Allow empty certificate passphrase (#41)

* Allow empty certificate passphrase * New E2E test * Use latest go-xcode release
bitrise-steplib · Mar 21, 2022 · f2eec7e · f2eec7e
1 parent 532a5cb
commit f2eec7e
Show file tree

Hide file tree

Showing 7 changed files with 38 additions and 18 deletions.
diff --git a/README.md b/README.md
@@ -77,7 +77,7 @@ steps:
 | `register_test_devices` | If this input is set, the Step will register the known test devices on Bitrise from team members with the Apple Developer Portal.  Note that setting this to yes may cause devices to be registered against your limited quantity of test devices in the Apple Developer Portal, which can only be removed once annually during your renewal window. | required | `no` |
 | `min_profile_validity` | If this input is set to >0, the managed Provisioning Profile will be renewed if it expires within the configured number of days.  Otherwise the Step renews the managed Provisioning Profile if it is expired. | required | `0` |
 | `certificate_url_list` | URL of the code signing certificate to download.  Multiple URLs can be specified, separated by a pipe (`\|`) character.  Local file path can be specified, using the `file://` URL scheme. | required, sensitive | `$BITRISE_CERTIFICATE_URL` |
-| `passphrase_list` | Passphrases for the provided code signing certificates.  Specify as many passphrases as many Code signing certificate URL provided, separated by a pipe (`\|`) character. | required, sensitive | `$BITRISE_CERTIFICATE_PASSPHRASE` |
+| `passphrase_list` | Passphrases for the provided code signing certificates.  Specify as many passphrases as many Code signing certificate URL provided, separated by a pipe (`\|`) character.  Certificates without a passphrase: for using a single certificate, leave this step input empty. For multiple certificates, use the separator as if there was a passphrase (examples: `pass\|`, `\|pass\|`, `\|`) | sensitive | `$BITRISE_CERTIFICATE_PASSPHRASE` |
 | `keychain_path` | Path to the Keychain where the code signing certificates will be installed. | required | `$HOME/Library/Keychains/login.keychain` |
 | `keychain_password` | Password for the provided Keychain. | required, sensitive | `$BITRISE_KEYCHAIN_PASSWORD` |
 | `export_development_team` | The Developer Portal team to use for this export.  Defaults to the team used to build the archive.  Defining this is also required when Automatic Code Signing is set to `apple-id` and the connected account belongs to multiple teams. |  |  |

diff --git a/e2e/bitrise.yml b/e2e/bitrise.yml
@@ -8,6 +8,7 @@ app:
   - BITRISE_KEYCHAIN_PASSWORD: $BITRISE_KEYCHAIN_PASSWORD
   - BITFALL_APPLE_IOS_CERTIFICATE_URL_LIST: $BITFALL_APPLE_IOS_CERTIFICATE_URL_LIST
   - BITFALL_APPLE_IOS_CERTIFICATE_PASSPHRASE_LIST: $BITFALL_APPLE_IOS_CERTIFICATE_PASSPHRASE_LIST
+  - BITFALL_APPLE_IOS_CERTIFICATE_NOPASSPHRASE_URL: $BITFALL_APPLE_IOS_CERTIFICATE_NOPASSPHRASE_URL
   - BITFALL_APPLE_PROVISIONING_PROFILE_URL_LIST: $BITFALL_APPLE_PROVISIONING_PROFILE_URL_LIST
   - SAMPLE_ARTIFACTS_URL: https://github.com/bitrise-io/sample-artifacts.git
   - SAMPLE_ARTIFACTS_BRANCH: master
@@ -48,6 +49,23 @@ app:
       </plist>
 
