Suddenly getting notarization error in Jenkins: altool[1980:21149] *** Error: The operation couldn’t be completed. ( error -1.)

I use Jenkins to build and notarize a device driver on a .dmg. The problem I am now getting a new notarization error:

Code Block
altool[1980:21149] *** Error: The operation couldn’t be completed. ( error -1.)

when a bash script is trying to run the following command:

Code Block
xcrun altool --notarize-app --primary-bundle-id "com.xxxxxxxxxxx" --username "$AC_USERNAME" --password "@keychain:AC_PASSWORD" --file ./build/xxxxxxxxx.dmg


This happens after the driver is signed and the installer is signed and a bunch of things have already worked that involve accessing the keychain and code signing working correctly. The command to perform the notarization is in a bash script. The bash script that is failing was working recently and still works just fine if I run it from a local terminal session on the build machine. The .dmg gets notarized successfully.

When I interactively log in to that computer using ssh and attempt to run the command (copied right out of the script), I get an error that says:

Code Block
2020-07-17 15:16:07.499 altool[2082:27150] *** Error: User interaction is not allowed.

In the past when I have seen this it is because the tool isn't able to pull something out of the keychain. So I would assume the problem would have to do with pulling AC_PASSWORD out of the keychain. The access control for this item was set to allow "security" and "altool" in Keychain Access. Sometimes in the past I have seen this fail because of a system update caused the access control to no longer recognize the app that is trying to access the item. So I went into Keychain Access and set the Access Control settings to allow any application to access the item. I know this is insecure, but it would have confirmed that I had the correct item and also that it was the access control settings that were causing the problem. Unfortunately when I rerun the "xcrun altool --notarize-app" command from my ssh session, I get the same error ("User interaction is not allowed.")

What can I do to fix this?


Answered by brantatsilabs in 622181022
I found the problem. The build machine wasn't picking up the environment variable for AC_USERNAME which was causing altool to fail.
Accepted Answer
I found the problem. The build machine wasn't picking up the environment variable for AC_USERNAME which was causing altool to fail.
Suddenly getting notarization error in Jenkins: altool[1980:21149] *** Error: The operation couldn’t be completed. ( error -1.)
 
 
Q