Using Automatic Code Signing from the Command Line via SSH Session

Prior to Xcode 9.3, Xcode stored the credentials (Xcode-Token & Xcode-AlternateDSID) to the developer portal in the login keychain. To access the credentials for command line builds, you needed to unlock the keychain via security unlock-keychain -p <password> ~/Library/Keychains/login.keychain . Now, Xcode stores those values in the local items keychain (which isn't a "real keychain" so the security tool cannot read from it) which leads to command line builds via SSH unable to authenticate with the developer portal (it knows that the user is signed in, but has no credentials).


As a previous workaround, Xcode 9.2 could be used to sign in or reauthenticate for expired sessions. However, on Mojave, Xcode 9.2 is unable to open the preferences window with the following error: [NSApplication orderFrontPreferencesPanel] was invoked but there is no custom implementation and no Settings.bundle in the app bundle. Nothing will be displayed.


Now, I have no way of creating or updating developer portal sessions without using a newer version of Xcode which puts the credentials in a location that I am unable to unlock. Does anyone know of any workarounds to get a SSH session to unlock the local items keychain?

Answered by madsolar8582 in 345840022

Developer relations was able to provide a workaround:

1. Remove the account via Xcode's preferences

2. Quit Xcode

3. In terminal, set the preference to not use the keychain service: defaults write com.apple.dt.Xcode DVTDeveloperAccountUseKeychainService_2 -bool NO

4. Re-open Xcode and re-add the account

Accepted Answer

Developer relations was able to provide a workaround:

1. Remove the account via Xcode's preferences

2. Quit Xcode

3. In terminal, set the preference to not use the keychain service: defaults write com.apple.dt.Xcode DVTDeveloperAccountUseKeychainService_2 -bool NO

4. Re-open Xcode and re-add the account

One possible reason is the xcode was installed by another app id. Try to re-install xcode from app store using the new app id.

Using Automatic Code Signing from the Command Line via SSH Session
 
 
Q