The Best Part of iOS Development

Transcript

1. The Best Part of iOS Development How to get your

   app on devices when automatic signing goes sideways

2. Jacob Van Order I work at Etsy I've been doing

   this for 10+ years 8 of them for money

3. Code Signing? https://developer.apple.com/support/code-signing/ Briefly, what is code signing? According to

   Apple it: “assures users that it is from a known source and the app hasn’t been modified since it was last signed. Before your app can integrate app services, be installed on a device, or be submitted to the App Store, it must be signed with a certificate issued by Apple.”

4. But why? http://fortune.com/2007/10/17/steve-jobs-apple-will-open-iphone-to-3rd-party-apps-in- february/ “…we’re trying to do two diametrically

   opposed things at once–provide an advanced and open platform to developers while at the same time protect iPhone users from viruses, malware, privacy attacks, etc.” … “Some companies are already taking action. Nokia, for example, is not allowing any applications to be loaded onto some of their newest phones unless they have a digital signature that can be traced back to a known developer. While this makes such a phone less than “totally open,” we believe it is a step in the right direction.” ☝ When the phone was release in 2007, there wasn't even a way to build apps, let alone get them on your phone. This changed a year later with introduction of the app store but Apple was concerned about malicious apps. They wanted a way to make sure that people weren't installing apps that was harming their phones, stealing data, or crippling cell networks.

5. Let’s Get This Money I stole this great image from:

   https://www.youtube.com/watch?v=Z3ta8ZgEuD4 Plus, they wanted that money from app sales.

6. Back to You " A Developer Okay, so you’re building

   an app!

7. Set It and Forget It Ever since Xcode 8, you

   now have the option to have Xcode automatically manage signing your application.

8. oh no But what happens if something goes wrong? It

   does happen and usually *right as you’re about to try to fix a bug or submit to the store.

9. And you’re like “what do I even do here?”

10. Interconnected Parts Certificates Team ID + Bundle ID Provisioning Profile

    The whole thing gets done by a somewhat mysterious mix of files, strings, and cryptographic hashes.

11. Interconnected Parts App Store Connect/ developer.apple.com Local Xcode Further more,

    it is controlled a synchronization between what you see in Xcode and what exists on the *Certificates, Identifiers & Profiles* section of `https:// developer.apple.com/account`. When you use automatic signing within Xcode, you're counting on these pieces being synchronized perfectly. So, let's see what these pieces are and how they all interact with each other to get your code on devices.

12. Let’s Break This Down “I currently have this account with

    this app and this password. I want to run on this device.” A technique for problem solving in development is sometimes just framing the question in order to break it into smaller pieces. So, let’s do that!

13. Let’s Break This Down “I currently have this account with

    this app and this password. I want to run on this device.” The first element is the “who” of the equation.

14. App ID https://developer.apple.com/account/ios/identifier/bundle This element can be thought of as

    the App Id. If you go to developer.apple.com/ and click on Certificates, Identifiers & Profiles, you’ll see on the left *App IDs*.

15. App ID https://developer.apple.com/account/ios/identifier/bundle If you select one, you’ll see what

    it is comprised of. Whatever name you give it, a prefix, and an ID. But where did those come from?

16. App ID https://developer.apple.com/account/#/membership/ If you go to the membership page

    of developer.apple.com, you’ll see * the Team ID is the same as that prefix. Keep that in mind.

17. App ID The next part is your Bundle Identifier. This

    is set up when you create your application.

18. App ID You can also see it in your app’s

    target under the General tab.

19. App ID https://developer.apple.com/account/ios/identifier/bundle/create When you create one, you’ll see the

    building blocks there: * Name * Team * Bundle ID But you have two options: Explicit or Wildcard

20. App ID https://developer.apple.com/account/ios/identifier/bundle/create com.sushiGrass.CoolApp ✅ com.sushiGrass.* com.* * ❌ This

    can be a wild card but more specific App Ids are needed in order to get more functionality like Apple Pay, In App Purchase, Notifications, iCloud, etc…) which makes sense because Apple needs to know _specifically_ which app is doing these actions that could have data and money ramifications.

21. Let’s Break This Down “I currently have this account with

    this app and this password. I want to run on this device.” We use the App ID to say “this account with this app”

22. Let’s Break This Down “I currently have this account with

    this app and this password. I want to run on this device.” Next up is authentication. Remember? Steve Jorbs wanted it to be safe so we need to make sure our app hasn’t been altered after we created it.

23. Quick Aside App Store Development Device Development Distribution It’s at

    this point, we need to make a determination of where we are going to be running the app: on our device for development or on other devices through the App Store. There are other methods including Ad Hoc or Enterprise but we’re not going to get into them right now.

