[GH-ISSUE #711] CI Integrations: publish an official CircleCI Orb for asc #194

New issue

Closed

opened 2026-02-26 21:33:57 +03:00 by kerem · 2 comments

kerem commented 2026-02-26 21:33:57 +03:00

Owner

Copy link

Originally created by @rudrankriyam on GitHub (Feb 21, 2026).
Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/711

Problem

We have a strong GitHub Actions integration (setup-asc), but CircleCI users still need to hand-roll installation/auth steps for asc in every project.

This creates friction for adoption and makes automation less consistent across teams.

Goal

Publish a first-party CircleCI Orb for asc with production-grade defaults, security handling, and versioned releases.

Research (reference implementations and guidance)

CircleCI Orb authoring guidance

• Orb best practices: descriptions for every component, minimal noisy steps, secure secret handling, semver discipline.
  • https://circleci.com/docs/orbs/author/orbs-best-practices
• Orb creation and publishing workflow (namespace, validate, publish/promote).
  • https://circleci.com/docs/orbs/author/create-an-orb
  • https://circleci.com/docs/orbs/author/orb-author-validate-publish

High-quality Orb references

• circleci/aws-cli orb (install/setup separation, installer robustness, multi-platform script structure).
  • https://github.com/CircleCI-Public/aws-cli-orb
• circleci/github-cli orb (great pattern for install + setup, token handling via env_var_name, usage examples).
  • https://github.com/CircleCI-Public/github-cli-orb
• Orb project template + orb-tools publishing pipeline.
  • https://github.com/CircleCI-Public/Orb-Template

Proposal (v1 scope)

Create a dedicated orb repo (suggestion: rudrankriyam/asc-orb) and publish as rudrankriyam/asc.

Commands

1. install
   • Installs asc from release assets (versioned) with optional checksum validation.
2. setup-auth
   • Configures environment for asc auth using env var names (not raw secrets in config).
3. run
   • Executes a provided asc command string with optional working directory and output options.

Parameters (minimum)

• version (string, default latest)
• install_path (string, default /usr/local/bin)
• checksum (string, optional)
• profile (string, optional)
• Secret/env-var-name style params for auth fallback paths (env_var_name where appropriate)
• when (on_success/on_fail/always)

Design constraints

• Do not hardcode secrets in config.
• Use env_var_name for sensitive values to match CircleCI security conventions.
• Keep command steps compact and clearly named.
• Prefer stable install path defaults, but make path configurable.

Testing & release requirements

• Use circleci/orb-tools for lint/pack/review/publish flow.
• Add integration test jobs that verify:
  • asc --version
  • asc --help
  • one no-side-effect command path
• Publish dev orbs on PRs and production only on semver tags.
• Include at least 3 registry examples (install, setup+run, end-to-end workflow usage).

Deliverables

• New orb repo with full source (src/@orb.yml, commands, scripts, examples)
• CI for orb validation/testing/publishing
• Registry publication and docs
• README with migration snippets from inline CircleCI steps to orb usage

Acceptance criteria

• rudrankriyam/asc orb is publicly discoverable in CircleCI Orb Registry.
• install, setup-auth, and run commands work in Linux and macOS CircleCI executors.
• Secrets are handled via env-var name patterns and never echoed.
• Tagged release (v1.0.0) published with changelog and usage examples.
• At least one real project (this repo or a sample repo) consumes the orb successfully.

Nice-to-have follow-ups

• Add higher-level jobs (e.g. testflight-release) after core command stability.
• Add checksum/signature verification improvements for stricter supply-chain guarantees.

