fastlane match can no longer create provisioning profiles

0
votes

I use fastlane to manage my certificates and provisioning profiles. My fastfile has the line: match(type: "adhoc", force: true) in it, to cause a new provisioning profile to be created whenever the lane is executed.

The match command is run with an Apple developer account with the Developer role.

Since iTunes Connect and the Apple Developer Portal were merged, accounts in the Developer role no longer have permission to create provisioning profiles, so the fastfile fails.

As far as I can see, users with the Developer role can't be given permission to create provisioning profiles; only users in the Account Holder role can do it.

Ideally I don't want to run fastlane as an account holder. Can I still use fastlane to manage code signing?

As a temporary workaround I've changed force: true to force_for_new_devices: true, which at least lets me get a build out until a new device is added.

1
iosprovisioning-profilefastlanefastlane-match
Fastlane just uses the APIs that are used in the web interface. If a user can't do something in the web UI, they won't be able to do it using fastlane :/janpio
Why do you need to create new provisioning profiles every time the lane is executed?Francesco Puglisi
@FrancescoPuglisi To include any new UDIDs that have been added. Thanks for the answer!Paul

1 Answers

2
votes

You can use the credentials of an account that's got the App Manager role in your lane. Source: https://developer.apple.com/support/roles/.

I would suggest creating a separate App Store Connect account to be used in your CI workflow, rather than a personal one.