Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encountering a code signing issue while building the .app #2783

Open
valeriiatym opened this issue Feb 25, 2025 · 8 comments
Open

Encountering a code signing issue while building the .app #2783

valeriiatym opened this issue Feb 25, 2025 · 8 comments

Comments

@valeriiatym
Copy link

Hi,

We're still experiencing an issue with code signing when building the .app with the initialized CodeQL setup:

** ARCHIVE FAILED **

The following build commands failed:
	CodeSign /Users/test/Library/Developer/Xcode/DerivedData/test-bjpcnarfduumrnaetkciiatxsspz/Build/Intermediates.noindex/ArchiveIntermediates/Test/IntermediateBuildFilesPath/UninstalledProducts/macosx/TestApplication.app (in target 'TestApplication' from project 'Products')
	Archiving workspace Test with scheme Test

We've decided to run the CodeQL analysis on targets that do not require code signing. However, it would be ideal if you could address this issue so that we can run the analysis directly on the .app build.

Please refer to the attached log file for more details.

Thanks!

build-tracer.log
@aibaars
Copy link
Collaborator

aibaars commented Feb 25, 2025

Could you attach the other log files as well? There do not appear to be any relevant error messages in the build-tracer.log .

@valeriiatym
Copy link
Author

@aibaars Do you need logs from git hub actions?

@aibaars
Copy link
Collaborator

aibaars commented Feb 25, 2025

@aibaars Do you need logs from git hub actions?

Yes, and the ones from the debug artifact as well.

@valeriiatym
Copy link
Author

@aibaars Hi, I created support ticket #3258270 and attached logs to it.

@aibaars
Copy link
Collaborator

aibaars commented Feb 27, 2025

@aibaars Hi, I created support ticket #3258270 and attached logs to it.

@valeriiatym Thanks! I found the support ticket, but noticed you only uploaded two log files. I also didn't see the original error message you reported (ARCHIVE FAILED) in any of the log files. I think there should be more log files in the debug artifact, in a (sub)folder named log. If you find more files, please attach them to support ticket #3258270.

I did see quite a lot of error like posix_spawn error: Bad executable (or shared library) (85), ["/usr/bin/sandbox-exec". I assume these messages do not occur when running a normal build without CodeQL. I suspect that CodeQL's "process tracer" is interacting badly with the sandbox-exec binary for some reason.

@valeriiatym
Copy link
Author

@aibaars

I assume these messages do not occur when running a normal build without CodeQL.

yes, you are right.

Updated ticket with logs.

@aibaars
Copy link
Collaborator

aibaars commented Feb 28, 2025

@valeriiatym The timestamps in the latest log does not match the ones from the previously uploaded files. This makes me think they are from different runs. It would be great to have a set of log files (actions logs, build-tracer.log, and any other log files in the debug artefact) of the same workflow run. Having a clear picture of what happens at which time hopefully give us enough information to diagnose what is going wrong.

@valeriiatym
Copy link
Author

@aibaars yes, logs from gha workflow can be from different run. I re-run it several times with the same logic. And I can make you sure that nothing was changed. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aibaars @valeriiatym