exportation 0.2.3 → 0.2.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +107 -2
- data/applescript/exportation.scpt +0 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a7a44bba53279975c5fc54d2e2e5eb0f2c16a558
|
|
4
|
+
data.tar.gz: b31bb38404206939737b059adc85c4c75067764a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b72fc28b8924e6b83b358898e8a562e389eb9d036156164503ea5368d9c3fac094a5635e3471b13d30618002f3fd40109573880aac34c49335633f009bd22875
|
|
7
|
+
data.tar.gz: 7e5a910660d54e7974ff8850e97aba439ff5ef246faba9a95029afcf2838d2f956e4832eb1e5d5d987efeff4195d698699e05f8ffc5fe8722b807df8a1317139
|
data/README.md
CHANGED
|
@@ -6,6 +6,11 @@
|
|
|
6
6
|
|
|
7
7
|
CLI tool (and Ruby API) of easy exporting, encrypting, and decrypting of certificates and private keys. It can also add certificates and private keys to an existing or new keychain :grinning:
|
|
8
8
|
|
|
9
|
+
- [Installation](#installation)
|
|
10
|
+
- [CLI Commands](#cli-commands)
|
|
11
|
+
- [Ruby API](#ruby-api)
|
|
12
|
+
- [Fastlane Integration](#fastlane-integration)
|
|
13
|
+
|
|
9
14
|
**Important:** The `export` command will take control of your "Keychain Access" app so keep all hands off your computer while that command runs
|
|
10
15
|
|
|
11
16
|
### Example usage (with prompt)
|
|
@@ -63,7 +68,7 @@ gem install exportation
|
|
|
63
68
|
- Select "Accessibility"
|
|
64
69
|
- Add **ARDAgent** and **Terminal**
|
|
65
70
|
- Click "+"
|
|
66
|
-
- Press CMD+
|
|
71
|
+
- Press CMD+SHIFT+G (to go to specific folder)
|
|
67
72
|
- **ARDAgent** should be under `/System/Library/CoreServices/RemoteManagement/`
|
|
68
73
|
- **Terminal** should be under `/Applications/Utilities/`
|
|
69
74
|
|
|
@@ -86,7 +91,7 @@ exportation encrypt exported.cer exported.p12 --password dudethis
|
|
|
86
91
|
```
|
|
87
92
|
|
|
88
93
|
### Decrypting certificate and private key
|
|
89
|
-
**Be awesome!** `decrypt` decrypts your encrypted files to use on your CI or for other developers to install. *BE
|
|
94
|
+
**Be awesome!** `decrypt` decrypts your encrypted files to use on your CI or for other developers to install. *BE CAREFUL TO NOT COMMIT THESE BACK INTO YOUR REPO*
|
|
90
95
|
```sh
|
|
91
96
|
exportation decrypt exported.cer.enc exported.p12.enc --password dudethis
|
|
92
97
|
```
|
|
@@ -147,6 +152,106 @@ keychain.add_to_keychain_list!
|
|
|
147
152
|
keychain.remove_keychain_from_list!
|
|
148
153
|
```
|
|
149
154
|
|
|
155
|
+
## Fastlane integration
|
|
156
|
+
In this `fastlane` integration, I store my encrypted certificate and private key in the `circle` directory (because I'm using [CircleCI](http://circleci.com).
|
|
157
|
+
|
|
158
|
+
The `enc_cert_and_key` lane runs on my local machine where I will export and encrypt the certificate and private key.
|
|
159
|
+
|
|
160
|
+
The `ci_build` *can run* on my local machine but is **meant to run** on CircleCI (or TravisCI). This lane decrypts the certifivate and private key from the `circle` directory and puts the decrypted files in the `build/unenc` directory.
|
|
161
|
+
|
|
162
|
+
### Exporting and encrypting
|
|
163
|
+
This lane exports the certificate and private key by controling keychain access, encrypts the files, and the removes the unencrypted files.
