From 36b87d0e59cd01411e297f437e53cc7c1f0300b6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Priit=20L=C3=A4tt?= <priit@nevercode.io>
Date: Thu, 1 Jul 2021 15:36:38 +0300
Subject: [PATCH] Do not create keychains to temporary directory by default
 (#125)

* Do not create keychains to temporary directory by default

* Update changelog

* Update version

* Include date in default keychain name

* Add action 'keychain use-login'

* Update version

* Revert changes to 'keychain initialize' docs

* Remove unused action option
---
 CHANGELOG.md                    | 15 ++++++++++++
 docs/keychain/README.md         |  1 +
 docs/keychain/use-login.md      | 43 +++++++++++++++++++++++++++++++++
 src/codemagic/__version__.py    |  2 +-
 src/codemagic/tools/keychain.py | 28 ++++++++++++++++++++-
 5 files changed, 87 insertions(+), 2 deletions(-)
 create mode 100644 docs/keychain/use-login.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3e00bf0b..6e536443 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,18 @@
+Version 0.9.0
+-------------
+
+**Features**
+
+- Add action `keychain use-login` to make login keychain from `~/Library/Keychains` system default keychain again.
+
+**Improvements**
+
+- Save new keychain to `~/Library/Keychains/codemagic-cli-tools` instead of `$TMPDIR` by default with `keychain initialize` in case the `--path` option is not specified.
+
+**Development / Docs**
+
+- Add docs for action `keychain use-login`.
+
 Version 0.8.5
 -------------
 
diff --git a/docs/keychain/README.md b/docs/keychain/README.md
index 2f584d04..4610ed19 100644
--- a/docs/keychain/README.md
+++ b/docs/keychain/README.md
@@ -57,3 +57,4 @@ Enable verbose logging for commands
 |[`set-timeout`](set-timeout.md)|Set timeout settings for the keychain.         If seconds are not provided, then no-timeout will be set|
 |[`show-info`](show-info.md)|Show all settings for the keychain|
 |[`unlock`](unlock.md)|Unlock the specified keychain|
+|[`use-login`](use-login.md)|Use login keychain as the default keychain|
diff --git a/docs/keychain/use-login.md b/docs/keychain/use-login.md
new file mode 100644
index 00000000..e0ded416
--- /dev/null
+++ b/docs/keychain/use-login.md
@@ -0,0 +1,43 @@
+
+use-login
+=========
+
+
+**Use login keychain as the default keychain**
+### Usage
+```bash
+keychain use-login [-h] [--log-stream STREAM] [--no-color] [--version] [-s] [-v]
+    [-p PATH]
+```
+### Optional arguments for command `keychain`
+
+##### `-p, --path=PATH`
+
+
+Keychain path. If not provided, the system default keychain will be used instead
+### Common options
+
+##### `-h, --help`
+
+
+show this help message and exit
+##### `--log-stream=stderr | stdout`
+
+
+Log output stream. Default `stderr`
+##### `--no-color`
+
+
+Do not use ANSI colors to format terminal output
+##### `--version`
+
+
+Show tool version and exit
+##### `-s, --silent`
+
+
+Disable log output for commands
+##### `-v, --verbose`
+
+
+Enable verbose logging for commands
\ No newline at end of file
diff --git a/src/codemagic/__version__.py b/src/codemagic/__version__.py
index e6e31339..9d6e0d66 100644
--- a/src/codemagic/__version__.py
+++ b/src/codemagic/__version__.py
@@ -1,5 +1,5 @@
 __title__ = 'codemagic-cli-tools'
 __description__ = 'CLI tools used in Codemagic builds'
-__version__ = '0.8.5'
+__version__ = '0.9.0'
 __url__ = 'https://github.com/codemagic-ci-cd/cli-tools'
 __licence__ = 'GNU General Public License v3.0'
diff --git a/src/codemagic/tools/keychain.py b/src/codemagic/tools/keychain.py
index 18135a2d..0519e608 100755
--- a/src/codemagic/tools/keychain.py
+++ b/src/codemagic/tools/keychain.py
@@ -5,6 +5,7 @@
 import os
 import pathlib
 import shutil
+from datetime import datetime
 from tempfile import NamedTemporaryFile
 from typing import Iterable
 from typing import List
@@ -234,6 +235,24 @@ def make_default(self):
         if process.returncode != 0:
             raise KeychainError(f'Unable to set {self.path} as default keychain', process)
 
+    @cli.action('use-login')
+    def use_login_keychain(self) -> Keychain:
+        """
+        Use login keychain as the default keychain
+        """
+
+        for keychain_name in ('login.keychain-db', 'login.keychain'):
+            keychain_path = self._keychains_root / keychain_name
+            if keychain_path.is_file():
+                self._path = keychain_path
+                break
+        else:
+            raise KeychainError(f'Login keychain not found from {self._keychains_root}')
+
+        self.logger.info(Colors.GREEN('Use login keychain %s as system default keychain'), self.path)
+        self.make_default()
+        return self
+
     @cli.action('initialize', KeychainArgument.PASSWORD, KeychainArgument.TIMEOUT)
     def initialize(self, password: Password = Password(''), timeout: Optional[Seconds] = None) -> Keychain:
         """
@@ -266,8 +285,15 @@ def list_code_signing_certificates(self, should_print: bool = True) -> List[Cert
             self.echo(json.dumps(certificates, sort_keys=True, indent=4))
         return certificates
 
+    @property
+    def _keychains_root(self) -> pathlib.Path:
+        return pathlib.Path('~/Library/Keychains/').expanduser()
+
     def _generate_path(self):
-        with NamedTemporaryFile(prefix='build_', suffix='.keychain') as tf:
+        keychain_dir = self._keychains_root / 'codemagic-cli-tools'
+        keychain_dir.mkdir(parents=True, exist_ok=True)
+        date = datetime.now().strftime('%d-%m-%y')
+        with NamedTemporaryFile(prefix=f'{date}_', suffix='.keychain-db', dir=keychain_dir) as tf:
             self._path = pathlib.Path(tf.name)
 
     @cli.action('add-certificates',