Cordova builds with Xcode 8

Posted on September 14^th, 2016 • Updated on October 26^rd, 2016

With iOS 10 comes a new Xcode version, and with a new Xcode version comes new and unexpected provisioning profile and code signing issues. The good news is that Xcode 8 brings better support for handling multiple developer teams, and can largely handle provisioning profiles automatically. The bad news is that Apache Cordova (and related tools like Adobe PhoneGap) won't be able to make command-line release builds out of the box.

Update (October 26^th, 2016): Cordova-iOS 4.3.0 is now released, which simplifies some parts of this.

Xcode 8 Automatic Provisioning

I'll start with this: if you want all the details about how code signing has changed in Xcode 8, you cannot do better than this very thorough explanation.

If you're looking for a summary:

There is now a DEVELOPMENT_TEAM setting to specify the Apple Developer Team ID
The CODE_SIGN_IDENTITY setting should be a generic "iPhone Developer" identity (with no additional specificity)
The PROVISIONING_PROFILE setting should no longer be used.

Cordova Support

Development Team

Cordova-iOS 3.4.0 allows specifying a developmentTeam in build.json, which will be used to populate the DEVELOPMENT_TEAM setting. You do not need the hook if you're using Cordova-iOS 4.3.0.

If you're using an older version, I've written a hook that you can add to your project. Save that file in your hooks folder, and reference it in your config.xml:

<platform name="ios">
  <hook type="before_compile" src="hooks/xcode8.js" />
</platform>

Finding your Development Team ID

Your Development Team ID can be found by going to the Apple Developer portal, logging in, and clicking on the Membership page in the sidebar.

Apple Developer Account Team ID — The Team ID shown in the Apple Developer Account Membership details.

Code Signing Identity

The second problem is that Cordova will automatically try to use "iPhone Distribution" as the identity when making a build with the release option. You can override this by specifying "iPhone Developer" in your build.json with the codeSignIdentity key.

This is confusing, but you should always use the "iPhone Developer" identity, even when making release builds.

Exporting a Distribution Build

Now your release builds are succeeding, but they still aren't right because they're actually being signed with a development certificate. In order to sign them with a distribution certificate, you'll need to perform an archive step in Xcode.
Cordova-iOS 4.3.0 will do this automatically if you make a build for a device, but unfortunately this is a manual step in the Xcode IDE for earlier versions of Cordova.

With Cordova-iOS 4.3.0, you'll need to tell it what type of build to make. This is specified via the packageType key in build.json. This allows you to make enterprise, ad-hoc, and App Store builds.

The valid options for packageType are:

development (the default)
ad-hoc
enterprise
app-store

Build Config options

Your updated build.json file should look something like this:

{
  "ios": {
    "debug": {
      "developmentTeam": "ABCD12345Z"
    },

    "release": {
      "developmentTeam": "ABCD12345Z",
      "codeSignIdentity": "iPhone Developer",
      "packageType": "ad-hoc"
    }
  }
}

Special thanks to Christian and Shazron for their help in figuring out the required config bits.
An enormous thank you to Samantha for her amazing post about Xcode 8 code signing changes, and being the only document that made any sense.