|
|
164
|
+
```ruby
|
|
165
|
+
lane :enc_cert_and_key do
|
|
166
|
+
require 'exportation'
|
|
167
|
+
|
|
168
|
+
# Runs keychain to export cert and private key
|
|
169
|
+
Exportation::Export.new(
|
|
170
|
+
path: "../circle",
|
|
171
|
+
filename: "dist",
|
|
172
|
+
name: "RokkinCat LLC",
|
|
173
|
+
password: ENV['PKEY_PASSWORD']
|
|
174
|
+
).run
|
|
175
|
+
|
|
176
|
+
# Encrypts cert and private key for repo storage
|
|
177
|
+
Exportation::Crypter.new(
|
|
178
|
+
files: ["../circle/dist.cer", "../circle/dist.p12"],
|
|
179
|
+
password: ENV['ENC_PASSWORD'],
|
|
180
|
+
output: "../circle/"
|
|
181
|
+
).run :en
|
|
182
|
+
|
|
183
|
+
# Removes unencrypted cert and private key
|
|
184
|
+
sh "rm -f ../circle/dist.cer"
|
|
185
|
+
sh "rm -f ../circle/dist.p12"
|
|
186
|
+
|
|
187
|
+
end
|
|
188
|
+
```
|
|
189
|
+
|
|
190
|
+
### Decrypting and importing
|
|
191
|
+
This lane decrypts the certificate and private key, creates the keychain, and imports the certificate and private key into the keychain.
|
|
192
|
+
It then uses that keychain the `xcodebuild` action to build an archive of the app.
|
|
193
|
+
```ruby
|
|
194
|
+
lane :ci_build do
|
|
195
|
+
require 'exportation'
|
|
196
|
+
|
|
197
|
+
enc_password = ENV['ENC_PASSWORD']
|
|
198
|
+
keychain_password = ENV['KEYCHAIN_PASSWORD']
|
|
199
|
+
private_key_password = ENV['PKEY_PASSWORD']
|
|
200
|
+
|
|
201
|
+
# Cleaning house and making directories
|
|
202
|
+
sh "rm -rf ../build"
|
|
203
|
+
sh "mkdir ../build"
|
|
204
|
+
sh "mkdir ../build/unenc"
|
|
205
|
+
|
|
206
|
+
# Decrypting cert and private key
|
|
207
|
+
Exportation::Crypter.new(
|
|
208
|
+
files: ["../circle/dist.cer.enc", "../circle/dist.p12.enc"],
|
|
209
|
+
password: enc_password,
|
|
210
|
+
output: "../build/unenc/"
|
|
211
|
+
).run :de
|
|
212
|
+
|
|
213
|
+
# Creating keychain to use for xcodebuild
|
|
214
|
+
keychain = Exportation::Keychain.find_or_create_keychain 'ios-build', keychain_password, '../build'
|
|
215
|
+
|
|
216
|
+
# Importing the Apple certificate and the uncrypted cert and private key
|
|
217
|
+
keychain.import_certificate '../circle/apple.cer'
|
|
218
|
+
keychain.import_certificate '../build/unenc/dist.cer'
|
|
219
|
+
keychain.import_private_key '../build/unenc/dist.p12', private_key_password
|
|
220
|
+
|
|
221
|
+
# Unlocking keychain (defaults to 1 hour) and adds keychain to user search list
|
|
222
|
+
keychain.unlock!
|
|
223
|
+
keychain.add_to_keychain_list!
|
|
224
|
+
|
|
225
|
+
# Building archive
|
|
226
|
+
xcodebuild(
|
|
227
|
+
clean: true,
|
|
228
|
+
archive: true,
|
|
229
|
+
archive_path: './build/YourApp.xcarchive',
|
|
230
|
+
workspace: ENV['WORKSPACE'],
|
|
231
|
+
scheme: ENV['SCHEME'],
|
|
232
|
+
configuration: 'Release',
|
|
233
|
+
sdk: 'iphoneos',
|
|
234
|
+
keychain: keychain.path
|
|
235
|
+
)
|
|
236
|
+
|
|
237
|
+
# Building IPA
|
|
238
|
+
xcodebuild(
|
|
239
|
+
export_archive: true,
|
|
240
|
+
export_path: './build/YourApp'
|
|
241
|
+
)
|
|
242
|
+
|
|
243
|
+
# Send to HockeyApp
|
|
244
|
+
hockey({
|
|
245
|
+
api_token: ENV['HOCKEYAPP_API_TOKEN'],
|
|
246
|
+
})
|
|
247
|
+
|
|
248
|
+
# Cleaning house again
|
|
249
|
+
sh "rm -rf ../circle/unenc"
|
|
250
|
+
keychain.remove_keychain_from_list!
|
|
251
|
+
|
|
252
|
+
end
|
|
253
|
+
```
|
|
254
|
+
|
|
150
255
|
## Using the internals
|
|
151
256
|
|
|
152
257
|
### Compiling and running the AppleScript directly
|
|
Binary file
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: exportation
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Holtz
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-04-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dotenv
|