iOS code signing on CI servers

How to code sign iOS apps

iOS code signing on CI servers

Code signing on a CI server does not quite work as it does locally. The CI machines have no knowledge about your local code signing setup and you would have to separately make the code signing configuration available to the machine running your CI builds.

Very often this is done by manually uploading the signing certificate and the provisioning profile to the service you are using. However, this might become an annoyance as certificates expire or provisioning profiles get updated with new devices. Luckily, there are also ways to automate code signing files management.

Many CI services integrate with fastlane match for easier iOS code signing. Match requires setting up a Git repository or a cloud storage for your code signing files and allows the entire team to use the same credentials for code signing. Normally, using Match also requires using fastlane’s commands for building the app.

Other services like Codemagic CI/CD have developed their own code signing implementation and integrate with Apple’s services to automate signing files management. Full integration with Apple Developer portal and App Store Connect comes with the benefit of making it possible to also automate deployment of the .ipa archive to App Store Connect.