generate_appcast does not return an error if private key doesn't exist #2314

mborsten · 2023-01-27T13:07:19Z

Summary

When running generate_appcas and the private key doesn't exist in the keychain, it does print out a warning, but it still generates an update xml:

Warning: Private key for account ed25519 not found in the Keychain (-25300). Please run the generate_keys tool
Warning: could not sign **** due to lack of private EdDSA key
Wrote 1 new update, updated 0 existing updates, and removed 0 old updates in appcast.xml

The return value of the proces is also 0

Possible Fix

The proces should by default abort and have a non-0 return value. This is especially important when in CI/CD, where you want the deploy to abort if the singing didn't work. There could be an option to skip signing, or make signing optional.

The text was updated successfully, but these errors were encountered:

zorgiepoo · 2023-01-28T07:03:42Z

If the update has a public EdDSA key, and generate_appcast can't sign the update, this should indeed be a hard error.

zorgiepoo modified the milestone: 2.4 Feb 3, 2023

zorgiepoo added this to the 2.4 milestone Feb 25, 2023

zorgiepoo mentioned this issue Feb 25, 2023

Exit with an error if generate_appcast cannot sign an update #2322

Merged

6 tasks

zorgiepoo closed this as completed in #2322 Feb 25, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

generate_appcast does not return an error if private key doesn't exist #2314

generate_appcast does not return an error if private key doesn't exist #2314

mborsten commented Jan 27, 2023

zorgiepoo commented Jan 28, 2023

generate_appcast does not return an error if private key doesn't exist #2314

generate_appcast does not return an error if private key doesn't exist #2314

Comments

mborsten commented Jan 27, 2023

Summary

Possible Fix

zorgiepoo commented Jan 28, 2023