How to run `expo build:ios` on Gitlab-CI: Why do I get the `502 Bad Gateway` error on expo build and how to fix it?

I want to build my iOS app on expo CIs servers using my own Gitlab-CI jobs.

The job looks like this (with EXPO_APPLE_ID and EXPO_APPLE_PASSWORD environment variables set)

expo build:ios --apple-id "${EXPO_APPLE_ID}" --release-channel staging --non-interactive

My .gitlab-ci.yml job look like this:

  script:
    - yarn
    - npx expo start &
    - EXPO_PID=$(echo $!)
    - echo $EXPO_PID
    - expo build:ios --release-channel staging
    - expo build:ios --apple-id "${EXPO_APPLE_ID}" --release-channel staging --non-interactive
    - curl -o ios-${CI_BUILD_TAG}-staging.ipa "$(npx expo url:ipa --non-interactive)"
    - kill -9 $EXPO_PID

It fails with:

 [17:38:33] Checking if there is a build in progress...
 [17:38:37] Accessing credentials for me in project myproject-native
 [17:38:37] Authenticating to Apple Developer Portal...
 [17:38:40] Authentication with Apple Developer Portal failed!
 [17:38:40] Reason: Unknown reason, raw: "<html>\r\n<head><title>502 Bad Gateway</title></head>\r\n<body>\r\n<center><h1>502 Bad Gateway</h1></center>\r\n<hr><center>Apple</center>\r\n</body>\r\n</html>\r\n\n"
 [17:38:40] Error: Reason: Unknown reason, raw: "<html>\r\n<head><title>502 Bad Gateway</title></head>\r\n<body>\r\n<center><h1>502 Bad Gateway</h1></center>\r\n<hr><center>Apple</center>\r\n</body>\r\n</html>\r\n\n"
     at runAction (/mnt/mesos/sandbox/builds/me/myapp-native/node_modules/expo-cli/src/appleApi/fastlane.ts:28:17)
     at processTicksAndRejections (internal/process/task_queues.js:97:5)
     at authenticate (/mnt/mesos/sandbox/builds/me/myapp-native/node_modules/expo-cli/src/appleApi/authenticate.ts:47:40)
     at Context.ensureAppleCtx (/mnt/mesos/sandbox/builds/me/myapp-native/node_modules/expo-cli/src/credentials/context.ts:81:24)
     at IOSBuilder.bestEffortAppleCtx (/mnt/mesos/sandbox/builds/me/myapp-native/node_modules/expo-cli/src/commands/build/ios/IOSBuilder.ts:81:14)
     at IOSBuilder.prepareCredentials (/mnt/mesos/sandbox/builds/me/myapp-native/node_modules/expo-cli/src/commands/build/ios/IOSBuilder.ts:153:5)
     at IOSBuilder.run (/mnt/mesos/sandbox/builds/me/myapp-native/node_modules/expo-cli/src/commands/build/ios/IOSBuilder.ts:62:7)
     at IOSBuilder.command (/mnt/mesos/sandbox/builds/me/myapp-native/node_modules/expo-cli/src/commands/build/BaseBuilder.ts:39:7)
     at Command.<anonymous> (/mnt/mesos/sandbox/builds/me/myapp-native/node_modules/expo-cli/src/exp.ts:79:7)
 npm ERR! code ELIFECYCLE
 npm ERR! errno 1
 npm ERR! @me/myapp-native@1.2.102 build:ios:staging: `expo build:ios --apple-id "${EXPO_APPLE_ID}" --release-channel staging --non-interactive`
 npm ERR! Exit status 1

It work fine if I just run with --simulator and build a tar.gz instead of an ipa.

The error is thrown on this line: https://github.com/expo/expo-cli/blob/expo-cli%403.24.0/packages/expo-cli/src/appleApi/fastlane.ts#L28

Why do I get the 502 Bad Gateway error on expo build and how to fix it?

Thank you for the reply on stackoverflow. However, I am not using GitLab nor can verify that my server is having a banned IP. (I check and expo-cli use spaceship which seems to authenticate against the address here: https://github.com/fastlane/fastlane/blob/aa519340acf715d33dc95e83e47b58c463fc1714/spaceship/lib/spaceship/two_step_or_factor_client.rb#L13)

curl -L https://idmsa.apple.com
<HTML>
        <HEAD>
                <TITLE>Apple</TITLE>
                <META HTTP-EQUIV="REFRESH" CONTENT="0;URL=http://www.apple.com/filenotfound">
        </HEAD>
        <BODY BGCOLOR=#FFFFFF>
        </BODY>
</HTML>

I host it at OVH and it’s a dedicated server, if it’s banned I think I would rather see if it is, and ask apple to get it unbanned.

i’m confused, you seem to be the same person that posted on stackoverflow and explicitly said in the that post that you “want to build my iOS app on expo CIs servers using my own Gitlab-CI jobs.” but you’re saying you are not using gitlab now?

regardless, i suspect yes that ovh is also in a similar situation. apple seems to apply this to a lot of hosting providers.

If I were to guess I would say he’s not using gitlab.com, but is instead running his own GitLab server. If so, gitlab.com being blocked would not affect him.

I am the same person that posted on stackoverflow. By GitLab I presume you mean the Gitlab servers, gitlab is free and can be installed on any IP. My Gitlab servers and runners are hosted on a private platforms that use public IP from OVH.

@wodin is right btw.

If that comes from ovh, how can I verify that I am banned?

i think the error that you are seeing is a good indicator that the ip is blocked. you can try using spaceship to authenticate as described here https://github.com/fastlane/fastlane/issues/14602

Which error? If that’s the html you are talking about, I have not a 502 response exactly like in my local environment. I have tried to also get the fastline exact login path and it also behave in the same way when I get it. (if that look right to you https://github.com/fastlane/fastlane/blob/aa519340acf715d33dc95e83e47b58c463fc1714/spaceship/lib/spaceship/two_step_or_factor_client.rb#L13). How can I ask apple to unban my server, they must have an online form for that do they?

I disabled with --skip-credentials-check and of course it work, I presume I still must provide EXPO_APPLE_ID and EXPO_APPLE_PASSWORD in order for this to work?

Which error? If that’s the html you are talking about, I have not a 502 response exactly like in my local environment.

your local environment is not on ovh i assume… you would need to try to sign in to apple through your ovh service.

How can I ask apple to unban my server, they must have an online form for that do they?

sorry this is not within the scope of things i can help with

I disabled with --skip-credentials-check and of course it work, I presume I still must provide EXPO_APPLE_ID and EXPO_APPLE_PASSWORD in order for this to work?

you don’t need to provide that

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.