I am writing a SPM based project for MacOS. In this project? I need to access MacOS Keychain.
I am write a swift test built by SPM testTarget()
. I can see it generates a bundle ./.build/x86_64-apple-macosx/debug/MyProjectTests.xctest
with an executable:
% file ./.build/x86_64-apple-macosx/debug/MyProjectPackageTests.xctest/Contents/MacOS/MyProjectPackageTests
./.build/x86_64-apple-macosx/debug/MyProjectPackageTests.xctest/Contents/MacOS/MyProjectPackageTests: Mach-O 64-bit bundle x86_64
This bundle file cannot be executed. How can I execute its tests?
I tried with xcodebuild test-without-building -xctestrun ./.build/x86_64-apple-macosx/debug/MyProjectPackageTests.xctest -destination 'platform=macOS'
without any chance.
Obviously the next question is can I 'simply' add entitlement to this bundle with codesign
to fix my enttilement error.
My error when running the test is A required entitlement isn't present.
Obviously the next question is can I 'simply' add entitlement to this bundle with
codesign
to fix my enttilement error.
Entitlements are only relevant when applied to a main executable. If you claim an entitlement in a bundle the system ignores that claim [1]. Rather, the process, and hence the bundle loaded into the process, uses the entitlements of its main executable.
With Xcode’s testing infrastructure you can work around this by having your test target an app, and then applying the entitlements to the app. The bundle then loads into the app’s process and gets those entitlements. I’m not sure to translate that to a pure SwiftPM world, or if that’s even possible.
Oh, and btw, entitlements are only necessary if you target the data protection keychain. The file-based keychain doesn’t rely on them. OTOH, as TN3137 makes clear, you should be using the data protection keychain.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] At best. At worst, in specific bad cases, it can cause things to fail.