanner and upload coverage data with the current app version sonar-scanner \ -Dsonar.projectVersion=${APP_VERSION} It all works fine but my team and I think that this is a workaround that shouldn't work like this, because technically xcodebuild command is executed two times, first by Xcode Cloud, then by my script, which takes a lot of time and feels hacky. Ideally, Xcode Cloud's Build and Test actions should generate code coverage (the option is already enabled in our project) and give us access to profile data in DerivedData folder which I can access with environment variable CI_DERIVED_DATA_PATH. However, there is none. My question is, do I do everything correctly? Is there a way to improve this flow? Do I miss on how to correctly get code coverage data from Xcode Cloud?

I have two macs at home. One in my bedroom which is my development mac and one in my living room which is an old mac i put to good use. i would like to occasionally sit in my living room and continue my work from there to avoid fatigue sitting at my desk all day. i have enabled source control using local git repo. how can i continue with my xcode project on my second mac which runs the same os x?

Hello! I have a Swift package (SPM) with a number of tests associated with it. These all work well locally, and I have created a GitHub repository for the package that can be used by any app. I would like to set it up where my package's tests are triggered automatically whenever I push a change to a branch in the repository. Unfortunately, per the documentation, Xcode Cloud is currently unable to build and test standalone Swift packages. I hope that this will be rectified some point soon as automated testing for them seems like it'd be a pretty common and understandable use case. My question: Is there a way to set an Xcode Cloud workflow up wherein a package's tests are triggered? Xcode Cloud clearly does support Swift packages that are used when building full apps, and there is plenty of documentation to that end. But it's not clear how to trigger those package's tests even through the use of a "dummy" app without moving a bunch of tests to the app itself. Is this possible? I'd really not like to duplicate all my tests in a dummy app if at all possible. Thanks!

Hello, we have a bunch of macs which we use for running automated UI test and we need to allow services kTCCServiceScreenCapture and kTCCServiceAccessibility to our application bundles (it's a kind of a screen sharing application). We tried to do a direct change in: User's ~/Library/Application Support/com.apple.TCC/TCC.db but it doesn't take effect as it looks like these permissions need to be granted in system TCC database The system database at /Library/Application Support/com.apple.TCC/TCC.db is write-only due to rootless. Is there any other way than completely disable SIP to grant these TCC permissions to our bundles? Also we would be just fine to grant permissions manually when we're setting up the machine, but it seems these get reset from time to time. And that's my other question: How the TCC validation works? We're testing ad-hoc signed bundles as well as DeveloperID signed ones with the same Application ID and it seems that TCC gets confused over time and simply treats the permissions as not granted. Would modifying csreq in TCC.db record to contain only requirement identifier=my.bundle.app.id prevent this behavior or there is some other heuristics TCC uses for permission validation? Thank you, o/

We have a bit of a complicated build process and need to build the Widget outside of our main app and repackage since we are using a cross platform framework. I tried scripting out updating my Widget's Marketing Version but agvtool won't update the MARKETING_VERSION in the project.pbxproj file. Therefore, we end up getting these emails from Apple: ITMS-90473: CFBundleShortVersionString Mismatch - The CFBundleShortVersionString value ‘1.2.2’ of extension ‘MyiOSApp.app/PlugIns/widgetExtension.appex' does not match the CFBundleShortVersionString value ‘1.2.3' of its containing iOS application ‘MyiOSApp.app'. I run this and it says it's updating in the Widget plist (but not the project.pbxproj) so when I build with xcode via command line it doesn't update and when we submit to the App Store we get the above message from Apple: /usr/bin/agvtool new-marketing-version $(/usr/libexec/PlistBuddy -c "Print :CFBundleShortVersionString" ../My.Crossplatform.App/My.Crossplatform.App.iOS/Info.plist) Setting CFBundleShortVersionString of project ios to:    1.2.3. Updating CFBundleShortVersionString in Info.plist(s)... Cannot find "ios.xcodeproj/../YES" Updated CFBundleShortVersionString in "ios.xcodeproj/../widget/Info.plist" to 1.2.3 I've had to resort to manually updating then submitting every time. What is the correct way to update the MARKETING_VERSION in the project.pbxproj file in a CI environment using bash?

I want to integrate my software with Apple's Global Service Exchange (GSX). Can anyone guide me through the process?

