Reputation: 1704
Apple App Development - Code Signing Complexities
We are new to Apple iOS development. Our team comprise of few internal developers and few external contractors. We develop using React Native and using a basic Fastlane app for building the apps and pushing them to App Store Connect. At the moment some contractors have access to Appstore connect with 'development' role and all internal developers have access to it. All developers use 'Automatically manage signing' tick box in their Xcode.
When looking at best practices in running a team for app development, we found multiple articles using fastlane match to reduce the complexities in managing certificates and we are wondering whether they are still valid.
For example
- https://codesigning.guide/
- https://medium.com/revelo-tech/setting-up-automatic-ios-release-with-fastlane-and-match-on-ci-cd-server-16c3f1d79bc5
- https://fastlane.tools/
recommends to use match to store development/distribution certificates/profiles in a git repo and share with the team. The main advantage that has been pointed out is the easy administration (and may be security).
eg:
You have to manually renew and download the latest set of provisioning profiles every time you add a new device or a certificate expires. Additionally this requires spending a lot of time when setting up a new machine that will build your app.
Unless there is a security concern, we do not see a big administration hassle so far with 'automatic signing'.
- Are the above concerns not relevant anymore in a world where people predominantly use 'automatic signing?
- Or have we missed something in our setup and doing it all wrong?
- Is it safe to have contractors added to developer account (App Store Connect) and let them access their own developer certificates
- If we share a git repo with contractors as suggested in Match, they will get access to the distribution certificates as well. Isn't it a security risk? Or should we only manage development certificates using Match
Upvotes: 1
Views: 89
Answers (1)
Reputation: 1156
It is safe for everyone to have the development certificates so they can build on a real device locally, they should not have permission to deploy/push a new version of the App and they should not have access to the distribution certificate.
You should use Match it works with encryption and it is safe.
Fastlane is a nice tool for small projects where the developers know each other, if you plan your project to become bigger and have a multinational team this is a NO-GO situation. Your developers should not be able to make test or production builds from their local machines. You will never be sure what code exactly runs on that build since the devs can make local changes before starting the Fastlane pipelines.
The ideal scenario is to have a CI / CD tool such as Bitrise. Your security team will create accounts for Google Play and Apple Developer those accounts will have the highest permissions and devs should use Bitrise by selecting a branch and environment and then upload the build to test env or prod from Bitrise.
Hope that makes sense. Cheers.
Upvotes: 2
Related Questions
- How can I develop for iPhone using a Windows development machine?
- App Store Connect Upload Error "You haven't been given access to cloud-managed distribution certificates"
- Fastlane failed to detect to iOS App Development provisioning profiles
- No accounts with iTunes Connect access have been found for the team
- Xcode 10: A valid provisioning profile for this executable was not found
- How do I get Fastlane Match to create & store the mac_installer_distribution certificate for a MacOS app in the certs repo?
- Xcode 7 error: "Missing iOS Distribution signing identity for ..."
- How do I manually add existing provisioning profiles and certificates to fastlane match?
- Why does provisioning profile need to be set to distribution for both debug and release?