starred/App-Store-Connect-CLI
1
0
Fork 0
mirror of https://github.com/rudrankriyam/App-Store-Connect-CLI.git synced 2026-04-25 23:55:51 +03:00
Code Issues 2 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #735] feat(signing): Phase 3 certificate lifecycle, keychain install, and hardening #199

New issue
Closed
opened 2026-02-26 21:33:59 +03:00 by kerem · 1 comment
kerem commented 2026-02-26 21:33:59 +03:00
Owner
Copy link

Originally created by @rudrankriyam on GitHub (Feb 23, 2026).
Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/735

Depends on

  • #PHASE2

Problem

After profile write-back exists, the major remaining gap with fastlane match is certificate/private-key lifecycle and local code-signing install ergonomics.

Phase 3 Goal

Add certificate lifecycle + local keychain install flows needed for practical daily usage and CI reliability.

Proposed CLI Surface (Phase 3)

Enhance asc signing sync and add focused helpers:

# Optional certificate creation path when missing
asc signing sync \
  --bundle-id com.example.app \
  --profile-type IOS_APP_STORE \
  --git-url "git@github.com:org/signing.git" \
  --create-missing \
  --create-missing-certificate \
  --passphrase-env ASC_SIGNING_PASSPHRASE

# Import certificate material into signing store
asc signing import \
  --certificate ./cert.cer \
  --p12 ./cert.p12 \
  --profile ./profile.mobileprovision \
  --git-url "git@github.com:org/signing.git" \
  --passphrase-env ASC_SIGNING_PASSPHRASE

Optional local install flags:

  • --install-certificates
  • --keychain-name
  • --keychain-password
  • --skip-set-partition-list

Scope

  1. Certificate lifecycle support in sync flow (create/select when required).
  2. Secure handling of .cer + .p12 material in encrypted store.
  3. Local keychain import/install path for macOS.
  4. Import command for existing cert/profile material into store.
  5. Reliability hardening (idempotence, retries, conflict/error surfacing).

Implementation Notes

  • Reuse existing certificates csr generate where appropriate.
  • Keep key material out of logs and stdout.
  • Maintain strict non-interactive behavior.
  • Validate API-facing flags against current OpenAPI schemas before shipping.

Test Plan (TDD)

  • Certificate lifecycle tests:
    • missing certificate paths
    • create/select behavior
  • Import tests:
    • valid/invalid cert+p12+profile combinations
    • secure path handling and overwrite protections
  • Keychain install tests:
    • macOS success path
    • non-macOS graceful behavior
  • Regression tests:
    • repeated runs are idempotent
    • deterministic outputs and commit artifacts

Always run:

  • make format
  • make lint
  • ASC_BYPASS_KEYCHAIN=1 make test

Acceptance Criteria

  • Certificate lifecycle paths are implemented and documented.
  • Import flow for existing signing materials is available.
  • Optional local keychain install works on macOS with clear flags.
  • Security and idempotence expectations are test-covered.
  • Tests and lint/format pass.

Out of Scope (future)

