From fa83cbc83599a6f80aeca699c4b358ff6e80f72e Mon Sep 17 00:00:00 2001
From: Baptiste Augrain <daiyam@zokugun.org>
Date: Mon, 12 Sep 2022 15:52:26 +0200
Subject: [PATCH] fix(macos): cleanup signing [skip ci]

---
 prepare_artifacts.sh | 28 ++++++++++------------------
 1 file changed, 10 insertions(+), 18 deletions(-)

diff --git a/prepare_artifacts.sh b/prepare_artifacts.sh
index d81b082..492b2e4 100755
--- a/prepare_artifacts.sh
+++ b/prepare_artifacts.sh
@@ -19,24 +19,22 @@ if [[ "${OS_NAME}" == "osx" ]]; then
     cd "VSCode-darwin-${VSCODE_ARCH}"
 
     CERTIFICATE_P12=VSCodium.p12
-    CODIUM_KEYCHAIN="${RUNNER_TEMP}/build.keychain"
-    DEFAULT_KEYCHAIN="$(security default-keychain | sed -E 's|^.*/([^/]+)\-db"$|\1|')"
+    KEYCHAIN="${RUNNER_TEMP}/build.keychain"
 
     echo "${CERTIFICATE_OSX_P12}" | base64 --decode > "${CERTIFICATE_P12}"
 
     echo "+ create temporary keychain"
-    security create-keychain -p mysecretpassword "${CODIUM_KEYCHAIN}"
-    security set-keychain-settings -lut 21600 "${CODIUM_KEYCHAIN}"
-    # security default-keychain -s "${CODIUM_KEYCHAIN}"
-    security unlock-keychain -p mysecretpassword "${CODIUM_KEYCHAIN}"
-    security list-keychains -s `security list-keychains | xargs` "${CODIUM_KEYCHAIN}"
-    security list-keychains -d user
-    security show-keychain-info ${CODIUM_KEYCHAIN}
+    security create-keychain -p mysecretpassword "${KEYCHAIN}"
+    security set-keychain-settings -lut 21600 "${KEYCHAIN}"
+    security unlock-keychain -p mysecretpassword "${KEYCHAIN}"
+    security list-keychains -s `security list-keychains | xargs` "${KEYCHAIN}"
+    # security list-keychains -d user
+    # security show-keychain-info ${KEYCHAIN}
 
     echo "+ import certificate to keychain"
-    security import "${CERTIFICATE_P12}" -k "${CODIUM_KEYCHAIN}" -P "${CERTIFICATE_OSX_PASSWORD}" -T /usr/bin/codesign
-    security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k mysecretpassword "${CODIUM_KEYCHAIN}" > /dev/null
-    security find-identity "${CODIUM_KEYCHAIN}"
+    security import "${CERTIFICATE_P12}" -k "${KEYCHAIN}" -P "${CERTIFICATE_OSX_PASSWORD}" -T /usr/bin/codesign
+    security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k mysecretpassword "${KEYCHAIN}" > /dev/null
+    # security find-identity "${KEYCHAIN}"
 
     echo "+ signing"
     if [[ "${VSCODE_QUALITY}" == "insider" ]]; then
@@ -63,12 +61,6 @@ if [[ "${OS_NAME}" == "osx" ]]; then
     popd
   fi
 
-  if [[ "${CI_BUILD}" != "no" ]]; then
-    # put back old keychain
-    security delete-keychain "${CODIUM_KEYCHAIN}"
-    security default-keychain -s "${DEFAULT_KEYCHAIN}"
-  fi
-
   VSCODE_PLATFORM="darwin"
 elif [[ "${OS_NAME}" == "windows" ]]; then
   cd vscode || { echo "'vscode' dir not found"; exit 1; }