Hi everyone, I'm struggling to access a certificate stored in keychain when using LaunchDaemons and would appreciate any advise to improve over my current workaround with an agent. I'm maintaining an M1-based Mac Mini with macOS Big Sur 11.4 as a build client for Gitlab CI. The machine makes itself known to the orchestrating Gitlab server through the so-called gitlab-runner process which regularly polls the Giltab server for build job requests. It would then eventually call xcodebuild to generate artifacts and upload them to Gitlab. In order to have this process startup automatically, I've loaded it through a /Library/LaunchDaemons/gitlab-runner.plist file in launchctl. This setup has been working greatly for months, making the build client immediately available after a reboot without the need to log into it. I've now started to deploy codesign tasks to the build client and encountered issues with keychain access to the certificate. I installed the certificate and performed security find-identity -v -p codesigning in the Terminal to validate correct installation. I have ensured that the codesign tasks succeed when performed through Terminal manually. A popup was shown on first try about codesign wanting to access to the local keychain, which I always allowed. Codesign then reported success: signed Mach-O universal. The behavior is different for my LaunchDaemons-based codesign tasks (spawned under the same user). I've tried multiple permutations for sudo launchctl load -w /Library/LaunchDaemons/gitlab-runner.plist: SessionCreate=true, local keychain: FAIL (errSecInternalComponent) SessionCreate=true, System keychain: FAIL (errSecInternalComponent) SessionCreate=false, local keychain: FAIL (error: The specified item could not be found in the keychain.) SessionCreate=false, System keychain: FAIL (errSecInternalComponent) I've then tried a user agent launchctl load -w ~/Library/LaunchAgents/gitlab-runner.plist: SessionCreate=true, local keychain: FAIL (errSecInternalComponent) SessionCreate=false, local keychain: OK (Popup -> Always allow, signed Mach-O universal) So apparently, the last variant works reliably. However, it has the severe downside that I now need to log in the user after a reboot in order to kick off the agent. Is there a way to make this work with /Library/LaunchDaemons, possibly through some plist property? As a test I've tried to "Allow all applications" to access the private key associated with the Certificate but that didn't change anything. Best regards Maik

I have some Test actions setup in Xcode cloud. Under Post-Actions I have selected Notify - Success and Failures. At the bottom it says: You automatically receive email or Slack notifications for your builds Yet I don't receive any emails... If I add an email address to the Notify section, I now receive 2x emails. 1 to the email I added and 1 to the email on my account. If I change the added email to be the same as the one on my account, I get 2x emails to that address. This is as expected. However if I remove the added email, I get no emails at all, whereas i'd expect to receive an email to my account address.

hello developers, First priority I couldn't find a proper title for the question :( The reason why I open a topic here is not to find the answer by direct point shooting; My goal is what do Apple, Developer, Companies and Devops teams think and comments about the subject I'm going to ask here? We use Jenkins as the Devops CI/CD tool at our company, and in Macos/Apple/iOS development, we use a lot of Mac Mini devices. Since we build/compilers on a project-based, version-based basis, we cannot get 100% efficiency from our devices. (For example, because the dependencies of a project are different from other projects; we dedicate only 1 Mac Mini to that project. (As the dependecys of the projects are too many and large, the migration process is very difficult for us, the cost of moving to a lower-level Mac Mini device is high / but this is just an example)) While researching, I saw that there is no docker container image for MacOs X (enterprise or legal) and I know about the Apple EULA. (For virtualization, Apple hardware must be used as a basis. Because the MacOs system is paid for on a device-based basis.) What I want to ask here is can I find or create a MacOs docker container image legally? How is the structure of other companies in their CI processes? If I install MacOs with more than one VMware/VirtualBox on Mac Mini, What harm could it do me in Jenkins? (I'm curious about people's comments on this.)

There is a question on stackoverflow for that too: https://stackoverflow.com/questions/66143815/xcode-12-5-spm-dependency-cache-location Xcode 12.5 release notes mention the "per-user-basis" cache for SPM dependencies: https://developer.apple.com/documentation/xcode-release-notes/xcode-12_5-beta-release-notes Is the location outside of DerivedData folder so cache still persists somewhere in ~/Library/Caches and can be reused even for clean build? It's very important to know for CI performance! Any guidance/help is appreciated.

Hello,I had *.png files (as binary data) in my xCode project. I don't need those files anymore so I removed them locally.In the meantime I created new files (*.cpp, *.h and other *.png). And after all I tried to commit project. But there was old files marked with "!".So I went to Github repository through website and removed those files by my own.Then when I tried to commit project from xCode, the removed files was still marked with "!". But I decide to uncheck them and commit.But then I get error that my repository locally is out of date, but mark "M" from all files (M - means files to commit) disappeared. But on github website there was still old files.So I tried various things, and suddenly I clicked in xCode "discard all changes" (but please notice there was no "M" mark, just "?" mark on new files), and all those new files disappeared from my project, from finder, from anywhere.I lost whole day work. Is there any way to recovery those files? I didn't make any backups during day. But did those files really disappear permanently? Isn't there any "trash" or "temp" folder for such files?I tried to checkout repository from commit history, but it doesn't help. The file is still in red colour in the browser, and doesn't exist anywhere on the drive.

We got the newly issue that our Test devices keeps us asking for the pin code to "Enable UI Automation". Then it works for some hours or days, but after some time it starts again. "Enable UI Automation" is already enabled in "Settings" - "Developer" menu. The devices are located remotely and we can't access them directly, so this is a big issue for us right now. Is there any way to avoid this?