Ph'nglui Mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn.
(In his house at R'lyeh dead Cthulh* waits dreaming.)- Ancient scrolls from an iOS developer cult.
Fastlane is great. Fastlane Match is great. Github is great. Azure Devops build pipelines are great. Try using them all together and you'll feel like you've entered some Lovecraftian hell dimension of non-euclidian geometry and elder permissions horrors.
Here is how you fix that:
- Get
fastlane matchworking locally with a Github repository USING THE SSH GIT PATH. - Create a new ssh key
ssh-keygen -t rsa -b 4096 -C "probably.the.shared.email.address@from.your.fastlane.setup.com" - Give that key file pair a project specific name (not
id_rsa). - Copy the public key contents (on Mac:
cat your_brand_new_project_deploy_key.pub | pbcopy) and in your certificates github repo add a new Deploy Key under settings, paste those file contents in there. - In Azure Devops Pipelines, open Library. Go to secure files.
- Upload your
brand_new_project_deploy_keyand give it a sassy name. - Now, add two new tasks in your build.
- A download secure file task, select
sassy_name_deploy_key. In the Output Variables configuration section, you'll be able to set another equally sassy name to refer to this file's path in scripts, you should do that. - An inline bash script task that will do this and only this:
chmod 400 "$ID_PATH"whereID_PATHis set to$(your_sassy_file_location.secureFilePath)in the Environment Variables configuration for the task.
- A download secure file task, select
- Last step, I promise. In the Environment Variables configuration section for the task that is going to run
fastlane matchadd the environment variable:GIT_SSH_COMMANDto the value:ssh -i "$(your_sassy_file_location.secureFilePath)".
Now when fastlane match runs on any build agent in your Azure Devops iOS build pool it will connect with the correct identity and sanity will be restored.
* Cthulhu, in this context, is believed to represent certificate and provisioning profile management.
Comments