 workflows:
+  test_single_certificate_no_passphrase:
+    before_run:
+    - _setup
+    steps:
+    - path::./:
+        title: Step Test
+        inputs:
+        - distribution_method: development
+        - archive_path: ./archives/Fruta.xcarchive
+        - product: app
+        - automatic_code_signing: api-key
+        - certificate_url_list: $BITFALL_APPLE_IOS_CERTIFICATE_NOPASSPHRASE_URL
+        - passphrase_list: ""
+        - keychain_path: $BITRISE_KEYCHAIN_PATH
+        - keychain_password: $BITRISE_KEYCHAIN_PASSWORD
+        - export_development_team: $TEAM_ID
+
   test_auto_codesign_with_manual_assets:
     before_run:
     - _setup
@@ -125,7 +143,6 @@ workflows:
         - keychain_path: $BITRISE_KEYCHAIN_PATH
         - keychain_password: $BITRISE_KEYCHAIN_PASSWORD
 
-
   test_ipa_exports:
     before_run:
     - _setup

diff --git a/go.mod b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/bitrise-io/go-utils v1.0.1
 	github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.1
 	github.com/bitrise-io/go-xcode v1.0.2
-	github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.9
+	github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.10
 	howett.net/plist v1.0.0
 )
 

diff --git a/go.sum b/go.sum
@@ -11,8 +11,8 @@ github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.1/go.mod h1:sy+Ir1X8P3tAAx/qU/r+h
 github.com/bitrise-io/go-xcode v1.0.1/go.mod h1:Y0Wu2dXm0MilJ/4D3+gPHaNMlUcP+1DjIPoLPykq7wY=
 github.com/bitrise-io/go-xcode v1.0.2 h1:Uv/cBOJ/qZpitjOpyS8orafee3wk66OwvRTbqA2fr+4=
 github.com/bitrise-io/go-xcode v1.0.2/go.mod h1:Y0Wu2dXm0MilJ/4D3+gPHaNMlUcP+1DjIPoLPykq7wY=
-github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.9 h1:zBb8U+i6LrZXdTSh+FrXhb/ivw/ghnLVmhU5mjQIOSM=
-github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.9/go.mod h1:6YbvyYwZgSTt96CQSQ6QlrkcRiv3ssX8zLijh2TPnbU=
+github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.10 h1:fL+rOyxRXZADO3o4UKCUFsO3Fr83G+r8fbH4BnzOvls=
+github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.10/go.mod h1:6YbvyYwZgSTt96CQSQ6QlrkcRiv3ssX8zLijh2TPnbU=
 github.com/bitrise-io/pkcs12 v0.0.0-20211108084543-e52728e011c8 h1:kmvU8AxrNTxXsVPKepBHD8W+eCVmeaKyTkRuUJB2K38=
 github.com/bitrise-io/pkcs12 v0.0.0-20211108084543-e52728e011c8/go.mod h1:UiXKNs0essbC14a2TvGlnUKo9isP9m4guPrp8KJHJpU=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=

diff --git a/step.yml b/step.yml
@@ -146,7 +146,9 @@ inputs:
       Passphrases for the provided code signing certificates.
 
       Specify as many passphrases as many Code signing certificate URL provided, separated by a pipe (`|`) character.
-    is_required: true
+
+      Certificates without a passphrase: for using a single certificate, leave this step input empty. For multiple certificates, use the separator as if there was a passphrase (examples: `pass|`, `|pass|`, `|`)
+    is_required: false  # A single cert with an empty passphrase is allowed too
     is_sensitive: true
 
 - keychain_path: $HOME/Library/Keychains/login.keychain

diff --git a/vendor/github.com/bitrise-io/go-xcode/v2/codesign/inputparse.go b/vendor/github.com/bitrise-io/go-xcode/v2/codesign/inputparse.go
diff --git a/vendor/modules.txt b/vendor/modules.txt
@@ -50,7 +50,7 @@ github.com/bitrise-io/go-xcode/xcodeproject/serialized
 github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj
 github.com/bitrise-io/go-xcode/xcodeproject/xcscheme
 github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace
-# github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.9
+# github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.10
 ## explicit; go 1.16
 github.com/bitrise-io/go-xcode/v2/autocodesign
 github.com/bitrise-io/go-xcode/v2/autocodesign/certdownloader