The Problem
Absolutely unable to get an automated build for what appears to be automatic/manual codesigning issues.
Build environment
Travis CI running Xcode 8 GM, with Fastlane 1.103.0
Our project contains 8 subprojects, some private.
2 are git submodules (internally developed projects), the remainder are part of a git subtree (externally developed SDKs)
TL;DR:
manual code signing set on the parent project is not respected by subproject dependencies, which attempt to sign themselves with their own set of rules
This codesigning conflict causes build failures in Xcode 8 GM xcodebuild command line utility.
The Long Version
Trying to do builds using Gym (which runs xcodebuild) I get the following 2 dependency failures.
▸ Building Framework/iOSReachability [Release]▸ Check Dependencies▸ Building Adjust/AdjustSdk [Release]▸ Check Dependencies** ARCHIVE FAILEDThe following build commands failed: Check dependencies Check dependencies (2 failures)
ERROR [2016-09-21 01:43:12.28]: Exit status: 65
Checking the logs, I see two root problems, depending on whether or not I explicitly set the "codesigning identity"
I set to iOS Distribution (this is an enterprise build going to distribute via Fabric Beta to our test groups)
The following error log occurs:
Build settings from command line: CODE_SIGN_IDENTITY = <<REDACTED>> SDKROOT = iphoneos10.0 === BUILD TARGETAdjustSdk OF PROJECT Adjust WITH CONFIGURATION Release ===Check dependencies AdjustSdk has conflicting provisioning settings. AdjustSdk is automatically signed, but code signing identity <<REDACTED>> has been manually specified. Set the code signing identity value to "iPhone Developer" in the build settings editor, or switch to manual signing in the project editor.=== BUILD TARGET iOSReachability OF PROJECT Framework WITH CONFIGURATION Release ===Check dependencies iOSReachability has conflicting provisioning settings. iOSReachability is automatically signed, but code signing identity <<REDACTED>> has been manually specified. Set the code signing identity value to "iPhone Developer" in the build settings editor, or switch to manual signing in the project editorIf I do *NOT* explicitly set the code signing identity, the following error log occurs:Build settings from command line: SDKROOT = iphoneos10.0 === BUILD TARGETCheck dependencies No signing certificate "iOS Development" found: No "iOS Development" signing certificate matching team ID "9WS<<REDACTED>>" with a private key was found.
=== BUILD TARGET AdjustSdk OF PROJECT Adjust WITH CONFIGURATION Release ===
Check dependencies No signing certificate "iOS Development" found: No "iOS Development" signing certificate matching team ID "9WS<<REDACTED>>" with a private key was found.
So, if I set the identity manually (as recommended by Fastlane and which seems to be the best course of action for continuous builds, from what I can see so far), then I get a conflict saying that the automatic codesigning for subprojects needs to be set. This is not a good solution as subprojects can be updated by team members at any time, and managing these code sign settings is easy to forget or overlook or do improperly.If I do not set the identity and cross my fingers for the best, the complaint about "no signing certificate" is incorrect. It is looking for a certificate that does not, nor has ever, existed. As well, the main project is set to "iOS Distribution", so why is it looking for "iOS Development" certificate?
I'm damned if I do, damned if I don't, basically.
Expectation
Because keeping code signing flags set properly requires manual intervention, it is too easy for an update to a subproject to override previous settings and break the build. I expect the parent project code signing to dictate subproject code signing. So, manually setting on the parent project should flow through to subprojects, especially if they are set to "Automatic Code Signing".
In other words, "Automatic" has two meanings in my opinion:
1. The main project automatically manages the developer portal certs and profiles
2. Subprojects should automatically do what the parent project dictates, signing with the same identity and certs, etc.