Posts

Post not yet marked as solved
1 Replies
503 Views
1. Will binaries that have been previously allowed to run via the workaround (going into security and privacy and allowing the app to run) continue to run past January 2020, or will they just cease to work?2. During our tests on the latest version of Catalina, only unsigned/unnotarized software downloaded directly via web browsers result in the gatekeeper error. If we download the software using curl or wget, we have no trouble running it and see no gatekeeper errors. If we download via a web browser and then use `unzip` via the cmd line, we also see no gatekeeper error. Will this behavior continue after January 2020?3. Some of our signed/notarized software (go binaries) downloads and invokes other software (also go binaries). Do these need to be signed/notarized too? On the latest version of Catalina, it appears they do not need to be signed/notarized. Will this behavior continue after January 2020?4. Is there a preview version of OSX that we can try out that contains everything that will be released in January 2020? This would be very useful for testing all of these edge cases mentioned above.
Posted
by mdeggies.
Last updated
.
Post not yet marked as solved
10 Replies
1.9k Views
We're in the process of adding the signing/notarizing/staple steps as part of the CI pipelines for our various products.For a few of our binaries (e.g. https://releases.hashicorp.com/terraform/0.12.16/terraform_0.12.16_darwin_amd64.zip), the notarization process succeeds, we get the email confirmation that the notarization process has succeeded, and we can also confirm the proccess succeeded by unzipping and running the following commands on the binary: `spctl -a -vvv -t install ${BINARY_NAME}` and `codesign --test-requirement="=notarized" -vv ${BINARY_NAME}`.However... we still get gatekeeper failures. Binaries are all built using Golang version 1.12.13+. Any idea how to troubleshoot this // where to go from here?
Posted
by mdeggies.
Last updated
.