fix(@applications/mac-sync): 🐛 fix identity validation logic
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
This commit is contained in:
Natalie
parent
60df5f8c57
commit
b5706cbb99
1 changed files with 7 additions and 2 deletions
|
|
@ -192,9 +192,14 @@ ensure_signing_identity() {
|
|||
|
||||
# 2. Prefer the self-signed "Quinn Norton" identity.
|
||||
SIGNING_IDENTITY="$SIGNING_IDENTITY_FALLBACK"
|
||||
# Count how many valid signing identities are in the dedicated keychain.
|
||||
# Count how many signing identities are in the dedicated keychain.
|
||||
# NOTE: we deliberately omit -v (valid-only filter). The self-signed
|
||||
# cert is not in System trust settings — find-identity -v returns 0
|
||||
# for it, which would loop-regenerate the cert every install and
|
||||
# invalidate TCC grants (FDA, AppleEvents, etc.) bound to the old
|
||||
# cert hash. Without -v we still match the cert by label and identifier.
|
||||
local identity_count
|
||||
identity_count=$(security find-identity -p codesigning -v "$MAC_SYNC_KEYCHAIN_PATH" 2>/dev/null | grep -c "\"$SIGNING_IDENTITY\"" || true)
|
||||
identity_count=$(security find-identity -p codesigning "$MAC_SYNC_KEYCHAIN_PATH" 2>/dev/null | grep -c "\"$SIGNING_IDENTITY\"" || true)
|
||||
|
||||
if [[ "$identity_count" -eq 1 ]]; then
|
||||
print_success "Code-signing identity '$SIGNING_IDENTITY' already in keychain"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue