[GH-ISSUE #712] CI Integrations: create and publish a first-party Bitrise Step for asc #193

New issue

Closed

opened 2026-02-26 21:33:57 +03:00 by kerem · 1 comment

kerem commented 2026-02-26 21:33:57 +03:00

Owner

Copy link

Originally created by @rudrankriyam on GitHub (Feb 21, 2026).
Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/712

Problem

Bitrise users currently need to copy/paste shell snippets to install and run asc in workflows.

That leads to duplicated setup, inconsistent auth handling, and weaker discoverability in Bitrise’s ecosystem.

Goal

Publish a first-party Bitrise Step for asc with secure inputs, clean outputs, and official Step Library availability.

Research (reference implementations and guidance)

Bitrise step authoring docs

• New step development flow (bitrise :step create), step.yml interface, and sharing/review process.
  • https://docs.bitrise.io/en/bitrise-ci/workflows-and-pipelines/developing-your-own-bitrise-step/developing-a-new-step.html
• Step creation templates (current plugin templates, not deprecated legacy template).
  • https://github.com/bitrise-io/bitrise-plugins-step/tree/master/create/templates

High-quality Step references

• steps-git-clone (excellent step.yml UX: categories, strong descriptions, CI-safe defaults, run_if: .IsCI).
  • https://github.com/bitrise-steplib/steps-git-clone
• steps-certificate-and-profile-installer (sensitive input handling + iOS-focused conventions).
  • https://github.com/bitrise-steplib/steps-certificate-and-profile-installer
• steps-script (simple utility pattern with practical defaults and debug inputs).
  • https://github.com/bitrise-steplib/steps-script

Proposal (v1 scope)

Create a dedicated step repo (suggestion: rudrankriyam/steps-asc-cli) and publish to bitrise-steplib.

Step behavior (v1)

Single step with two modes:

1. Install only (mode=install)
2. Install + run (mode=run)

Inputs (minimum)

• version (default latest)
• mode (install / run)
• command (required when mode=run)
• working_dir (default $BITRISE_SOURCE_DIR)
• profile (optional)
• debug (yes/no)

Optional auth-related inputs (sensitive where needed):

• key_id
• issuer_id
• private_key_path / private_key
• bypass_keychain

Outputs (minimum)

• ASC_CLI_PATH
• ASC_CLI_VERSION
• ASC_COMMAND_EXIT_CODE (when run mode)

Design constraints

• Secrets must be marked sensitive in step.yml.
• No secrets echoed in logs.
• Keep setup deterministic and idempotent.
• Avoid brittle assumptions about stack image beyond standard shell tools.

Test and publishing requirements

• Include bitrise.yml for local and CI testing.
• Required checks:
  • step audit/lint (audit-this-step equivalent flow)
  • install path works
  • run mode executes a harmless asc command successfully
• Validate on at least one macOS stack and one Linux stack.
• Submit StepLib PR for catalog visibility.

Deliverables

• Step repo with:
  • step.yml
  • implementation (step.sh or Go toolkit)
  • README.md
  • bitrise.yml test workflows
• StepLib submission PR
• Documentation snippet for using the step in iOS release workflows

Acceptance criteria

• Step is published and searchable in Bitrise Step Library.
• Install-only and install+run modes both pass on Bitrise macOS and Linux stacks.
• Sensitive inputs are properly masked.
• Outputs are exported and consumable by downstream steps.
• README includes copy-paste examples for common asc workflows.

Nice-to-have follow-ups

• Add a dedicated “auth bootstrap” step if demand warrants separation of concerns.
• Add optional built-in retry/backoff for release asset download failures.

