To create a self-hosted github actions runner with MacOS on AWS, is very much self explanatory. At the github actions runner page, click on “New runner” and select “Self-hosted runner” and you get a detailed guide on how to install the runner.
At the AWS part, we need to create a dedicated host and a dedicated instance.
During the intialization of the workflow I faced some issues at the CI/CD workflow, which been quite tricky to solve and I spent a lot of time to find a solution with AI and googling, with a very low success rate. Here’re two most problematic issues I faced.
fastlane creating temporary keychain failed, exit status 1
This error is related to the keychain not being created correctly with the fastlane setup_ci directive. I was sure the keys and match password are correct, but the error persisted.
The root cause was hidden in the Lane Context, in the following details:
| KEYCHAIN_PATH | ~/Library/Keychains/fastlane_keychain |
| ORIGINAL_DEFAULT_KEYCHAIN | "/Library/Keychains/System.keychain"
The $KEYCHAIN_PATH was correct, relative to the project, but the $ORIGINAL_DEFAULT_KEYCHAIN was the system keychain, which was not accessible by the runner.
The reason behind this and some other relatively strange user/runner permission issues was because of the service running through the /Library/LaunchDaemons/com.github.runner.plist.
it’s important to add following lines to the daemon
<key>SessionCreate</key>
<true />
This gives access to the default keychains for the user specified in UserName attribute
Kudos to the reply: stack overflow
fastlane build NewRelic.framework: errSecInternalComponent
During the fastlane build, I faced another issue in the Embed Pods Frameworks step.
The following build commands failed:
PhaseScriptExecution [CP]\ Embed\ Pods\ Frameworks
The root cause of the issue was an execution of the command
/usr/bin/codesign --force --sign abc123 --preserve-metadata=identifier,entitlements '/Users/ec2-user/Library/Developer/Xcode/app/Frameworks/NewRelic.framework'
But the command ended with a NewRelic.framework error:
/Users/ec2-user/Library/Developer/Xcode/DerivedData/app/Frameworks/NewRelic.framework: replacing existing signature
Warning: unable to build chain to self-signed root for signer "Apple Distribution: abc (1234567890)"
/Users/ec2-user/Library/Developer/Xcode/DerivedData/app/Frameworks/NewRelic.framework: errSecInternalComponent
I couldn’t find any details about the similar New Relic error, but then I noticed the NewRelic xcframework hostaway-mobile/ios/app.xcodeproj/project.pbxproj has expectedSignature = “AppleDeveloperProgram”.
The solution is to installed Apple Intermediate Certificate
sudo security import AppleWWDRCAG3.cer -k /Library/Keychains/System.keychain -t cert
Problem solved
