---
title: "Fastlane iOS Integration"
description: "Learn how to integrate DoveRunner Mobile App Security SDK with Fastlane to automate your iOS app build and distribution pipeline."
---
> For the complete documentation index, see [llms.txt](/llms.txt).

import { Aside, Steps } from '@astrojs/starlight/components';

If your Xcode project already uses Fastlane for automated builds and distribution, you can keep that pipeline intact by adding the DoveRunner Mobile App Security SDK processing step to your `Fastfile`. This guide covers two scenarios:

- **Local Fastlane** — Running Fastlane directly on your machine
- **GitHub Actions + Fastlane** — Running Fastlane in a GitHub Actions CI workflow

---

## Local Fastlane Setup

### Default Fastfile

A typical `Fastfile` for a project named `TestApp_Swift` looks like this:

```ruby
default_platform(:ios)
platform :ios do
  desc "Push a new beta build to TestFlight"
  lane :beta do
    increment_build_number(xcodeproj: "TestApp_Swift.xcodeproj")
    build_app(scheme: "TestApp_Swift")
    upload_to_testflight
  end
end
```

### Modified Fastfile with DoveRunner SDK

After applying the DoveRunner Mobile App Security SDK, additional processing is required between the build and distribution steps. Open your `Fastfile` with a text editor and replace its contents with the script from `Fastlane Scripts/Fastfile` included in the SDK package.

Before running, replace the following placeholder values in the script:

| Variable | Description |
| :------- | :---------- |
| `FASTLANE_USER` | Your Apple account email |
| `FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD` | Your app-specific password |
| `PROFILE` | The name of the provisioning profile used in the distribution step |

The modified script is designed to extract project name and scheme values from the project folder automatically, so the same `Fastfile` can be used across different projects without modification.

Once updated, run `fastlane beta` as before. The pipeline will build the app, export it as an IPA, run the `generate_hash` script, and upload the DoveRunner-enabled IPA to TestFlight.

---

## GitHub Actions + Fastlane

You can build a fully automated pipeline that triggers on a push to a branch using GitHub Actions. This section explains how to set that up with DoveRunner Mobile App Security SDK applied.

### Prerequisites

<Aside type="tip">
If you haven't created an App Store Connect API Key yet, follow [Apple's guide](https://developer.apple.com/documentation/appstoreconnectapi/creating-api-keys-for-app-store-connect-api) to generate one before proceeding.
</Aside>

You will need the following values stored as **GitHub Actions Secrets**:

| Secret | Description |
| :----- | :---------- |
| `KEY_ID` | App Store Connect API Key ID |
| `API_KEY` | App Store Connect API Key |
| `PRIVATE_KEY` | App Store Connect API Private Key |

Because DoveRunner SDK re-signs the IPA during post-processing, you also need to include the following files in your repository:

| File | Description |
| :--- | :---------- |
| `certificate.p12` | Distribution certificate in PKCS#12 format (password: `123456`) |
| `distribution.mobileprovision` | Distribution provisioning profile |

<Aside>
If you use a different filename or certificate password, update the corresponding values in the scripts below.
</Aside>

### GitHub Actions Workflow (`ios_build.yml`)

Replace your existing workflow file with the contents of `Fastlane Scripts/ios_build.yml` from the SDK package. The default structure looks like this:

```yaml
name: iOS Build & Deploy
on:
  push:
    branches:
      - develop
jobs:
  release-ios:
    name: Build and release iOS app
    runs-on: macos-15
    steps:
      - uses: actions/checkout@v2

      - uses: actions/setup-ruby@v1
        with:
          ruby-version: '3.1.2'

      - name: Install Fastlane
        run: cd ios && bundle install

      - name: Install pods
        run: cd ios && pod install

      - name: Execute Fastlane
        env:
          APP_STORE_CONNECT_KEY_ID: ${{ secrets.KEY_ID }}
          APP_STORE_CONNECT_API_KEY: ${{ secrets.API_KEY }}
          APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
        run: cd ios && fastlane release
```

<Aside>
The workflow specifies `runs-on: macos-15` and Xcode 16 because the provisioning profile storage path changed in Xcode 16. Using an earlier version will cause the re-signing step to fail.
</Aside>

### Fastfile for GitHub Actions

Replace your `Fastfile` with the contents of `Fastlane Scripts/Fastfile_GithubAction` from the SDK package. The default structure looks like this:

```ruby
default_platform(:ios)
platform :ios do
  desc "Release to App Store"
  lane :release do
    # App Store Connect API Authentication
    app_store_connect_api_key(
      key_id: ENV["APP_STORE_CONNECT_KEY_ID"],
      issuer_id: ENV["APP_STORE_CONNECT_ISSUER_ID"],
      key_content: ENV["APP_STORE_CONNECT_PRIVATE_KEY"]
    )

    # Build app
    build_app(
      scheme: "scheme_name_of_project",
      export_method: "app-store"
    )

    # Upload to TestFlight
    upload_to_testflight(
      skip_waiting_for_build_processing: true,
      distribute_external: true
    )
  end
end
```

This script handles the full pipeline automatically:

1. Authenticates with App Store Connect API
2. Retrieves app metadata and increments the build number
3. Builds and exports the app as an IPA
4. Runs the `generate_hash` script for DoveRunner SDK
5. Re-signs the IPA with your distribution certificate and profile
6. Uploads to App Store Connect

All required values (project name, scheme, target, bundle ID) are extracted automatically from the project file, so this script works for any project without modification.