Mirrored_Repos/yattee
1
0
Fork 0
mirror of https://github.com/yattee/yattee.git synced 2026-05-02 05:27:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Work around invalid curve name on CI runners

Browse Source 
The hosted macOS runner's OpenSSL rejects Apple's PKCS#8 .p8 key via
OpenSSL::PKey::EC.new with "invalid curve name". Shell out to system
openssl to convert the key to SEC1/traditional PEM before handing it
to fastlane's app_store_connect_api_key action.

Ref: fastlane/fastlane#20593
This commit is contained in:
Arkadiusz Fal
2026-04-18 19:03:27 +02:00
parent 4a69172bed
commit c978ec6b89
1 changed files with 23 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
fastlane/Fastfile
View File

@@ -13,10 +13,11 @@
# Uncomment the line if you want fastlane to automatically update itself
# update_fastlane
require 'tempfile'
APP_NAME = ENV['APP_NAME']
DEVELOPER_KEY_ID = ENV['DEVELOPER_KEY_ID']
DEVELOPER_KEY_ISSUER_ID = ENV['DEVELOPER_KEY_ISSUER_ID']
DEVELOPER_KEY_CONTENT = ENV['DEVELOPER_KEY_CONTENT']
TEAM_ID = ENV['TEAM_ID']
TEMP_KEYCHAIN_USER = ENV['TEMP_KEYCHAIN_USER']
TEMP_KEYCHAIN_PASSWORD = ENV['TEMP_KEYCHAIN_PASSWORD']
@@ -24,6 +25,23 @@ DEVELOPER_APP_IDENTIFIER = ENV['DEVELOPER_APP_IDENTIFIER']
GIT_AUTHORIZATION = ENV['GIT_AUTHORIZATION']
TESTFLIGHT_EXTERNAL_GROUPS = ENV['TESTFLIGHT_EXTERNAL_GROUPS']
# Ruby's OpenSSL bindings (via OpenSSL::PKey::EC.new in spaceship) raise
# "invalid curve name" on the hosted macOS runners when given Apple's PKCS#8
# .p8 key directly. Shelling out to the system openssl to emit SEC1/traditional
# PEM sidesteps the issue. See fastlane/fastlane#20593.
def developer_key_content
return @developer_key_content if defined?(@developer_key_content)
content = ENV['DEVELOPER_KEY_CONTENT']
return @developer_key_content = nil if content.nil? || content.empty?
@developer_key_content = Tempfile.open(['AuthKey', '.p8']) do |f|
f.write(content)
f.flush
converted = `openssl pkey -in #{f.path} -traditional 2>&1`
raise "Failed to convert P8 key: #{converted}" unless $?.success?
converted
end
end
XCODEPROJ = "#{APP_NAME}.xcodeproj"
def delete_temp_keychain(name)
@@ -79,7 +97,7 @@ platform :ios do
api_key = app_store_connect_api_key(
key_id: DEVELOPER_KEY_ID,
issuer_id: DEVELOPER_KEY_ISSUER_ID,
key_content: DEVELOPER_KEY_CONTENT
key_content: developer_key_content
)
build = get_build_number(xcodeproj: XCODEPROJ)
@@ -131,7 +149,7 @@ platform :tvos do
api_key = app_store_connect_api_key(
key_id: DEVELOPER_KEY_ID,
issuer_id: DEVELOPER_KEY_ISSUER_ID,
key_content: DEVELOPER_KEY_CONTENT
key_content: developer_key_content
)
build = get_build_number(xcodeproj: XCODEPROJ)
@@ -183,7 +201,7 @@ platform :mac do
api_key = app_store_connect_api_key(
key_id: DEVELOPER_KEY_ID,
issuer_id: DEVELOPER_KEY_ISSUER_ID,
key_content: DEVELOPER_KEY_CONTENT
key_content: developer_key_content
)
build = get_build_number(xcodeproj: XCODEPROJ)
@@ -234,7 +252,7 @@ platform :mac do
api_key = app_store_connect_api_key(
key_id: DEVELOPER_KEY_ID,
issuer_id: DEVELOPER_KEY_ISSUER_ID,
key_content: DEVELOPER_KEY_CONTENT
key_content: developer_key_content
)
build = get_build_number(xcodeproj: XCODEPROJ)