stripe-cli icon indicating copy to clipboard operation
stripe-cli copied to clipboard

Published 20 hours ago verified publisher icon stripe

Storing livemode keys in macOS keychain not working with binary release for arm64

Open friedemannf opened this issue 2 years ago • 17 comments

Issue

According to DX7509, the livemode credentials are supposed to be saved in the macOS keychain. This does not work with the binary release for arm64 or when installing via homebrew. Instead, it seems like the library being used for storing credentials (https://github.com/99designs/keyring) is selecting a different 'file' credential backend by default:

❯ stripe customers list --live
No directory provided for file keyring

When compiling from source, I get the confirmation pop-up as expected and have to allow access to the keyring. After this, all live commands work as expected:

image

Instead of the mac-os_arm64 binary I also tried using the mac-os_x86_64 binary, there the keychain is working as expected. My guess is, that something is misconfigured with the cross-compilation. Specifically with the cgo support, which seems to be enabled for amd64 but not for arm64. 99designs/keyring is requiring cgo for the keychain to work.

Expected Behavior

I expect the stripe binary installed via brew on arm64 to prompt me keychain access when first accessing/storing credentials. Currently, the only workaround seems to be to manually provide an API key whenever accessing the live environment.

Steps to reproduce

On an Apple Silicon Mac.

  1. Install stripe via homebrew, alternatively use the arm64 binary release:
brew install stripe/stripe-cli/stripe
  1. After logging in, execute any command in live mode:
❯ stripe customers list --live
No directory provided for file keyring
  1. Download and extract the amd64 binary. Execute any command in live mode using this binary. If not allowed yet, a keychain dialog will pop up and prompt to enter the password, the command will succeed as expected:
❯ ./stripe customers list --live
{
  "object": "list",
  "data": [
...
  ],
  "has_more": true,
  "url": "/v1/customers"
}

Environment

stripe: 1.10.4 compile: go1.19 darwin/arm64 with cgo enabled

friedemannf avatar Aug 08 '22 11:08 friedemannf

@friedemannf thank you for the bug report and investigation! please bear with the workaround as i root cause fix it. thanks!

etsai-stripe avatar Aug 08 '22 14:08 etsai-stripe

Hi, I’m unfortunately still seeing the same on a headless instance of Ubuntu 22.10 installed both via APT and manually.

f3d0r avatar Jan 19 '23 00:01 f3d0r

Still happening on WSL, a quick fix is to run the following: sudo apt install gnome-keyring

matannahmani avatar Feb 09 '23 08:02 matannahmani

sudo apt install gnome-keyring did not fix the problem on WSL2 Ubuntu

./stripe listen --live
No directory provided for file keyring

this is after successful ./stripe login

JunhaoWang avatar Apr 16 '24 22:04 JunhaoWang