2019年10月23日更新
評(píng)論區(qū)有小伙伴說：

蘋果在Mac AppStore 發(fā)布了transporter 來代替Application Loeader，可視化上傳更方便

本文內(nèi)容可忽略。

Xcode 11 Release Notes

從Xcode11開始，Application Loader不再集成在Xcode中，需要使用xcodebuild或者xcrun altool命令上傳應(yīng)用。

Xcode supports uploading apps from the Organizer window or from the command line with xcodebuild or xcrun altool. Application Loader is no longer included with Xcode. (29008875)

使用舊版 Application Loader

最近更新了Xcode 11正式版，改動(dòng)還是挺大的，但是對(duì)于需要單獨(dú)導(dǎo)出ipa包的開發(fā)，需要對(duì)ipa包進(jìn)行加固，然后再上傳App Store審核，這時(shí)突然發(fā)現(xiàn)沒有Xcode11不包含Application Loader了，這很尷尬，于是我就從Xcode10導(dǎo)出了Application Loader，直接解壓，拖到Mac的應(yīng)用程序即可。

這個(gè)是Xcode10.3下的
鏈接:https://pan.baidu.com/s/1BZVkXhZW83zF_jCCRlu53A 密碼:y6ib

使用 xcrun altool

Xcode11以下的命令是這樣的：

$ xcrun altool
Copyright (c) 2009-2018, Apple Inc. Version 1.1.1138

Usage: altool --validate-app -f <file> -t <platform> -u <username> [-p <password>]
       altool --upload-app -f <file> -t <platform> -u <username> [-p <password>]
       altool --notarize-app -f <file> --primary-bundle-id <bundle_id> -u <username> [-p <password>] [--asc-provider <provider_shortname>]
       altool --notarization-info <uuid> -u <username> [-p <password>]
       altool --notarization-history <page> -u <username> [-p <password>] [--asc-provider <provider_shortname>]

 -f, --file <file>                  <file> specifies the path to the file to process.
 -t, --type {osx | ios | appletvos} Specify the platform of the file.
 -u, --username <username>          Username. Required to connect for validation, upload, and notarization.
 -p, --password <password>          Password. Required if username specified.
                                    If this argument is not supplied on the command line, it will be read from stdin.
                                    Alternatively to entering <password> in plaintext, it may also be specified using a '@keychain:'
                                    or '@env:' prefix followed by a keychain password item name or environment variable name.
                                    Example: '-p @keychain:<name>' uses the password stored in the keychain password item named <name>
                                                                   and whose Account value matches the user name specified
                                    Example: '-p @env:<variable>'  uses the value in the environment variable named <variable>

     --primary-bundle-id <bundle_id> Used with --notarize-app to uniquely identify a package.

     --asc-provider <provider_shortname> Required with --notarize-app and --notarization-history when a user account is associated with multiple
                                         providers.

 -v, --validate-app                 Validates an app archive for the App Store. The username, password, and file path to the app archive are required.
     --upload-app                   Uploads the given app archive to the App Store. The username, password, and file path to the app archive are required.

     --notarize-app                 Uploads the given app package, dmg or zip file for notarization. The file path to the package, user name,
                                    password, and --primary-bundle-id are required. --asc-provider is required for an account associated with multiple providers.
                                    If successful, the UUID associated with the upload is returned.

     --notarization-info <uuid>     Returns the status and log file URL of a package previously uploaded for notarization with the specified uuid.
                                    The user name and password are required. The log file can be retrieved with 'curl <log_file_url>'.

     --notarization-history <page>  Returns a list of all uploads submitted for notarization. <page> specifies a range of entries where 0
                                    returns the most recent number of entries. A new page value will be returned which can be used as the
                                    <page> value to the next use of --notarization-history and so forth until no more items are returned. The user name
                                    and password are required. --asc-provider is required for an account associated with multiple providers.

     --output-format {xml | normal} Specifies how the output is formatted. 'xml' displays the output in a structured format; 'normal' displays in
                                    an unstructured format (default).

 -h, --help                         Display this output.

賬號(hào)密碼的方式上傳包體，如下：

• 先驗(yàn)證

xcrun altool --validate-app -f 包體絕對(duì)路徑.ipa -t iOS -u 用戶名 -p 密碼

• 再上傳

xcrun altool --upload-app -f 包體絕對(duì)路徑.ipa -t iOS -u 用戶名 -p 密碼

如果出錯(cuò)：

*** Error: Unable to validate archive '/Users/jingyin/Desktop/***.ipa': ( "Error Domain=ITunesSoftwareServiceErrorDomain Code=-22020 "We are unable to create an authentication session." UserInfo={NSLocalizedDescription=We are unable to create an authentication session., NSLocalizedFailureReason=Unable to validate your application.}"

