OTHER_CODE_SIGN_FLAGS keychain flag ignored?

Question

I have just learned about the possibility to use OTHER_CODE_SIGN_FLAGS to specify the keychain which includes the cert needed for building and signing an app. But unfortunately

Answer 1

I found that if I didn't add the keychain to keychain search list, xcodebuild would not respect the OTHER_CODE_SIGN_FLAG --keychain setting. I had to add this code:

// Early in the script
ORIGINAL_KEYCHAINS=`security list-keychains -d user`

// After I create my keychain, add it to the list
security list-keychains -d user -s ${ORIGINAL_KEYCHAINS} "${KEYCHAIN_NAME}"

// On cleanup
security list-keychains -d user -s ${ORIGINAL_KEYCHAINS} 

Needless to say, I lost hours figuring this out.

Also of help, making sure the keychain stays open for the length of your build. As advised here:

security -v set-keychain-settings -lut 7200 ${KEYCHAIN_NAME}