Reputation: 10240
Command line way to test iOS mobile provisioning profile is still valid?
One reason a profile may be invalid according to Developer.Apple.com is that the certificate is now obsolete. Checking for the cert is covered in this post: Validate certificate and provisioning profile
I am interested more generally, how to test if the profile is now stale. Right now I find out with a very long delay, so it is impossible to decipher the cause of the invalidation. If I could run this command, say each time my build job runs on Jenkins, then I could be better able to failure analyze by noting exactly when the shift occurred from valid to invalid.
Upvotes: 1
Views: 3047
Answers (2)
Reputation: 13619
You can write a shell script that will loop through the files, grab the date from the mobileprovision file, and check it against the current date.
#!/bin/sh
for provisioning_profile in ~/Library/MobileDevice/Provisioning\ Profiles/*.mobileprovision;
do
printf "Checking ${provisioning_profile}... "
# pull the expiration date from the plist
expirationDate=`/usr/libexec/PlistBuddy -c 'Print :ExpirationDate' /dev/stdin <<< $(security cms -D -i "${provisioning_profile}")`
# convert it to a format we can use to see if it is in the past (YYYYMMDD)
read dow month day time timezone year <<< "${expirationDate}"
ymd_expiration=`date -jf"%a %e %b %Y" "${dow} ${day} ${month} ${year}" +%Y%m%d`
# compare it to today's date
ymd_today=`date +%Y%m%d`
if [ ${ymd_today} -ge ${ymd_expiration} ];
then
echo "${provisioning_profile} EXPIRED"
fi
done
You can use the security command and plist buddy to extract the ExpirationDate from the file. Then for simplicity I just convert that date to a easily comparable format (YYYMMDD) and compare it to today's date in the same format. I print out the profiles that it found.
Ideally, you would want to change it to give a warning some time in advance (I'd recommend 30 days). That way you have time to regenerate the profile and give you time to build with a new profile and get it to your test devices.
Upvotes: 4
Reputation: 10240
With a simple gem install, this can be achieved using fastlane's spaceship api, and the Developer portal doc shows an exact example.
broken_profiles = Spaceship.provisioning_profile.all.find_all do |profile|
# the below could be replaced with `!profile.valid?`, which takes longer but also verifies the code signing identity
(profile.status == "Invalid" or profile.status == "Expired")
end
https://github.com/fastlane/fastlane/blob/master/spaceship/docs/DeveloperPortal.md
Upvotes: 0
Related Questions
- List installed mobile provisioning profiles
- jenkins provisioning profile issue
- Jenkins with Xcode 8 - Cannot find Provisioning Profiles
- jenkins integration xcode - shell command
- is there a way to download a provisioning profile (with Jenkins or script) to build machine before a build?
- Jenkins and provisioning profiles
- Can iOS Provisioning Profiles be renewed from the command-line?
- iOS provisioning profile expired
- xcodebuild / Jenkins can't find the PROVISIONING_PROFILE for an iOS job
- Automated testing of iOS enterprise deployment