I've been trying to simply validate an app for the Mac App Store. I was able to submit the iOS version without a hitch.
At this point in time i've configure the App ID in the dev portal to a unique iCloud identifier, so that eliminates the possibility that this is a shared ICID problem (iCloud ID).
I've recreated certificates, App ID, iCloud container, and distribution provisioning profiles.
*After days of troubleshooting, i've narrowed the issue down. If I assign the iCloud container to the App ID, validation fails. If I un-assign it, validation passes.
I have opened several tickets with Apple over the course of the week, but I haven't had a response so i'm hoping SO can help.
The errors reported by the validation tool:
My App ID: com.proj-build.cocoa-notes
My iCloud Container ID: iCloud.com.proj-build.cocoa-notes
The prefixed iCloud in the iCloud Container ID confuses me. My iOS app does not specify the prefix in the entitlements file (using a different container ID) and it was validated. Prefix or no prefix on Mac does not work.
Any ideas what I could be doing wrong?
Entitlements configuration below
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.ubiquity-container-identifiers</key>
<array>
<string>$(TeamIdentifierPrefix)com.proj-build.cocoa-notes</string>
</array>
<key>com.apple.developer.ubiquity-kvstore-identifier</key>
<string>$(TeamIdentifierPrefix)$(CFBundleIdentifier)</string>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.files.bookmarks.app-scope</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.print</key>
<true/>
</dict>
</plist>
It looks like your app ID and provisioning profile are misconfigured. The iCloud containers (those that match iCloud.*) are a Mac OS X 10.10 Yosemite feature. You'll need to log in to the developer center and remove that, but keep the 10.9 (and previous) iCloud entitlement. Then regenerate the provisioning profile and use the new one.
Related
I have an app that needs to store video files in it's own container folder in iCloud Drive. I have tried suggestions from most forums and I still couldn't resolve this issue.
These are the things I did to setup a cloud container for my app -
Added iCloud capability. Selected 'iCloud Documents' for Services and selected the appropriate iCloud container that I had created through my developer account.
Added the following entry in Info.plist
<key>NSUbiquitousContainers</key>
<dict>
<key>iCloud.com.TeamName.AppName</key>
<dict>
<key>NSUbiquitousContainerIsDocumentScopePublic</key>
<true/>
<key>NSUbiquitousContainerName</key>
<string>AppName</string>
<key>NSUbiquitousContainerSupportedFolderLevels</key>
<string>Any</string>
</dict>
</dict>
These are the values in the entitlement file
<key>com.apple.developer.icloud-container-identifiers</key>
<array>
<string>iCloud.com.TeamName.AppName</string>
</array>
<key>com.apple.developer.icloud-services</key>
<array>
<string>CloudDocuments</string>
</array>
<key>com.apple.developer.ubiquity-container-identifiers</key>
<array>
<string>iCloud.com.TeamName.AppName</string>
</array>
Have tried with new bundle identifiers and cloud containers.
Have tried updating the Version and the Build value
The app folder is created at '/Users/{user}/Library/Mobile\ Documents/iCloud~com~TeamName~AppName/Documents' and I can see the files I've written to it.
I can find these files at iCloud -> Manage Storage -> AppName on my iPhone too.
Will 'NSUbiquitousContainerIsDocumentScopePublic' be accepted as true only when an app is released on the Appstore? Or it's just that I'm missing something here?
Same here, I followed every tip I could find here and on other websites, but still the folder / files are not showing up visibly.
Problem: ubiquitous container works, files can be read and written, but are not showing up in macOS Finder, nor in the Files app on iOS devices.
macOS 11.5, iOS 14.7, Xcode 12.5.1
I have tried:
everything stated here: https://developer.apple.com/library/archive/documentation/General/Conceptual/ExtensibilityPG/FileProvider.html
everything stated here: https://developer.apple.com/library/archive/qa/qa1893/_index.html
every variation of info.plist values for NSUbiquitousContainers (eg. both the container id and my bundle id)
every variation of info.plist values for NSUbiquitousContainerIsDocumentScopePublic
every variation of info.plist values for NSUbiquitousContainerName
every variation of info.plist values for NSUbiquitousContainerSupportedFolderLevels
creating new containers
changing the apps' version and build numbers, including only increasing CFBundleShortVersionString.
changing the apps' bundle identifier
deleting and reinstalling the app
reboots of used devices
switching off/on iCloud drive for the user on all devices
It is driving me crazy. Who can help?
