Class: Fastlane::Actions::HexsignCertificatesDownloadByTypeAction

Inherits:

Action

• Object
• Action
• Fastlane::Actions::HexsignCertificatesDownloadByTypeAction

Defined in:

lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb

Class Method Summary

• .authors ⇒ Object
• .available_options ⇒ Object
• .category ⇒ Object
• .description ⇒ Object
• .details ⇒ Object
• .example_code ⇒ Object
• .is_supported?(platform) ⇒ Boolean
• .output ⇒ Object
• .parse_stdout(stdout) ⇒ Object

  The CLI prints two lines per certificate: .p12 path then .password path.

• .return_value ⇒ Object
• .run(params) ⇒ Object

Class Method Details

.authors ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 43

def self.authors
  ["HexSign"]
end

.available_options ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 67

def self.available_options
  [
    FastlaneCore::ConfigItem.new(
      key: :type,
      env_name: "HEXSIGN_CERTIFICATE_TYPE",
      description: "Apple certificate type, e.g. IOS_DISTRIBUTION",
      optional: false,
      type: String
    ),
    FastlaneCore::ConfigItem.new(
      key: :team_id,
      env_name: "HEXSIGN_TEAM_ID",
      description: "Apple Developer team identifier to scope the download to",
      optional: false,
      type: String
    ),
    FastlaneCore::ConfigItem.new(
      key: :output_dir,
      env_name: "HEXSIGN_CERTIFICATE_OUTPUT_DIR",
      description: "Directory to write the .p12 and .password files into",
      optional: true,
      type: String
    ),
    FastlaneCore::ConfigItem.new(
      key: :keychain,
      env_name: "HEXSIGN_KEYCHAIN",
      description: "macOS only: create this keychain and import every downloaded .p12 into it, ready for codesigning",
      optional: true,
      type: String
    )
  ]
end

.category ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 125

def self.category
  :code_signing
end

.description ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 39

def self.description
  "Download every signing certificate of a given type for one Apple Developer team via the HexSign CLI."
end

.details ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 47

def self.details
  <<~DETAILS
    Wraps `hexsign certificates download --type <T> --team-id <ID>`. Returns an
    array of { p12:, password: } hashes — one per downloaded certificate.

    Survives certificate rotation: you point at a cert type (e.g. IOS_DISTRIBUTION)
    rather than a specific UUID that changes when a cert is renewed.

    The hexsign binary must be on PATH — install via `brew install hexsign` or the
    hexsign/hexsign-cli GitHub Action. Set HEXSIGN_CLIENT_ID and HEXSIGN_CLIENT_SECRET
    so the CLI runs in machine mode.

    Accepted types: IOS_DEVELOPMENT, IOS_DISTRIBUTION, MAC_APP_DEVELOPMENT,
    MAC_APP_DISTRIBUTION, MAC_INSTALLER_DISTRIBUTION, DEVELOPER_ID_APPLICATION,
    DEVELOPER_ID_APPLICATION_G2, DEVELOPER_ID_KEXT, DEVELOPER_ID_KEXT_G2,
    DEVELOPER_ID_INSTALLER, DEVELOPMENT, DISTRIBUTION, PASS_TYPE_ID,
    PASS_TYPE_ID_WITH_NFC.
  DETAILS
end

.example_code ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 114

def self.example_code
  [
    'pairs = hexsign_certificates_download_by_type(
      type: "IOS_DISTRIBUTION",
      team_id: "ABCDE12345",
      output_dir: "build/sign"
    )
    # => [{ p12: "build/sign/foo.p12", password: "build/sign/foo.password" }, ...]'
  ]
end

.is_supported?(platform) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 110

def self.is_supported?(platform)
  %i[ios mac tvos watchos visionos].include?(platform)
end

.output ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 100

def self.output
  [
    ["HEXSIGN_CERTIFICATES_DOWNLOAD_BY_TYPE_COUNT", "Number of certificates downloaded"]
  ]
end

.parse_stdout(stdout) ⇒ Object

The CLI prints two lines per certificate: .p12 path then .password path. With –keychain it also prints a trailing “imported N certificate(s)…” summary line, which is dropped by keeping only file-path lines. Returns [{ p12: “…”, password: “…” }, …].

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 29

def self.parse_stdout(stdout)
  lines = stdout.split("\n").map(&:strip).reject(&:empty?)
  lines = lines.select { |line| line.end_with?(".p12", ".password") }
  pairs = []
  lines.each_slice(2) do |p12, password|
    pairs << { p12: p12, password: password }
  end
  pairs
end

.return_value ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 106

def self.return_value
  "Array of { p12:, password: } hashes — one per downloaded certificate."
end

.run(params) ⇒ Object

# File 'lib/fastlane/plugin/hexsign/actions/hexsign_certificates_download_by_type.rb', line 9

def self.run(params)
  args = [
    "certificates", "download",
    "--type", params[:type],
    "--team-id", params[:team_id]
  ]
  args.push("--output-dir", params[:output_dir]) if params[:output_dir]
  args.push("--keychain", params[:keychain]) if params[:keychain]

  stdout = Helper::HexsignHelper.run(args)
  pairs = parse_stdout(stdout)

  UI.success("Downloaded #{pairs.size} #{params[:type]} certificate(s) for team #{params[:team_id]}")
  pairs
end