I’ve appended a short update to my article on best practices for code signing on iOS. If you use CocoaPods, you’ll need the following
post_install script in your host project’s
Podfile, which applies the correct code signing identity for the current scheme/config to each dependency framework:
post_install do |installer_representation| installer_representation.pods_project.targets.each do |target| target.build_configurations.each do |config| if config.to_s == 'Beta' config.build_settings['CODE_SIGN_IDENTITY[sdk=iphoneos*]'] = 'iPhone Distribution' elsif config.to_s == 'Release' config.build_settings['CODE_SIGN_IDENTITY[sdk=iphoneos*]'] = 'iPhone Distribution' end end end end
My script assumes that you are using a distribution identity for configs named
Release, but these can edited to match your own build configs. The CocoaPods default for the
Debug code-signing identity (as well as the default
Automatic selection for provisioning profiles) I have left untouched since they’re best practice (in my opinion).
One unfortunate drawback of using CocoaPods is that it is not possible for the
post_install script to select a specific code-signing identity by name. For example, if your project uses an enterprise code signing identity for beta builds and a standard developer identity for release builds, you would ideally want to indicate those specific identities (per my recommendations). Alas, the best you can do via the script is to choose the automatic
iOS Distribution selection and pray that Xcode will choose the appropriate identity. From what I have observed so far, Xcode is doing the right thing. Let me know if your experience differs.