Fun with Xcode Server – Round 2

Earlier this year, I wrote about Xcode Server as well as some issues I had with it. My Xcode Server has been running well for months spitting out builds for testing as well as ones that goto the AppStore.

Unfortunately, Apple changed Xcode Server as part of Xcode 6/Server 3.2.1 (the Xcode Server part of OS X Server primarily is found in Xcode itself as far as I can tell; feel free to correct me if I’m wrong). There were a number of things I had to do in order to get my server building again due to a change in the location of the provisioning profiles and where the key/certificate pair are stored for the profile. These steps are long and not guaranteed to work, but give them a try if you’re feeling lucky.

  1. Switch to root user
    sudo su -
    
  2. Switch to the Xcode Server keychain directory
    cd /Library/Developer/XcodeServer/Keychains
    
  3. Copy the Portal keychain to your Desktop
    cp Portal.keychain /Users/<youruser>/Desktop/
    
  4. Make a backup copy of the keychain.
    cp Portal.keychain Portal.keychain.bu
    
  5. Change the owner of the keychain to your user.
    chown <youruser> /Users/<youruser>/Desktop/Portal.keychain
    
  6. Record the password of the Portal keychain
    cat /Library/Developer/XcodeServer/SharedSecrets/PortalKeychainSharedSecret
    
  7. Leave this terminal window open.
  8. Open Keychain Access as your user.

  9. Add the keychain you just copied to Keychain Access – /Users//Desktop/Portal.keychain

  10. Open a new terminal window

  11. Unlock the Portal keychain

    security unlock-keychain -p \
    <secret you copied from the PortalKeychainSharedSecret File> /Users/<youruser>/Desktop/Portal.keychain
    
  12. Copy the key and certificate used for the provisioning profile to the Portal Keychain in Keychain Access.
  13. Lock the Portal Keychain

  14. Go back to the Terminal window where you are the root user. You’ll still be in the Keychains directory for Xcode Server.

  15. Copy the Portal Keychain back to the directory.

    cp /Users/<youruser>/Desktop/Portal.keychain .
    
  16. Change the owner of the keychain
    chown _xcsbuildd Portal.keychain
    
  17. Switch to the Provisioning Profiles directory
    cd /Library/Developer/XcodeServer/ProvisioningProfiles
    
  18. Copy your provisioning profile.
    cp /Users/<youruser>/Desktop/MyProfile.mobileprovision
    
  19. Edit your bot in Xcode and reset git credentials. I always let the bot create a new SSH key pair and add that to either GitHub or Bitbucket depending on the project.
  20. Cross your fingers and build.

It appears to me that Xcode Server has gotten worse where more functionality has moved to Xcode and less is in the web interface. This means I can’t change the git branch I use for building and I can’t edit my bots using the web interface. I think that there is a lot of potential with Xcode Server, but there is a long way to go in terms of usability. The server must be able to do more than run tests and must be able to let the small development shop do builds that can’t be distributed via TestFlight and uploaded to the app store.

Automation is key in any development project as the manual process is for the birds. Many developers don’t need the power of Jenkins, but could easily use Xcode Server if it worked a little better. Doing builds locally and then uploading for testers is cumbersome and a process that should be avoided. I’d be more than happy to talk to the Xcode Server folks about build practices. At work, I have our Jenkins based build system crank out 13 builds at a time and upload to TestFlight with minimal effort; we just push code to a build branch in git and out pops the builds. We can do several builds a day if need be without blinking an eye. For my personal projects, I was doing a build nightly for someone I was working with and without the automation, he wouldn’t have been able to see the progress as quickly as I would have spent 5-10 minutes a day doing builds which really adds up.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.