  • Multi-backend storage parity (S3/GCS/GitLab).
  • Full nuke/password-rotation/migrate parity command set.
Originally created by @rudrankriyam on GitHub (Feb 23, 2026). Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/735 ## Depends on - #PHASE2 ## Problem After profile write-back exists, the major remaining gap with `fastlane match` is certificate/private-key lifecycle and local code-signing install ergonomics. ## Phase 3 Goal Add certificate lifecycle + local keychain install flows needed for practical daily usage and CI reliability. ## Proposed CLI Surface (Phase 3) Enhance `asc signing sync` and add focused helpers: ~~~bash # Optional certificate creation path when missing asc signing sync \ --bundle-id com.example.app \ --profile-type IOS_APP_STORE \ --git-url "git@github.com:org/signing.git" \ --create-missing \ --create-missing-certificate \ --passphrase-env ASC_SIGNING_PASSPHRASE # Import certificate material into signing store asc signing import \ --certificate ./cert.cer \ --p12 ./cert.p12 \ --profile ./profile.mobileprovision \ --git-url "git@github.com:org/signing.git" \ --passphrase-env ASC_SIGNING_PASSPHRASE ~~~ Optional local install flags: - `--install-certificates` - `--keychain-name` - `--keychain-password` - `--skip-set-partition-list` ## Scope 1. Certificate lifecycle support in sync flow (create/select when required). 2. Secure handling of `.cer` + `.p12` material in encrypted store. 3. Local keychain import/install path for macOS. 4. Import command for existing cert/profile material into store. 5. Reliability hardening (idempotence, retries, conflict/error surfacing). ## Implementation Notes - Reuse existing `certificates csr generate` where appropriate. - Keep key material out of logs and stdout. - Maintain strict non-interactive behavior. - Validate API-facing flags against current OpenAPI schemas before shipping. ## Test Plan (TDD) - Certificate lifecycle tests: - missing certificate paths - create/select behavior - Import tests: - valid/invalid cert+p12+profile combinations - secure path handling and overwrite protections - Keychain install tests: - macOS success path - non-macOS graceful behavior - Regression tests: - repeated runs are idempotent - deterministic outputs and commit artifacts Always run: - `make format` - `make lint` - `ASC_BYPASS_KEYCHAIN=1 make test` ## Acceptance Criteria - [ ] Certificate lifecycle paths are implemented and documented. - [ ] Import flow for existing signing materials is available. - [ ] Optional local keychain install works on macOS with clear flags. - [ ] Security and idempotence expectations are test-covered. - [ ] Tests and lint/format pass. ## Out of Scope (future) - Multi-backend storage parity (S3/GCS/GitLab). - Full `nuke`/password-rotation/migrate parity command set.
kerem 2026-02-26 21:33:59 +03:00
kerem commented 2026-02-26 21:33:59 +03:00
Author
Owner
Copy link

@rudrankriyam commented on GitHub (Feb 26, 2026):

Closing for now due scope/priority. We can reopen when this work is prioritized again.

<!-- gh-comment-id:3964494742 --> @rudrankriyam commented on GitHub (Feb 26, 2026): Closing for now due scope/priority. We can reopen when this work is prioritized again.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
1.2.6
1.2.5
1.2.4
1.2.3
1.2.2
1.2.1
1.2.0
1.1.1
1.1.0
1.0.1
1.0.0
0.49.1
0.49.0
0.48.1
0.48.0
0.47.1
0.47.0
0.46.2
0.46.1
0.46.0
0.45.4
0.45.3
0.45.2
0.45.1
0.45.0
0.44.2
0.44.1
0.44.0
0.43.0
0.42.0
0.41.4
0.41.3
0.41.2
0.41.1
0.41.0
0.40.1
0.40.0
0.39.1
0.39.0
0.38.3
0.38.2
0.38.1
0.38.0
0.37.3
0.37.2
0.37.1
0.37.0
0.36.3
0.36.2
0.36.1
0.36.0
0.35.3
0.35.2
0.35.1
0.35.0
0.34.1
0.34.0
0.33.2
0.33.1
0.33.0
0.32.0
0.31.3
0.31.2
0.31.1
0.31.0
0.30.0
0.29.3
0.29.2
0.29.1
0.29.0
0.28.14
0.28.13
0.28.12
0.28.11
0.28.10
0.28.9
0.28.8
0.28.7
0.28.6
0.28.5
0.28.4
0.28.3
0.28.2
0.28.1
0.28.0
0.27.0
0.26.4
0.26.3
0.26.2
0.26.1
0.26.0
0.25.4
0.25.3
0.25.1
0.25.0
0.24.3
0.24.2
0.24.1
0.24.0
0.23.5
0.23.4
0.23.3
0.23.2
0.23.1
0.23.0
0.22.1
0.22.0
0.21.0
0.20.2
0.20.1
0.20.0
0.19.3
0.19.2
0.19.1
0.19.0
0.18.2
0.18.1
0.18.0
0.17.0
0.16.0
0.15.0
0.14.0
0.13.0
0.12.4
0.12.3
0.12.2
0.12.1
0.12.0
0.11.0
0.10.2
0.10.1
0.10.0
0.9.0
0.8.1
0.8.0
0.7.0
0.6.0
0.5.0
0.3.1
0.3.0
0.2.0
0.1.6
0.1.5
0.1.4
0.1.3
0.1.2
0.1.1
0.1.0
Labels
Clear labels   
bug

   
bug

   
documentation

   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

No labels
bug
bug
documentation
enhancement
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/App-Store-Connect-CLI#199
No description provided.