In the whole process, Jenkins set up automatic and periodical running scripts, packaged and generated IPA files and PLIST files, and automatically sent the pin message to the tester after success. The tester opened the download address and OTA installation.

Environment: macOS10.12.5, Xcode 8.3.3, ruby2.4.0, java1.8.0

The first step:Build Jenkins

Step 2: Pack automatically

Automatic packaging is an automatic packaging script: PPAutoPackageScript, GitHub address: github.com/jkpang/PPAu… The local usage of PPAutoPackageScript can be found on GitHub, where the author writes in detail. Overall no difficulty, just follow the steps. The first part of the script needs to be modified, after the modification is complete, the test package is ok, and then continue to the next step. Note: Do not set automatic management in Xcode certificate management section, otherwise an error will be reported

Step 3: OTA distribution

OTA distribution. I set up the server locally. Currently, OTA distribution only supports Https, so the OpenSSL homemade certificate is required. There are specific methods behind, first set up the server.

Start the server

MacOS comes with Apache, so enter sudo apachectl start on the terminal and http://127.0.0.1 on the browser. If It Works! , OK, the server started successfully.

Modify the configuration

The default directory server * * “/ Library/WebServer/Documents /,” edit “/ etc/apache2 / HTTPD. Conf” * *, to find it

DocumentRoot “/Library/WebServer/Documents” <Directory “/Library/WebServer/Documents”>

Change the path you want to use as the server root directory. Other modifications are shown below:

Homemade OpenSSL certificate

Generate the private key for the server
mkdir /private/etc/apache2/ssl
cd /private/etc/apache2/ssl
sudo openssl genrsa -out server.key 1024
Copy the code
Generation of signed applications
sudo openssl req -new -key server.key -out server.csr
Copy the code

(Multiple items need to be entered, where Common Name is the domain Name or IP address of the server)

Generate a CA private key
sudo openssl genrsa  -out ca.key 1024
Copy the code
Generate the CA’s self-signed certificate with the CA’s private key
sudo openssl req  -new -x509 -days 365 -key ca.key -out ca.crt
Copy the code
Create demoCA
sudo mkdir demoCA
cd demoCA
mkdir newcerts
Copy the code

TXT and serial. The contents of serial are 01 and index. TXT is empty (index. TXT must be empty, otherwise an error will be reported)

sudo openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key
Copy the code

Now generates a server. The CRT, server key, ca. CRT file, location of * * respectively “/ private/etc/apache2 / SSL/server. The CRT”, “/ private/etc/apache2 / SSL/server. The key” * *, ca. The CRT in the document root directory (that is, the front DocumentRoot folder).

Configure the SSL service for the server

Edit/private/etc/apache2 / HTTPD. Conf. Remove the following project comments (remove the ‘#’ in front of)

LoadModule ssl_module libexec/apache2/mod_ssl.so 
LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so
Include /private/etc/apache2/extra/httpd-ssl.conf 
Include /private/etc/apache2/extra/httpd-vhosts.conf
Copy the code
Edit/private/etc/apache2 / extra/HTTPD – SSL. Conf

Change the path of the following two items to the path where the SSL certificate is stored as follows:

SSLCertificateFile "/private/etc/apache2/ssl/server.crt"
SSLCertificateKeyFile "/private/etc/apache2/ssl/server.key"
Copy the code
Edit/private/etc/apache2 / extra/HTTPD – vhosts. Conf

End of file add:

<VirtualHost *:443> SSLEngine on SSLCipherSuite ALL:! ADH:! EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /private/etc/apache2/ssl/server.crt SSLCertificateKeyFile/private/etc/apache2 / SSL/server. The key ServerName 192.168.1.35 DocumentRoot (server IP) "Same as above for DocumentRoot" </VirtualHost>Copy the code

And when you add it

sudo apachectl configtest
Copy the code

If any problem, start the related service as prompted. If no problem, restart the server

sudo apachectl restart
Copy the code

From here you can access the server using HTTPS.

Write plIST files required for OTA installation, as well as server pages

Under the DocumentRoot directory of the server, create a new plist file named manifest.plist file and modify it according to your own situation. The two image addresses can be left or not. The file template is as follows:

<? The XML version = "1.0" encoding = "utf-8"? > <! DOCTYPE plist PUBLIC "- / / / / DTD plist Apple / 1.0 / EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" > < plist Version ="1.0"> <dict> <key>items</key> <array> <dict> <key> Assets </key> <array> <dict> <key>kind</key> < string > software - package < / string > < key > url < / key > < string > https://192.168.1.35/pay.ipa < / string > < / dict > < dict > The < key > kind < / key > < string > display - image < / string > < key > url < / key > < string > https://192.168.1.35/pay57.png < / string > < / dict > The < dict > < key > kind < / key > < string > full - size - image < / string > < key > url < / key > < string > https://192.168.1.35/pay512.png < / string > </dict> </array> <key>metadata</key> <dict> <key> bundleidentifier</ key> <string> Packaged Bundleidentifier </string> <key>bundle-version</key> <string> App version</ string> <key>kind</key> <string> Software </string> <key>title</key> < string > app name < / string > < / dict > < / dict > < / array > < / dict > < / plist >Copy the code

After plist file is created, create index.html again, include app download address and SSL certificate download address, write other parts by yourself, download address is as follows:

<a href="itms-services://? Action = download - manifest&url = https://192.168.1.35/manifest.plist "> appName < / a > < a Href = "http://192.168.1.35/ca.crt" > install SSL certificate < / a >Copy the code

Now that the setup on your computer is complete, you can test the OTA installation by placing the adhoc version of your app and ca.crt files generated in step 2 in the root directory of the service area.

Testing:

Mobile phone and computer in the same LAN, mobile phone to visit the server page, first click install SSL certificate, install certificate, and then in Settings — > General — > Description file, set the certificate just installed as trust. Next, the most important step is to set — > General — > About native, the bottom certificate trust Settings, and set trust again. Then return to the web page to download and install the APP. Otherwise, “unable to connect” will appear. Test no problem, proceed to the next step.

Step 4: String all processes together

This step requires Jenkins to be tacked to the OTA distributor and the whole process to go through PPAutoPackageScript. In addition to the changes suggested by the author, we need to make some changes as required. First, change the output IPA path to the root directory of the server, as shown in the figure below:

cd $export_path cat << EOF > manifest.plist <... > < key > url < / key > < string > https://192.168.1.35/App/v$bundle_version/${ipa_name}. The ipa < / string > <... > <dict> <key> bundleidentifier</ key> <string> Packaged Bundleidentifier </string> <key> bundleversion </key> <string>$bundle_version</string> <key>kind</key> <string>software</string> <key>title</key> <string>$scheme_name</string> <... > EOFCopy the code

<… > < span style = “max-width: 100%; clear: both; min-height: 1em; The download path here includes the export_path in the script, also known as the output path, which can be modified according to your own needs. If it is directly generated in the root directory, https://192.168.1.35/${ipa_name}.ipa, the generated new IPA file will overwrite the old one. I’m making it output to a different folder each time based on the version number.

After modifying the script file, log in Jenkins, enter the previously built project, click Configure, and add the build step before the step of nail notification message, as shown in the figure:

Build immediately
Pay attention to