App Store Game Build Signing
Xcode Organizer shows "Upload Successful" — and App Store Connect sends letter: "Missing required icon," although icons are in Assets.xcassets. Or build accepted, but TestFlight-build crashes on startup with SIGABRT because in Release configuration flag Enable Bitcode = NO not set for one plugin. iOS build for App Store is managed process with dozen failure points.
What breaks without properly structured pipeline
Code signing chaos. Average Unity-project with 15+ plugins has multiple provisioning profiles, manual cert management for Developer and Distribution, tangled Capabilities (Push Notifications, In-App Purchase, Game Center, Sign in with Apple). On CI-machine without Keychain with needed certs get No signing certificate "iOS Distribution" found. Fastlane Match solves this systematically: certificates and profiles stored in git-repo (encrypted), CI retrieves them via match(type: "appstore") — no manual export of .p12.
Entitlements. Unity generates Unity-iPhone.entitlements on Xcode-project export. If Automatically Sign enabled at wrong moment — Xcode overwrites entitlements, removing manually added capabilities. PBXProject API in Unity (via UnityEditor.iOS.Xcode) allows programmatically adding entitlements in post-build script — more reliable than manual editing.
Incrementing build number. App Store Connect doesn't accept build with same CFBundleVersion as previous — even if CFBundleShortVersionString changed. Manual build forgets this about 30% of time. Automation via Fastlane: increment_build_number(build_number: latest_testflight_build_number + 1).
How we build the process
Base tool — Fastlane with Gymfile for iOS. Unity specifics: before calling gym need build step via command line:
Unity.exe -batchmode -executeMethod BuildScript.BuildiOS -projectPath . -logFile build.log -quit
BuildScript.BuildiOS via BuildPlayerOptions sets BuildTarget.iOS, BuildOptions.Il2CPP, configures PlayerSettings for specific build (bundle ID, version, icons).
After Xcode-project export — post-build processing via PostProcessBuild attribute: add needed frameworks, fix Info.plist (NSPhotoLibraryUsageDescription, Privacy manifest for iOS 17), configure linker flags for plugins with Objective-C categories.
Signing and archiving via xcodebuild archive, then xcodebuild -exportArchive with .plist ExportOptions configuration (signing method app-store, correct provisioning profile by bundle ID, bitcode inclusion if needed).
Upload to App Store Connect via xcrun altool --upload-app or Fastlane deliver/pilot. pilot for TestFlight allows immediately assigning tester groups and setting release notes.
Automation on CI/CD
For game studios optimal — GameCI (GitHub Actions + Unity). Workflow: trigger on push to release branch → Unity build → Fastlane signing → TestFlight upload → Slack notification.
Secrets (certificates, Apple ID credentials, App Store Connect API key) stored in GitHub Secrets or Vault. Apple recommends moving from username/password to App Store Connect API Key (JWT) — more reliable and doesn't require two-factor auth in CI.
Timeline
| Task | Duration |
|---|---|
| One-time build and TestFlight upload | 0.5–1 day |
| Setup Fastlane Match + initial signing config | 1–2 days |
| Full CI/CD pipeline (GameCI + Fastlane + TestFlight) | 3–7 days |
Cost determined after audit of current CI infrastructure and certificate/profile state.