I’m making an attempt to construct and add an iOS app to TestFlight utilizing an Azure DevOps pipeline, however the construct fails through the archive step with signing errors associated to Swift Bundle dependencies (e.g., GoogleSignIn, AppAuth, Datadog, and so forth.).
Right here’s the simplified YAML pipeline:
set off:
- essential
variables:
- group: _secrets
- title: projectPath
worth: 'MyApp.xcodeproj'
- title: scheme
worth: 'MyApp DEV'
- title: configuration
worth: 'Improvement'
- title: archiveOut
worth: '$(Construct.SourcesDirectory)/output/MyApp.xcarchive'
- title: exportDir
worth: '$(Construct.ArtifactStagingDirectory)/IPA'
- title: exportOptionsPlist
worth: 'ExportOptions.plist'
phases:
- stage: Construct
displayName: "Construct & Export IPA"
jobs:
- deployment: build_job
surroundings: 'ApprovalGate'
pool:
vmImage: macos-latest
technique:
runOnce:
deploy:
steps:
- checkout: self
- job: InstallAppleCertificate@2
inputs:
certSecureFile: "Certificates.p12"
certPwd: "$(p12_cert)"
- job: InstallAppleProvisioningProfile@1
inputs:
provProfileSecureFile: "myapp_dev.mobileprovision"
- job: Xcode@5
displayName: "Archive (signed)"
inputs:
actions: archive
scheme: $(scheme)
configuration: $(configuration)
sdk: iphoneos
xcWorkspacePath: $(projectPath)
signingOption: handbook
signingIdentity: "Apple Distribution"
provisioningProfileName: myapp_dev
useXcpretty: false
args: >
-archivePath "$(archiveOut)"
Error
Throughout the archive step, the pipeline fails with a number of signing errors from Xcode:
error: Signing for "GoogleSignIn_GoogleSignIn" requires a improvement group.
Choose a improvement group within the Signing & Capabilities editor.
(in goal 'GoogleSignIn_GoogleSignIn' from venture 'GoogleSignIn')
error: Signing for "AppAuth_AppAuthCore" requires a improvement group.
(in goal 'AppAuth_AppAuthCore' from venture 'AppAuth')
error: Signing for "Datadog_DatadogCore" requires a improvement group.
(in goal 'Datadog_DatadogCore' from venture 'Datadog')
...
** ARCHIVE FAILED **
What I’ve tried
Utilizing Apple Distribution certificates and App Retailer provisioning profile (for the reason that aim is to add to TestFlight)
The principle app goal and customized frameworks have a legitimate DEVELOPMENT_TEAM and use handbook signing.
Verified that the certificates and provisioning profile are appropriately put in by the pipeline (InstallAppleCertificate@2 + InstallAppleProvisioningProfile@1).
Native Xcode archives work tremendous.
Tried including arguments like
DEVELOPMENT_TEAM=XXXXXXXXXX or CODE_SIGNING_ALLOWED=NO — no impact.
The failing targets are Swift Bundle Supervisor dependencies (GoogleSignIn, AppAuth, Datadog, and so forth.), not my very own targets.
Query
How can I stop Swift Bundle dependencies from requiring code signing through the archive step in an Azure DevOps pipeline?
Is there a approach to inform Xcode to skip signing SPM frameworks whereas nonetheless signing my app manually?
