Hi,

I already switched Android app’s CI environment from bitrise to CircleCI and this is working very well. Now I’m trying to switch iOS app 's CI environment. But xcode on CircleCI can not build app. Xcode need profile and certificate to build app and I tried to import both by using fastlane match.
I assumed that fastlane match create new keychain, import certificate and xcode use this new keychain to build app. But keychain don’t have certificate because output of security find-identity -v -p codesigning is empty.

What did I miss ?

config.yml

version: 2.1

jobs:
  build_app:
    macos:
      xcode: "10.2.0"
    environment:
      RUBY_VERSION_FORIOS: 2.5.5
    shell: /bin/bash --login -eo pipefail                                                                                                                                                                        

    steps:
      - checkout
      - run:
          name: "chrubyでRuby versionを変更"
          command: echo $RUBY_VERSION_FORIOS > .ruby-version && chruby $RUBY_VERSION_FORIOS && ruby -v                                                                                                                                                                                                                 
      - run: bundle install
      - add_ssh_keys:
          fingerprints:
            - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
      - run:
          name: Setup ssh config
          command: cat .circleci/sshconfig >  ~/.ssh/config                                                                                                                                                                                    
      - run: bundle exec fastlane match adhoc --readonly
      - run:
          name: Build APP
          command: bundle exec fastlane $FASTLANE_LANE

A part of fastfile

I added setup_circle_ci to before_all section.

before_all do
 setup_circle_ci
end

Log of bundle exec fastlane match adhoc --readonly

^D^D[⠋] 🚀 [⠙] 🚀 [⠹] 🚀 [⠸] 🚀 [⠼] 🚀 [⠴] 🚀 [⠦] 🚀 [✔] 🚀 
[00:52:09]: Sending anonymous analytics information
[00:52:09]: Learn more at https://docs.fastlane.tools/#metrics
[00:52:09]: No personal or sensitive data is sent.
[00:52:09]: You can disable this by adding `opt_out_usage` at the top of your Fastfile
[00:52:09]: Successfully loaded '/Users/distiller/project/fastlane/Matchfile' 📄

+---------+-----------------------------------------------------------------+
|                Detected Values from './fastlane/Matchfile'                |
+---------+-----------------------------------------------------------------+
| git_url | git@github-XXXXXXXXXXXXXXX |
| type    | development                                                     |
+---------+-----------------------------------------------------------------+


+-----------------------+-----------------------------------------------------------------+
|                                Summary for match 2.123.0                                |
+-----------------------+-----------------------------------------------------------------+
| readonly              | true                                                            |
| type                  | adhoc                                                           |
| app_identifier        | ["XXXXXXXXXXXXXXX"]                                       |
| username              | XXXXXXXXXXXXXXX                                              |
| team_id               | XXXXXXXXXXXXXXX                                                      |
| storage_mode          | git                                                             |
| git_url               | git@github-XXXXXXXXXXXXXXX |
| git_branch            | master                                                          |
| shallow_clone         | false                                                           |
| clone_branch_directly | false                                                           |
| keychain_name         | login.keychain                                                  |
| force                 | false                                                           |
| force_for_new_devices | false                                                           |
| skip_confirmation     | false                                                           |
| skip_docs             | false                                                           |
| platform              | ios                                                             |
| verbose               | false                                                           |
+-----------------------+-----------------------------------------------------------------+

[00:52:09]: Cloning remote git repo...
[00:52:09]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.
[00:52:10]: 🔓  Successfully decrypted certificates repo
[00:52:10]: Installing certificate...
security: SecKeychainSearchCopyNext: The specified item could not be found in the keychain.
[00:52:10]: There are no local code signing identities found.
You can run `security find-identity -v -p codesigning` to get this output.
This Stack Overflow thread has more information: https://stackoverflow.com/q/35390072/774.
(Check in Keychain Access for an expired WWDR certificate: https://stackoverflow.com/a/35409835/774 has more info.)
[00:52:10]: Setting key partition list... (this can take a minute if there are a lot of keys installed)
[00:52:10]: 
[00:52:10]: Could not configure imported keychain item (certificate) to prevent UI permission popup when code signing
Check if you supplied the correct `keychain_password` for keychain: `/Users/distiller/Library/Keychains/login.keychain-db`
security: SecKeychainItemSetAccessWithPassword: The user name or passphrase you entered is not correct.
[00:52:10]: 
[00:52:10]: Please look at the following docs to see how to set a keychain password:
[00:52:10]:  - https://docs.fastlane.tools/actions/sync_code_signing
[00:52:10]:  - https://docs.fastlane.tools/actions/get_certificates
[00:52:11]: Setting key partition list... (this can take a minute if there are a lot of keys installed)
[00:52:11]: 
[00:52:11]: Could not configure imported keychain item (certificate) to prevent UI permission popup when code signing
Check if you supplied the correct `keychain_password` for keychain: `/Users/distiller/Library/Keychains/login.keychain-db`
security: SecKeychainItemSetAccessWithPassword: The user name or passphrase you entered is not correct.
[00:52:11]: 
[00:52:11]: Please look at the following docs to see how to set a keychain password:
[00:52:11]:  - https://docs.fastlane.tools/actions/sync_code_signing
[00:52:11]:  - https://docs.fastlane.tools/actions/get_certificates

ssh to macOS executor…

bash-3.2$ security find-identity -v -p codesigning
     0 valid identities found

Hello.

I suspect we will need to dig deeper into this, can I request you to open a ticket with the job URL and reference this thread we we can take a look?

Also, can you try xcode:10.2.1 in case the issue is resolved there?

Running setup_circle_ci is required before running match as it will create a keychain called fastlane_tmp_keychain. You can make that happen by, instead of invoking fastlane match directly from your config.yml, you create a lane inside your Fastfile that calls match and then call that lane from your config.yml.

Add something like this to your Fastfile

lane :match_adhoc do
  match(
    type: "adhoc",
    readonly: is_ci
  )
end

Then call it from your config.yml instead of calling match

bundle exec fastlane match_adhoc

Make sure you have setup_circle_ci in your before_all in Fastfile

Sorry, my bad. I cloud resolve this problem. Thank you for your comments.

unfortunately I ran into the same problem, how you manage to solve this issue?