search

UNSH / Unity-Apple-Distribution-Workflow

Workflow to automate prepare Unity builds for in -or outside of the Appstore. A folder chronology with instructions, guides, templates, and scripts to finalise Unity builds for Apple from start to finish.
https://unsh.github.io/Unity-Apple-Distribution-Workflow/
35 stars 6 forks source link

How to test entitlements in development? #2

Closed omgitsraven closed 5 years ago

omgitsraven commented 5 years ago

I've been trying to use this workflow to test iCloud support prior to submitting to the app store, and the result always gave me an entitlements error, and I've just noticed that's because the if [ "$BUILD_FOR" = "dev" ] ; then condition doesn't use --entitlements "$locationEntitlements" in its codesign calls.

I'm assuming there's a reason for that, but it leaves me with the question: if 'dev' mode can't use entitlements, what's the proper way to test things like iCloud without submitting a build to the app store? Should I be using 'outside' mode, even though the project is set up to (eventually) be an App Store app?

UNSH commented 5 years ago

Well if I remember correctly you sign without entitlements, an appstore development provisioning profile and log in with a sandbox id when prompted on startup. Through the sandbox id you should get access to all services, but we haven’t used any services beyond IAP so I can’t say for sure. We have only tested what we needed. But you can adjust the code to add the entitlements to test this.

omgitsraven commented 5 years ago

OK, I've done some experimenting, and where it currently stands is:

Termination Reason: Namespace CODESIGNING, Code 0x1



I'm logged out of iTunes, iCloud and the App Store. Disabling Gatekeeper didn't help. There weren't any obvious errors in the terminal when I was running the script. I'm not sure what I should be double-checking to find out why adding entitlements "ruins" the codesign silently...
UNSH commented 5 years ago

Sorry for the delay. Ok so I haven’t deployed for macOS for six months so I’m a bit out of it and apparently things have changed with notarising. I just quickly scanned the pages but I cannot guarantee this workflow is still up to date. The guide contains instructions for preparing your build manually though so maybe you could try that to make sure everything is set up correctly. I don’t have time to dig in deeper right now, but I saw unity 2019 now builds to xcode so moving forward maybe it’s worth it to look into that.

omgitsraven commented 5 years ago

Unfortunately, there's too many other breaking changes between the version of Unity I'm working in, and the first version to have xcode output, so that's not much of an option for the current project. (I was really hoping it would spare me from this, hahah...)

I'll try doing it manually soon I guess, fingers crossed.

UNSH commented 5 years ago

Have you read this guide ?

omgitsraven commented 5 years ago

Yep, and when it didn't work, I came here and followed this workflow instead (because it said it was based on it)... now I guess I'll follow the individual instructions in this workflow by hand... hopefully some sort of error will jump out finally?

UNSH commented 5 years ago

Ok so I would follow their guide on handling the entitlements and the codesigning for the development build. The codesign of the development build was based on Zwilniks guide and he also told that you might need entitlements depending on your needs. We never needed any of that so it's completely untested like I told. In any case when you adjusted the script did you change all the code signing to use entitlements or only the signing of the app like kittehface described?

UNSH commented 5 years ago

I adjusted signandpackage and the readmes to the guide at kittehface because their findings make sense. But I can’t test it so maybe you could get the latest git and see if that works. You will need to make sure of a few other thing I described them here in the unity thread Let me know if it worked

UNSH commented 5 years ago

Ok I had to rewrite everything, but I’m still working on it. Ignore dev build for the time being. I hope to have something ready tomorrow. If you follow the thread at unity forum there is another person who managed to get his build running with iCloud. Apparently the codesign is using the wrong parameters and is not signing all required files anymore. But he managed to build with a combination of the two, so if you take a look there maybe you can get up and running with his instructions

omgitsraven commented 5 years ago

Ahh, that sounds encouraging, thank you!! I'm out of the office today but I'll take a look at the thread tomorrow, and I'll try whatever you've got when it's ready, thanks!

UNSH commented 5 years ago

Ok I updated the readme and thescript. I cannot test with iCloud so I’m not 100% sure but since other people did it following these steps I think it should work.

omgitsraven commented 5 years ago

Thank you so much!! I'll try it soon and let you know what my results are...

omgitsraven commented 5 years ago

Still not working. The end result launches, but as soon as I click an iCloud-related button, it crashes with the usual The application is missing required entitlement com.apple.developer.icloud-services error, even though it's definitely in my entitlements.plist file.

