Hello!
I am trying to use the new Xcode 13 Cloud Signing feature (authenticationKeyPath & friends) to archive (and eventually upload) my iOS app via a CI service (GitHub actions in this case). My xcodebuild invocation is as such:
xcrun xcodebuild archive \
-workspace '/path/to/MyApp.xcworkspace' \
-scheme 'MyApp - App Store' \
-archivePath '/path/to/output.xcarchive' \
-allowProvisioningUpdates \
-authenticationKeyID 'KEY_ID_HERE' \
-authenticationKeyIssuerID 'ISSUER_ID_HERE' \
-authenticationKeyPath '/complete/path/to/key.p8' \
-destination 'generic/platform=iOS,name=Any iOS Device'
The first run on CI with this invocation succeeds! The second run (i.e. on a clean machine) outputs this error:
error: Revoke certificate: Your account already has an Apple Development signing certificate for this machine, but its private key is not installed in your keychain. Xcode can create a new one after revoking your existing certificate. (in target 'MyApp' from project 'MyApp')
The "Certificates, Identifiers, & Profiles" page does, indeed, list a certificate created by the API key in question. If I revoke this certificate, the next build succeeds and the one after that fails.
I thought the idea with Cloud Signing was to keep from manually installing certificates & provisioning profiles. Am I misunderstanding something?
Is there a modification I can make to this command to make it succeed? Do I need to manually create & install development certificate?
- Xcode version: 13.2 beta 2
- macOS version: 11 (macOS 12 is not yet supported on GitHub actions)
- API key: has admin role
(As a sidenote: I have tried Xcode Cloud, but it suffers random failures & long build times, plus it won't work for all my apps. So that's not currently a viable alternative for me.)