From 87f14be9a657ef8105ef2ddd13b996fe3441b8ea Mon Sep 17 00:00:00 2001 From: Ozgur Ersoy Date: Mon, 14 Apr 2025 14:19:21 +0200 Subject: [PATCH] fix(workflows): enhance local signing workflow with keychain access verification and debugging --- .gitea/workflows/test-local-signing.yml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/test-local-signing.yml b/.gitea/workflows/test-local-signing.yml index 2645638d..091bee06 100644 --- a/.gitea/workflows/test-local-signing.yml +++ b/.gitea/workflows/test-local-signing.yml @@ -55,7 +55,8 @@ jobs: -P "$CERTIFICATE_PASSWORD" \ -T "/usr/bin/codesign" \ -T "/usr/bin/security" \ - -T "/usr/bin/xcrun" + -T "/usr/bin/xcrun" \ + -A # Update keychain partition list security set-key-partition-list \ @@ -63,6 +64,14 @@ jobs: -s \ -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" + # Allow codesign to access the keychain + security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" + security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" + + # Verify certificate access + echo "🔍 Verifying certificate access..." + security find-identity -v -p codesigning "$KEYCHAIN_PATH" + # Save environment variables echo "KEYCHAIN_PATH=$KEYCHAIN_PATH" >> "$GITHUB_ENV" echo "KEYCHAIN_PASSWORD=$KEYCHAIN_PASSWORD" >> "$GITHUB_ENV" @@ -80,7 +89,9 @@ jobs: echo "IDENTITY_HASH=$IDENTITY_HASH" >> "$GITHUB_ENV" else echo "No valid identity hash found" + echo "🔍 Debugging certificate access..." security find-identity -v -p codesigning "$KEYCHAIN_PATH" + security find-certificate -a -c "Developer ID Application" -p "$KEYCHAIN_PATH" exit 1 fi shell: bash