In Part 1, we set up two Fastlane commands:
bumpto increase the building number and
send_to_testflightto upload the build to our TestFlight group
Let's configure CircleCI to run these commands for us when new features are delivered to our main branch.
Initial CircleCI Setup
Let's say to Circle CI that we want it to run some projects for us. Click the CircleCIs Add Projects tab. Find your repository in the list and click
Set Up Project . Follow the original installation steps on that page, and then click
Start Construction .
Delete the build number
config.yaml add a new job to your job list:
bump-build: Mac os: xcode: "10.2.0" environment: # Silence alert from Fastlane - LC_ALL: "no_US.UTF-8" - LONG: "no_US.UTF-8" steps: - Check out # Install the fixed lane and its dependencies - run: name: install Brewfile command: brew bundle - run: name: Install pearl dependencies command: package install # Securely connect to GitHub - add_ssh_keys: fingerprint: - "SO: ME: FI: NG: ER: PR: IN: T" # Call the support box - run: name: Delete the building number and commit yourself command: bundle exec fastlane bump
The interesting part is
add_ssh_keys . Distribution keys give CircleCI access to your code. Although you can enter a service development key in CircleCI, it only provides read access.
fixedlane bump command needs write access to push the version hump to master. Therefore, we must generate and register a user-distributed key with write access by following these instructions. Paste the key fingerprint here.
- That key should be added to the project database settings in GitHub
- The fingerprint in this step should match.
Submit to TestFlight
Let's add the submission job to TestFlight:
submit_to_testflight: Mac os: xcode: "10.2.0" environment: # Silence alert from Fastlane - LC_ALL: "no_US.UTF-8" - LONG: "no_US.UTF-8" steps: - Check out # Install the fixed lane and its dependencies - run: name: install Brewfile command: brew bundle - run: name: Install pearl dependencies command: package install # Securely connect to GitHub - add_ssh_keys: fingerprint: - "SO: ME: FI: NG: ER: PR: IN: T" # Call the submission file - run: name: Distribute new build to TestFlight command: bundle exec fastlane submit_to_testflight
This looks very much like the build step. In fact, the only differences are:
- We install a differently SSH key
- Our final command is now
This SSH key is the one that Circle CI will use to download the credentials from the repo that
fastlane match uses to store them. If you try to use your key from earlier, GitHub will reject it. Instead, repeat the same key generation process again and add the fingerprint for the SSH key associated with the information here.
Build the workflow
Now that we've got two jobs, let's put them together in one workflow:
# Defines workflow for the jobs specified above workflow: version: 2 build-test-lint: jobs: - build and test: filters: tags: only: /.*/ bult-building: requires: - build and test filters: branches: only: master tags: only: /.*/ - distribute beta: requires: - build and test filters: branches: ignore: /.*/ tags: just: /^builds.*/strong19659011??That's a lot. Let's look at each job in that workflow separately.- build-and-test: filters: tags: only: /.*/strong19659011??This builds and tests any commitments to any branch. See CircleCI's excellent guide to configuring automated tests.
The filter here is strange. Why should we filter for a regex that matches everything? This is how CircleCI knows that it will trigger this workflow for either either a tag match or a branch match. It looks superfluous right now, but adding "just run it for each tag" filter means we can specify "just run it for specific tags" in later, dependent jobs.- bump-build: requires: - build and test filters: branches: only: master tags: only: /.*/strong19659011achteThis is driving our
fastlane shockjob. This will only run on the main branch and run with any specified code. And it will only run after the
Just as before, the "filter for just all the tags " seems redundant, but it is not. Now that our parenting task has begun to filter by tags, if any job does not specify a tag filter, all tag filters will be ignored.
And now, the grand finale for CI config:  - distribute-to-test flow: requires: - build and test filters: branches: ignore: /.*/ tags: only: /^builds.*/strong19659011??In the end, the distribution task ignores our branches and is triggered only if it sees a code starting with
builds. You can probably make the regex tag more specific, but this is good enough for me.
Both of these
filtersvalues are OR aggregated. If we specified
branches: only: masterwith this filter code, it would run for every commit on master and also all obligations starting with
builds. Ignoring the branch completely and having
buildcodes just added to the master is the only way to achieve the desired effect.
Your automated process should now look like this:
Configure the CircleCI environment
You're not done yet! There are some states on your local machine that you need to go into CircleCI and add as environment variables. Specifically:
MATCH_PASSWORD- This is the password you use to decrypt the fixed-line credentials.
FASTLANE_PASSWORD- This is the Apple ID password for the account you are using to submit builds to Apple.
If the shared build account follows the landline recommendation and does not have two-factor authentication enabled, you are done. Otherwise, you will need these additional environment variables:
FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD- This can be generated in Apple ID settings, under Security> Generate Password.
FASTLANE_SESSION- suction token for two-factor authentication. To generate, enter the following command into the terminal using the build account's email address:
fastlane spaceauth -u email@example.com
FASTLANE_SESSIONexpires after one month. You must update this environment variable monthly to keep the build process automatic. Unfortunately, it is the best fixed line can do.
Hope for the best
That's it! Make your commitments, have them reviewed and merged to master, and about 20-30 minutes later you should receive a notification that you have been given a new build to download from TestFlight.
If you look anxiously at the workflow process as this continues, you should see each of the five jobs:
- Test your commitments with
- Increase the build number by
bump-buildand tag the commit.
- Test build tag commit with
bump-buildwith no effect on code commit.
- Distribute with