有可能是密碼需要使用動(dòng)態(tài)密碼。而不是原來賬號(hào)的密碼。需要先登錄賬號(hào)，獲取到動(dòng)態(tài)密碼，再用在此處。官方文檔

如果驗(yàn)證成功：

No errors validating archive at '/Users/jingyin/Desktop/***.ipa'

上傳成功：

No errors uploading '/Users/jingyin/Desktop/***.ipa'

Xcode11更新了命令

$ xcrun altool
Copyright (c) 2009-2019, Apple Inc. Version 4.00.1181

Usage: altool --validate-app -f <file> -t <platform> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --upload-app -f <file> -t <platform> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --notarize-app -f <file> --primary-bundle-id <bundle_id> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>} [--asc-provider <provider_shortname>]
       altool --notarization-info <uuid> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --notarization-history <page> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>} [--asc-provider <provider_shortname>]
       altool --list-apps -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --store-password-in-keychain-item <name_for_keychain_item> -u <username> -p <password>

Authentication: Most commands require authorization.
                There are two methods available: user name with password, and apiKey with apiIssuer.

                -u, --username <username> Username. Required to connect for validation, upload, and notarization.
                -p, --password <password> Password. Required if username specified and apiKey/apiIssuer are not.
                                          If this argument is not supplied on the command line, it will be read from stdin.
                                          Alternatively to entering <password> in plaintext, it may also be specified using a '@keychain:'
                                          or '@env:' prefix followed by a keychain password item name or environment variable name.
                                          Example: '-p @keychain:<name>' uses the password stored in the keychain password item named <name>.
                                                                         You can create and update keychain items with the
                                                                         --store-password-in-keychain-item command.
                                          Example: '-p @env:<variable>'  uses the value in the environment variable named <variable>

                --apiKey <api_key>        apiKey. Required for JWT authentication while using validation, upload, and notarization.
                                          This option will search the following directories in sequence for a private key file
                                          with the name of 'AuthKey_<api_key>.p8':  './private_keys', '~/private_keys', '~/.private_keys',
                                          and '~/.appstoreconnect/private_keys'.
                --apiIssuer <issuer_id>   Issuer ID. Required if --apiKey is specified.

 -f, --file <file>                   <file> specifies the path to the file to process.
 -t, --type {osx | ios | appletvos}  Specify the platform of the file.

     --primary-bundle-id <bundle_id> Used with --notarize-app to uniquely identify a package.

     --asc-provider <provider_shortname> Required with --notarize-app and --notarization-history when a user account is associated with multiple
                                         providers.

 -v, --validate-app                  Validates an app archive for the App Store. Authentication and -f are required.
     --upload-app                    Uploads the given app archive to the App Store. Authentication and -f are required.
     --list-apps                     Display all apps associated with your account(s).

     --notarize-app                  Uploads the given app package, dmg or zip file for notarization. Authentication, -f,
                                     and --primary-bundle-id are required. --asc-provider is required for an account associated with multiple providers.
                                     If successful, the UUID associated with the upload is returned.

     --notarization-info <uuid>      Returns the status and log file URL of a package previously uploaded for notarization with the specified <uuid>.
                                     Authentication is required. The log file can be retrieved with 'curl <log_file_url>'.

     --notarization-history <page>   Returns a list of all uploads submitted for notarization. <page> specifies a range of entries where 0
                                     returns the most recent number of entries. A new page value will be returned which can be used as the
                                     <page> value to the next use of --notarization-history and so forth until no more items are returned.
                                     Authentication is required. --asc-provider is required for an account associated with multiple providers.

     --store-password-in-keychain-item <name_for_keychain_item> -u <username> -p <password>
                                     Stores the password <password> in the keychain item named <name_for_keychain_item> associated with the account <username>.
                                     If an item with that name and account already exists in the keychain, its password will be updated. Otherwise a new item
                                     is created with that name. You can use this keychain item with the -p option to mask your password with other commands.
                                     Example: altool --store-password-in-keychain-item MY_SECRET -u jappleseed@apple.com -p "MyP@ssw0rd!@78"
                                              altool --notarize-app -u jappleseed@apple.com -p @keychain:MY_SECRET [...]

     --output-format {xml | normal}  Specifies how the output is formatted. 'xml' displays the output in a structured format; 'normal' displays in
                                     an unstructured format (default).

     --verbose                       Enable logging output.

 -h, --help                          Display this output.

