I recently configured a mac mini to run Xcode Server for some continuous integration, and for asynchronous archive support.
Up until, inclusively, yesterday, this was working fine: I was able to generate archives, and export them for ad-hoc testing, using Bots configured on my local development macbook. (This includes targets using both manual and automatic signing, using custom export plists.)
This morning; nothing works.
The automatic- and manual-signing target integrations all run into issues immediately after the Analyze step, generating the same three issues related to code signing:
Assertion: "You are not allowed to perform this operation. Please check with one of your Team Admins, or, if you need further assistance, please contact Apple Developer Program Support. https://developer.apple.com/support."
Assertion: "No profiles for 'APP_ID' were found: Xcode couldn't find any iOS App Development provisioning profiles matching 'APP_ID'."
Assertion: "Code signing is required for product type 'Application' in SDK 'iOS 11.2'"
Each of these comes with a "Fix It..." button attached, and pressing it takes me to the Signing page of the Bot configuration.
In the Options section, for each Bot, I have both options selected, as well as a Developer Team the server is connected to.
In the Certificates & Profiles section, I have ensured that the relevant ad-hoc provisioning profiles have been added to the server, and the relevant distribution certificates also.
Note: I also have an "Unknown Team" certificate in this section, which has a matching Team ID to one of my certificates, as well as a revoked certificate matching that same Team ID. I cannot remove either of these certificates using this tool, although I am capable of removing the other certificates that are present - including the correct certificate for the Team ID that has been duplicated.
Looking at the Keychain Access on the mac mini the server is hosted from, I can see the certificates, complete with matching private keys, stored in the System keychain. Inspecting them, I can see that codesign has been given access without requiring a password, and from the integration time taking less than one minute to complete I can see that the issue is not caused by this hanging on access verification.
Going with the hint from the first error quoted above, I checked out the Developer Portal for the teams I am using, and can see (as an Admin user) the server is listed in the Servers section of the portal. However, I have no way to alter any settings other than its inclusion, so cannot view which permissions it has, if any.
I could also not find any relevant information in what documentation is available for the new Xcode Server, nor in the Developer Support pages.
How can I resolve this issue?