Fastlane Boarding with two-factor authentication

China☆狼群 提交于 2021-01-13 09:37:24

问题


I followed the "Getting Started" guide on the boarding github page, but I keep getting this error on my heroku page We're sorry, but something went wrong.

The boarding page does say that the two-factor auth works and to go here: https://github.com/fastlane/fastlane/blob/master/spaceship/README.md#2-step-verification but I'm not sure how to add that cookie to my heroku site.

Thanks in advance.


回答1:


Fastlane now (as of version 2.160.0) supports Apple's App Store Connect API. This avoids all the problems with 2FA session hacks. There are still a few fastlane actions that do not have full support but the majority do.

https://docs.fastlane.tools/app-store-connect-api/ explains how to start using an API key in fastlane.

In summary, here's what you need to do (these examples come straight from that documentation):

  1. Create an App Store Connect API Key
  2. From that same page, download the new key .p8 private key file and save it somewhere safe (WARNING: you can only download it once). Take note of the Key ID and the Issuer ID as you'll need them again shortly.
  3. Either use the app_store_connect_api_key action to specify the new key in your Fastfile:
lane :release do
  api_key = app_store_connect_api_key(
    key_id: "D383SF739",
    issuer_id: "6053b7fe-68a8-4acb-89be-165aa6465141",
    key_filepath: "./AuthKey_D383SF739.p8",
    duration: 1200, # optional
    in_house: false, # optional but may be required if using match/sigh
  )

  pilot(api_key: api_key)
end

Or, write the details to a JSON file:

{
  "key_id": "D383SF739",
  "issuer_id": "6053b7fe-68a8-4acb-89be-165aa6465141",
  "key": "-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHknlhdlYdLu\n-----END PRIVATE KEY-----",
  "duration": 1200, # optional
  "in_house": false, # optional but may be required if using match/sigh
}

and reference the JSON file either in your Fastfile:

lane :release do
  pilot( api_key_path: "fastlane/D383SF739.json" )
end

Or via the command line:

$ fastlane pilot distribute --api_key_path fastlane/D383SF739.json



回答2:


Please follow https://docs.fastlane.tools/best-practices/continuous-integration/#application-specific-passwords

If you want to upload builds to App Store Connect (actions upload_to_app_store and deliver) or TestFlight (actions upload_to_testflight, pilot or testflight) from your CI machine, you need to generate an application specific password:

Note: The application-specific password will not work if your action usage does anything else than uploading the binary, e.g. updating any metadata like setting release notes or distributing to testers, etc.

This is what I set up 2FA with Fastlane when 2FA enabled recently.

  • export FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD=<Your App Password>
  • Used upload_to_testflight in my lane without any additional settings. Fastlane will use the above variable for Authentication.

All other actions interacting with Apple's APIs do NOT accept application-specific passwords.

This is where you need the cookie stored in Fastlane and used. I had to do for changelog updation through my CI/CD setup.

  1. Unlocking the keychain to store my user password

    security unlock-keychain -p $SYSTEM_PASSWORD

  2. Generating cookie redirected to a file (token.txt).

    bundle exec fastlane spaceauth -u ci-user@company.com >& token.txt

  3. Extracted the Auth token to file 'session'

    awk -F"'" '$0=$2' token.txt > session

  4. Set the FASTLANE_SESSION variable before running Fastlane lane, it reads the value from the 'session' file created above.

    export FASTLANE_SESSION='$(<session)'

  5. Run Fastlane testflight lane as usual.

In the above, I used both methods and if you are only uploading the package to Testflight, you only need to set the FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD variable.



来源:https://stackoverflow.com/questions/40580352/fastlane-boarding-with-two-factor-authentication

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!