除了可以用賬號(hào)密碼的方式，還可以通過這種方式Creating API Keys for App Store Connect API

注意到新的參數(shù)如下：

--apiKey <api_key> --apiIssuer <issuer_id>

未實(shí)測(cè)，有興趣可以研究下。大概意思應(yīng)該跟配置git的秘鑰差不多。

作者：上發(fā)條的樹
鏈接：http://www.lxweimin.com/p/031cec0feb1a
來源：簡(jiǎn)書
著作權(quán)歸作者所有。商業(yè)轉(zhuǎn)載請(qǐng)聯(lián)系作者獲得授權(quán)，非商業(yè)轉(zhuǎn)載請(qǐng)注明出處。
2019年10月23日更新
評(píng)論區(qū)有小伙伴說：

蘋果在Mac AppStore 發(fā)布了transporter 來代替Application Loeader，可視化上傳更方便

本文內(nèi)容可忽略。

Xcode 11 Release Notes

從Xcode11開始，Application Loader不再集成在Xcode中，需要使用xcodebuild或者xcrun altool命令上傳應(yīng)用。

Xcode supports uploading apps from the Organizer window or from the command line with xcodebuild or xcrun altool. Application Loader is no longer included with Xcode. (29008875)

使用舊版 Application Loader

如果是覺得使用命令行的方式麻煩，也可以復(fù)制舊版Application Loader到Xcode對(duì)應(yīng)路徑下，重啟Xcode即可使用。

../Applications/Xcode.app/Contents/Applications/

這個(gè)是Xcode10.3下的
鏈接:https://pan.baidu.com/s/1BZVkXhZW83zF_jCCRlu53A 密碼:y6ib

使用 xcrun altool

Xcode11以下的命令是這樣的：

$ xcrun altool
Copyright (c) 2009-2018, Apple Inc. Version 1.1.1138

Usage: altool --validate-app -f <file> -t <platform> -u <username> [-p <password>]
       altool --upload-app -f <file> -t <platform> -u <username> [-p <password>]
       altool --notarize-app -f <file> --primary-bundle-id <bundle_id> -u <username> [-p <password>] [--asc-provider <provider_shortname>]
       altool --notarization-info <uuid> -u <username> [-p <password>]
       altool --notarization-history <page> -u <username> [-p <password>] [--asc-provider <provider_shortname>]

 -f, --file <file>                  <file> specifies the path to the file to process.
 -t, --type {osx | ios | appletvos} Specify the platform of the file.
 -u, --username <username>          Username. Required to connect for validation, upload, and notarization.
 -p, --password <password>          Password. Required if username specified.
                                    If this argument is not supplied on the command line, it will be read from stdin.
                                    Alternatively to entering <password> in plaintext, it may also be specified using a '@keychain:'
                                    or '@env:' prefix followed by a keychain password item name or environment variable name.
                                    Example: '-p @keychain:<name>' uses the password stored in the keychain password item named <name>
                                                                   and whose Account value matches the user name specified
                                    Example: '-p @env:<variable>'  uses the value in the environment variable named <variable>

     --primary-bundle-id <bundle_id> Used with --notarize-app to uniquely identify a package.

     --asc-provider <provider_shortname> Required with --notarize-app and --notarization-history when a user account is associated with multiple
                                         providers.

 -v, --validate-app                 Validates an app archive for the App Store. The username, password, and file path to the app archive are required.
     --upload-app                   Uploads the given app archive to the App Store. The username, password, and file path to the app archive are required.

     --notarize-app                 Uploads the given app package, dmg or zip file for notarization. The file path to the package, user name,
                                    password, and --primary-bundle-id are required. --asc-provider is required for an account associated with multiple providers.
                                    If successful, the UUID associated with the upload is returned.

     --notarization-info <uuid>     Returns the status and log file URL of a package previously uploaded for notarization with the specified uuid.
                                    The user name and password are required. The log file can be retrieved with 'curl <log_file_url>'.

     --notarization-history <page>  Returns a list of all uploads submitted for notarization. <page> specifies a range of entries where 0
                                    returns the most recent number of entries. A new page value will be returned which can be used as the
                                    <page> value to the next use of --notarization-history and so forth until no more items are returned. The user name
                                    and password are required. --asc-provider is required for an account associated with multiple providers.

     --output-format {xml | normal} Specifies how the output is formatted. 'xml' displays the output in a structured format; 'normal' displays in
                                    an unstructured format (default).

 -h, --help                         Display this output.

賬號(hào)密碼的方式上傳包體，如下：

• 先驗(yàn)證

xcrun altool --validate-app -f 包體絕對(duì)路徑.ipa -t iOS -u 用戶名 -p 密碼

• 再上傳

xcrun altool --upload-app -f 包體絕對(duì)路徑.ipa -t iOS -u 用戶名 -p 密碼

如果出錯(cuò)：

*** Error: Unable to validate archive '/Users/jingyin/Desktop/***.ipa': ( "Error Domain=ITunesSoftwareServiceErrorDomain Code=-22020 "We are unable to create an authentication session." UserInfo={NSLocalizedDescription=We are unable to create an authentication session., NSLocalizedFailureReason=Unable to validate your application.}"

