Skip to content

safaridriver: only write has-run semaphore on actual success#1209

Open
rcurranmoz wants to merge 2 commits into
masterfrom
safaridriver-semaphore-on-success
Open

safaridriver: only write has-run semaphore on actual success#1209
rcurranmoz wants to merge 2 commits into
masterfrom
safaridriver-semaphore-on-success

Conversation

@rcurranmoz
Copy link
Copy Markdown
Contributor

@rcurranmoz rcurranmoz commented May 12, 2026

Summary

Fixes #1207.

The script modules/macos_safaridriver/files/safari-enable-remote-automation.sh currently writes the safari-(tech-preview-)enable-remote-automation-has-run semaphore unconditionally, even when the underlying osascript "click the checkbox" sequence failed (most commonly because cltbld's TCC.db doesn't exist yet on first bootstrap). Puppet's unless => /bin/test -f <semaphore> then sees the file on the next apply and skips the resource — the worker is permanently broken with no retry path.

This PR:

  • Removes the pre-emptive touch of the semaphore file at script startup
  • Refactors enable_remote_automation to return non-zero on failure
  • Only writes the semaphore on confirmed osascript success
  • Aggregates per-app return codes so the script exits non-zero if Safari and/or Safari Tech Preview failed (puppet will surface this as a visible error)

With this change, puppet's existing unless guard does the right thing: the semaphore is created only when configuration actually succeeded, so a failed run is retried on the next puppet apply.

Test plan

  • Manually run on a fresh worker where cltbld TCC.db hasn't been created yet — confirm semaphore is NOT written, script exits non-zero
  • Manually run on a fresh worker after cltbld has auto-logged in — confirm semaphore IS written, script exits 0
  • Re-run puppet after a successful semaphore write — confirm the exec is skipped via unless
  • On a 15.x host with both Safari and STP installed, simulate a partial failure (e.g. quit one of the apps mid-osascript) and confirm only the failing app's semaphore is missing

🤖 Generated with Claude Code

@rcurranmoz @claude
safaridriver: only write has-run semaphore on actual success
73941c6 
Currently the script:

1. touch's the semaphore file at startup (before any work)
2. has no `set -e`, so osascript failures fall through silently
3. unconditionally writes the version string to the semaphore at the end

The combined effect is that puppet's `unless => /bin/test -f <semaphore>`
guard always sees the file (or sees it with the right version) after the
first invocation, even when the underlying osascript click-dance failed
because cltbld's TCC.db didn't exist yet. Result: the worker permanently
lacks the Safari "Allow remote automation" entitlement and there's no
mechanism for puppet to retry.

This commit:

- Drops the pre-emptive touch
- Refactors `enable_remote_automation` to return non-zero on failure
- Only writes the semaphore on confirmed osascript success
- Aggregates per-app return codes so the script as a whole exits non-zero
  if Safari and/or Safari Tech Preview configuration failed, so puppet
  reports a visible error

With this change, puppet's existing `unless` guard does the right thing:
the file is created only when the configuration actually succeeded, so a
failed run will be retried on the next puppet apply.

Fixes #1207

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Mac Improvement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

macos_safaridriver: only write has-run semaphore on actual success

1 participant

@rcurranmoz