iosxcodeazure-devopscode-signingswift-package-manager

Azure DevOps iOS pipeline fails during Xcode archive: “Signing for GoogleSignIn_GoogleSignIn requires a development team”

I’m trying to build and upload an iOS app to TestFlight using an Azure DevOps pipeline, but the build fails during the archive step with signing errors related to Swift Package dependencies (e.g., GoogleSignIn, AppAuth, Datadog, etc.).

Here’s the simplified YAML pipeline:

trigger:
- main

variables:
- group: _secrets
- name: projectPath
  value: 'MyApp.xcodeproj'
- name: scheme
  value: 'MyApp DEV'
- name: configuration
  value: 'Development'
- name: archiveOut
  value: '$(Build.SourcesDirectory)/output/MyApp.xcarchive'
- name: exportDir
  value: '$(Build.ArtifactStagingDirectory)/IPA'
- name: exportOptionsPlist
  value: 'ExportOptions.plist'

stages:
- stage: Build
  displayName: "Build & Export IPA"
  jobs:
  - deployment: build_job
    environment: 'ApprovalGate'
    pool:
      vmImage: macos-latest
    strategy:
      runOnce:
        deploy:
          steps:
          - checkout: self

          - task: InstallAppleCertificate@2
            inputs:
              certSecureFile: "Certificates.p12"
              certPwd: "$(p12_cert)"

          - task: InstallAppleProvisioningProfile@1
            inputs:
              provProfileSecureFile: "myapp_dev.mobileprovision"

          - task: Xcode@5
            displayName: "Archive (signed)"
            inputs:
              actions: archive
              scheme: $(scheme)
              configuration: $(configuration)
              sdk: iphoneos
              xcWorkspacePath: $(projectPath)
              signingOption: manual
              signingIdentity: "Apple Distribution"
              provisioningProfileName: myapp_dev
              useXcpretty: false
              args: >
                -archivePath "$(archiveOut)"

Error

During the archive step, the pipeline fails with multiple signing errors from Xcode:

error: Signing for "GoogleSignIn_GoogleSignIn" requires a development team.
Select a development team in the Signing & Capabilities editor.
(in target 'GoogleSignIn_GoogleSignIn' from project 'GoogleSignIn')

error: Signing for "AppAuth_AppAuthCore" requires a development team.
(in target 'AppAuth_AppAuthCore' from project 'AppAuth')

error: Signing for "Datadog_DatadogCore" requires a development team.
(in target 'Datadog_DatadogCore' from project 'Datadog')

...
** ARCHIVE FAILED **

What I’ve tried

Using Apple Distribution certificate and App Store provisioning profile (since the goal is to upload to TestFlight)

The main app target and custom frameworks have a valid DEVELOPMENT_TEAM and use manual signing.

Verified that the certificate and provisioning profile are correctly installed by the pipeline (InstallAppleCertificate@2 + InstallAppleProvisioningProfile@1).

Local Xcode archives work fine.

Tried adding arguments like DEVELOPMENT_TEAM=XXXXXXXXXX or CODE_SIGNING_ALLOWED=NO — no effect.

The failing targets are Swift Package Manager dependencies (GoogleSignIn, AppAuth, Datadog, etc.), not my own targets.

Question

How can I prevent Swift Package dependencies from requiring code signing during the archive step in an Azure DevOps pipeline? Is there a way to tell Xcode to skip signing SPM frameworks while still signing my app manually?

Solution

  • solved by changing

    signingOption: default