我正在尝试使用Jenkins上的xbuild构建一个Xamarin iOS应用程序.有时,在代码签名过程中构建失败,出现未知错误-1 = ffffffffffffffff,有时构建成功.供应配置文件存储在Jenkins通过
Keychains and Provisioning Profiles Plugin引用的单独的钥匙串jenkins.keychain(不是系统或登录钥匙串)中.
这是Jenkins的控制台日志:
Target _CodesignAppBundle:
Codesign Task
CodesignAllocate: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate
DisableTimestamp: False
Entitlements: obj/iPhone/In-House/Entitlements.xcent
Keychain: <null>
Resources:
bin/iPhone/In-House/MyApp.app
ResourceRules: <null>
SigningKey: 123
ExtraArgs: <null>
IsAppExtension: False
Tool /usr/bin/codesign execution started with arguments: -v --force --sign 123 --entitlements /private/var/lib/jenkins/workspace/Master/Apps/iOS/obj/iPhone/In-House/Entitlements.xcent /private/var/lib/jenkins/workspace/Master/Apps/iOS/bin/iPhone/In-House/MyApp.app
bin/iPhone/In-House/MyApp.app: error : /private/var/lib/jenkins/workspace/Master/Apps/iOS/bin/iPhone/In-House/MyApp.app: replacing existing signature
/private/var/lib/jenkins/workspace/Master/Apps/iOS/bin/iPhone/In-House/MyApp.app: unknown error -1=ffffffffffffffff
Task "Codesign" execution -- FAILED
Done building target "_CodesignAppBundle" in project "/private/var/lib/jenkins/workspace/Master/Apps/iOS/MyApp.csproj".-- FAILED
正如在Codesign returned unknown error -1=ffffffffffffffff中建议的那样,我将set-key-partition-list -S apple-tool:,apple :, codesign:-s -k ${KEYCHAIN_PW} ${KEYCHAIN_PATH}添加到我的构建脚本中,但它没有解决问题.
你知道如何解决这个问题吗?为什么要替换现有签名?
更新1 – 我们继续收到错误:
>从xbuild切换到msbuild版本15.3.0.0
>将jenkins钥匙串设置为“Allow all applications to access this item”
>删除derived data folder
>不使用security
commands的相对路径
在Apple forum中描述了类似的问题.
最佳答案 是什么解决了这个问题
密钥链文件扩展名从* .keychain更改为macOS Sierra上的* .keychain-db.代码签名错误是由于在我们编辑实际上包含更新证书的jenkins.keychain-db文件时引用旧的keychain文件引起的. Keychains with the new extension are rejected from the upload with Jenkins’ keychain plugin.所以我们不再使用keychain插件并将签名证书存储在login.keychain-db中.有了这个,我们可以成功构建应用程序没有未知错误.