Signing with an invalid developer ID cert returns success

[mdeggies]

Issue: When I provide an invalid developer ID cert (oops), gon successfully completes and doesn't return an error. The log file shows a warning with the following under issues:

"issues": [
    {
      "severity": "warning",
      "code": null,
      "path": "terraform",
      "message": "The binary is not signed with a valid Developer ID certificate.",
      "docUrl": null,
      "architecture": "x86_64"
    }
  ]

IMO this is a fatal error, as the resulting executables can't be opened on OSX 10.15.

Solution: Exit gon and return an error if this 'warning' appears in the log file.

[mdeggies]

Other messages under "issues" with "severity":"warning" that are fatal:
"The signature of the binary is invalid", "The signature does not include a secure timestamp."

[mitchellh]

Hey @mdeggies, can you get me -log-level=trace output?

This might be working as intended, since Apple currently relaxed the notarization requirements: https://developer.apple.com/news/?id=09032019a

As noted in the logs they're just warnings and not errors. Regardless, I think its a useful enhancement to download that log file and parse this and show the user.

[mitchellh]

Fixed by #6. I'm going to add more tests and fix a couple other issues, will cut a release tomorrow or later tonight.