• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: More provisioning woes
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: More provisioning woes

  • Subject: Re: More provisioning woes
  • From: James Moore <email@hidden>
  • Date: Fri, 14 Feb 2014 08:58:52 -0800
At Panic I’ve developed some best practices that keep our provisioning problems to a minimum. Unfortunately the “Fix” button in Xcode is the one sure-fire way to break your code signing setup.

Briefly here are some things to do that should help especially if you have multiple team members who might each have multiple signing identities.

* Never use the UI in Xcode to do anything related to provisioning. You will always get better results by either using the developer portal directly or a tool like Cupertino[1].

* When creating your certificate signing request be as specific as possible in the name field. DON’T just put your name in there. At a minimum put your name and some way to identify what team the identity is for.

* As soon as you create the CSR you’ll have a key pair created in your keychain. Move this key pair to its own keychain and name that keychain after the team you’re signing for. Every person on the team should use the same filename for their keychain file.

* In your “other code signing settings” field specify an explicit path to the keychain file like this --keychain=$HOME/Library/Keychains/Panic.keychain. While you’re there add "--timestamp=none” to your debug config just to keep that aggravation to a minimum.

* Whenever you update the profile for an app check in the profile file along with your changes. This mean that when you push a profile update and suddenly the dev is complaining that they can’t build they simply need to install whatever profile came along with your changes. As of late, the refresh function in Xcode’s profile browser has been unreliable and for some reason not all of the profiles get pulled down.

* Move all of your code signing settings into a set of .xcconfig files. The is super helpful because when Xcode messes up your target settings all the dev has to do is select them all and hit delete to get back to good defaults. They can’t accidentally change the xcconfig files and check those changes in.

In our setup, I’m the only person who makes changes to our code signing so its easy for me to enforce these changes. If your devs are managing their own code signing settings…good luck!

1:https://github.com/nomad/cupertino

James
Do not post admin requests to the list. They will be ignored. Xcode-users mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
References: 
 >Re: More provisioning woes (From: Alex Zavatone <email@hidden>)

  • Prev by Date: Re: Storyboard won't instantiate my class
  • Next by Date: cannot get a package signed
  • Previous by thread: Re: More provisioning woes
  • Next by thread: cannot get a package signed
  • Index(es):
    • Date
    • Thread