24. Certificate https://developer.apple.com/account/ios/certificate To get started, select certificates on the right

    and then the + button.

25. Certificate https://developer.apple.com/account/ios/certificate/create Here we can choose what kind of certificate

    we are going to need based on where we want to run *on a development device or *on the app store

26. Certificate https://developer.apple.com/account/ios/certificate/create At this point, it is going to ask

    us to validate our local machine using a certificate signing request

27. Certificate https://developer.apple.com/account/ios/certificate/create You’ll need to open up Keychain Access and

    in the menu bar select Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority…

28. Certificate https://developer.apple.com/account/ios/certificate/create You’ll then be asked to enter in an

    email address, name and make sure to save to disk.

29. Certificate https://developer.apple.com/account/ios/certificate/create You’ll go back to your browser and use

    the file you just generated to create a certificate.

30. Certificate https://developer.apple.com/account/ios/certificate/create After you’ve uploaded that, you’ll get a new

    cert which you can download and drag into Keychain Access.

31. Certificate https://developer.apple.com/account/ios/certificate/create One you’ve dragged it in, click on the

    disclosure arrow. If you see the name you put in earlier, you’re golden.

32. Let’s Break This Down “I currently have this account with

    this app and this password. I want to run on this device.” Okay, we have the authority to sign our app which is kind of like our password.

33. Let’s Break This Down “I currently have this account with

    this app and this password. I want to run on this device.” Next up is “where” and in this case that mean “on this device”.

34. Provisioning Profile 8X4DYCSP4Z.com.sushiGrass.CoolApp or Remember how we had to choose

    whether to create a certificate for either development or distribution? Same kind of thing here. For the App Store, we don’t know which devices are going to run our app, we leave that to them to authenticate. For when it comes to running our app for * development, we can specify which devices are allowed to run.

35. Development on Device https://developer.apple.com/account/ios/device/iphone/create To tell Apple which device we

    want to run on, we need to register the device. We add the device and the UDID which we got from Xcode or iTunes (RIP).

36. Development on Device https://developer.apple.com/account/ios/device/iphone/create Afterwards, we confirm the device.

37. Development on Device https://developer.apple.com/account/ios/device/iphone/create And it lets us know we’re

    good.

38. Let’s Break This Down “I currently have this account with

    this app and this password. I want to run on this device.” We’ve determined all of the variables in this statement. * This statement is basically what a provisioning profile entails. Let’s walk through making one.

39. Provisioning Profile https://developer.apple.com/account/ios/profile In order to create a provisioning profile

    navigate to the provisioning profiles section of the Certificates, Identifiers, Profile page

40. Provisioning Profile https://developer.apple.com/account/ios/profile Tap on that little + button

41. Provisioning Profile (Development) https://developer.apple.com/account/ios/profile/create In this case, you’re going to

    select development because that’s what we did for the cert.

42. Provisioning Profile (Development) https://developer.apple.com/account/ios/profile/create We’re going to use the App

    ID that we made before.

43. Provisioning Profile (Development) https://developer.apple.com/account/ios/profile/create We’re going to use the certificate

    that we made before.

44. Provisioning Profile (Development) https://developer.apple.com/account/ios/profile/create We’re going to use the devices

    that we added before along with any others.

45. Provisioning Profile (Development) https://developer.apple.com/account/ios/profile/create We give the provisioning profile a

    name

46. Provisioning Profile (Development) https://developer.apple.com/account/ios/profile/limited/create Finally, we have a file that

    we can download.

47. App Store distribution is basically the same but you select

    Distribution App Store.

48. Double Check If you’ve installed the certificate and downloaded and

    installed the two provisioning profiles, when you deselect Automatically manage signing, you should be able to select and see *this.

49. Manual “I currently have this account with this app and

    this password. I want to run on this device.” By selecting this, you’re telling the build process the variables in this sentence.

50. Protips

51. Let a Computer Do It There is a tool called

    Fastlane that is a Swiss Army Knife of tools for iOS Development. One of them is called Sigh and it handles many of the issues you might face dealing with all of this in an automated way.

52. If Things Go Wrong ~/Library/MobileDevice/Provisioning Profiles/ Try going to the

    directory where provisioning profiles are locally stored and delete them. Then go to developer.apple.com to download them or use Sigh.

53. A Closer Look https://github.com/ealeksandrov/ProvisionQL On your local provisioning profiles, you

    might not be sure if you have a copy that is up to date and accurate. Luckily, there’s a Quicklook plugin that you can install in order to look at the provisioning profile using the spacebar.

54. Thank You! Okay, that’s it! Of course, there are many

    more edge cases, weird problems, and syncing issues that can occur but these are the basics that you can use.