fastlane 2.232.2 → 2.233.0

data/fastlane/swift/Gymfile.swift

@@ -17,4 +17,4 @@ public class Gymfile: GymfileProtocol {
     // during the `init` process, and you won't see this message
 }
 
-// Generated with fastlane 2.232.2
+// Generated with fastlane 2.233.0

data/fastlane/swift/GymfileProtocol.swift

@@ -20,6 +20,9 @@ public protocol GymfileProtocol: AnyObject {
     /// The name of the resulting ipa file
     var outputName: String? { get }
 
+    /// App name to use in logfile name
+    var appName: String? { get }
+
     /// The configuration to use when building the app. Defaults to 'Release'
     var configuration: String? { get }
 
@@ -190,6 +193,10 @@ public extension GymfileProtocol {
         return nil
     }
 
+    var appName: String? {
+        return nil
+    }
+
     var configuration: String? {
         return nil
     }
@@ -385,4 +392,4 @@ public extension GymfileProtocol {
 
 // Please don't remove the lines below
 // They are used to detect outdated files
-// FastlaneRunnerAPIVersion [0.9.147]
+// FastlaneRunnerAPIVersion [0.9.148]

data/fastlane/swift/Matchfile.swift

@@ -17,4 +17,4 @@ public class Matchfile: MatchfileProtocol {
     // during the `init` process, and you won't see this message
 }
 
-// Generated with fastlane 2.232.2
+// Generated with fastlane 2.233.0

data/fastlane/swift/MatchfileProtocol.swift

@@ -86,6 +86,9 @@ public protocol MatchfileProtocol: AnyObject {
     /// S3 secret access key
     var s3SecretAccessKey: String? { get }
 
+    /// S3 session token
+    var s3SessionToken: String? { get }
+
     /// Name of the S3 bucket
     var s3Bucket: String? { get }
 
@@ -284,6 +287,10 @@ public extension MatchfileProtocol {
         return nil
     }
 
+    var s3SessionToken: String? {
+        return nil
+    }
+
     var s3Bucket: String? {
         return nil
     }
@@ -399,4 +406,4 @@ public extension MatchfileProtocol {
 
 // Please don't remove the lines below
 // They are used to detect outdated files
-// FastlaneRunnerAPIVersion [0.9.141]
+// FastlaneRunnerAPIVersion [0.9.142]

data/fastlane/swift/Precheckfile.swift

@@ -17,4 +17,4 @@ public class Precheckfile: PrecheckfileProtocol {
     // during the `init` process, and you won't see this message
 }
 
-// Generated with fastlane 2.232.2
+// Generated with fastlane 2.233.0

data/fastlane/swift/PrecheckfileProtocol.swift

@@ -84,4 +84,4 @@ public extension PrecheckfileProtocol {
 
 // Please don't remove the lines below
 // They are used to detect outdated files
-// FastlaneRunnerAPIVersion [0.9.140]
+// FastlaneRunnerAPIVersion [0.9.141]

data/fastlane/swift/Scanfile.swift

@@ -17,4 +17,4 @@ public class Scanfile: ScanfileProtocol {
     // during the `init` process, and you won't see this message
 }
 
-// Generated with fastlane 2.232.2
+// Generated with fastlane 2.233.0

data/fastlane/swift/ScanfileProtocol.swift

@@ -574,4 +574,4 @@ public extension ScanfileProtocol {
 
 // Please don't remove the lines below
 // They are used to detect outdated files
-// FastlaneRunnerAPIVersion [0.9.152]
+// FastlaneRunnerAPIVersion [0.9.153]

data/fastlane/swift/Screengrabfile.swift

@@ -17,4 +17,4 @@ public class Screengrabfile: ScreengrabfileProtocol {
     // during the `init` process, and you won't see this message
 }
 