Originally created by @rudrankriyam on GitHub (Feb 21, 2026). Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/711 ## Problem We have a strong GitHub Actions integration (`setup-asc`), but CircleCI users still need to hand-roll installation/auth steps for `asc` in every project. This creates friction for adoption and makes automation less consistent across teams. ## Goal Publish a **first-party CircleCI Orb** for `asc` with production-grade defaults, security handling, and versioned releases. ## Research (reference implementations and guidance) ### CircleCI Orb authoring guidance - Orb best practices: descriptions for every component, minimal noisy steps, secure secret handling, semver discipline. - https://circleci.com/docs/orbs/author/orbs-best-practices - Orb creation and publishing workflow (namespace, validate, publish/promote). - https://circleci.com/docs/orbs/author/create-an-orb - https://circleci.com/docs/orbs/author/orb-author-validate-publish ### High-quality Orb references - `circleci/aws-cli` orb (install/setup separation, installer robustness, multi-platform script structure). - https://github.com/CircleCI-Public/aws-cli-orb - `circleci/github-cli` orb (great pattern for `install` + `setup`, token handling via `env_var_name`, usage examples). - https://github.com/CircleCI-Public/github-cli-orb - Orb project template + orb-tools publishing pipeline. - https://github.com/CircleCI-Public/Orb-Template ## Proposal (v1 scope) Create a dedicated orb repo (suggestion: `rudrankriyam/asc-orb`) and publish as `rudrankriyam/asc`. ### Commands 1. `install` - Installs `asc` from release assets (versioned) with optional checksum validation. 2. `setup-auth` - Configures environment for `asc` auth using env var names (not raw secrets in config). 3. `run` - Executes a provided `asc` command string with optional working directory and output options. ### Parameters (minimum) - `version` (`string`, default `latest`) - `install_path` (`string`, default `/usr/local/bin`) - `checksum` (`string`, optional) - `profile` (`string`, optional) - Secret/env-var-name style params for auth fallback paths (`env_var_name` where appropriate) - `when` (`on_success`/`on_fail`/`always`) ### Design constraints - Do not hardcode secrets in config. - Use `env_var_name` for sensitive values to match CircleCI security conventions. - Keep command steps compact and clearly named. - Prefer stable install path defaults, but make path configurable. ## Testing & release requirements - Use `circleci/orb-tools` for lint/pack/review/publish flow. - Add integration test jobs that verify: - `asc --version` - `asc --help` - one no-side-effect command path - Publish dev orbs on PRs and production only on semver tags. - Include at least 3 registry examples (`install`, `setup+run`, end-to-end workflow usage). ## Deliverables - New orb repo with full source (`src/@orb.yml`, commands, scripts, examples) - CI for orb validation/testing/publishing - Registry publication and docs - README with migration snippets from inline CircleCI steps to orb usage ## Acceptance criteria - `rudrankriyam/asc` orb is publicly discoverable in CircleCI Orb Registry. - `install`, `setup-auth`, and `run` commands work in Linux and macOS CircleCI executors. - Secrets are handled via env-var name patterns and never echoed. - Tagged release (`v1.0.0`) published with changelog and usage examples. - At least one real project (this repo or a sample repo) consumes the orb successfully. ## Nice-to-have follow-ups - Add higher-level jobs (e.g. `testflight-release`) after core command stability. - Add checksum/signature verification improvements for stricter supply-chain guarantees.

kerem 2026-02-26 21:33:57 +03:00

• closed this issue
• added the
  enhancement
  label

kerem commented 2026-02-26 21:33:58 +03:00

Author

Owner

Copy link

@rudrankriyam commented on GitHub (Feb 22, 2026):

Initial CircleCI orb scaffold is now up in a dedicated repository (matching the Bitrise/setup pattern):

• Repo: https://github.com/rudrankriyam/asc-orb
• Bootstrap PR: https://github.com/rudrankriyam/asc-orb/pull/1

This includes v1 install, setup-auth, and run commands, smoke job/examples, and orb-tools publish workflow wiring.

I am also updating App-Store-Connect-CLI README to add CircleCI orb references.

