InfoQ Homepage News AWS CodeBuild Now Supports Fastlane to Simplify iOS Deployments
AWS CodeBuild Now Supports Fastlane to Simplify iOS Deployments
This item in japanese
Feb 11, 2025 2 min read
Write for InfoQ
Feed your curiosity. Help 550k+ globalsenior developers
each month stay ahead.Get in touch
CodeBuild, AWS continuous integration service, now provides Fastlane support to manage tasks such as code signing, screenshot generation, beta distribution, and app store submissions for iOS, iPadOS, watchOS, tvOS, and macOS apps.
Amazon started to support macOS environments in CodeBuild a few months ago. As AWS principal developer advocate Sébastien Stormacq notes, manually installing Fastlane was an unnecessary hurdle for developers wanting to use CodeBuild. Therefore, AWS now installs Fastlane by default to make it ready to use out-of-the-box.
While having Fastlane available by default makes it simpler to use, developers still have to configure it properly for their projects and integrate it into CodeBuild.
The key step to this, as Stormacq explains, is providing Fastlane with access to the private keys, certificates, and mobile provisioning profiles required for iOS builds. To this aim, Fastlane stores all signing materials in a private repository hosted on GitHub, GitLab, or secure Cloud storage and encrypts them using a password. At build time, it retrieves all signing materials and uses them with codebuild. This is the basic mechanism in Fastlane that makes it possible for a team to share the signing materials necessary for iOS secure builds and deployments.
Once Fastlane is configured locally, you need to configure CodeBuild to use it. This requires setting several environment variables to store the password to decrypt signing materials, the Apple ID session cookie, and Git's basic authorization. For increased security, Stormacq strongly suggests using AWS Secrets Manager to store those values. For example, for the MATCH_PASSWORD variable containing the encryption password, you would use:
aws --region $REGION secretsmanager create-secret --name /CodeBuild/MATCH_PASSWORD --secret-string MySuperSecretPassword
The process of configuring Fastlane requires several steps with multiple failure points. If anything goes wrong, says Stormacq, the first step is checking the provided environment variables and ensuring CodeBuild has access to AWS Secrets Manager. Refer to Stormacq's article for a step-by-step introduction.
Fastlane is available on all macOS images at no extra cost. In addition to Fastlane, CodeBuild images for Mac also include Xcode and support a variety of tools and frameworks, including Java, Kotlin, Node.js, Python, Ruby, Rust, and Swift.
As a final note, CodeBuild for macOS utilizes reserved fleets, which are designed for building and testing in latency-sensitive scenarios but are less flexible than on-demand fleets. Indeed, while on-demand fleets are charged per minute of build time, macOS fleets are charged for a 24-hour minimum due to Apple's SLA for macOS.
This content is in the Mobile topic
Related Topics:
-
Related Editorial
-
Related Sponsors
-
Popular across InfoQ
-
Cloudflare Introduces Data Platform with Zero Egress Fees
-
Grafana and GitLab Introduce Serverless CI/CD Observability Integration
-
TanStack Start: A New Meta Framework Powered by React or SolidJS
-
Java News Roundup: OpenJDK JEPs for JDK 26, Spring RCs, Quarkus, JReleaser, Seed4J, Gradle
-
Redis Critical Remote Code Execution Vulnerability Discovered after 13 Years
-
If You Can’t Test It, Don’t Deploy It: The New Rule of AI Development?
-
Related Content
The InfoQ Newsletter
A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example