-// Generated with fastlane 2.232.2
+// Generated with fastlane 2.233.0

data/fastlane/swift/ScreengrabfileProtocol.swift

@@ -161,4 +161,4 @@ public extension ScreengrabfileProtocol {
 
 // Please don't remove the lines below
 // They are used to detect outdated files
-// FastlaneRunnerAPIVersion [0.9.142]
+// FastlaneRunnerAPIVersion [0.9.143]

data/fastlane/swift/Snapshotfile.swift

@@ -17,4 +17,4 @@ public class Snapshotfile: SnapshotfileProtocol {
     // during the `init` process, and you won't see this message
 }
 
-// Generated with fastlane 2.232.2
+// Generated with fastlane 2.233.0

data/fastlane/swift/SnapshotfileProtocol.swift

@@ -371,4 +371,4 @@ public extension SnapshotfileProtocol {
 
 // Please don't remove the lines below
 // They are used to detect outdated files
-// FastlaneRunnerAPIVersion [0.9.136]
+// FastlaneRunnerAPIVersion [0.9.137]

data/fastlane_core/lib/fastlane_core/itunes_transporter.rb

@@ -43,7 +43,7 @@ module FastlaneCore
       not_implemented(__method__)
     end
 
-    def build_upload_command(username, password, source = "/tmp", provider_short_name = "", jwt = nil, platform = nil, api_key = nil)
+    def build_upload_command(username, password, source = "/tmp", options = {})
       not_implemented(__method__)
     end
 
@@ -308,11 +308,23 @@ module FastlaneCore
       if !username.nil? && !password.nil? && api_key.nil?
         "-u #{username.shellescape} -p #{password.shellescape}"
       elsif !api_key.nil?
-        "--apiKey #{api_key[:key_id]} --apiIssuer #{api_key[:issuer_id]}"
+        # Individual API keys have no issuer_id; altool requires --apiIssuer
+        # to be present, so we pass the key_id as a placeholder and add
+        # --api-key-subject user to signal individual key JWT generation.
+        if api_key[:issuer_id]
+          "--apiKey #{api_key[:key_id]} --apiIssuer #{api_key[:issuer_id]}"
+        else
+          "--apiKey #{api_key[:key_id]} --apiIssuer #{api_key[:key_id]} --api-key-subject user"
+        end
       end
     end
 
-    def build_upload_command(username, password, source = "/tmp", provider_short_name = "", jwt = nil, platform = nil, api_key = nil)
+    def build_upload_command(username, password, source = "/tmp", options = {})
+      provider_short_name = options.fetch(:provider_short_name, "")
+      provider_public_id = options.fetch(:provider_public_id, "")
+      jwt = options[:jwt]
+      platform = options[:platform]
+      api_key = options[:api_key]
       use_api_key = !api_key.nil?
       [
         ("API_PRIVATE_KEYS_DIR=#{api_key[:key_dir]}" if use_api_key),
@@ -320,6 +332,7 @@ module FastlaneCore
         "--upload-app",
         build_credential_params(username, password, jwt, api_key),
         ("--asc-provider #{provider_short_name}" unless use_api_key || provider_short_name.to_s.empty?),
+        ("--provider-public-id #{provider_public_id}" unless use_api_key || provider_public_id.to_s.empty?),
         platform_option(platform),
         file_upload_option(source),
         additional_upload_parameters,
@@ -342,9 +355,11 @@ module FastlaneCore
       raise "This feature has not been implemented yet with altool for Xcode 14"
     end
 
-    def build_verify_command(username, password, source = "/tmp", provider_short_name = "", **kwargs)
-      api_key = kwargs[:api_key]
-      platform = kwargs[:platform]
+    def build_verify_command(username, password, source = "/tmp", options = {})
+      provider_short_name = options.fetch(:provider_short_name, "")
+      provider_public_id = options.fetch(:provider_public_id, "")
+      api_key = options[:api_key]
+      platform = options[:platform]
       use_api_key = !api_key.nil?
       [
         ("API_PRIVATE_KEYS_DIR=#{api_key[:key_dir]}" if use_api_key),
@@ -352,6 +367,7 @@ module FastlaneCore
         "--validate-app",
         build_credential_params(username, password, nil, api_key),
         ("--asc-provider #{provider_short_name}" unless use_api_key || provider_short_name.to_s.empty?),
+        ("--provider-public-id #{provider_public_id}" unless use_api_key || provider_public_id.to_s.empty?),
         platform_option(platform),
         file_upload_option(source)
       ].compact.join(' ')
@@ -424,7 +440,10 @@ module FastlaneCore
       end
     end
 