<!-- gh-comment-id:3939831737 --> @rudrankriyam commented on GitHub (Feb 22, 2026): Initial CircleCI orb scaffold is now up in a dedicated repository (matching the Bitrise/setup pattern): - Repo: https://github.com/rudrankriyam/asc-orb - Bootstrap PR: https://github.com/rudrankriyam/asc-orb/pull/1 This includes v1 install, setup-auth, and run commands, smoke job/examples, and orb-tools publish workflow wiring. I am also updating App-Store-Connect-CLI README to add CircleCI orb references.

kerem commented 2026-02-26 21:33:58 +03:00

Author

Owner

Copy link

@rudrankriyam commented on GitHub (Feb 22, 2026):

Completed.\n\nDelivered artifacts:\n- Dedicated orb repository: https://github.com/rudrankriyam/asc-orb\n- Bootstrap implementation PR (merged): https://github.com/rudrankriyam/asc-orb/pull/1\n- Official metadata/docs/SEO polish PR (merged): https://github.com/rudrankriyam/asc-orb/pull/2\n\nAlso completed companion Bitrise step polish for integration parity:\n- https://github.com/rudrankriyam/steps-setup-asc/pull/1\n\nClosing this issue as done.

<!-- gh-comment-id:3939870998 --> @rudrankriyam commented on GitHub (Feb 22, 2026): Completed.\n\nDelivered artifacts:\n- Dedicated orb repository: https://github.com/rudrankriyam/asc-orb\n- Bootstrap implementation PR (merged): https://github.com/rudrankriyam/asc-orb/pull/1\n- Official metadata/docs/SEO polish PR (merged): https://github.com/rudrankriyam/asc-orb/pull/2\n\nAlso completed companion Bitrise step polish for integration parity:\n- https://github.com/rudrankriyam/steps-setup-asc/pull/1\n\nClosing this issue as done.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

0.49.1

0.49.0

0.48.1

0.48.0

0.47.1

0.47.0

0.46.2

0.46.1

0.46.0

0.45.4

0.45.3

0.45.2

0.45.1

0.45.0

0.44.2

0.44.1

0.44.0

0.43.0

0.42.0

0.41.4

0.41.3

0.41.2

0.41.1

0.41.0

0.40.1

0.40.0

0.39.1

0.39.0

0.38.3

0.38.2

0.38.1

0.38.0

0.37.3

0.37.2

0.37.1

0.37.0

0.36.3

0.36.2

0.36.1

0.36.0

0.35.3

0.35.2

0.35.1

0.35.0

0.34.1

0.34.0

0.33.2

0.33.1

0.33.0

0.32.0

0.31.3

0.31.2

0.31.1

0.31.0

0.30.0

0.29.3

0.29.2

0.29.1

0.29.0

0.28.14

0.28.13

0.28.12

0.28.11

0.28.10

0.28.9

0.28.8

0.28.7

0.28.6

0.28.5

0.28.4

0.28.3

0.28.2

0.28.1

0.28.0

0.27.0

0.26.4

0.26.3

0.26.2

0.26.1

0.26.0

0.25.4

0.25.3

0.25.1

0.25.0

0.24.3

0.24.2

0.24.1

0.24.0

0.23.5

0.23.4

0.23.3

0.23.2

0.23.1

0.23.0

0.22.1

0.22.0

0.21.0

0.20.2

0.20.1

0.20.0

0.19.3

0.19.2

0.19.1

0.19.0

0.18.2

0.18.1

0.18.0

0.17.0

0.16.0

0.15.0

0.14.0

0.13.0

0.12.4

0.12.3

0.12.2

0.12.1

0.12.0

0.11.0

0.10.2

0.10.1

0.10.0

0.9.0

0.8.1

0.8.0

0.7.0

0.6.0

0.5.0

0.3.1

0.3.0

0.2.0

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Labels

Clear labels   

bug

  

bug

  

documentation

  

enhancement

  

pull-request

Mirrored from GitHub Pull Request

No labels

bug

bug

documentation

enhancement

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/App-Store-Connect-CLI#194

No description provided.