From c1a5a286ee6cc8c9f42fe92aae9399de1f857519 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= <jakub@status.im>
Date: Mon, 7 Sep 2020 19:39:26 +0200
Subject: [PATCH] sign-macos-pkg.sh: don't restore Jenkins secret keychains
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jakub Sokołowski <jakub@status.im>
---
 scripts/sign-macos-pkg.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/sign-macos-pkg.sh b/scripts/sign-macos-pkg.sh
index 8ec3a39c40..0d765593d8 100755
--- a/scripts/sign-macos-pkg.sh
+++ b/scripts/sign-macos-pkg.sh
@@ -51,7 +51,8 @@ if [[ -n "${MACOS_KEYCHAIN_FILE}" ]]; then
         exit 1
     fi
     echo -e "\n### Storing original keychain search list..."
-    ORIG_KEYCHAIN_LIST=$(security list-keychains | grep -v "^/private" | xargs)
+    # We want to restore the normal keychains and ignore Jenkis created ones
+    ORIG_KEYCHAIN_LIST=$(security list-keychains | grep -v -e "^/private" -e "secretFiles" | xargs)
     
     # The keychain file needs to be locked afterwards
     trap clean_up EXIT ERR