Calling codesign -d --entitlements :- ww.app says "code object is not signed at all", which seems like something must be going wrong?

In fact, now that I look, that part of the SignAndPackage process says (slightly redacted):

BUNDLES & DYLIBS
../1_MyBuild/ww.app/Contents/Plugins/InControlNative.bundle: replacing existing signature
../1_MyBuild/ww.app/Contents/Plugins/UnityMacSwiftCloudKit.bundle: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/libssl.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/MonoBleedingEdge/MonoEmbedRuntime/osx/libMonoPosixHelper.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/MonoBleedingEdge/MonoEmbedRuntime/osx/libmonobdwgc-2.0.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/libcrypto.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/UnityPlayer.dylib: replacing existing signature
../1_MyBuild/ww.app: code object is not signed at all
In subcomponent: /Users/[...]/preparebuild/Unity-Apple-Distribution-Workflow-master/1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestTexture.dylib

 Veryfing codesign 
 ------------------------------------------------------------------- 
../1_MyBuild/ww.app: code object is not signed at all
In architecture: x86_64

../1_MyBuild/ww.app: code object is not signed at all
omgitsraven commented 5 years ago

Forgot to mention, I did the optool thing too. (I wasn't 100% clear on whether I'm meant to do it to the .app in 1_MyBuild or the result in 7_Distribution, but I tried both and it made no difference...)

UNSH commented 5 years ago

Your supposed to run it on your build before signing. Also Just to make sure there is now a seperate development folder in the entitlements so you can place your development entitlements in there.

omgitsraven commented 5 years ago

OK, thanks. And yeah, my entitlements.plist is in 5_Entitlements/Development. (I think the script would have given an error if it hadn't found it anyway, right?)

UNSH commented 5 years ago

Yeah it should, but by default there’s a really simple one in there so just to make sure you put your development entitlements file in there.

omgitsraven commented 5 years ago

ahh, right! But yes, the file at 5_Entitlements/Development/entitlements.plist contains

[...]
    <key>com.apple.developer.icloud-services</key>
    <array>
        <string>CloudKit</string>
    </array>
[...]

among all the other keys.

UNSH commented 5 years ago

Did you add the environment Development key?

omgitsraven commented 5 years ago

if you mean

<key>com.apple.developer.aps-environment</key>
    <string>development</string>

then yes

Would missing keys in the entitlements.plist file cause "code object is not signed at all", though? (Or is that normal?)

UNSH commented 5 years ago

No not at that point I think, but just to make sure. Most of the times I got failed signs there was a problem with the identity ( it not being installed in the keychain or wrong credentials) but then I don’t get why your bundles and frameworks do get signed. But I’ll double check tomorrow to make sure I didn’t make any mistakes, also I’m on my phone right now and I had a long day which doesn’t really help in this mental labyrinth :)

UNSH commented 5 years ago

Now I see you have a dylib in MacOS the script will not find that it will only look for dylib's in Frameworks, wait I'll update the script /preparebuild/Unity-Apple-Distribution-Workflow-master/1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestTexture.dylib

UNSH commented 5 years ago

Ok try this to sign and see what comes out, you should get more info while signing to.

omgitsraven commented 5 years ago

OK, now it's giving me the Namespace CODESIGNING crash on launch instead.

Here's the entirety of the new (much longer) signing log (somewhat redacted) :

+------------------------------------------------------------------+
|                      Signing and Packaging                       |
+------------------------------------------------------------------+

Reading version and build from your Info.Plist
Version : 0.0.1
Build : 0 
Info : Version and build use the different values
Final build folder name will be 0.0.1b0

Make sure you always update your build number / version number when uploading new packages to the AppStore... 

Create a build for Appstore Develompent (Testing), Appstore Distribution or Distribution outside the Appstore ?
Enter without quotes : 'dev', 'appstore', 'installer' or 'zip'  
dev

Copying development profile as 'embedded.provisionprofile'
from ../0_BeforeYouBuild/ProvisioningProfiles/Development/~~~.provisionprofile 
to ../1_MyBuild/ww.app/Contents/

