Unable to install certs using Fastlane Match

Bitrise Build Issue Report template

Description of the issue

Faslane is no longer able to install certificates:

[00:04:00]: Installing certificate…
security: SecKeychainSearchCopyNext: The specified item could not be found in the keychain.
[00:04:01]: There are no local code signing identities found.
You can run security find-identity -v -p codesigning to get this output.
This Stack Overflow thread has more information: ios - This certificate has an invalid issuer Apple Push Services - Stack Overflow.
(Check in Keychain Access for an expired WWDR certificate: ios - This certificate has an invalid issuer Apple Push Services - Stack Overflow has more info.)


Xcode 10.1.x High Sierra

If on Bitrise.io: which stack? If not on Bitrise.io: on what operating system? (Plus any other information you can share)

Which build Step causes the issue and which version of the step?



  • Does a “Rebuild” help? NO
  • Does a rebuild without caches help? WE DON’T USE CACHES
  • Does the issue happen sporadically, or every time? EVERY TIME
  • Does upgrading the build Step to the latest version help? NO
  • When did the issue start? ABOUT A WEEK AGO

Local reproduction

Can it be reproduced on your own Mac/PC by following our [local debug guide]? NO, IT WORKS FINE LOCALLY BY USING THE BITRISE COMMAND

Build log

This was working perfectly fine before a week ago or so. This workflow has run for about a month without errors.

Hello @bsarrazin!

it seems that the .xcarchive is not found: xattr: No such file: //.build/SmartLine- on log line 2087

could you try the fix mentioned here? https://github.com/fastlane/fastlane/issues/5111#issuecomment-225372536

Hi @bsarrazin,

Thanks for posting the issue here! Just to sum up what we found during our investigation and our talk via Slack/On-site chat:
Basically the error was that the go toolkit didn’t get the correct env var set and PWD wasn’t available during the Fastlane run. The ipa_path and xcarchive_path inputs were defined using env var, like in the following example:

ipa_path = "#{ENV['PWD']}/..."
xcarchive_path = "#{ENV['PWD']}/..."

Due to the issue the PWD env var wasn’t available and this resulted in an issue where the inputs looked like this:

| ipa_path        | //.build/Name.ipa       |
| xcarchive_path  | //.build/Name.xcarchive |

Instead of the correct:

| ipa_path        | /Users/vagrant/git/.build/Name.ipa       |
| xcarchive_path  | /Users/vagrant/git/.build/Name.xcarchive |

This caused an error during the export process where exporting the .ipa failed due to not finding the .xcarchive file.
Our tooling team has a ticket created for this issue, but in the meantime a workaround for this issue is to add a script step before running the Fastlane lane and adding the following code:
envman add --key PWD --value $BITRISE_SOURCE_DIR
This would set and make the PWD variable with the value stored in the BITRISE_SOURCE_DIR env var.