Allow generate_certificates on non-macOS executors #22015
rasberik
started this conversation in
Show and tell
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Note
This discussion's main purpose is to get attention to existing Pull Request
Vision
Operations with macos specific keychain using
security
command can be skipped for non-mac executors without any risks or side-effects, to allow wider range of CI/CD machines to be used to generate certificates and provisioning profiles.For local use, macOS is still preferred as it is an iOS development environment, but when
cert
is used as part of the automation for generating certificates and provisioning profiles on CI machine - its better not to involve any remote CI machines keychain changes making more hermetic environment, as well as decrease cost.For example, on Github Action runners, cost can be reduced 10x by switching from MacOS runners to Linux.
Goal is to allow
fastlane cert
to run on non-mac os CI/CD environment and commit generatedp12
andcer
files to remote storage.Solution
Above mentioned PR in Note section does the job and I would like to promote it to increase chance of merging it, as its difficult to maintain forks.
Usages
We use
fastlane
on scale to manage provisioning profiles and device registration with automation, and above PR allows us to use Linux based runners to regenerate certificates and provisioning profiles on daily basis, so there is no need to occupy expensive macOS runners for such work.Beta Was this translation helpful? Give feedback.
All reactions