From a26044cc049681edba823cb07cdd65b0da3bb880 Mon Sep 17 00:00:00 2001
From: Arkadiusz Fal <arek@arekf.net>
Date: Sat, 18 Apr 2026 19:05:44 +0200
Subject: [PATCH] Un-escape \n in DEVELOPER_KEY_CONTENT before openssl
 conversion

GitHub secrets store multi-line PEMs as a single line with literal "\n"
sequences. Fastlane's app_store_connect_api_key action un-escapes them
via gsub before use; the helper must do the same before writing the
temp file, otherwise openssl sees garbage.
---
 fastlane/Fastfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fastlane/Fastfile b/fastlane/Fastfile
index 6b5736a9..fd49e9fd 100644
--- a/fastlane/Fastfile
+++ b/fastlane/Fastfile
@@ -33,6 +33,10 @@ def developer_key_content
   return @developer_key_content if defined?(@developer_key_content)
   content = ENV['DEVELOPER_KEY_CONTENT']
   return @developer_key_content = nil if content.nil? || content.empty?
+  # GitHub secrets carry multi-line PEMs as a single line with literal "\n"
+  # escapes; fastlane's action un-escapes these before use, so do the same
+  # here before invoking openssl.
+  content = content.gsub('\n', "\n")
   @developer_key_content = Tempfile.open(['AuthKey', '.p8']) do |f|
     f.write(content)
     f.flush