Xcode11的altool上传IPA包

升级xcode11后，你会发现找不到Application loader这个工具了。而Application loader只是对altool的封装。
去查看xcdoe11的更新说明，有这样一段话

Xcode supports uploading apps from the Organizer window or from the command line with xcodebuild or xcrun altool. Application Loader is no longer included with Xcode. (29008875)

新版altool资料：

MacBook-Pro:~ $ xcrun altool
Copyright (c) 2009-2019, Apple Inc. Version 4.00.1181

Usage: altool --validate-app -f <file> -t <platform> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --upload-app -f <file> -t <platform> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --notarize-app -f <file> --primary-bundle-id <bundle_id> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>} [--asc-provider <provider_shortname>]
       altool --notarization-info <uuid> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --notarization-history <page> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>} [--asc-provider <provider_shortname>]
       altool --list-apps -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --store-password-in-keychain-item <name_for_keychain_item> -u <username> -p <password>

Authentication: Most commands require authorization.
                There are two methods available: user name with password, and apiKey with apiIssuer.

                -u, --username <username> Username. Required to connect for validation, upload, and notarization.
                -p, --password <password> Password. Required if username specified and apiKey/apiIssuer are not.
                                          If this argument is not supplied on the command line, it will be read from stdin.
                                          Alternatively to entering <password> in plaintext, it may also be specified using a '@keychain:'
                                          or '@env:' prefix followed by a keychain password item name or environment variable name.
                                          Example: '-p @keychain:<name>' uses the password stored in the keychain password item named <name>.
                                                                         You can create and update keychain items with the
                                                                         --store-password-in-keychain-item command.
                                          Example: '-p @env:<variable>'  uses the value in the environment variable named <variable>

                --apiKey <api_key>        apiKey. Required for JWT authentication while using validation, upload, and notarization.
                                          This option will search the following directories in sequence for a private key file
                                          with the name of 'AuthKey_<api_key>.p8':  './private_keys', '~/private_keys', '~/.private_keys',
                                          and '~/.appstoreconnect/private_keys'.
                --apiIssuer <issuer_id>   Issuer ID. Required if --apiKey is specified.

 -f, --file <file>                   <file> specifies the path to the file to process.
 -t, --type {osx | ios | appletvos}  Specify the platform of the file.

     --primary-bundle-id <bundle_id> Used with --notarize-app to uniquely identify a package.

     --asc-provider <provider_shortname> Required with --notarize-app and --notarization-history when a user account is associated with multiple
                                         providers.

 -v, --validate-app                  Validates an app archive for the App Store. Authentication and -f are required.
     --upload-app                    Uploads the given app archive to the App Store. Authentication and -f are required.
     --list-apps                     Display all apps associated with your account(s).

     --notarize-app                  Uploads the given app package, dmg or zip file for notarization. Authentication, -f,
                                     and --primary-bundle-id are required. --asc-provider is required for an account associated with multiple providers.
                                     If successful, the UUID associated with the upload is returned.

     --notarization-info <uuid>      Returns the status and log file URL of a package previously uploaded for notarization with the specified <uuid>.
                                     Authentication is required. The log file can be retrieved with 'curl <log_file_url>'.

     --notarization-history <page>   Returns a list of all uploads submitted for notarization. <page> specifies a range of entries where 0
                                     returns the most recent number of entries. A new page value will be returned which can be used as the
                                     <page> value to the next use of --notarization-history and so forth until no more items are returned.
                                     Authentication is required. --asc-provider is required for an account associated with multiple providers.

     --store-password-in-keychain-item <name_for_keychain_item> -u <username> -p <password>
                                     Stores the password <password> in the keychain item named <name_for_keychain_item> associated with the account <username>.
                                     If an item with that name and account already exists in the keychain, its password will be updated. Otherwise a new item
                                     is created with that name. You can use this keychain item with the -p option to mask your password with other commands.
                                     Example: altool --store-password-in-keychain-item MY_SECRET -u jappleseed@apple.com -p "MyP@ssw0rd!@78"
                                              altool --notarize-app -u jappleseed@apple.com -p @keychain:MY_SECRET [...]

     --output-format {xml | normal}  Specifies how the output is formatted. 'xml' displays the output in a structured format; 'normal' displays in
                                     an unstructured format (default).

     --verbose                       Enable logging output.

 -h, --help                          Display this output.