Creating development build

Developer name and id? 
Example format, without quotes:'JOHN THE BLANKER (FKJLDLKFDG)' 
 ~~~ ~~~ (~~~)

 Developer Name: [~~~ ~~~ (~~~)]

 Signing  
-------------------------------------------------------------------

BUNDLES & DYLIBS
../1_MyBuild/ww.app/Contents/Plugins/InControlNative.bundle: replacing existing signature
../1_MyBuild/ww.app/Contents/Plugins/InControlNative.bundle: signed bundle with Mach-O thin (x86_64) [InControlNative]
../1_MyBuild/ww.app/Contents/Plugins/UnityMacSwiftCloudKit.bundle: replacing existing signature
../1_MyBuild/ww.app/Contents/Plugins/UnityMacSwiftCloudKit.bundle: signed bundle with Mach-O thin (x86_64) [com.~~~.UnityMacSwiftCloudKit]
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestTexture.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestTexture.dylib: signed Mach-O thin (x86_64) [UnityWebRequestTexture]
../1_MyBuild/ww.app/Contents/MacOS/ClusterInput.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/ClusterInput.dylib: signed Mach-O thin (x86_64) [ClusterInput]
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestAudio.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestAudio.dylib: signed Mach-O thin (x86_64) [UnityWebRequestAudio]
../1_MyBuild/ww.app/Contents/MacOS/HotReload.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/HotReload.dylib: signed Mach-O thin (x86_64) [HotReload]
../1_MyBuild/ww.app/Contents/MacOS/Profiler.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Profiler.dylib: signed Mach-O thin (x86_64) [Profiler]
../1_MyBuild/ww.app/Contents/MacOS/UnityAnalytics.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UnityAnalytics.dylib: signed Mach-O thin (x86_64) [UnityAnalytics]
../1_MyBuild/ww.app/Contents/MacOS/UnityConnect.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UnityConnect.dylib: signed Mach-O thin (x86_64) [UnityConnect]
../1_MyBuild/ww.app/Contents/MacOS/ClusterRenderer.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/ClusterRenderer.dylib: signed Mach-O thin (x86_64) [ClusterRenderer]
../1_MyBuild/ww.app/Contents/MacOS/Input.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Input.dylib: signed Mach-O thin (x86_64) [Input]
../1_MyBuild/ww.app/Contents/MacOS/TerrainPhysics.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/TerrainPhysics.dylib: signed Mach-O thin (x86_64) [TerrainPhysics]
../1_MyBuild/ww.app/Contents/MacOS/FileSystemHttp.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/FileSystemHttp.dylib: signed Mach-O thin (x86_64) [FileSystemHttp]
../1_MyBuild/ww.app/Contents/MacOS/ParticleSystem.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/ParticleSystem.dylib: signed Mach-O thin (x86_64) [ParticleSystem]
../1_MyBuild/ww.app/Contents/MacOS/Core.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Core.dylib: signed Mach-O thin (x86_64) [Core]
../1_MyBuild/ww.app/Contents/MacOS/Grid.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Grid.dylib: signed Mach-O thin (x86_64) [Grid]
../1_MyBuild/ww.app/Contents/MacOS/TextRendering.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/TextRendering.dylib: signed Mach-O thin (x86_64) [TextRendering]
../1_MyBuild/ww.app/Contents/MacOS/UI.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UI.dylib: signed Mach-O thin (x86_64) [UI]
../1_MyBuild/ww.app/Contents/MacOS/Audio.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Audio.dylib: signed Mach-O thin (x86_64) [Audio]
../1_MyBuild/ww.app/Contents/MacOS/CrashReporting.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/CrashReporting.dylib: signed Mach-O thin (x86_64) [CrashReporting]
../1_MyBuild/ww.app/Contents/MacOS/libssl.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/libssl.dylib: signed Mach-O thin (x86_64) [libssl]
../1_MyBuild/ww.app/Contents/MacOS/Video.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Video.dylib: signed Mach-O thin (x86_64) [Video]
../1_MyBuild/ww.app/Contents/MacOS/AR.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/AR.dylib: signed Mach-O thin (x86_64) [AR]
../1_MyBuild/ww.app/Contents/MacOS/AI.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/AI.dylib: signed Mach-O thin (x86_64) [AI]
../1_MyBuild/ww.app/Contents/MacOS/Terrain.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Terrain.dylib: signed Mach-O thin (x86_64) [Terrain]
../1_MyBuild/ww.app/Contents/MacOS/SpriteMask.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/SpriteMask.dylib: signed Mach-O thin (x86_64) [SpriteMask]
../1_MyBuild/ww.app/Contents/MacOS/Physics2D.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Physics2D.dylib: signed Mach-O thin (x86_64) [Physics2D]
../1_MyBuild/ww.app/Contents/MacOS/Director.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Director.dylib: signed Mach-O thin (x86_64) [Director]
