diff --git a/README.md b/README.md index fd5ba25..96ce3d2 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ steps: | `register_test_devices` | If this input is set, the Step will register the known test devices on Bitrise from team members with the Apple Developer Portal. Note that setting this to yes may cause devices to be registered against your limited quantity of test devices in the Apple Developer Portal, which can only be removed once annually during your renewal window. | required | `no` | | `min_profile_validity` | If this input is set to >0, the managed Provisioning Profile will be renewed if it expires within the configured number of days. Otherwise the Step renews the managed Provisioning Profile if it is expired. | required | `0` | | `certificate_url_list` | URL of the code signing certificate to download. Multiple URLs can be specified, separated by a pipe (`\|`) character. Local file path can be specified, using the `file://` URL scheme. | required, sensitive | `$BITRISE_CERTIFICATE_URL` | -| `passphrase_list` | Passphrases for the provided code signing certificates. Specify as many passphrases as many Code signing certificate URL provided, separated by a pipe (`\|`) character. | required, sensitive | `$BITRISE_CERTIFICATE_PASSPHRASE` | +| `passphrase_list` | Passphrases for the provided code signing certificates. Specify as many passphrases as many Code signing certificate URL provided, separated by a pipe (`\|`) character. Certificates without a passphrase: for using a single certificate, leave this step input empty. For multiple certificates, use the separator as if there was a passphrase (examples: `pass\|`, `\|pass\|`, `\|`) | sensitive | `$BITRISE_CERTIFICATE_PASSPHRASE` | | `keychain_path` | Path to the Keychain where the code signing certificates will be installed. | required | `$HOME/Library/Keychains/login.keychain` | | `keychain_password` | Password for the provided Keychain. | required, sensitive | `$BITRISE_KEYCHAIN_PASSWORD` | | `export_development_team` | The Developer Portal team to use for this export. Defaults to the team used to build the archive. Defining this is also required when Automatic Code Signing is set to `apple-id` and the connected account belongs to multiple teams. | | | diff --git a/e2e/bitrise.yml b/e2e/bitrise.yml index bef75ee..f5da65e 100644 --- a/e2e/bitrise.yml +++ b/e2e/bitrise.yml @@ -8,6 +8,7 @@ app: - BITRISE_KEYCHAIN_PASSWORD: $BITRISE_KEYCHAIN_PASSWORD - BITFALL_APPLE_IOS_CERTIFICATE_URL_LIST: $BITFALL_APPLE_IOS_CERTIFICATE_URL_LIST - BITFALL_APPLE_IOS_CERTIFICATE_PASSPHRASE_LIST: $BITFALL_APPLE_IOS_CERTIFICATE_PASSPHRASE_LIST + - BITFALL_APPLE_IOS_CERTIFICATE_NOPASSPHRASE_URL: $BITFALL_APPLE_IOS_CERTIFICATE_NOPASSPHRASE_URL - BITFALL_APPLE_PROVISIONING_PROFILE_URL_LIST: $BITFALL_APPLE_PROVISIONING_PROFILE_URL_LIST - SAMPLE_ARTIFACTS_URL: https://github.com/bitrise-io/sample-artifacts.git - SAMPLE_ARTIFACTS_BRANCH: master @@ -48,6 +49,23 @@ app: workflows: + test_single_certificate_no_passphrase: + before_run: + - _setup + steps: + - path::./: + title: Step Test + inputs: + - distribution_method: development + - archive_path: ./archives/Fruta.xcarchive + - product: app + - automatic_code_signing: api-key + - certificate_url_list: $BITFALL_APPLE_IOS_CERTIFICATE_NOPASSPHRASE_URL + - passphrase_list: "" + - keychain_path: $BITRISE_KEYCHAIN_PATH + - keychain_password: $BITRISE_KEYCHAIN_PASSWORD + - export_development_team: $TEAM_ID + test_auto_codesign_with_manual_assets: before_run: - _setup @@ -125,7 +143,6 @@ workflows: - keychain_path: $BITRISE_KEYCHAIN_PATH - keychain_password: $BITRISE_KEYCHAIN_PASSWORD - test_ipa_exports: before_run: - _setup diff --git a/go.mod b/go.mod index bfbf127..057b456 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/bitrise-io/go-utils v1.0.1 github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.1 github.com/bitrise-io/go-xcode v1.0.2 - github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.9 + github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.10 howett.net/plist v1.0.0 ) diff --git a/go.sum b/go.sum index 3d86724..62b936d 100644 --- a/go.sum +++ b/go.sum @@ -11,8 +11,8 @@ github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.1/go.mod h1:sy+Ir1X8P3tAAx/qU/r+h github.com/bitrise-io/go-xcode v1.0.1/go.mod h1:Y0Wu2dXm0MilJ/4D3+gPHaNMlUcP+1DjIPoLPykq7wY= github.com/bitrise-io/go-xcode v1.0.2 h1:Uv/cBOJ/qZpitjOpyS8orafee3wk66OwvRTbqA2fr+4= github.com/bitrise-io/go-xcode v1.0.2/go.mod h1:Y0Wu2dXm0MilJ/4D3+gPHaNMlUcP+1DjIPoLPykq7wY= -github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.9 h1:zBb8U+i6LrZXdTSh+FrXhb/ivw/ghnLVmhU5mjQIOSM= -github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.9/go.mod