search

openfl / lime

A foundational Haxe framework for cross-platform development
https://lime.openfl.org/
MIT License
754 stars 371 forks source link

force disable code signing in iOS (probably needed better coding) #1740

Closed mcagabe19 closed 9 months ago

mcagabe19 commented 9 months ago

due I'm thinking about what if there's people using code signing??

if u guys want me change smth u can add me in discord (cuz I can't sometimes see gh notifications and username mc.9)

player-03 commented 9 months ago

What if someone wants to sign their code using <certificate team-id="..." /> in project.xml? This has been in place for at least 6 years.

I'd say try project.xml first, and if you're certain it doesn't work for you, IOSPlatform.hx is the correct place to make the change.

mcagabe19 commented 9 months ago

What if someone wants to sign their code using <certificate team-id="..." /> in project.xml? This has been in place for at least 6 years.

I'd say try project.xml first, and if you're certain it doesn't work for you, IOSPlatform.hx is the correct place to make the change.

that's what I meant to say before but making them empty (in Project.xml) doesn't do anything, many users can't or don't know how to get DUNS number and gives "code signing required by (app name)" at actions

player-03 commented 9 months ago

making them empty (in Project.xml) doesn't do anything

I doubt an empty string is a valid team ID, so I suppose we could skip IOSHelper.sign() in that case.

many users can't or don't know how to get DUNS number

...But you don't need a DUNS number, you need an Apple-assigned certificate ID. And last I checked, Apple requires all developers to get one, no matter what kind of app they're making.

Unless you're saying there's a GitHub Action that accesses your Apple account and does that for you?

mcagabe19 commented 9 months ago

...But you don't need a DUNS number, you need an Apple-assigned certificate ID. And last I checked, Apple requires all developers to get one, no matter what kind of app they're making.

I know and tried in actions with my account didn't work (doesn't have any DUNS number)

Unless you're saying there's a GitHub Action that accesses your Apple account and does that for you?

There's something here for make code signing but many users I talk says "I don't trust" idk really

player-03 commented 9 months ago

There's something here for make code signing but many users I talk says "I don't trust" idk really

Most of that looks correct, though I'm a bit wary of how they're using environment variables. Any program you ran afterwards would have access to the secrets, though presumably you'd run only trusted ones. Maybe it's fine?

But yeah, you're going to have to do something along those lines no matter what. And once you have the keystore set up, you ought to be able to use Lime's built-in code signing.