Originally created by @rudrankriyam on GitHub (Feb 21, 2026). Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/712 ## Problem Bitrise users currently need to copy/paste shell snippets to install and run `asc` in workflows. That leads to duplicated setup, inconsistent auth handling, and weaker discoverability in Bitrise’s ecosystem. ## Goal Publish a **first-party Bitrise Step** for `asc` with secure inputs, clean outputs, and official Step Library availability. ## Research (reference implementations and guidance) ### Bitrise step authoring docs - New step development flow (`bitrise :step create`), `step.yml` interface, and sharing/review process. - https://docs.bitrise.io/en/bitrise-ci/workflows-and-pipelines/developing-your-own-bitrise-step/developing-a-new-step.html - Step creation templates (current plugin templates, not deprecated legacy template). - https://github.com/bitrise-io/bitrise-plugins-step/tree/master/create/templates ### High-quality Step references - `steps-git-clone` (excellent `step.yml` UX: categories, strong descriptions, CI-safe defaults, `run_if: .IsCI`). - https://github.com/bitrise-steplib/steps-git-clone - `steps-certificate-and-profile-installer` (sensitive input handling + iOS-focused conventions). - https://github.com/bitrise-steplib/steps-certificate-and-profile-installer - `steps-script` (simple utility pattern with practical defaults and debug inputs). - https://github.com/bitrise-steplib/steps-script ## Proposal (v1 scope) Create a dedicated step repo (suggestion: `rudrankriyam/steps-asc-cli`) and publish to `bitrise-steplib`. ### Step behavior (v1) Single step with two modes: 1. **Install only** (`mode=install`) 2. **Install + run** (`mode=run`) ### Inputs (minimum) - `version` (default `latest`) - `mode` (`install` / `run`) - `command` (required when `mode=run`) - `working_dir` (default `$BITRISE_SOURCE_DIR`) - `profile` (optional) - `debug` (`yes/no`) Optional auth-related inputs (sensitive where needed): - `key_id` - `issuer_id` - `private_key_path` / `private_key` - `bypass_keychain` ### Outputs (minimum) - `ASC_CLI_PATH` - `ASC_CLI_VERSION` - `ASC_COMMAND_EXIT_CODE` (when run mode) ## Design constraints - Secrets must be marked sensitive in `step.yml`. - No secrets echoed in logs. - Keep setup deterministic and idempotent. - Avoid brittle assumptions about stack image beyond standard shell tools. ## Test and publishing requirements - Include `bitrise.yml` for local and CI testing. - Required checks: - step audit/lint (`audit-this-step` equivalent flow) - install path works - run mode executes a harmless `asc` command successfully - Validate on at least one macOS stack and one Linux stack. - Submit StepLib PR for catalog visibility. ## Deliverables - Step repo with: - `step.yml` - implementation (`step.sh` or Go toolkit) - `README.md` - `bitrise.yml` test workflows - StepLib submission PR - Documentation snippet for using the step in iOS release workflows ## Acceptance criteria - Step is published and searchable in Bitrise Step Library. - Install-only and install+run modes both pass on Bitrise macOS and Linux stacks. - Sensitive inputs are properly masked. - Outputs are exported and consumable by downstream steps. - README includes copy-paste examples for common `asc` workflows. ## Nice-to-have follow-ups - Add a dedicated “auth bootstrap” step if demand warrants separation of concerns. - Add optional built-in retry/backoff for release asset download failures.

kerem 2026-02-26 21:33:57 +03:00

• closed this issue
• added the
  enhancement
  label

kerem commented 2026-02-26 21:33:58 +03:00

Author

Owner

Copy link

@rudrankriyam commented on GitHub (Feb 21, 2026):

Implemented in the dedicated Bitrise step repository:
https://github.com/rudrankriyam/steps-setup-asc

This issue’s requested deliverables (step.yml, step.sh, bitrise.yml, README, and CI validation) now live there.

<!-- gh-comment-id:3939073651 --> @rudrankriyam commented on GitHub (Feb 21, 2026): Implemented in the dedicated Bitrise step repository: https://github.com/rudrankriyam/steps-setup-asc This issue’s requested deliverables (step.yml, step.sh, bitrise.yml, README, and CI validation) now live there.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

0.49.1

0.49.0

0.48.1

0.48.0

0.47.1

0.47.0

0.46.2

0.46.1

0.46.0

0.45.4

0.45.3

0.45.2

0.45.1

0.45.0

0.44.2

0.44.1

0.44.0

0.43.0

0.42.0

0.41.4

0.41.3

0.41.2

0.41.1

0.41.0

0.40.1

0.40.0

0.39.1

0.39.0

0.38.3

0.38.2

0.38.1

0.38.0

0.37.3

0.37.2

0.37.1

0.37.0

0.36.3

0.36.2

0.36.1

0.36.0

0.35.3

0.35.2

0.35.1

0.35.0

0.34.1

0.34.0

0.33.2

0.33.1

0.33.0

0.32.0

0.31.3

0.31.2

0.31.1

0.31.0

0.30.0

0.29.3

0.29.2

0.29.1

0.29.0

0.28.14

0.28.13

0.28.12

0.28.11

0.28.10

0.28.9

0.28.8

0.28.7

0.28.6

0.28.5

0.28.4

0.28.3

0.28.2

0.28.1

0.28.0

0.27.0

0.26.4

0.26.3

0.26.2

0.26.1

0.26.0

0.25.4

0.25.3

0.25.1

0.25.0

0.24.3

0.24.2

0.24.1

0.24.0

0.23.5

0.23.4

0.23.3

0.23.2

0.23.1

0.23.0

0.22.1

0.22.0

0.21.0

0.20.2

0.20.1

0.20.0

0.19.3

0.19.2

0.19.1

0.19.0

0.18.2

0.18.1

0.18.0

0.17.0

0.16.0

0.15.0

0.14.0

0.13.0

0.12.4

0.12.3

0.12.2

0.12.1

0.12.0

0.11.0

0.10.2

0.10.1

0.10.0

0.9.0

0.8.1

0.8.0

0.7.0

0.6.0

0.5.0

0.3.1

0.3.0

0.2.0

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Labels

Clear labels   

bug

  

bug

  

documentation

  

enhancement

  

pull-request

Mirrored from GitHub Pull Request

No labels

bug

bug

documentation

enhancement

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/App-Store-Connect-CLI#193

No description provided.