I'm experimenting with full-disk access and can't make it working. Here is list of steps I did:
Sandbox is turned ON. In fact the entitlements file looks like:
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.files.bookmarks.app-scope</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
I created archive of the app and tried to distribute it using boths Developer ID or Development methods
I placed the binary of my app to /Applications folder
I went to System Preferences -> Security & Privacy -> Privacy -> Full Disk Access and added access to my app in /Applications folder
Of course I'm NOT attached to the app with Xcode
I'm testing it in Xcode 11 and on Catalina. It's dummy app, opening NSOpenPanel to let user select archives to decompress and tries to decompress it in the same directory.
In fact it's not about NSOpenPanel, the question is:
What is necessary to do to make sandboxed app using full-disk access?
Any hints? Am I doing anything wrong?
Here is solution found for iTerm2 (it is worth read how solution was found). It just adds this to application plist:
<key>NSSystemAdministrationUsageDescription</key>
<string>I want to read all your files</string>
Documentation is a bit fuzzy.
Sadly this solution doesn't work for launchctld daemons (this is what I need). I think daemons are an exception since the do not see UI at all.
But for regular applications it should work like a charm (didn't test it yet).
Using Xcode and Visual Studio for Mac:
In Xcode, I can make, deploy and run an out-of-the-box HelloWorld app to my provisioned iPad.
Also in Xcode, I can add iCloud to the same app (via entitlements), and it deploys and runs on my iPad.
In VS for Mac, I can make and deploy a blank Xamarin Forms HelloWorld app and it runs on my iPad.
However, if I add iCloud to the entitlements.plist for the Xamarin forms app, it won't deploy to my iPad.
I get the following for #4:
ApplicationVerificationFailed: Failed to verify code signature of /private/var/installd/Library/Caches/com.apple.mobile.installd.staging/temp.tlZMLz/extracted/HelloWorldV.iOS.app : 0xe8008016 (The executable was signed with invalid entitlements.)
error MT1006: Could not install the application '/Users/Huber/Projects/HelloWorldV/iOS/bin/iPhone/Debug/device-builds/ipad5.3-11.1.1/HelloWorldV.iOS.app' on the device 'Denny's iPad': Your code signing/provisioning profiles are not correctly configured. Probably you have an entitlement not supported by your current provisioning profile, or your device is not part of the current provisioning profile. Please check the iOS Device Log for details (error: 0xe8008016).
Application could not be uploaded to the device.
The entitlements.plist file that Xamarin generates is:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.icloud-container-identifiers</key>
<array>
<string>iCloud.com.DennyHuber.HelloWorldV</string>
</array>
<key>com.apple.developer.ubiquity-kvstore-identifier</key>
<string>$(AppIdentifierPrefix)$(CFBundleIdentifier)</string>
<key>com.apple.developer.icloud-services</key>
<array>
<string>CloudDocuments</string>
</array>
</dict>
</plist>
I have Key-Value Storage and iCloud Documents both checked.
Can anyone help?
Thanks,
Denny Huber
You need to go to developer.apple.com and regenerate provisioning profile with new entitlements. After that, I advise you to manually delete all provisions, because sometimes it still tries to sign with an old one.
The provisions located in ~/Library/MobileDevice/Provisioning Profiles
After that go to Xcode, Setting -> Accounts -> Select your program, and press Download Manual Profiles.
After that clean the project and try to build again.
When sandboxing an app for the macOS app store, is it possible to allow for read/write access to removable media (SD Cards specifically)? So far, I've haven't been able to find an entitlement that would work. The Windows Store does have an entitlement for removable media so I'm hoping I'm just missing something on the Apple side.
