Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

CodeSigning / SQLite3 failure

See original GitHub issue

Last resort to post an issue here but I’m running out of idea’s on this one:

Code signing darwin app on TravisCI is failing with the following error message:

WARNING: Code sign failed; please retry manually. Error: Command failed: codesign --sign [secure] --force /var/folders/bb/n7t3rs157850byt_jfdcq9k80000gn/T/electron-packager/darwin-x64/<APP_NAME>-darwin-x64/<APP_NAME>.app/Contents/Resources/app/node_modules/sqlite3/build/Release/.deps/private/var/folders/bb/n7t3rs157850byt_jfdcq9k80000gn/T/electron-packager/darwin-x64/<APP_NAME>-darwin-x64/Electron.app /var/folders/bb/n7t3rs157850byt_jfdcq9k80000gn/T/electron-packager/darwin-x64/<APP_NAME>-darwin-x64/<APP_NAME>.app/Contents/Resources/app/node_modules/sqlite3/build/Release/.deps/private/var/folders/bb/n7t3rs157850byt_jfdcq9k80000gn/T/electron-packager/darwin-x64/<APP_NAME>-darwin-x64/Electron.app: bundle format unrecognized, invalid, or unsuitable

I’ve no clue as to why SQLite is being involved here (it is a project dependency though) and everything else succeeds beyond this message but the code isn’t signed and our generated artefacts (.dmg) are damaged.

The certificates being used for this, on Travis, are:

  • Worldwide Developer Relations Certificate Authority
  • Developer ID Certificate Authority
  • Our developerID.p12 certificate

The developerID certificate works when I codesign on local OSX but perhaps there’s something bundled within my O/S thats missing or different on Travis. The certificates listed above are indicated as requirements for codesigning within the Apple developer area (https://developer.apple.com/account/ios/certificate/).

Here’s the contents of our signing shell script that is responsible for installing what I believe to be the correct certs:

#!/bin/sh
KEY_CHAIN=mac-build.keychain
security create-keychain -p travis $KEY_CHAIN
security default-keychain -s $KEY_CHAIN
security unlock-keychain -p travis $KEY_CHAIN
security set-keychain-settings -t 3600 -u $KEY_CHAIN

CERT_LOCATION=$PWD/deploy/certs

security import $CERT_LOCATION/apple.cer -k $KEY_CHAIN -A /usr/bin/codesign
security import $CERT_LOCATION/icon-osx-developer.cer -k $KEY_CHAIN -A /usr/bin/codesign
security import $CERT_LOCATION/icon-osx-developer.p12 -k $KEY_CHAIN -P $OSX_SIGNING_IDENTITY_PASSWORD -A /usr/bin/codesign

echo "Add keychain to keychain-list"
security list-keychains -s mac-build.keychain

echo "Settting key partition list"
security set-key-partition-list -S apple-tool:,apple: -s -k travis $KEY_CHAIN

echo "Installed identities"
security find-identity -v -p codesigning

Here’s the content of the electronPackagerConfig section of package.json

'electronPackagerConfig': {
    'osxSign': {
      identity: process.env.OSX_SIGNING_IDENTITY
    }
  }

(OSX_SIGNING_IDENTITY is set as A2FC137228DABBAA8101DD3B6704EEXXXXXXXXXX)

And here’s our travis.yml config:

osx_image: xcode8.3

sudo: required

dist: trusty

language: c

matrix:
  include:
  - os: osx
    env: CC=clang CXX=clang++ npm_config_clang=1
    compiler: clang

cache:
  directories:
  - node_modules
  - app/node_modules
  - "$HOME/.electron"
  - "$HOME/.cache"

addons:
  apt:
    packages:
    - libgnome-keyring-dev
    - icnsutils

before_install:
- mkdir -p /tmp/git-lfs && curl -L https://github.com/github/git-lfs/releases/download/v1.2.1/git-lfs-$([
  "$TRAVIS_OS_NAME" == "linux" ] && echo "linux" || echo "darwin")-amd64-1.2.1.tar.gz
  | tar -xz -C /tmp/git-lfs --strip-components 1 && /tmp/git-lfs/git-lfs pull
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get install --no-install-recommends -y icnsutils graphicsmagick xz-utils; fi
- *./deploy/executables/codesign.sh*
- cd build
- ls

install:
- nvm install 6
- npm install electron-forge -g
- npm install electron-builder@next
- npm install node-pre-gyp -g
- export CPPFLAGS=-I/usr/local/opt/openssl/include 
- export LDFLAGS=-L/usr/local/opt/openssl/lib
- npm install --g yarn@0.27.5
- npm install --g gulp
- npm install --g node-sass
- npm install --save nan

script:
- npm install
- python ../deploy/environment/replace.py
- electron-forge publish

branches:
  except:
  - "/^v\\d+\\.\\d+\\.\\d+$/"
  only:
  - "master"

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:19 (11 by maintainers)

github_iconTop GitHub Comments

1reaction
maleptcommented, Dec 4, 2017

I would suggest setting electronPackagerConfig.ignore to ignore the sqlite3/build directory.

0reactions
sethlucommented, Feb 12, 2018

Closing this issue for now since it’s been inactive for quite a while.

Read more comments on GitHub >

github_iconTop Results From Across the Web

CodeSigning / SQLite3 failure · Issue #158 · electron/osx-sign
From the error message I see that there's a weird recurring file path starting from sqlite3/build/Release/.deps/... like having a absolute file ...
Read more >
Manual codesign failed - Illegal instruction: 4 - Apple Developer
I'm trying to manually codesign a prebuilt binary of SQLite (sqlite3) using the following command: codesign -s "Mac Developer" --entitlements ...
Read more >
Iam getting error after inserting data in to sqlite3 - Stack Overflow
Iam getting error after inserting data in to sqlite3 ... When call this method app crashes and following error occurs.
Read more >
iPhone sqlite3 - sqlite3_prepare_v2 returns error code 26
The problem actually was that the partner team created a sqlite 2.x file instead of a version 3 file. That caused the function...
Read more >
Result and Error Codes - SQLite
All extended result codes are also error codes. Hence the terms "extended result code" and "extended error code" are interchangeable. For ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

codesign failed 'No such file or directory'

Next page

"code object is not signed at all In subcomponent" error after High Sierra update.