spec: add tests for the autoUpdater on macOS that actually test if it works (#17442)

* spec: add tests for the autoUpdater on macOS that actually test if it works

* spec: add express as dep

* spec: add logic to auto-trust self-signed certificate and not run autoupdate specs on MAS

* build: fix the step name for importing the codesign cert

* chore: update updater spec PR as per feedback

* fix: s/atomBinding/electronBinding

* build: use spawn instead of exec

script/codesign/get-trusted-identity.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+set -e
+
+valid_certs=$(security find-identity -p codesigning -v)
+if [[ $valid_certs == *"1)"* ]]; then
+  first_valid_cert=$(echo $valid_certs | sed 's/ \".*//' | sed 's/.* //')
+  echo $first_valid_cert
+  exit 0
+else
+  # No Certificate
+  exit 0
+fi

script/codesign/import-testing-cert-ci.sh

@@ -0,0 +1,25 @@
+#!/bin/sh
+
+KEY_CHAIN=mac-build.keychain
+KEYCHAIN_PASSWORD=unsafe_keychain_pass
+security create-keychain -p $KEYCHAIN_PASSWORD $KEY_CHAIN
+# Make the keychain the default so identities are found
+security default-keychain -s $KEY_CHAIN
+# Unlock the keychain
+security unlock-keychain -p $KEYCHAIN_PASSWORD $KEY_CHAIN
+# Set keychain locking timeout to 3600 seconds
+security set-keychain-settings -t 3600 -u $KEY_CHAIN
+
+# Add certificates to keychain and allow codesign to access them
+security import "$(dirname $0)"/signing.cer -k $KEY_CHAIN -A /usr/bin/codesign
+security import "$(dirname $0)"/signing.pem -k $KEY_CHAIN -A /usr/bin/codesign
+security import "$(dirname $0)"/signing.p12 -k $KEY_CHAIN -P $SPEC_KEY_PASSWORD -A /usr/bin/codesign
+
+echo "Add keychain to keychain-list"
+security list-keychains -s mac-build.keychain
+
+echo "Setting key partition list"
+security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PASSWORD $KEY_CHAIN
+
+echo "Trusting self-signed certificate"
+sudo security trust-settings-import -d "$(dirname $0)"/trust-settings.plist

script/codesign/signing.pem

@@ -0,0 +1,9 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw91mumcVpai94X7PASje
+R9+meqEHsavRsKQmtVV5JkJk9ZZbWTdpXgOjy1hhGQURrbp3li9lmi3MFHVqZjuQ
+H8omufj0iFiUD0bBY9EZeQjmcXd/ZgP8SoFfMS3BSAeRzXI5UQ5zFq86CWyzBh4k
+lgRN+iuhmxxZ/8PUcuEQ49fzNWVtRskkX+ZDwj8mn9YYRQMm3nl+bB+lYbpgVnkX
+WztXvSdRxCMjvjzLtoSJQhG36DEz6Sv7XeEAfYi70diQIwr/yCtgCpYUTadjOdzO
+h0W/rpC2DTVE/yC3xZxg2uVjEa9siC8+DX9F6luAytkx2TgUGF6KdVblPVVCYkxW
+QQIDAQAB
+-----END RSA PUBLIC KEY-----

script/codesign/trust-settings.plist

@@ -0,0 +1,138 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>trustList</key>
+	<dict>
+		<key>80079C1EC6AED92C03B4C67E9A94B0B05E854AC8</key>
+		<dict>
+			<key>issuerName</key>
+			<data>
+			MIGIMSYwJAYDVQQDDB1FbGVjdHJvblNlbGZTaWduZWRTcGVjU2ln
+			bmluZzEUMBIGA1UECgwLRWxlY3Ryb24gSlMxEDAOBgNVBAsMB1Rl
+			c3RpbmcxCzAJBgNVBAYTAlVTMSkwJwYJKoZIhvcNAQkBFhpjb2Rl
+			c2lnbmluZ0BlbGVjdHJvbmpzLm9yZw==
+			</data>
+			<key>modDate</key>
+			<date>2019-03-19T02:33:38Z</date>
+			<key>serialNumber</key>
+			<data>
+			AQ==
+			</data>
+			<key>trustSettings</key>
+			<array>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147409654</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAED
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>sslServer</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147408896</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAED
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>sslServer</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147409654</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAEI
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>SMIME</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147408872</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAEI
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>SMIME</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147409654</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAEJ
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>eapServer</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147409654</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAEL
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>ipsecServer</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147409654</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAEQ
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>CodeSigning</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147409654</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAEU
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>AppleTimeStamping</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+				<dict>
+					<key>kSecTrustSettingsAllowedError</key>
+					<integer>-2147409654</integer>
+					<key>kSecTrustSettingsPolicy</key>
+					<data>
+					KoZIhvdjZAEC
+					</data>
+					<key>kSecTrustSettingsPolicyName</key>
+					<string>basicX509</string>
+					<key>kSecTrustSettingsResult</key>
+					<integer>1</integer>
+				</dict>
+			</array>
+		</dict>
+	</dict>
+	<key>trustVersion</key>
+	<integer>1</integer>
+</dict>
+</plist>

script/spec-runner.js

@@ -78,8 +78,8 @@ function saveSpecHash ([newSpecHash, newSpecInstallHash]) {
 async function runElectronTests () {
   const errors = []
   const runners = [
-    ['Remote based specs', 'remote', runRemoteBasedElectronTests],
-    ['Main process specs', 'main', runMainProcessElectronTests]
+    ['Main process specs', 'main', runMainProcessElectronTests],
+    ['Remote based specs', 'remote', runRemoteBasedElectronTests]
   ]
 
   const mochaFile = process.env.MOCHA_FILE