Failed to generate release build of cordova ios app

Question

I am using phonegap CLI 3.1 and XCode5. I am trying to generate the build for release mode through Phonegap CLI and Xcrun. I don\'t want to use Phonegap Build to upload the

Answer 1

In order to skip the code signing you can perform a manual build from the console like this:

xcodebuild clean build CODE_SIGN_IDENTITY="" CODE_SIGNING_REQUIRED=NO Use additionally the -configuration, -target and -sdk parameters in order to define your build settings.

To Disable Code Signing:

*Go to /Applications. Right click on XCode and select 'Show Package Contents'. Copy Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.1.sdk/SDKSettings.plist to your desktop. (Make sure to actually copy and paste. No drag and drop) Open it and under DefaultProperties set CODE_SIGNING_REQUIRED to NO. Copy it back and replace the original file. Restart XCode. Open your project. In Project Navigator select your project and open Build Settings section of your porject (and not any particular target) Under Code Signing find Code Signing Identity and for both Debug and Release modes set Any iOS SKD to Don't Code Sign. Now you should be able to build your project without any errors.*

To make an IPA:

In 'Project Navigator' select Products Right click on [NameOfYourProject].app and select 'Show in Finder'. Create a folder and name it Payload Move [NameOfYourProject].app to Payload. Compress Payload and rename it to [NameOfYourProject].ipa

Answer 2

So, finally I got everything to work okay ... :D

The problem of Jenkins complaining about a failed 'codesign ...' run is a MacOS (configuration) issue

The crucial thing is to allow the Jenkins access to the keychain of the system. The allowed access for the Login-shell of the Jenkins user is different from the Jenkins server process running under the Jenkins user account (!)

For now I realize this by running the unlock of the login.keychain within the Jenkins job before running my build script

like: in the Jenkins job for "execute shell"

security unlock-keychain -p password /Users/Shared/Jenkins/Library/Keychains/login.keychain
echo ##### building now ######################
./buildit.sh ios --release -v

This may not be the 100% nicest solution - but for now it works :P

See as well: [1]: Keychain won't unlock from Jenkins script unless user logged in

Answer 3

Hmmh, I'm having a similar problem like Shashi.

When running 'cordova buld ios [--release]' from shell and then doing a 'xcrun ...' afterwards it works for me okay.

BUT: When running this sequence from within a script, I receive a "Codesign check fails ..." error too ...

If I insert (like) a "wait" cycle inside my script between the cordova and the xcrun call, it works.

So - to me - it seems, as if cordova returns to shell while it isn't completely finished (?)

Fact is if I code my script like

#!/bin/bash
cordova build ios --release
sleep 5
sh -c "xcrun ..."

it's working for me. Question: Is it a bug in cordova/phonegap ???

Answer 4

Meanwhile I found: Fact is, that - when cordova exits and returns to shell - cordova related activities are NOT completed yet!

It takes a while after the cordova exit, for the 'platforms/ios/AppName/_CodeSignature/CodeResources' file to show up. This file obviously is essential for the 'codesign' which is started by xcrun command to succeed.

So I do in my script (which i call 'buildit.sh')

#!/bin/bash
[...]
cordova build ios --release
signaturefile="platforms/ios/build/device/$appname/_CodeSignature/CodeResources"
echo DEBUG:signatur file is $signaturefile

while [ ! -f $signaturefile ]
do
  echo waiting
  sleep 1
done
xcrun ...

Then the whole build/packaging process in one script succeeds.

However: Running the script from my ContinuousIntegration server Jenkins, I observe that this criteria may be essential, but not enough. From the CI I still get a

/usr/bin/codesign --verify -vvvv [...] Program /usr/bin/codesign returned 1 : [...] code object is not signed at all

error!??

EDIT (05.12.2013): This is due to the fact that the Jenkins service couldn't access the keychain. E.g. doing in the Jenkins job an unlock of the keychain prior running the build script sorts it. (May not be the most elegant solution, but at least it prooves the problem not to be in the scripting :)