Hacker News new | ask | show | jobs
by ImNotAKompjoetr 3859 days ago
Isn't it generally considered bad practice to put certificates and profiles in version control? Especially since you're putting your password in the fastlane files here.. does anybody have a different approach for this? because the general setup is really nice
3 comments
potatolicious 3859 days ago
As far as I can tell the certs/profiles aren't in version control, but their paths are, and it's pretty concerning that the cert password is right there in plaintext in a file committed to the repo.

There are Jenkins plugins available that will manage your certs and profiles for you via the web admin UI, makes it pretty to use and keeps all signing-related information out of source control. Not to mention it also manages copying these certs and keys to individual worker machines, which is super nice when you have more than one build boxen.

link
jeremy_wiebe 3859 days ago
We store the .p12 files in git with a fairly long password. Using CircleCI we are able to put the password in as an environment variable which is non-readable through the admin UI once it's set.
link
mrdrozdov 3859 days ago
I had the same thought. Seems like Chef would be a better fit?
link