-    def build_upload_command(username, password, source = "/tmp", provider_short_name = "", jwt = nil, platform = nil, api_key = nil)
+    def build_upload_command(username, password, source = "/tmp", options = {})
+      provider_short_name = options.fetch(:provider_short_name, "")
+      jwt = options[:jwt]
+      api_key = options[:api_key]
       [
         '"' + Helper.transporter_path + '"',
         "-m upload",
@@ -456,8 +475,9 @@ module FastlaneCore
       ].compact.join(' ')
     end
 
-    def build_verify_command(username, password, source = "/tmp", provider_short_name = "", **kwargs)
-      jwt = kwargs[:jwt]
+    def build_verify_command(username, password, source = "/tmp", options = {})
+      provider_short_name = options.fetch(:provider_short_name, "")
+      jwt = options[:jwt]
       [
         '"' + Helper.transporter_path + '"',
         '-m verify',
@@ -546,7 +566,10 @@ module FastlaneCore
       end
     end
 
-    def build_upload_command(username, password, source = "/tmp", provider_short_name = "", jwt = nil, platform = nil, api_key = nil)
+    def build_upload_command(username, password, source = "/tmp", options = {})
+      provider_short_name = options.fetch(:provider_short_name, "")
+      jwt = options[:jwt]
+      api_key = options[:api_key]
       credential_params = build_credential_params(username, password, jwt, api_key, is_default_itms_on_xcode_11?)
       if is_default_itms_on_xcode_11?
         [
@@ -582,8 +605,9 @@ module FastlaneCore
       end
     end
 
-    def build_verify_command(username, password, source = "/tmp", provider_short_name = "", **kwargs)
-      jwt = kwargs[:jwt]
+    def build_verify_command(username, password, source = "/tmp", options = {})
+      provider_short_name = options.fetch(:provider_short_name, "")
+      jwt = options[:jwt]
       credential_params = build_credential_params(username, password, jwt, nil, is_default_itms_on_xcode_11?)
       if is_default_itms_on_xcode_11?
         [
@@ -731,7 +755,8 @@ module FastlaneCore
     #                            see: https://github.com/fastlane/fastlane/issues/1524#issuecomment-196370628
     #                            for more information about how to use the iTMSTransporter to list your provider
     #                            short names
-    def initialize(user = nil, password = nil, use_shell_script = false, provider_short_name = nil, jwt = nil, altool_compatible_command: false, api_key: nil)
+    # @param provider_public_id The provider public ID to be given to altool via --provider-public-id.
+    def initialize(user = nil, password = nil, use_shell_script = false, provider_short_name = nil, jwt = nil, altool_compatible_command: false, api_key: nil, provider_public_id: nil)
       # Xcode 6.x doesn't have the same iTMSTransporter Java setup as later Xcode versions, so
       # we can't default to using the newer direct Java invocation strategy for those versions.
       use_shell_script ||= Helper.is_mac? && Helper.xcode_version.start_with?('6.')
@@ -749,9 +774,11 @@ module FastlaneCore
       if should_use_altool?(altool_compatible_command, use_shell_script)
         UI.verbose("Using altool as transporter.")
         @transporter_executor = AltoolTransporterExecutor.new
+        @provider_public_id = provider_public_id
       else
         UI.verbose("Using iTMSTransporter as transporter.")
         @transporter_executor = use_shell_script ? ShellScriptTransporterExecutor.new : JavaTransporterExecutor.new
+        @provider_public_id = nil
       end
 
       @provider_short_name = provider_short_name
@@ -837,8 +864,10 @@ module FastlaneCore
       api_key_placeholder = use_api_key ? { key_id: "YourKeyID", issuer_id: "YourIssuerID", key_dir: "YourTmpP8KeyDir" } : nil
       api_key = @transporter_executor.prepare(original_api_key: @api_key)
 
