6

How can I encrypt/pass the JSON key file used by Fastlane to upload my apps to the app store?

Seems the current solution is to keep the key.json in the repo itself and mention the path in the Fastfile.

json_key_file("../key.json") # Path to the json secret file - Follow https://docs.fastlane.tools/actions/supply/#setup

What would be a better alternative?

ir2pid
  • 5,604
  • 12
  • 63
  • 107
  • It would be more secure to have all the keys on local. You also can try to add the path on the Appfile. – rcarba Dec 04 '18 at 13:46
  • Can you tell us what CI service you are using? Then I can add some more concrete instructions to my answer and link to code examples etc. – janpio Dec 04 '18 at 13:52

1 Answers1

12

Continuous integration tools usually offer a way to to securely store files or values and use those inside the CI run.

You upload the file in their web UI, then via a command in the CI configuration file get a temporary file location to access this file that you can store in an environment variable. Use that env variable in your lane to get the location of the key file.

Depending on what fastlane actions you use, you can also pass in the content of the file directly (supply has json_key and json_key_data as possible parameters), so you don't even have to upload the file itself but can just paste its content into an environment variable - and then again use that in your fastlane lane.

janpio
  • 10,645
  • 16
  • 64
  • 107