mob.provision: App Store Connect API key for headless / unattended provisioning#31
Merged
Merged
Conversation
mix mob.provision authenticated xcodebuild -allowProvisioningUpdates via the signed-in Xcode Apple ID account, which is per-user + GUI-only — so an unattended user (CI, or a headless agent account with no GUI login) could register the signing identity but never provision. Add an App Store Connect API key path selected by env: MOB_ASC_KEY_ID / MOB_ASC_ISSUER_ID / MOB_ASC_KEY_PATH → xcodebuild -authenticationKeyID / -authenticationKeyIssuerID / -authenticationKeyPath. Pure asc_auth_args/1 (tested): none set => [] (account auth, unchanged); all three => the flags; partial => raises naming what's missing; empty string counts as unset. Early .p8 existence check for a clear error. Scoped to mob.provision only — the device build signs directly with codesign + an existing profile, so it needs no key. Docs: moduledoc "Headless / unattended provisioning" section. ADR: decisions/2026-07-05-asc-api-key-provisioning.md. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
GenericJam
added a commit
that referenced
this pull request
Jul 5, 2026
Ships the mob.provision ASC-API-key path (#31) so a headless/agent account can provision without an interactive Xcode Apple ID account. Also renames the env vars from MOB_ASC_* to the standard App Store Connect naming before the feature's first release (MOB_ASC_* never shipped): APP_STORE_CONNECT_KEY_ID / APP_STORE_CONNECT_ISSUER_ID / APP_STORE_CONNECT_API_KEY_PATH Bumps mix.exs 0.6.17 -> 0.6.18 and adds the CHANGELOG section. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
mix mob.provisionauthenticatesxcodebuild -allowProvisioningUpdatesvia the signed-in Xcode Apple ID account (Xcode → Settings → Accounts). That account is per-macOS-user and GUI-only, so an unattended user — a CI runner, or an isolated headless agent account with no GUI login — can register the signing identity but cannot provision (create/refresh profiles, register devices). The concrete driver: enabling a headlessclaudeagent user to provision iOS apps, which today only the GUIkevinaccount can do.What
Add an App Store Connect API key auth path, selected by env vars:
MOB_ASC_KEY_ID,MOB_ASC_ISSUER_ID,MOB_ASC_KEY_PATH→xcodebuild -authenticationKeyID / -authenticationKeyIssuerID / -authenticationKeyPathasc_auth_args/1is pure +@doc false+ tested:[]— falls back to the signed-in Xcode account (existing behavior, unchanged for interactive users).Plus an early
.p8-existence check (clear error vs an opaque xcodebuild failure).Scoped to
mob.provisiononly — the native device build signs directly withcodesign+ an existing profile (no-allowProvisioningUpdates), so it needs the keychain + profile, not the API key.Docs / tests / decision
asc_auth_args/1(none/all/empty/partial). Full provision suite green (13); format / credo --strict / compile clean.decisions/2026-07-05-asc-api-key-provisioning.md.Note
This is the framework half. Using it on a headless account also requires the signing identity in an unlocked keychain (the API key only authorizes the Apple-contact step, not codesign) — that's environment setup, out of scope for this PR.
🤖 Generated with Claude Code