-      command = @transporter_executor.build_upload_command(@user, @password, actual_dir, @provider_short_name, @jwt, platform, api_key)
-      UI.verbose(@transporter_executor.build_upload_command(@user, password_placeholder, actual_dir, @provider_short_name, jwt_placeholder, platform, api_key_placeholder))
+      upload_options = { provider_short_name: @provider_short_name, provider_public_id: @provider_public_id, jwt: @jwt, platform: platform, api_key: api_key }
+      upload_options_placeholder = { provider_short_name: @provider_short_name, provider_public_id: @provider_public_id, jwt: jwt_placeholder, platform: platform, api_key: api_key_placeholder }
+      command = @transporter_executor.build_upload_command(@user, @password, actual_dir, upload_options)
+      UI.verbose(@transporter_executor.build_upload_command(@user, password_placeholder, actual_dir, upload_options_placeholder))
 
       begin
         result = @transporter_executor.execute(command, ItunesTransporter.hide_transporter_output?)
@@ -898,8 +927,10 @@ module FastlaneCore
       api_key_placeholder = use_api_key ? { key_id: "YourKeyID", issuer_id: "YourIssuerID", key_dir: "YourTmpP8KeyDir" } : nil
       api_key = @transporter_executor.prepare(original_api_key: @api_key)
 
-      command = @transporter_executor.build_verify_command(@user, @password, actual_dir, @provider_short_name, jwt: @jwt, platform: platform, api_key: api_key)
-      UI.verbose(@transporter_executor.build_verify_command(@user, password_placeholder, actual_dir, @provider_short_name, jwt: jwt_placeholder, platform: platform, api_key: api_key_placeholder))
+      verify_options = { provider_short_name: @provider_short_name, provider_public_id: @provider_public_id, jwt: @jwt, platform: platform, api_key: api_key }
+      verify_options_placeholder = { provider_short_name: @provider_short_name, provider_public_id: @provider_public_id, jwt: jwt_placeholder, platform: platform, api_key: api_key_placeholder }
+      command = @transporter_executor.build_verify_command(@user, @password, actual_dir, verify_options)
+      UI.verbose(@transporter_executor.build_verify_command(@user, password_placeholder, actual_dir, verify_options_placeholder))
 
       begin
         result = @transporter_executor.execute(command, ItunesTransporter.hide_transporter_output?)

