fix: set default keychain keychain when new one is created

CHANGELOG.md

@@ -1,3 +1,8 @@
+# 0.10.7
+
+# Fix:
+- Setting default keychain to newly created on in ci/cd plugin
+
 # 0.10.6
 
 # Fix:

lib/src/integrations/apple_certificate/plugin/mac_os_keychain_plugin.dart

@@ -17,19 +17,19 @@ class MacOsKeyChainPlugin extends ImpaktfullCliPlugin {
     String keyChainName,
     Secret globalKeyChainPassword,
   ) async {
-    final fullKeyChainName = _fullKeyChainName(keyChainName);
-    final originalKeyChains = await _getUserKeyChains();
-    if (originalKeyChains.contains(fullKeyChainName)) {
+    final keyChainPath = await _getKeyChainPath(keyChainName);
+    if (keyChainPath != null) {
       throw ImpaktfullCliError(
-          '$fullKeyChainName already exists, make sure to remove it first.');
+          '`$keyChainName` keychain already exists, make sure to remove it first.');
     }
 
+    final fullKeyChainName = _fullKeyChainName(keyChainName);
     ImpaktfullCliLogger.debug('Create Apple KeyChain ($fullKeyChainName)');
     await processRunner.runProcess([
       'security',
       'create-keychain',
       '-p',
-      '$globalKeyChainPassword',
+      globalKeyChainPassword.value,
       fullKeyChainName
     ]);
     final keyChain = await _getUserKeyChains();
@@ -100,6 +100,25 @@ class MacOsKeyChainPlugin extends ImpaktfullCliPlugin {
         .runProcess(['security', 'delete-keychain', fullKeyChainName]);
   }
 
+  /// Sets the default keychain to the given keychain.
+  /// If the keychain is not found, an error is thrown.
+  /// keyChain can be a name or a path
+  Future<void> setDefaultKeyChain(String keyChain) async {
+    final path = await _getKeyChainPath(keyChain);
+    if (path == null) {
+      throw ImpaktfullCliError('Keychain path $keyChain not found');
+    }
+    ImpaktfullCliLogger.debug('Set default Apple KeyChain ($path)');
+    await processRunner
+        .runProcess(['security', 'default-keychain', '-s', path]);
+  }
+
+  Future<String> getDefaultKeyChain() async {
+    final keychainsString =
+        await processRunner.runProcess(['security', 'default-keychain']);
+    return keychainsString.trim().replaceAll('"', '');
+  }
+
   Future<List<String>> _getUserKeyChains() async {
     final keychainsString = await processRunner
         .runProcess(['security', 'list-keychains', '-d', 'user']);
@@ -110,6 +129,16 @@ class MacOsKeyChainPlugin extends ImpaktfullCliPlugin {
         .toList();
   }
 
+  Future<String?> _getKeyChainPath(String keyChain) async {
+    final userKeyChains = await _getUserKeyChains();
+    for (final keyChain in userKeyChains) {
+      if (keyChain.contains(keyChain)) {
+        return keyChain;
+      }
+    }
+    return null;
+  }
+
   Future<void> printKeyChainList() async {
     final keyChains = await _getUserKeyChains();
     final sb = StringBuffer();

lib/src/integrations/ci_cd/plugin/ci_cd_plugin.dart

@@ -197,9 +197,11 @@ class CiCdPlugin extends ImpaktfullPlugin {
     final globalKeyChainPasswordSecret = globalKeyChainPassword ??
         ImpaktfullCliEnvironmentVariables.getUnlockKeyChainPassword();
 
+    final defaultKeyChain = await macOsKeyChainPlugin.getDefaultKeyChain();
     await macOsKeyChainPlugin.createKeyChain(
         keyChainName, globalKeyChainPasswordSecret);
     try {
+      await macOsKeyChainPlugin.setDefaultKeyChain(keyChainName);
       await macOsKeyChainPlugin.unlockKeyChain(
           keyChainName, globalKeyChainPasswordSecret);
       await macOsKeyChainPlugin.addCertificateToKeyChain(
@@ -209,6 +211,7 @@ class CiCdPlugin extends ImpaktfullPlugin {
     } catch (e) {
       rethrow;
     } finally {
+      await macOsKeyChainPlugin.setDefaultKeyChain(defaultKeyChain);
       await macOsKeyChainPlugin.removeKeyChain(keyChainName);
     }
   }