Open AlphaNERD- opened 4 months ago
@AlphaNERD- thanks for reporting! We are working on more prioritized issues at the moment, but will get back to this one soon.
Uuuh... devs... When is "soon" happening? The build is still failing more than 60 days later.
For me the issue was that I exported only they key and not the key and certificate (using keychain access) Make sure you select both before you export
Just to be sure, how do you do it? And how do you use them in the YAML pipeline?
In keychain access, select both the key & cert then right click to export to .p12
Unfortunately that didn't help. I sure wonder when Microsoft will help... Or whether DevOps is getting the Visual Studio App Center treatment.
I kind of found a workaround for this. I say "kind of" because I don't recommend anyone does this. But essentially I just downloaded and installed the certificate myself:
- task: DownloadSecureFile@1
name: downloadDevCert
displayName: 'Download Apple Certificate'
inputs:
secureFile: 'yourcertificate.p12'
- bash: |
echo "Received secret: $CERT_PASSWORD"
security import $(downloadDevCert.secureFilePath) -k ~/Library/Keychains/login.keychain -P yourp4ww0rdw!ch!sn0l0ng3r53cur3
env:
CERT_PASSWORD: $(P12password)
displayName: 'Install signing certificate'
The reason I don't recommend anyone does this is because the secrets don't work. The output just shows:
Received secret: $(P12password)
Instead of what I expect to see which is:
Received secret: ****
Which is why I've put the secret directly in the command and why I say it's no longer secure. But at least this got me over this specific bump.
I've tried this a few different ways (and followed the docs) but if someone can explain to me what I'm doing wrong, and perhaps make this a viable (and secure) workaround for others, then that would be appreciated.
New issue checklist
Task name
InstallAppleCertificate@2
Task version
2.231.1
Issue Description
Hello Azure DevOps devs,
i've begun to rebuild my CD pipeline as part of an ongoing migration of my iOS app to .NET 8. Currently my pipeline keeps failing at the InstallAppleCertificate task.
I've made sure that the certificate and provisioning profile are up-to-date and i've looked up the issue on GitHub. People have suggested to pass the flag
-legacy
to the task whenever the issue was reported, however the-legacy
flag is not recognized by openssl. The latest Github Issue ended with a user still facing this issue, however the issue was closed solely because the-legacy
flag was passed on to openssl. (https://github.com/microsoft/azure-pipelines-tasks/issues/19436). The user still couldn't install the certificate.Another issue (https://github.com/microsoft/azure-pipelines-tasks/issues/19383) was closed because the user regenerated their certificate and yet another issue (https://github.com/microsoft/azure-pipelines-tasks/issues/18560) was closed because of... i don't know, because nobody reported it as fixed or as going stale or whatever. Someone suggested that the OpenSSL version was outdated, however i don't know how to update it or whether i can update it on hosted images. I tried out Microsoft's images macos-11, macos-12 and macos-13 too.
Environment type (Please select at least one enviroment where you face this issue)
Azure DevOps Server type
dev.azure.com (formerly visualstudio.com)
Azure DevOps Server Version (if applicable)
No response
Operation system
macos-13
Relevant log output
Full task logs with system.debug enabled
Repro steps