data/fastlane_core/lib/fastlane_core/video_utils.rb

@@ -0,0 +1,202 @@
+require "fastlane_core/ui/ui"
+
+# Reference for the MP4/QuickTime container (video atoms/boxes structure): ISO/IEC 14496-12:2022 (base media file format) - defines atoms like moov/trak/tkhd
+# - https://observablehq.com/@benjamintoofer/iso-base-media-file-format
+# - https://developer.apple.com/documentation/quicktime-file-format
+module FastlaneCore
+  module VideoUtils
+    # Pure Ruby MP4/QuickTime MOV container header parser, reading tkhd to get width/height.
+    # Note: This reads container atoms/boxes only; it does NOT parse the video codec bitstream.
+    # Works regardless of codec as long as standard container headers exist.
+    # Input: path (String) to a local MP4/MOV file.
+    # Output: [width, height] (Array<Integer>) normalized to portrait (w <= h), or nil on failure.
+    def self.read_video_resolution(path)
+      File.open(path, "rb") do |f|
+        file_size = f.size
+        while f.pos < file_size
+          size, type = read_atom_header(f)
+          break unless size && type
+          return nil if size < 8
+          content = size - 8
+          if type == "moov"
+            moov_end = f.pos + content
+            resolution = extract_resolution_from_moov(f, moov_end)
+            return resolution if resolution
+          else
+            skip(f, content)
+          end
+        end
+      end
+      nil
+    rescue => e
+      FastlaneCore::UI.verbose("Failed to parse resolution for '#{path}': #{e.class} - #{e.message}")
+      nil
+    end
+
+    # Pure Ruby MP4/QuickTime MOV container header parser reading mvhd to get duration in seconds.
+    # Note: Uses movie header (mvhd) time scale/duration, not per-track edit lists; adequate for gating.
+    # Input: path (String) to a local MP4/MOV file.
+    # Output: duration in seconds (Float), or nil on failure.
+    def self.read_video_duration_seconds(path)
+      File.open(path, "rb") do |f|
+        file_size = f.size
+        while f.pos < file_size
+          size, type = read_atom_header(f)
+          break unless size && type
+          return nil if size < 8
+          content = size - 8
+          if type == "moov"
+            moov_end = f.pos + content
+            duration = extract_duration_from_moov(f, moov_end)
+            return duration if duration
+          else
+            skip(f, content)
+          end
+        end
+      end
+      nil
+    rescue => e
+      FastlaneCore::UI.verbose("Failed to parse duration for '#{path}': #{e.class} - #{e.message}")
+      nil
+    end
+
+    # Reads the moov box and returns [w, h] if found in any trak/tkhd, else nil.
+    # Input: io (IO) positioned at moov contents; moov_end (Integer) absolute end offset.
+    # Output: [width, height] or nil.
+    def self.extract_resolution_from_moov(io, moov_end)
+      while io.pos < moov_end
+        atom_size, atom_type = read_atom_header(io)
+        break unless atom_size && atom_type
+        return nil if atom_size < 8
+        if atom_type == "trak"
+          trak_end = io.pos + (atom_size - 8)
+          resolution = extract_resolution_from_trak(io, trak_end)
+          return resolution if resolution
+          io.seek(trak_end, IO::SEEK_SET)
+        else
+          skip(io, atom_size - 8)
+        end
+      end
+      nil
+    end
+
+    # Reads the moov box and returns duration in seconds if mvhd is found, else nil.
+    # Input: io (IO) positioned at moov contents; moov_end (Integer) absolute end offset.
+    # Output: Float seconds or nil.
+    def self.extract_duration_from_moov(io, moov_end)
+      while io.pos < moov_end
+        atom_size, atom_type = read_atom_header(io)
+        break unless atom_size && atom_type
+        return nil if atom_size < 8
+        if atom_type == "mvhd"
+          return parse_mvhd(io)
+        else
+          skip(io, atom_size - 8)
+        end
+      end
+      nil
+    end
+
+    # Reads a single trak box to locate tkhd and extract resolution.
+    # Input: io (IO) positioned at trak contents; trak_end (Integer) absolute end offset.
+    # Output: [width, height] or nil.
+    def self.extract_resolution_from_trak(io, trak_end)
+      while io.pos < trak_end
+        trak_size, trak_type = read_atom_header(io)
+        break unless trak_size && trak_type
+        return nil if trak_size < 8
+        if trak_type == "tkhd"
+          return parse_tkhd(io)
+        else
+          skip(io, trak_size - 8)
+        end
+      end
+      nil
+    end
+
+    # Parses mvhd box fields to read duration.
+    # Input: io (IO) positioned at the start of mvhd payload after its header.
+    # Output: Float seconds or nil.
+    def self.parse_mvhd(io)
+      version_flags = io.read(4)
+      return nil unless version_flags && version_flags.length == 4
+      version = version_flags.getbyte(0)
+      if version == 1
+        skip(io, 8) # creation_time (u64)
+        skip(io, 8) # modification_time (u64)
+        timescale = read_u32(io)
+        duration = read_u64(io) # u64
+      else
+        skip(io, 4) # creation_time (u32)
+        skip(io, 4) # modification_time (u32)
+        timescale = read_u32(io)
+        duration = read_u32(io) # u32
+      end
+      return nil unless timescale && timescale > 0
+      return nil unless duration
+      duration.to_f / timescale
+    end
+
+    # Parses tkhd box fields to read fixed-point width and height (16.16).
+    # Input: io (IO) positioned at the start of tkhd payload after its header.
+    # Output: [width, height] or nil.
+    def self.parse_tkhd(io)
+      video_flags = io.read(4)
+      return nil unless video_flags && video_flags.length == 4
+      version = video_flags.getbyte(0)
+      if version == 1
+        skip(io, 8 * 2) # creation, modification (u64)
+        skip(io, 4)     # track id (u32)
+        skip(io, 4)     # reserved
+        skip(io, 8)     # duration (u64)
+      else
+        skip(io, 4 * 3) # creation, modification, track id (u32)
+        skip(io, 4)     # reserved
+        skip(io, 4)     # duration (u32)
+      end
+      skip(io, 8)       # reserved
+      skip(io, 2)       # layer (u16)
+      skip(io, 2)       # alt group (u16)
+      skip(io, 2)       # volume (u16)
+      skip(io, 2)       # reserved
+      skip(io, 36)      # matrix
+      # width/height (fixed point 16.16)
+      width_fixed = read_u32(io)
+      height_fixed = read_u32(io)
+      return nil unless width_fixed && height_fixed
+      width = (width_fixed >> 16)
+      height = (height_fixed >> 16)
+      [width, height]
+    end
+
+    # Read a big-endian 32-bit unsigned integer; returns Integer or nil if insufficient data.
+    def self.read_u32(io)
+      bytes = io.read(4)
+      return nil unless bytes && bytes.length == 4
+      bytes.unpack1("N") # 32-bit unsigned, network (big-endian) byte order
+    end
+
+    # Read a big-endian 64-bit unsigned integer; returns Integer or nil if insufficient data.
+    def self.read_u64(io)
+      bytes = io.read(8)
+      return nil unless bytes && bytes.length == 8
+      bytes.unpack1("Q>") # 64-bit unsigned, big-endian
+    end
+
+    # Read an atom/box header: returns [size(Integer), type(String)] or nil.
+    def self.read_atom_header(io)
+      size = read_u32(io)
+      return nil unless size
+      type = io.read(4)
+      return nil unless type && type.length == 4
+      [size, type]
+    end
+
+    # Advance the IO cursor by n bytes.
+    def self.skip(io, n)
+      io.seek(n, IO::SEEK_CUR)
+    end
+
+    private_class_method :extract_resolution_from_moov, :extract_duration_from_moov, :extract_resolution_from_trak, :parse_tkhd, :parse_mvhd, :read_u32, :read_u64, :read_atom_header, :skip
+  end
+end

