Jenkins credentials - how to pass into Fastlane?

Question

I have a secret file in Jenkins Credentials. And I am trying to use it as an environment variable to use later in Fastlane script. But inside the Fastlane script I am getting only ****. How can I get the secret key in Fastlane from Jenkins?

Piece of Jenkins Groovy file:

pipeline {
    agent any
    environment {
        APP_STORE_KEY = credentials('ASC_KEY')
        #...
    }
    #...
    stage('Upload to TestFlight') {
        steps {
            sh "bundle exec fastlane deploy --env $APP_ENV"
        }
    }
}

Piece of Fastfile:

lane :deploy do
    api_key = app_store_connect_api_key(
        key_id: ENV['ASCAPI_KEY_ID'],
        issuer_id: ENV['ASCAPI_ISSUER_ID'],
        key_content: ENV['APP_STORE_KEY']
    )
    pilot(
        username: ENV['APPLE_ID'],
        app_identifier: ENV['APP_BUNDLE_IDENTIFIER'],
        dev_portal_team_id: ENV['TEAM_ID'],
        team_id: ENV['TEAM_ID'],
        api_key: api_key,
        app_platform: "ios",
        ipa: ENV['OUTPUT_IPA_NAME'],
        skip_waiting_for_build_processing: true
    )
end

I've tried to print APP_STORE_KEY with puts(ENV['APP_STORE_KEY']) in Fastfile and it returns ****. Maybe you know some workaround or a better way to do this.

score 0 · Answer 1 · answered May 29 '22 at 13:27

I've managed it to work. it works perfectly with the base64 encoded content of .p8 file.

First of all we need to get base64 encoded string from .p8 file. and copy the result. Then in Jenkins Credentials create a credential with type of Secret text and paste base64 encoded string.

cat AuthKey_12345ABCD.p8 | base64
LS0tCk1...5cUdTTTQ #It's a result of encoding, copy it.

In Fastfile add is_key_content_base64 parameter to app_store_connect_api_key. And remove username parameter from pilot (it will cause conflict with the api_key parameter).

api_key = app_store_connect_api_key(
    key_id: ENV['ASCAPI_KEY_ID'],
    issuer_id: ENV['ASCAPI_ISSUER_ID'],
    key_content: ENV['APP_STORE_KEY']
    is_key_content_base64: true #Add this parameter ++++++++++++
)

pilot(
    #username: ENV['APPLE_ID'], #Remove this row ------------
    app_identifier: ENV['APP_BUNDLE_IDENTIFIER'],
    .....

Did not make a deep test with other types of secrets but works great with the above solution.

Jenkins credentials - how to pass into Fastlane?

1 Answers1