From cba587bf0f27fb6bbfc1ffcd44a7f537638a31f8 Mon Sep 17 00:00:00 2001
From: Jacob Heider <jacob@tea.xyz>
Date: Mon, 27 Feb 2023 11:42:37 -0500
Subject: [PATCH] Guard condition for existing keychain

---
 .github/actions/codesign/action.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/actions/codesign/action.yml b/.github/actions/codesign/action.yml
index 5d31fd62..dea90be5 100644
--- a/.github/actions/codesign/action.yml
+++ b/.github/actions/codesign/action.yml
@@ -33,6 +33,13 @@ runs:
     # ago, and we need bugfixes.
     # FIXME: replace this with a tea script based on https://localazy.com/blog/how-to-automatically-sign-macos-apps-using-github-actions
     # github has a doc with similar content, but it's not returning to me atm.
+
+    # apple-actions/import-codesign-certs will fail if the keychain already exists, so we prophylactically
+    # delete it if it does.
+    - name: Delete keychain
+      shell: sh
+      run: security delete-keychain signing_temp.keychain || true
+
     - uses: apple-actions/import-codesign-certs@d54750db52a4d3eaed0fc107a8bab3958f3f7494
       with:
         p12-file-base64: ${{ inputs.p12-file-base64 }}