Exact same workflow fails with PR event as opposed to push event/manual run

juliancmg · May 3, 2017, 12:58am

Works locally no problem.
I have had zero issues with BitRise until I started to use the Pull Request workflow. I have a branch that is set up to kick off a workflow called “regressionTests” for PRs. Fastlane match will fail during this step for the PR event but works fine when there is a push / starting a job manually.

The bitrise.yml file is exactly the same between the two jobs, the branch is the same, the only difference I can think of is something in the machine setup that is disallowing keychain access:
PR (failing) job: https://www.bitrise.io/build/7f8a8a330a1a0983
Push (working) job: https://www.bitrise.io/build/4880c407cd7b2fb4

The error is occurring during the fastlane match step. This step does not ever fail in my other “jobs”, using the exact same environment variables.

security: SecKeychainSearchCopyNext: The specified item could not be found in the keychain.
[17:36:24]: No password found neither in environment nor in local keychain. Bailing out as in non interactive mode.
[17:36:24]: Couldn’t decrypt the repo, please make sure you enter the right password!

juliancmg · May 3, 2017, 1:03am

Seems to just not be pulling in the environment variable (secret variable) set for the match password properly.

viktorbenei · May 3, 2017, 7:48am

This is noted/highlighted with the orange text on Secret Env Vars, that those variable are not available for Pull Request builds, due to security concerns.

If you need a variable to be available for every build you should use App Env Vars instead of Secrets.

juliancmg · May 3, 2017, 5:03pm

Ah. For some reason the orange background made my eyes skip OVER the text instead of being drawn to it. Haha. Thanks for the info @viktorbenei. Since the pushes can still use fastlane match, I’ve switched the tests (PR flow) to use Bitrise’s built in certificate / profile installer. Seems to be going okay, other than the fact that I would have to update the cert manually whenever it is changed.

Thanks!

viktorbenei · May 4, 2017, 11:02am

Yeah, that’s true. We have a couple of ideas to help with this, but if you have any, feel free to share it with us (preferably in a new discussion ;))

tamaspapik · March 1, 2018, 8:25am

Also, we had a small change so now you can decide of which secret you would like to expose or not in a PR.
45%20AM

Topic		Replies	Views
How to properly setup fastlane match with bitrise.io? Question & Answer	6	6723	January 9, 2019
Bitrise with Fastlane match always fails to access to repo Question & Answer fastlane	2	5006	January 21, 2021
PR mode builds failing - auth error 128, but CI mode builds are ok Tooling Issues git-clone	9	2946	December 23, 2017
Bundler: failed to load command: fastlane (/Users/vagrant/.rbenv/versions/2.6.3/bin/fastlane) Builds	3	5261	March 26, 2020
SSHRsaPrivateKey: required variable is not present Builds step , ios , workflow	2	1074	May 20, 2023

Exact same workflow fails with PR event as opposed to push event/manual run

Related topics