有可能是密碼需要使用動(dòng)態(tài)密碼。而不是原來賬號(hào)的密碼。需要先登錄賬號(hào)，獲取到動(dòng)態(tài)密碼，再用在此處。官方文檔

如果驗(yàn)證成功：

No errors validating archive at '/Users/jingyin/Desktop/***.ipa'

上傳成功：

No errors uploading '/Users/jingyin/Desktop/***.ipa'

Xcode11更新了命令

$ xcrun altool
Copyright (c) 2009-2019, Apple Inc. Version 4.00.1181

Usage: altool --validate-app -f <file> -t <platform> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --upload-app -f <file> -t <platform> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --notarize-app -f <file> --primary-bundle-id <bundle_id> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>} [--asc-provider <provider_shortname>]
       altool --notarization-info <uuid> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --notarization-history <page> -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>} [--asc-provider <provider_shortname>]
       altool --list-apps -u <username> {[-p <password>] | --apiKey <api_key> --apiIssuer <issuer_id>}
       altool --store-password-in-keychain-item <name_for_keychain_item> -u <username> -p <password>

Authentication: Most commands require authorization.
                There are two methods available: user name with password, and apiKey with apiIssuer.

                -u, --username <username> Username. Required to connect for validation, upload, and notarization.
                -p, --password <password> Password. Required if username specified and apiKey/apiIssuer are not.
                                          If this argument is not supplied on the command line, it will be read from stdin.
                                          Alternatively to entering <password> in plaintext, it may also be specified using a '@keychain:'
                                          or '@env:' prefix followed by a keychain password item name or environment variable name.
                                          Example: '-p @keychain:<name>' uses the password stored in the keychain password item named <name>.
                                                                         You can create and update keychain items with the
                                                                         --store-password-in-keychain-item command.
                                          Example: '-p @env:<variable>'  uses the value in the environment variable named <variable>

                --apiKey <api_key>        apiKey. Required for JWT authentication while using validation, upload, and notarization.
                                          This option will search the following directories in sequence for a private key file
                                          with the name of 'AuthKey_<api_key>.p8':  './private_keys', '~/private_keys', '~/.private_keys',
                                          and '~/.appstoreconnect/private_keys'.
                --apiIssuer <issuer_id>   Issuer ID. Required if --apiKey is specified.

 -f, --file <file>                   <file> specifies the path to the file to process.
 -t, --type {osx | ios | appletvos}  Specify the platform of the file.

     --primary-bundle-id <bundle_id> Used with --notarize-app to uniquely identify a package.

     --asc-provider <provider_shortname> Required with --notarize-app and --notarization-history when a user account is associated with multiple
                                         providers.

 -v, --validate-app                  Validates an app archive for the App Store. Authentication and -f are required.
     --upload-app                    Uploads the given app archive to the App Store. Authentication and -f are required.
     --list-apps                     Display all apps associated with your account(s).

     --notarize-app                  Uploads the given app package, dmg or zip file for notarization. Authentication, -f,
                                     and --primary-bundle-id are required. --asc-provider is required for an account associated with multiple providers.
                                     If successful, the UUID associated with the upload is returned.

     --notarization-info <uuid>      Returns the status and log file URL of a package previously uploaded for notarization with the specified <uuid>.
                                     Authentication is required. The log file can be retrieved with 'curl <log_file_url>'.

     --notarization-history <page>   Returns a list of all uploads submitted for notarization. <page> specifies a range of entries where 0
                                     returns the most recent number of entries. A new page value will be returned which can be used as the
                                     <page> value to the next use of --notarization-history and so forth until no more items are returned.
                                     Authentication is required. --asc-provider is required for an account associated with multiple providers.

     --store-password-in-keychain-item <name_for_keychain_item> -u <username> -p <password>
                                     Stores the password <password> in the keychain item named <name_for_keychain_item> associated with the account <username>.
                                     If an item with that name and account already exists in the keychain, its password will be updated. Otherwise a new item
                                     is created with that name. You can use this keychain item with the -p option to mask your password with other commands.
                                     Example: altool --store-password-in-keychain-item MY_SECRET -u jappleseed@apple.com -p "MyP@ssw0rd!@78"
                                              altool --notarize-app -u jappleseed@apple.com -p @keychain:MY_SECRET [...]

     --output-format {xml | normal}  Specifies how the output is formatted. 'xml' displays the output in a structured format; 'normal' displays in
                                     an unstructured format (default).

     --verbose                       Enable logging output.

 -h, --help                          Display this output.

除了可以用賬號(hào)密碼的方式，還可以通過這種方式Creating API Keys for App Store Connect API

注意到新的參數(shù)如下：

--apiKey <api_key> --apiIssuer <issuer_id>

未實(shí)測(cè)，有興趣可以研究下。大概意思應(yīng)該跟配置git的秘鑰差不多。

鏈接：http://www.lxweimin.com/p/031cec0feb1a
。