data/frameit/lib/frameit/device_types.rb

@@ -173,8 +173,8 @@ module Frameit
     IPHONE_13_MINI ||= Device.new("iphone-13-mini", "Apple iPhone 13 Mini", 11, [[1080, 2340], [2340, 1080]], 476, Color::MIDNIGHT, Platform::IOS)
     IPHONE_14 ||= Device.new("iphone-14", "Apple iPhone 14", 12, [[1170, 2532], [2532, 1170]], 460, Color::MIDNIGHT, Platform::IOS)
     IPHONE_14_PLUS ||= Device.new("iphone-14-plus", "Apple iPhone 14 Plus", 12, [[1284, 2778], [2778, 1284]], 458, Color::MIDNIGHT, Platform::IOS)
-    IPHONE_14_PRO ||= Device.new("iphone-14-pro", "Apple iPhone 14 Pro", 12, [[1179, 2556], [2556, 1179]], 460, Color::PURPLE, Platform::IOS)
-    IPHONE_14_PRO_MAX ||= Device.new("iphone14-pro-max", "Apple iPhone 14 Pro Max", 12, [[1290, 2796], [2796, 1290]], 458, Color::PURPLE, Platform::IOS)
+    IPHONE_14_PRO ||= Device.new("iphone-14-pro", "Apple iPhone 14 Pro", 12, [[1179, 2556], [2556, 1179]], 460, Color::BLACK, Platform::IOS)
+    IPHONE_14_PRO_MAX ||= Device.new("iphone14-pro-max", "Apple iPhone 14 Pro Max", 12, [[1290, 2796], [2796, 1290]], 458, Color::BLACK, Platform::IOS)
     IPAD_10_2 ||= Device.new("ipad-10-2", "Apple iPad 10.2", 1, [[1620, 2160], [2160, 1620]], 264, Color::SPACE_GRAY, Platform::IOS)
     IPAD_AIR_2 ||= Device.new("ipad-air-2", "Apple iPad Air 2", 1, [[1536, 2048], [2048, 1536]], 264, Color::SPACE_GRAY, Platform::IOS, DEVICE_SCREEN_IDS[DisplayType::APP_IPAD_97])
     IPAD_AIR_2019 ||= Device.new("ipad-air-2019", "Apple iPad Air (2019)", 2, [[1668, 2224], [2224, 1668]], 265, Color::SPACE_GRAY, Platform::IOS)

