export async function installCertInTemporaryKeychain()

in Tasks/IpaResign/ios-signing-common.ts [15:95]

• 56 lines of code
• 10 McCabe index (conditional complexity)

export async function installCertInTemporaryKeychain(keychainPath: string, keychainPwd: string, p12CertPath: string, p12Pwd: string) {
    //delete keychain if exists
    await deleteKeychain(keychainPath);

    //create keychain
    let createKeychainCommand: ToolRunner = tl.tool(tl.which('security', true));
    createKeychainCommand.arg(['create-keychain', '-p', keychainPwd, keychainPath]);
    await createKeychainCommand.exec();

    //update keychain settings
    let keychainSettingsCommand: ToolRunner = tl.tool(tl.which('security', true));
    keychainSettingsCommand.arg(['set-keychain-settings', '-lut', '7200', keychainPath]);
    await keychainSettingsCommand.exec();

    //unlock keychain
    await unlockKeychain(keychainPath, keychainPwd);

    //import p12 cert into the keychain
    let importP12Command: ToolRunner = tl.tool(tl.which('security', true));
    importP12Command.arg(['import', p12CertPath, '-P', p12Pwd, '-A', '-t', 'cert', '-f', 'pkcs12', '-k', keychainPath]);
    await importP12Command.exec();

    //list the keychains to get current keychains in search path
    let listAllOutput: string;
    let listAllCommand: ToolRunner = tl.tool(tl.which('security', true));
    listAllCommand.arg(['list-keychain', '-d', 'user']);
    listAllCommand.on('stdout', function(data) {
        if (data) {
            if (listAllOutput) {
                listAllOutput = listAllOutput.concat(data.toString().trim());
            } else {
                listAllOutput = data.toString().trim();
            }
        }
    });

    await listAllCommand.exec();

    let allKeychainsArr: string [] = [];
    tl.debug('listAllOutput = ' + listAllOutput);

    //parse out all the existing keychains in search path
    if (listAllOutput) {
        allKeychainsArr = listAllOutput.split(/[\n\r\f\v]/gm);
    }

    if (!listAllOutput || listAllOutput.indexOf('login.keychain') < 0) {
        //login keychain is not in the search path,
        //this might have happened with the 2.1.21 version of Xcode task
        //add it back explicitly, this can be removed after a couple of sprints
        allKeychainsArr.push(tl.resolve(tl.getVariable('HOME'), 'Library', 'Keychains', 'login.keychain'));
    }

    //add the temporary keychain to list path along with existing keychains
    let listAddCommand: ToolRunner = tl.tool(tl.which('security', true));
    listAddCommand.arg(['list-keychain', '-d', 'user', '-s',  keychainPath]);
    for (let i: number = 0; i < allKeychainsArr.length; i ++) {
        listAddCommand.arg(allKeychainsArr[i].trim().replace(/"/gm, ''));
    }

    await listAddCommand.exec();

    let listVerifyOutput: string;
    let listVerifyCommand: ToolRunner = tl.tool(tl.which('security', true));
    listVerifyCommand.arg(['list-keychain', '-d', 'user']);
    listVerifyCommand.on('stdout', function(data) {
        if (data) {
            if (listVerifyOutput) {
                listVerifyOutput = listVerifyOutput.concat(data.toString().trim());
            } else {
                listVerifyOutput = data.toString().trim();
            }
        }
    });

    await listVerifyCommand.exec();

    if (listVerifyOutput.indexOf(keychainPath) < 0) {
        throw tl.loc('TempKeychainSetupFailed');
    }
}