CLI doesn’t clear keychain on macos

[JonasKruckenberg]

Describe the bug

During signing on macOS we create a keychain that holds the certificate and keys used for that process.
We also set it as the default keychain for the system. This would be fine normally, but we just don’t revert the default and remove the keychain. This makes signing on non-CI machines pretty awkward.

e.g. I couldn’t log in to any apps anymore.

Reproduction

No response

Expected behavior

No response

Platform and versions

cargo tauri info

Environment
  › OS: Mac OS 12.4.0 X64
  › Node.js: 18.0.0
  › npm: 8.6.0
  › pnpm: 7.0.0-rc.7
  › yarn: 3.1.0
  › rustup: 1.24.3
  › rustc: 1.59.0
  › cargo: 1.59.0
  › Rust toolchain: stable-aarch64-apple-darwin 

Packages
WARNING: no lock files found, defaulting to npm
  › @tauri-apps/cli [NPM]: 1.0.0-rc.9
  › @tauri-apps/api [NPM]: 1.0.0-rc.3(outdated, latest: 1.0.0-rc.4)
  › tauri [RUST]: 1.0.0-rc.6 (no lockfile),
  › tauri-build [RUST]: no manifest (no lockfile),
  › tao [RUST]: no manifest (no lockfile),
  › wry [RUST]: no manifest (no lockfile),

App
  › build-type: bundle
  › CSP: default-src 'self' style-src 'self' 'unsafe-inline' connect-src http://localhost:55001
  › distDir: ../../plz-out/gen/frontend/dist/client
  › devPath: http://localhost:3000/
package.json not found

App directory structure
  ├─ app
  ├─ extension-host
  ├─ common
  ├─ ext-youtube
  └─ ext-twitter

Stack trace

No response

Additional context

We should do two things:

1. Remove the keychain after every signing attempt (successful or not)
2. We shouldn’t rely on a default keychain if possible (I think reverting the default keychain requires a restart)

[lucasfernog]

Yeah I've seen this problem too when using the env vars to create the certificate :/