h1:6YbvyYwZgSTt96CQSQ6QlrkcRiv3ssX8zLijh2TPnbU= +github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.10 h1:fL+rOyxRXZADO3o4UKCUFsO3Fr83G+r8fbH4BnzOvls= +github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.10/go.mod h1:6YbvyYwZgSTt96CQSQ6QlrkcRiv3ssX8zLijh2TPnbU= github.com/bitrise-io/pkcs12 v0.0.0-20211108084543-e52728e011c8 h1:kmvU8AxrNTxXsVPKepBHD8W+eCVmeaKyTkRuUJB2K38= github.com/bitrise-io/pkcs12 v0.0.0-20211108084543-e52728e011c8/go.mod h1:UiXKNs0essbC14a2TvGlnUKo9isP9m4guPrp8KJHJpU= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= diff --git a/step.yml b/step.yml index 5370d93..ddb14c0 100755 --- a/step.yml +++ b/step.yml @@ -146,7 +146,9 @@ inputs: Passphrases for the provided code signing certificates. Specify as many passphrases as many Code signing certificate URL provided, separated by a pipe (`|`) character. - is_required: true + + Certificates without a passphrase: for using a single certificate, leave this step input empty. For multiple certificates, use the separator as if there was a passphrase (examples: `pass|`, `|pass|`, `|`) + is_required: false # A single cert with an empty passphrase is allowed too is_sensitive: true - keychain_path: $HOME/Library/Keychains/login.keychain diff --git a/vendor/github.com/bitrise-io/go-xcode/v2/codesign/inputparse.go b/vendor/github.com/bitrise-io/go-xcode/v2/codesign/inputparse.go index cac172a..82d1902 100644 --- a/vendor/github.com/bitrise-io/go-xcode/v2/codesign/inputparse.go +++ b/vendor/github.com/bitrise-io/go-xcode/v2/codesign/inputparse.go @@ -31,15 +31,6 @@ type Config struct { // ParseConfig validates and parses step inputs related to code signing and returns with a Config func ParseConfig(input Input, cmdFactory command.Factory) (Config, error) { - if strings.TrimSpace(input.CertificateURLList) == "" { - return Config{}, fmt.Errorf("code signing certificate URL: required variable is not present") - } - if strings.TrimSpace(input.KeychainPath) == "" { - return Config{}, fmt.Errorf("keychain path: required variable is not present") - } - if strings.TrimSpace(string(input.KeychainPassword)) == "" { - return Config{}, fmt.Errorf("keychain password: required variable is not present") - } certificatesAndPassphrases, err := parseCertificates(input) if err != nil { return Config{}, fmt.Errorf("failed to parse certificate URL and passphrase inputs: %s", err) @@ -59,6 +50,16 @@ func ParseConfig(input Input, cmdFactory command.Factory) (Config, error) { // parseCertificates returns an array of p12 file URLs and passphrases func parseCertificates(input Input) ([]certdownloader.CertificateAndPassphrase, error) { + if strings.TrimSpace(input.CertificateURLList) == "" { + return nil, fmt.Errorf("code signing certificate URL: required input is not present") + } + if strings.TrimSpace(input.KeychainPath) == "" { + return nil, fmt.Errorf("keychain path: required input is not present") + } + if strings.TrimSpace(string(input.KeychainPassword)) == "" { + return nil, fmt.Errorf("keychain password: required input is not present") + } + pfxURLs, passphrases, err := validateCertificates(input.CertificateURLList, string(input.CertificatePassphraseList)) if err != nil { return nil, err @@ -78,10 +79,10 @@ func parseCertificates(input Input) ([]certdownloader.CertificateAndPassphrase, // validateCertificates validates if the number of certificate URLs matches those of passphrases func validateCertificates(certURLList string, certPassphraseList string) ([]string, []string, error) { pfxURLs := splitAndClean(certURLList, "|", true) - passphrases := splitAndClean(certPassphraseList, "|", false) + passphrases := splitAndClean(certPassphraseList, "|", false) // allow empty items because passphrase can be empty if len(pfxURLs) != len(passphrases) { - return nil, nil, fmt.Errorf("certificates count (%d) and passphrases count (%d) should match", len(pfxURLs), len(passphrases)) + return nil, nil, fmt.Errorf("certificate count (%d) and passphrase count (%d) should match", len(pfxURLs), len(passphrases)) } return pfxURLs, passphrases, nil diff --git a/vendor/modules.txt b/vendor/modules.txt index 1fdfdae..cbdffea 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -50,7 +50,7 @@ github.com/bitrise-io/go-xcode/xcodeproject/serialized github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj github.com/bitrise-io/go-xcode/xcodeproject/xcscheme github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace -# github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.9 +# github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.10 ## explicit; go 1.16 github.com/bitrise-io/go-xcode/v2/autocodesign github.com/bitrise-io/go-xcode/v2/autocodesign/certdownloader