Here is the current entitlements content:
Our current Entitlements file has this set for the dictionary:
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.device.usb</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.files.downloads.read-write</key>
<true/>
</dict>
Here is the exception being thrown:
When I upload a build to the new Apple owned and iTunes Connect-integrated TestFlight, I see the following log:
WARNING ITMS-90191: "Missing beta entitlement. Your app does not include the beta-reports-active entitlement. If you intend to distribute this build via TestFlight for beta testing, please re-build this app with a newly generated provisioning profile."
When I look at the build on iTunes Connect, I also see the following warning:
To use TestFlight Beta Testing, build X.Y.Z must contain the correct beta entitlement. For more information, see the FAQ.
The linked FAQ states:
What should I do if my prerelease build does not contain the correct beta entitlement?
To use the TestFlight app to test your prerelease build, it must be signed with an App Store Distribution Provisioning profile that includes the beta entitlement. New Distribution Provisioning profiles generated in the iOS Developer Center will automatically contain the beta entitlement.
If you have an existing Distribution Provisioning Profile that was generated before the launch of TestFlight Beta Testing, you must regenerate the profile.
The problem is that I am using a newly created App Store Distribution Provisioning Profile. I created it like so:
When I inspect the source of the downloaded Provisioning Profile, I see:
<key>Entitlements</key>
<dict>
// ...
<key>aps-environment</key>
<string>production</string>
<key>beta-reports-active</key>
<true/>
// ...
So the Provisioning Profile is set for production and does contain the beta-reports-active entitlement.
However, iTunes Connect continues to complain when this build is uploaded to TestFlight.
Any ideas on how to fix this issue? Is this an Apple bug?
rdar://20128048
First, be sure that you are using an App Store Distribution Provisioning Profile. This is likely a different provisioning profile from the Ad Hoc Distribution Provisioning Profile you were using to sign pre-Apple TestFlight builds.
I continued to hit Error ITMS-90191 after I switched to an App Store Distribution Provisioning Profile. I fixed the issue by additionally adding the beta-reports-active key to my Target's Entitlements.plist file in the Xcode project.
The beta-reports-active key must be included in the Provisioning Profile AND the Target's entitlements.
TargetName.entitlements:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
// ...
<key>beta-reports-active</key>
<true/>
// ...
</dict>
</plist>
After adding the entitlement to my Target, I'm able to successfully upload the build to iTunes Connect TestFlight without the ITMS-90191 warning:
Manually editing the plist file didn't do it for me.
Editing an existing profile and generating the file also did NOT work this time.
But, just like for joehl, creating a brand NEW provision profile actually fixed it for me. So, create an all new Provision Profile and and you will be back in business. This looks like a glitch in TestFlight.
I was able to fix this by adding this to my xcodebuild script.
xcodebuild ... PROVISIONING_PROFILE=<Provisioning Profile Id>
Looks like setting Code Sign Identities in Build Settings manually could fix this problem too.
Using an AppStore provisioning profile solved this for me. I managed to successfully distribute and install on devices. I was using an AdHoc provisioning profile as usual and suddenly I started to get this error. Frustrating stuff indeed.
I edited my entitlements.plist with the following command:
/usr/libexec/PlistBuddy -c "Add :beta-reports-active bool true" entitlements.plist
A simple solution: Delete your previous provisioning profile, and create a new one. solves my problem. :)
If you're using Fastlane, make sure you set ad-hoc to false for the sigh step, otherwise it will generate an ad-hoc profile which is not suitable for TestFlight distribution. i.e.:
sigh(
adhoc: false,
team_id: "XXXXXXXXX"
)
I just successfully submitted a new app version to TestFlight and realized after Apple accepted my submission that I did not have beta-reports-active in my Entitlements.plist.
In my previous version submissions for TestFlight, my submission would have been rejected for the "Missing beta entitlement"
Has anyone else noticed that the beta-reports-active is no longer required for TestFlight?