I still haven't gotten my head around the YAML editor for pipelines on Azure DevOps, so I'm afraid that I still set things up using the visual editor! However, saying that, iOS builds are seemingly never straight forward ... even when you have a GUI helping.
The key to getting it all working is to ensure that you have the right certificates and provisioning profiles loaded into Secure Files, and installed on the build agent (ideally using a Temporary KeyChain).
The files you will need are:
- Distribution Certificate
- Developer Certificate
- Mobile Provisioning Profile
To get the Distribution and Developer certificate, the easiest route is to use a Mac that they were created / used on - and as such, one that has XCode installed. These certificates will then be placed into the Keychain on the machine.
Fire up Keychain Access, and locate the keys:
Expand the iPhone Developer and iPhone Distribution certificates to see the private components; right click on the Private key and select Export. You will be prompted for a password in order to ensure these are securely exported. Repeat for the other certificate until you have exported both.
The easiest way to get to get the Mobile Provisioning Profile is actually on the Apple Developer Portal. Login, then select Certificates, IDs and Profiles from the left. Scroll down on the page, select All under Provisioning Profiles (right down the bottom on the left). Expand the provisioning profile you want to export, then click Download.
So now you have all three components, it's time to go configure the pipeline in Azure DevOps. Now, I started with a Blank template and built mine up, simply because I like to know exactly what is going on, but also to allow me to build both Android and iOS apps at the same time in a sequential pipeline - but if you choose to use one of the built in templates, these steps will work just the same.
Make sure that you have two "Install an Apple certificate" tasks - one for the Distribution certificate, and one for the Developer certificate; to upload these, select one the Install an Apple certificate task then click on the cog icon next to the Certificate P12 option - this will upload the certificate into "Secure Files" (basically a secure Azure DevOps area specific to your organisation). Note that you will need to provide your password for the certificates - please ensure you use variables for this, otherwise it will be visible!
Finally add an "Install an Apple provisioning profile" task, and upload the Provisioning Profile (again to Secure Files).
And thats it! You should now be able to CI build your app :) The build output / artifact will contain the IPA file that is output from the build.
NOTE: The Hosted MacOS build agent needed a few more tweaks to get it working for me, specifically I had to set the Xamarin SDK version to 5.16.0 as it was defaulting to building with 5.12 which just didn't work properly. YMMV.