data/gym/lib/gym/generators/build_command_generator.rb

@@ -152,7 +152,8 @@ module Gym
       end
 
       def xcodebuild_log_path
-        file_name = "#{Gym.project.app_name}-#{Gym.config[:scheme]}.log"
+        app_name = Gym.config[:app_name] || Gym.project.app_name
+        file_name = "#{app_name}-#{Gym.config[:scheme]}.log"
         containing = File.expand_path(Gym.config[:buildlog_path])
         FileUtils.mkdir_p(containing)
 

data/gym/lib/gym/options.rb

@@ -65,6 +65,11 @@ module Gym
                                      env_name: "GYM_OUTPUT_NAME",
                                      description: "The name of the resulting ipa file",
                                      optional: true),
+        FastlaneCore::ConfigItem.new(key: :app_name,
+                                     env_name: "GYM_APP_NAME",
+                                     optional: true,
+                                     description: "App name to use in logfile name",
+                                     type: String),
         FastlaneCore::ConfigItem.new(key: :configuration,
                                      short_option: "-q",
                                      env_name: "GYM_CONFIGURATION",

data/match/lib/match/generator.rb

@@ -115,7 +115,9 @@ module Match
       arguments = FastlaneCore::Configuration.create(Sigh::Options.available_options, values)
 
       Sigh.config = arguments
-      path = Sigh::Manager.start
+
+      keychain_path = FastlaneCore::Helper.keychain_path(params[:keychain_name]) if Helper.mac? && params[:keychain_name]
+      path = Sigh::Manager.start(keychain_path: keychain_path)
       return path
     end
 

data/match/lib/match/options.rb

@@ -215,6 +215,11 @@ module Match
                                      description: "S3 secret access key",
                                      sensitive: true,
                                      optional: true),
+        FastlaneCore::ConfigItem.new(key: :s3_session_token,
+                                     env_name: "MATCH_S3_SESSION_TOKEN",
+                                     description: "S3 session token",
+                                     sensitive: true,
+                                     optional: true),
         FastlaneCore::ConfigItem.new(key: :s3_bucket,
                                      env_name: "MATCH_S3_BUCKET",
                                      description: "Name of the S3 bucket",

data/match/lib/match/runner.rb

@@ -160,6 +160,7 @@ module Match
 
     def fetch_certificate(params: nil, renew_expired_certs: false, specific_cert_type: nil)
       cert_type = Match.cert_type_sym(specific_cert_type || params[:type])
+      certificate_id = specific_cert_type.nil? ? params[:certificate_id] : nil
 
       certs = Dir[File.join(prefixed_working_directory, "certs", cert_type.to_s, "*.cer")]
       keys = Dir[File.join(prefixed_working_directory, "certs", cert_type.to_s, "*.p12")]
@@ -174,7 +175,7 @@ module Match
 
       # Validate existing certificate first.
       if renew_expired_certs && is_cert_renewable && storage_has_certs && !params[:readonly]
-        cert_path = select_cert_or_key(paths: certs)
+        cert_path = select_cert_or_key(paths: certs, certificate_id: certificate_id)
 
         unless Utils.is_cert_valid?(cert_path)
           UI.important("Removing invalid certificate '#{File.basename(cert_path)}'")
@@ -209,7 +210,7 @@ module Match
         # Reset certificates cache since we have a new cert.
         self.cache.reset_certificates
       else
-        cert_path = select_cert_or_key(paths: certs)
+        cert_path = select_cert_or_key(paths: certs, certificate_id: certificate_id)
 
