From b8ccedc8795df40d0c0407ed051068b19fb3a78c Mon Sep 17 00:00:00 2001
From: callum_linden <none@none>
Date: Tue, 7 Aug 2012 13:56:26 -0700
Subject: [PATCH] Read password for developer keychain from build-secrets repo
 and use it to unlock keychain. Only unlock and code sign if running under
 Team City.

---
 indra/newview/viewer_manifest.py | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/indra/newview/viewer_manifest.py b/indra/newview/viewer_manifest.py
index 587d708e864..5fea98f5e9d 100644
--- a/indra/newview/viewer_manifest.py
+++ b/indra/newview/viewer_manifest.py
@@ -821,11 +821,24 @@ def package_finish(self):
             identity = self.args['signature']
             if identity == '':
                 identity = 'Developer ID Application'
-            self.run_command('codesign --force --sign %(identity)r %(bundle)r' % {
-							'identity': identity,
-							'bundle': self.get_dst_prefix()
-			})
-		
+
+            # Look for an environment variable set via build.sh when running in Team City.
+            try:
+                build_secrets_checkout = os.environ['build_secrets_checkout']
+            except KeyError:
+                pass
+            else:
+                # variable found so use it to unlock keyvchain followed by codesign
+                home_path = os.environ['HOME']
+                keychain_pwd_path = os.path.join(build_secrets_checkout,'code-signing-osx'.'password.txt')
+                keychain_pwd = open(keychain_pwd_path).read().rstrip()
+
+                self.run_command('security unlock-keychain -p "%s" "%s/Library/Keychains/developer.keychain"' % ( keychain_pwd, home_path ) )
+                self.run_command('codesign --force --sign --verboose %(identity)r %(bundle)r' % {
+                                 'identity': identity,
+                                  'bundle': self.get_dst_prefix()
+                })
+
         channel_standin = 'Second Life Viewer'  # hah, our default channel is not usable on its own
         if not self.default_channel():
             channel_standin = self.channel()
-- 
GitLab