@@ -336,6 +336,16 @@ build_for_arch() {
336336 SPM_CACHE_DIR=" ${HOME} /.spm-cache"
337337 mkdir -p " $SPM_CACHE_DIR "
338338
339+ # Use CI entitlements (without iCloud) during build to avoid provisioning
340+ # profile requirement. The app is re-signed with real entitlements after build.
341+ local ci_entitlements=" TablePro/TablePro.ci.entitlements"
342+ local real_entitlements=" TablePro/TablePro.entitlements"
343+ if [ -f " $ci_entitlements " ; then
344+ echo " 📋 Using CI entitlements (iCloud stripped for build)..."
345+ cp " $real_entitlements " " $real_entitlements .bak"
346+ cp " $ci_entitlements " " $real_entitlements "
347+ fi
348+
339349 # Build with xcodebuild
340350 echo " Running xcodebuild..."
341351 if ! xcodebuild \
@@ -345,6 +355,7 @@ build_for_arch() {
345355 -arch " $arch "
346356 ONLY_ACTIVE_ARCH=YES \
347357 CODE_SIGN_IDENTITY=" $SIGN_IDENTITY "
358+ CODE_SIGN_STYLE=Manual \
348359 DEVELOPMENT_TEAM=" $TEAM_ID "
349360 ${ANALYTICS_HMAC_SECRET: +ANALYTICS_HMAC_SECRET=" $ANALYTICS_HMAC_SECRET " \
350361 -skipPackagePluginValidation \
@@ -356,6 +367,11 @@ build_for_arch() {
356367 fi
357368 echo " ✅ Build succeeded for $arch "
358369
370+ # Restore real entitlements
371+ if [ -f " $real_entitlements .bak" ; then
372+ mv " $real_entitlements .bak" " $real_entitlements "
373+ fi
374+
359375 # Get binary path with validation
360376 DERIVED_DATA=$( echo " $build_settings " | grep -m 1 " BUILD_DIR" | awk ' {print $3}' )
361377
@@ -501,8 +517,8 @@ build_for_arch() {
501517 done
502518 fi
503519
504- # Sign the app bundle last
505- codesign -fs " $SIGN_IDENTITY " " $BUILD_DIR /$OUTPUT_NAME "
520+ # Sign the app bundle last (with real entitlements including iCloud)
521+ codesign -fs " $SIGN_IDENTITY " --entitlements " $real_entitlements " " $BUILD_DIR /$OUTPUT_NAME "
506522 echo " ✅ Code signing complete"
507523
508524 # Verify signature
0 commit comments