对比旧版本的altool多了2个参数--apiKey 、--apiIssuer。

1.为何新版本的xcode11不支持ApplicationLoader

结合旧版本的altool，新版本的altool支持了各种文件压缩包的上传，应该就是mac、ipad、iphone应用和其他相关打包产物的集合包，而旧版本的altool只支持ipa、pkg的上传。

2.如何使用xcrun altool验证、上传ipa包

xcrun altool有双重认证限制后，不能直接使用账号密码了，只能使用新的-apiKey 、--apiIssuer。

3.仔细查看它们的介绍：

--apiKey <api_key>        apiKey. Required for JWT authentication while using validation, upload, and notarization.
                                          This option will search the following directories in sequence for a private key file
                                          with the name of 'AuthKey_<api_key>.p8':  './private_keys', '~/private_keys', '~/.private_keys',
                                          and '~/.appstoreconnect/private_keys'.
--apiIssuer <issuer_id>   Issuer ID. Required if --apiKey is specified.

对 JWT authentication，官网搜索帮助信息，相关的一篇介绍
简单讲就是登录iTunesConnect --->用户与访问--->密钥，至此，生成相应身份的密钥，再将私钥下载下来。至此，你可以明白什么是apiKey、issuser了，这个apiKey的值，就是图中的密钥ID，我们将其对应私钥下载下来后，需要放到一个固定目录下，

'./private_keys'或者'~/private_keys' 或者'~/.private_keys' 或者'~/.appstoreconnect/private_keys'.

4.最终的验证、上传的两个命令：

xcrun altool --validate-app -f xxx/xxx/xxx.ipa -t ios --apiKey xxxxxxxx --apiIssuer xxxxxx --verbose  --output-format xml

xcrun altool --upload-app -f xxx/xxx/xxx.ipa -t ios --apiKey xxxxxxxx --apiIssuer xxxxxx --verbose  --output-format xml

2个命令分别对应 验证IPA 和 上传IPA，都需要使用3个参数ipa路径、apiKey、apiIssuer

一：路径不用说了，可以使用xcodebuild打包或用OrganizerExport导出App store包。

二：apiKey和apiIssuer需要去开发者官网-用户和访问-密钥-去新增。如下图流程

• 新增一个密钥，名称和访问者可以自由填写 api

• 生成完成后，IssuerID就是apiIssuer，密钥ID就是apiKey，并且还有一个API密钥可以下载注意此秘钥文件只能下载一次，请妥善保存
  IssuerID

三：到这一步先别急执行命令，执行了也会出错，按照xcrun altool官方文档说明

apiKey. Required for JWT authentication while using validation, upload, and notarization.
This option will search the following directories in sequence for a private key file
with the name of 'AuthKey_<api_key>.p8':  './private_keys', '~/private_keys', '~/.private_keys',and '~/.appstoreconnect/private_keys'.

我们需要把刚才下载好的密钥文件放到这里面的其中一个文件夹里，它会按顺序去查找。我自己是在用户目录下/Users/xxx/private_keys新建了个private_keys文件夹，并把密钥文件放进去的。

四：接下来把参数替换上去，可以尝试进行验证和上传了。

• 验证结果：

2019-11-13 11:36:56.773 altool[3970:100440] Deallocating <ITunesSoftwareServiceWorkSeriesFactory: 0x7fa5d6d06610>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>os-version</key>
    <string>10.14.6</string>
    <key>success-message</key>
    <string>No errors validating archive at '/Users/xxx/Desktop/altools.ipa'</string>
    <key>tool-path</key>
    <string>/Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/Frameworks/AppStoreService.framework</string>
    <key>tool-version</key>
    <string>4.00.1181</string>
</dict>
</plist>
2019-11-13 11:36:

等到提示No errors validating archive at xxx时就代表验证成功了，可以上传了。

• 上传结果

2019-11-13 11:49:55.382 altool[4093:102055] [2019-11-13 11:49:55 CST] <main> DBG-X: Returning 0
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>os-version</key>
    <string>10.14.6</string>
    <key>success-message</key>
    <string>No errors uploading '/Users/xxx/Desktop/altools.ipa'</string>
    <key>tool-path</key>
    <string>/Applications/Xcode.app/Contents/SharedFrameworks/ContentDeliveryServices.framework/Versions/A/Frameworks/AppStoreService.framework</string>
    <key>tool-version</key>
    <string>4.00.1181</string>
</dict>
</plist>

等到提示No errors uploading时就代表上传成功了，可以去开发者中心-活动里面查看一下是否有构建版本

构建版本

五：已经有了，到这里就大功告成了。是不是真香。。。