in keyper/__init__.py [0:0]
def set_key_partition_list(self, certificate: Certificate) -> None:
"""Set the key partition list for the keychain.
This avoids the prompt to enter the password when using a certificate
via codesign for the first time.
The logic for this is based on the answer to this SO question:
https://stackoverflow.com/questions/39868578/
:param Certificate certificate: The certificate to use the private key name from.
"""
log.debug("Setting partition list for: %s", certificate.private_key_name)
if certificate.private_key_name is None:
log.warning("Skipping due to certificate not having a private key")
return
if self.is_temporary:
log.debug("Skipping due to being temporary")
return
try:
subprocess.run(
[
"security",
"set-key-partition-list",
"-S",
"apple-tool:,apple:",
"-s",
"-l",
certificate.private_key_name,
"-k",
self.password,
self.path,
],
check=True,
)
except subprocess.CalledProcessError as ex:
log.error("Failed to set key partition list: %s", ex)
raise