Hello!
I do know apple does not support electron, but I do not think this is an electron related issue, rather something I am doing wrong. I'd be curious to find out why the keychain login is happenning after my app has been signed with the bundleid, entitlements, and provision profile. Before using the provision profile I did not have this issue, but it is needed for assessments feature.
I'm trying to ship an Electron / macOS desktop app that must run inside Automatic Assessment Configuration. The build signs and notarizes successfully, and assessment mode itself starts on Apple-arm64 machines, but every single launch shows the system dialog that asks to allow access to the "login" keychain. The dialog appears on totally fresh user accounts, so it's not tied to anything I store there.
It has happened ever since I have added the provision profile to the electron builder to finally test assessment out.
entitlements.inherit.plist keys
<key>com.apple.security.cs.allow-jit</key> <true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/>
entitlements.plist keys:
<key>com.apple.security.cs.allow-jit</key> <true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/>
<key>com.apple.developer.automatic-assessment-configuration</key> <true/>
I'm honestly not sure whether the keychain is expected, but I have tried a lot of entitlement combinations to get rid of It. Electron builder is doing the signing, and we manually use the notary tool to notarize but probably irrelevant.
mac: {
notarize: false,
target: 'dir',
entitlements: 'buildResources/entitlements.mac.plist',
provisioningProfile: 'buildResources/xyu.provisionprofile',
entitlementsInherit: 'buildResources/entitlements.mac.inherit.plist',
Any lead is welcome!
