Codesign fails when executed in CI runner

Hello,

I am setting up a build (Gitlab CICD) runner. I create a keychain and imported certificate and my signing key.

$ security find-identity -v

  1. XXXXXX "Developer ID Application: XXXXXX, INC. (XXXXXX)" (CSSMERR_TP_NOT_TRUSTED) 1 valid identities found

$ security find-identity -p codesigning -v

  1. XXXXXX "Developer ID Application: XXXXXX, INC. (XXXXXX)" 1 valid identities found

Codesign fails with

unable to build chain to self-signed root for signer "Developer ID Application: XXXXXX, INC. (XXXXXX)" errSecInternalComponent

On the local machine everything is fine.

I think the point is that the identity is both valid and CSSMERR_TP_NOT_TRUSTED.

What can I do about it?

I talked about this extensively in Resolving errSecInternalComponent errors during code signing.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Codesign fails when executed in CI runner
 
 
Q