问题
I followed the "Getting Started" guide on the boarding github page, but I keep getting this error on my heroku page We're sorry, but something went wrong.
The boarding page does say that the two-factor auth works and to go here: https://github.com/fastlane/fastlane/blob/master/spaceship/README.md#2-step-verification but I'm not sure how to add that cookie to my heroku site.
Thanks in advance.
回答1:
Fastlane now (as of version 2.160.0) supports Apple's App Store Connect API. This avoids all the problems with 2FA session hacks. There are still a few fastlane actions that do not have full support but the majority do.
https://docs.fastlane.tools/app-store-connect-api/ explains how to start using an API key in fastlane.
In summary, here's what you need to do (these examples come straight from that documentation):
- Create an App Store Connect API Key
- From that same page, download the new key .p8 private key file and save it somewhere safe (WARNING: you can only download it once). Take note of the Key ID and the Issuer ID as you'll need them again shortly.
- Either use the
app_store_connect_api_keyaction to specify the new key in yourFastfile:
lane :release do
api_key = app_store_connect_api_key(
key_id: "D383SF739",
issuer_id: "6053b7fe-68a8-4acb-89be-165aa6465141",
key_filepath: "./AuthKey_D383SF739.p8",
duration: 1200, # optional
in_house: false, # optional but may be required if using match/sigh
)
pilot(api_key: api_key)
end
Or, write the details to a JSON file:
{
"key_id": "D383SF739",
"issuer_id": "6053b7fe-68a8-4acb-89be-165aa6465141",
"key": "-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHknlhdlYdLu\n-----END PRIVATE KEY-----",
"duration": 1200, # optional
"in_house": false, # optional but may be required if using match/sigh
}
and reference the JSON file either in your Fastfile:
lane :release do
pilot( api_key_path: "fastlane/D383SF739.json" )
end
Or via the command line:
$ fastlane pilot distribute --api_key_path fastlane/D383SF739.json
回答2:
Please follow https://docs.fastlane.tools/best-practices/continuous-integration/#application-specific-passwords
If you want to upload builds to App Store Connect (actions upload_to_app_store and deliver) or TestFlight (actions upload_to_testflight, pilot or testflight) from your CI machine, you need to generate an application specific password:
Note: The application-specific password will not work if your action usage does anything else than uploading the binary, e.g. updating any metadata like setting release notes or distributing to testers, etc.
This is what I set up 2FA with Fastlane when 2FA enabled recently.
- export FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD=<Your App Password>
- Used upload_to_testflight in my lane without any additional settings. Fastlane will use the above variable for Authentication.
All other actions interacting with Apple's APIs do NOT accept application-specific passwords.
This is where you need the cookie stored in Fastlane and used. I had to do for changelog updation through my CI/CD setup.
Unlocking the keychain to store my user password
security unlock-keychain -p $SYSTEM_PASSWORD
Generating cookie redirected to a file (token.txt).
bundle exec fastlane spaceauth -u ci-user@company.com >& token.txt
Extracted the Auth token to file 'session'
awk -F"'" '$0=$2' token.txt > session
Set the FASTLANE_SESSION variable before running Fastlane lane, it reads the value from the 'session' file created above.
export FASTLANE_SESSION='$(<session)'
Run Fastlane testflight lane as usual.
In the above, I used both methods and if you are only uploading the package to Testflight, you only need to set the FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD variable.
来源:https://stackoverflow.com/questions/40580352/fastlane-boarding-with-two-factor-authentication