validate_secrets.yml: Continue on errors in fastlane validate_secrets

Will avoid halting the workflow on invalid certs during validate_secrets.yml, as this is handled in crate_certs.yml Add grep for "Your certificate .* is not valid"', but exit without error Remove unnecessary annotation output for 'Unable to create a valid authorization token for the App Store Connect API.' Remove misleading grep "No code signing identity found" -e "Could not install WWDR certificate" and error "No code signing identity found" or "Could not install WWDR certificate"
nightscout · Jan 18, 2025 · 005339f · 005339f
1 parent f06675b
commit 005339f
Showing 1 changed file with 4 additions and 7 deletions.
diff --git a/.github/workflows/validate_secrets.yml b/.github/workflows/validate_secrets.yml
@@ -178,22 +178,19 @@ jobs:
           elif ! echo "$FASTLANE_KEY" | openssl pkcs8 -nocrypt >/dev/null; then
             failed=true
             echo "::error::The FASTLANE_KEY secret is set but invalid. Verify that you copied it correctly from the API Key file (*.p8) you downloaded and try again."
-          elif ! bundle exec fastlane validate_secrets 2>&1 | tee fastlane.log; then
+          elif ! (bundle exec fastlane validate_secrets 2>&1 || true) | tee fastlane.log; then # ignore "fastlane validate_secrets" errors and continue on errors without annotating an exit code
             if grep -q "bad decrypt" fastlane.log; then
               failed=true
               echo "::error::Unable to decrypt the Match-Secrets repository using the MATCH_PASSWORD secret. Verify that it is set correctly and try again."
             elif grep -q -e "required agreement" -e "license agreement" fastlane.log; then
               failed=true
-              echo "::error::Unable to create a valid authorization token for the App Store Connect API."
               echo "::error::❗️ Verify that the latest developer program license agreement has been accepted at https://developer.apple.com/account (review and accept any updated agreement), then wait a few minutes for changes to take effect and try again."
-            elif ! grep -q -e "No code signing identity found" -e "Could not install WWDR certificate" fastlane.log; then
-              failed=true
-              echo "::error::Unable to create a valid authorization token for the App Store Connect API."
-              echo "::error::❗️ Verify that the latest developer program license agreement has been accepted at https://developer.apple.com/account (review and accept any updated agreement), then wait a few minutes for changes to take effect and try again."
-              echo "::error::❗️ If you created a new FASTLANE KEY or have not previously succeeded with validate secrets, then check that FASTLANE_ISSUER_ID, FASTLANE_KEY_ID, and FASTLANE_KEY secrets were entered correctly."
+            elif grep -q "Your certificate .* is not valid" fastlane.log; then
+              echo "::notice::Your Distribution certificate is invalid or expired. Automated renewal of the certificate will be attempted."
             fi
           fi
 
+
           # Exit unsuccessfully if secret validation failed.
           if [ $failed ]; then
             exit 2