../1_MyBuild/ww.app/Contents/MacOS/TLS.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/TLS.dylib: signed Mach-O thin (x86_64) [TLS]
../1_MyBuild/ww.app/Contents/MacOS/UIElements.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UIElements.dylib: signed Mach-O thin (x86_64) [UIElements]
../1_MyBuild/ww.app/Contents/MacOS/PerformanceReporting.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/PerformanceReporting.dylib: signed Mach-O thin (x86_64) [PerformanceReporting]
../1_MyBuild/ww.app/Contents/MacOS/SharedInternals.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/SharedInternals.dylib: signed Mach-O thin (x86_64) [SharedInternals]
../1_MyBuild/ww.app/Contents/MacOS/UnityTestProtocol.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UnityTestProtocol.dylib: signed Mach-O thin (x86_64) [UnityTestProtocol]
../1_MyBuild/ww.app/Contents/MacOS/TextCore.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/TextCore.dylib: signed Mach-O thin (x86_64) [TextCore]
../1_MyBuild/ww.app/Contents/MacOS/Wind.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Wind.dylib: signed Mach-O thin (x86_64) [Wind]
../1_MyBuild/ww.app/Contents/MacOS/libcrypto.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/libcrypto.dylib: signed Mach-O thin (x86_64) [libcrypto]
../1_MyBuild/ww.app/Contents/MacOS/Streaming.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Streaming.dylib: signed Mach-O thin (x86_64) [Streaming]
../1_MyBuild/ww.app/Contents/MacOS/Tilemap.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Tilemap.dylib: signed Mach-O thin (x86_64) [Tilemap]
../1_MyBuild/ww.app/Contents/MacOS/Physics.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Physics.dylib: signed Mach-O thin (x86_64) [Physics]
../1_MyBuild/ww.app/Contents/MacOS/StyleSheets.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/StyleSheets.dylib: signed Mach-O thin (x86_64) [StyleSheets]
../1_MyBuild/ww.app/Contents/MacOS/Substance.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Substance.dylib: signed Mach-O thin (x86_64) [Substance]
../1_MyBuild/ww.app/Contents/MacOS/Localization.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Localization.dylib: signed Mach-O thin (x86_64) [Localization]
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestAssetBundle.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestAssetBundle.dylib: signed Mach-O thin (x86_64) [UnityWebRequestAssetBundle]
../1_MyBuild/ww.app/Contents/MacOS/GameCenter.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/GameCenter.dylib: signed Mach-O thin (x86_64) [GameCenter]
../1_MyBuild/ww.app/Contents/MacOS/Umbra.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Umbra.dylib: signed Mach-O thin (x86_64) [Umbra]
../1_MyBuild/ww.app/Contents/MacOS/libcurl.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/libcurl.dylib: signed Mach-O thin (x86_64) [libcurl]
../1_MyBuild/ww.app/Contents/MacOS/AssetBundle.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/AssetBundle.dylib: signed Mach-O thin (x86_64) [AssetBundle]
../1_MyBuild/ww.app/Contents/MacOS/Animation.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Animation.dylib: signed Mach-O thin (x86_64) [Animation]
../1_MyBuild/ww.app/Contents/MacOS/VFX.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/VFX.dylib: signed Mach-O thin (x86_64) [VFX]
../1_MyBuild/ww.app/Contents/MacOS/JSONSerialize.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/JSONSerialize.dylib: signed Mach-O thin (x86_64) [JSONSerialize]
../1_MyBuild/ww.app/Contents/MacOS/XR.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/XR.dylib: signed Mach-O thin (x86_64) [XR]
../1_MyBuild/ww.app/Contents/MacOS/SpriteShape.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/SpriteShape.dylib: signed Mach-O thin (x86_64) [SpriteShape]
../1_MyBuild/ww.app/Contents/MacOS/UNET.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UNET.dylib: signed Mach-O thin (x86_64) [UNET]
../1_MyBuild/ww.app/Contents/MacOS/IMGUI.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/IMGUI.dylib: signed Mach-O thin (x86_64) [IMGUI]
../1_MyBuild/ww.app/Contents/MacOS/ImageConversion.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/ImageConversion.dylib: signed Mach-O thin (x86_64) [ImageConversion]
../1_MyBuild/ww.app/Contents/MacOS/Accessibility.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/Accessibility.dylib: signed Mach-O thin (x86_64) [Accessibility]
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequest.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequest.dylib: signed Mach-O thin (x86_64) [UnityWebRequest]
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestWWW.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/UnityWebRequestWWW.dylib: signed Mach-O thin (x86_64) [UnityWebRequestWWW]