         # Check validity of certificate
         if Utils.is_cert_valid?(cert_path)
@@ -233,7 +234,7 @@ module Match
             # Import the private key
             # there seems to be no good way to check if it's already installed - so just install it
             # Key will only be added to the partition list if it isn't already installed
-            Utils.import(select_cert_or_key(paths: keys), params[:keychain_name], password: params[:keychain_password])
+            Utils.import(select_cert_or_key(paths: keys, certificate_id: certificate_id), params[:keychain_name], password: params[:keychain_password])
           end
         else
           UI.message("Skipping installation of certificate as it would not work on this operating system.")
@@ -241,7 +242,7 @@ module Match
 
         if params[:output_path]
           FileUtils.cp(cert_path, params[:output_path])
-          FileUtils.cp(select_cert_or_key(paths: keys), params[:output_path])
+          FileUtils.cp(select_cert_or_key(paths: keys, certificate_id: certificate_id), params[:output_path])
         end
 
         # Get and print info of certificate
@@ -253,9 +254,13 @@ module Match
     end
 
     # @return [String] Path to certificate or P12 key
-    def select_cert_or_key(paths:)
-      cert_id_path = ENV['MATCH_CERTIFICATE_ID'] ? paths.find { |path| path.include?(ENV['MATCH_CERTIFICATE_ID']) } : nil
-      cert_id_path || paths.last
+    def select_cert_or_key(paths:, certificate_id: nil)
+      return paths.last if certificate_id.to_s.strip.empty?
+
+      cert_id_path = paths.find { |path| File.basename(path, File.extname(path)) == certificate_id }
+      return cert_id_path if cert_id_path
+
+      UI.user_error!("No certificate or key found for certificate_id '#{certificate_id}'")
     end
 
     # rubocop:disable Metrics/PerceivedComplexity

data/match/lib/match/storage/s3_storage.rb

@@ -26,6 +26,7 @@ module Match
         s3_region = params[:s3_region]
         s3_access_key = params[:s3_access_key]
         s3_secret_access_key = params[:s3_secret_access_key]
+        s3_session_token = params[:s3_session_token]
         s3_bucket = params[:s3_bucket]
         s3_object_prefix = params[:s3_object_prefix]
 
@@ -40,6 +41,7 @@ module Match
           s3_region: s3_region,
           s3_access_key: s3_access_key,
           s3_secret_access_key: s3_secret_access_key,
+          s3_session_token: s3_session_token,
           s3_bucket: s3_bucket,
           s3_object_prefix: s3_object_prefix,
           readonly: params[:readonly],
@@ -54,6 +56,7 @@ module Match
       def initialize(s3_region: nil,
                      s3_access_key: nil,
                      s3_secret_access_key: nil,
+                     s3_session_token: nil,
                      s3_bucket: nil,
                      s3_object_prefix: nil,
                      readonly: nil,
@@ -64,7 +67,7 @@ module Match
                      api_key: nil)
         @s3_bucket = s3_bucket
         @s3_region = s3_region
-        @s3_client = Fastlane::Helper::S3ClientHelper.new(access_key: s3_access_key, secret_access_key: s3_secret_access_key, region: s3_region)
+        @s3_client = Fastlane::Helper::S3ClientHelper.new(access_key: s3_access_key, secret_access_key: s3_secret_access_key, session_token: s3_session_token, region: s3_region)
         @s3_object_prefix = s3_object_prefix.to_s
         @readonly = readonly
         @username = username

data/match/lib/match/storage.rb

@@ -46,6 +46,7 @@ module Match
               s3_region: params[:s3_region],
               s3_access_key: params[:s3_access_key],
               s3_secret_access_key: params[:s3_secret_access_key],
+              s3_session_token: params[:s3_session_token],
               s3_bucket: params[:s3_bucket],
               s3_object_prefix: params[:s3_object_prefix],
               readonly: params[:readonly],