iCloud entitlements

Question

Created Jul ’15

Replies 1

Boosts 0

Participants 1

I just want to use iCloud for key-value storage at this time. However, I have gotten into this whirlpool of B.S. where Xcode isn't happy with app entitlements matching my provisiong profile entitlements unless I turn on iCloud document storage and have a container setup for the app. When I do that and update the app identifier and provisioning profile, it seems everything is happy on both ends.

But being in favor of simplicity = security, it seems wrong that I have to get all these entitlements added on both ends just to keep Xcode happy.

Has anyone run into this before? Is there a way to get this working with *only* the entitlement for key value storage??

I have to say, I never had a problem managing this stuff manually in the past. With Xcode trying to manage this stuff with the portal automatically, I have run into nothing but headaches.

Boost

Answer 1

s219 OP

Jul ’15

In case anyone runs into the issue, the fix is to only have the entitlement for key value storage in the app's entitlement file, ignoring anything else Xcode wants. If you let Xcode handle things, it also adds an entitlement for containers and document storage. At compile time, codesign won't be happy because it wants to see that entitlement in your provisioning profile, and the only way to fix that situation is to add it to the app ID on the portal, then invalidate and regenerate provisioning profiles, etc.

I deleted the containers entitlement from the app's entitlement file, and ignored the red flag in Xcode with the "fix" note. Set up that way with just key value entitlements, everything is fine. If you let Xcode "fix" this, it goes the whole 9 yards and messes up a lot of stuff it shouldn't, creating major headaches up and down the chain. The first time I was stupid enough to click the fix button, and that is what made a mess. It added container entitlements to my app ID for me, required at least one container added to the app ID, and invalidated a bunch of my provisioning profiles.

I am sure Xcode's automatic handling of this stuff might help beginners creating new apps, but with legacy apps, I find that it creates more headaches than benefits. I have been manually managing everything since 2008, and never ever had issues near as bad as this.

0