../1_MyBuild/ww.app/Contents/MacOS/ScreenCapture.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/ScreenCapture.dylib: signed Mach-O thin (x86_64) [ScreenCapture]
../1_MyBuild/ww.app/Contents/MacOS/VR.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/MacOS/VR.dylib: signed Mach-O thin (x86_64) [VR]
../1_MyBuild/ww.app/Contents/Frameworks/libssl.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/libssl.dylib: signed Mach-O thin (x86_64) [libssl]
../1_MyBuild/ww.app/Contents/Frameworks/MonoBleedingEdge/MonoEmbedRuntime/osx/libMonoPosixHelper.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/MonoBleedingEdge/MonoEmbedRuntime/osx/libMonoPosixHelper.dylib: signed Mach-O thin (x86_64) [libMonoPosixHelper]
../1_MyBuild/ww.app/Contents/Frameworks/MonoBleedingEdge/MonoEmbedRuntime/osx/libmonobdwgc-2.0.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/MonoBleedingEdge/MonoEmbedRuntime/osx/libmonobdwgc-2.0.dylib: signed Mach-O thin (x86_64) [libmonobdwgc-2]
../1_MyBuild/ww.app/Contents/Frameworks/libcrypto.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/libcrypto.dylib: signed Mach-O thin (x86_64) [libcrypto]
../1_MyBuild/ww.app/Contents/Frameworks/UnityPlayer.dylib: replacing existing signature
../1_MyBuild/ww.app/Contents/Frameworks/UnityPlayer.dylib: signed Mach-O thin (x86_64) [UnityPlayer]

 SIGN APP
../1_MyBuild/ww.app: replacing existing signature
../1_MyBuild/ww.app: signed app bundle with Mach-O thin (x86_64) [com.~~~.~~~]

 Veryfing codesign 
 ------------------------------------------------------------------- 
../1_MyBuild/ww.app: valid on disk
../1_MyBuild/ww.app: satisfies its Designated Requirement

Executable=/Users/~~~/preparebuild/Unity-Apple-Distribution-Workflow-master/1_MyBuild/ww.app/Contents/MacOS/ww
Identifier=com.~~~.~~~
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=345 flags=0x0(none) hashes=3+5 location=embedded
VersionPlatform=1
VersionMin=657664
VersionSDK=658688
Hash type=sha256 size=32
CandidateCDHash sha1=df94c02deb6fd75282c5cd6f3e693f4ec5817fd1
CandidateCDHash sha256=1b6d1be84c03810bd6733d99284bc34bf0472067
Hash choices=sha1,sha256
Page size=4096
CDHash=1b6d1be84c03810bd6733d99284bc34bf0472067
Signature size=4782
Authority=Mac Developer: ~~~ ~~~ (~~~)
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Signed Time=Aug 13, 2019 at 12:00:16 PM
Info.plist entries=18
TeamIdentifier=~~~
Sealed Resources version=2 rules=13 files=264
Internal requirements count=1 size=188

Building Package ... 
------------------------------------------------------------------- 
Testing build in ../7_Distribution/0.0.1b0/Development
logout
Saving session...
...copying shared history...
...saving history...truncating history files...
...completed.

[Process completed]
UNSH commented 5 years ago

My builds get signed correctly and start up so there must be something else set wrong. I googled your error and the first items were on provisioning profile so at the risk of sounding redundant did you double check your provisioning profile if it is the development type? You can just preview the file and you'll see Mac Developer: YOUR NAME (XXX) under certificates. But I'm just spitballing, I just tried using the wrong profiles with dev build but they do not seem to give a crash for me.

omgitsraven commented 5 years ago

Yep, there's two certificates in the 'certificates' section of the preview, and both of them have Mac Developer: my name (XXXXXXXXXX), which is what I fed into the SignAndPackage script.

I wish there was some way to get more information about the details of the crash, but:

Is there anywhere else I could be looking to learn about this crash?

UNSH commented 5 years ago

Yeah no idea... Since all the results I have found talk about wrong signing identities mismatching with provisioning profiles, that's where I would look. I found this on the [Unity forums] (https://forum.unity.com/threads/codesign-no-longer-working.575542/#post-3832030)

"I found the cause! Just for anyone else that has the same problem, the reason was the entitlements file contained the key gamecentre and the profile didn’t. Just setting the key to NO didn’t cure it, you have to totally delete the key."

So your signing identity is correct and dev name is correct, that leaves us with provisioning profile and entitlements. So you're sure you made your prof.profile after you set up iCloud at the dev centre? If so then maybe it there's something missing from your entitlements or there's a key too much like the forum post stated, some service in the profile and not in the entitlements.

Also I believe there should only be one personal certificate. I do know though that there can be problems with ambiguous identities with certificates, although you should get an error then stating that when you sign. But I don't think there should be two times the same, when I look at my dev.profile there is only one. Although I am not sure if this could be the problem

