After set-key-partition-list codesign still prompts for key access

Question

I\'m importing a PEM file containing public and private keys for my code signing identity with the following command:

security import \"${PEM_FILE}\         


        

Answer 1

In my original import command, I didn't supply a password for my keychain. If I supply a password to the import command, set-key-partition-list prevents the dialog from showing:

security import "${PEM_FILE}" -k ~/Library/Keychains/login.keychain -P "${PASSWORD}" -T /usr/bin/codesign -T /usr/bin/security
security set-key-partition-list -S apple-tool:,apple: -s -k "${PASSWORD}" ~/Library/Keychains/login.keychain

Then codesign doesn't show a dialog. It just works!

codesign --force --sign "${IDENTITY_HASH}" --timestamp=none `mktemp`