omgitsraven commented 5 years ago

Hmm, OK, thanks. I'll try to double check all these things in the next few days...

omgitsraven commented 5 years ago

I think I've got it!!

I changed two things, so I'm not sure if it was both or just the second one, but it was probably both:

First: I was going over everything I could see in the apple developer portal just to find if anything obvious was wrong

(I was initially looking into the 'two certificates' thing, but that's just because I have one for my desktop and one for my laptop; that part is normal.)

and while I was looking, I noticed that while the Identifier I was using DID have iCloud enabled... it had ZERO "enabled iCloud containers"! I'm not sure how I missed that before, but you'd think it would report that as an error?? (What good does iCloud support do with no enabled containers??)

I regenerated my provisioning profile to include the updated identifier, and used that new provisioning profile in the build process, just to see if that could be it, but it wasn't it; same 'codesigning' crash as before.

But after seeing my choices of possible iCloud containers in the developer portal, I realised another mistake: my value for com.apple.developer.icloud-container-identifiers in the entitlements.plist was of the form com.company.game, but on the website it was iCloud.com.company.game. So I changed that... I figured there was no way that could be causing a codesign problem, but I was like "well this would clearly cause problems eventually, so I might as well fix it now, then keep working on the codesign thing."

but I built it just in case, and, it finally works.

so, WOW. Sorry I asked you to do all this work looking into signing, but I hope it's understandable given the nature of the error message that it was giving me! I'm sure I've seen people online talking about specific error messages about mismatches between entitlements and so on -- like the ones I was getting for a while when my entitlements weren't being added at all! -- that were more specific than just an instant Namespace CODESIGNING crash on launch :(

Glad we finally got to the bottom of it, though! Thank you for all your help narrowing it down... Should I do a pull request adding notes about this to the readmes?

UNSH commented 5 years ago

I think I've got it!!

I changed two things, so I'm not sure if it was both or just the second one, but it was probably both:

First: I was going over everything I could see in the apple developer portal just to find if anything obvious was wrong

(I was initially looking into the 'two certificates' thing, but that's just because I have one for my desktop and one for my laptop; that part is normal.)

and while I was looking, I noticed that while the Identifier I was using DID have iCloud enabled... it had ZERO "enabled iCloud containers"! I'm not sure how I missed that before, but you'd think it would report that as an error?? (What good does iCloud support do with no enabled containers??)

I regenerated my provisioning profile to include the updated identifier, and used that new provisioning profile in the build process, just to see if that could be it, but it wasn't it; same 'codesigning' crash as before.

But after seeing my choices of possible iCloud containers in the developer portal, I realised another mistake: my value for com.apple.developer.icloud-container-identifiers in the entitlements.plist was of the form com.company.game, but on the website it was iCloud.com.company.game. So I changed that... I figured there was no way that could be causing a codesign problem, but I was like "well this would clearly cause problems eventually, so I might as well fix it now, then keep working on the codesign thing."

but I built it just in case, and, it finally works.

so, WOW. Sorry I asked you to do all this work looking into signing, but I hope it's understandable given the nature of the error message that it was giving me! I'm sure I've seen people online talking about specific error messages about mismatches between entitlements and so on -- like the ones I was getting for a while when my entitlements weren't being added at all! -- that were more specific than just an instant Namespace CODESIGNING crash on launch :(

Glad we finally got to the bottom of it, though! Thank you for all your help narrowing it down... Should I do a pull request adding notes about this to the readmes?

No problem at all, honestly it kind of always is like that, there’s so many steps that it’s hard not to miss one. In any case I’m glad you finally got it working. And yeah for sure send the pull request, on the unity thread there’s another person with a similar error so I’m sure there’s more people that could use your findings.