[macOS] Add DeveloperIDG2CA.cer certificate (#5044)

* Add DeveloperIDG2CA.cer certificate

* Update certificate test

images/macos/provision/configuration/configure-machine.sh

@@ -30,16 +30,30 @@ defaults write com.apple.VoiceOver4/default SCREnableAppleScript -bool YES
 # Rotate the certificate before expiration to ensure your apps are installed and signed with an active certificate.
 # Confirm that the correct intermediate certificate is installed by verifying the expiration date is set to 2030.
 # sudo security delete-certificate -Z FF6797793A3CD798DC5B2ABEF56F73EDC9F83A64 /Library/Keychains/System.keychain
-curl https://www.apple.com/certificateauthority/AppleWWDRCAG3.cer --output $HOME/AppleWWDRCAG3.cer --silent
 # Big Sur requires user interaction to add a cert https://developer.apple.com/forums/thread/671582, we need to use a workaround with SecItemAdd swift method
-if is_Catalina; then
-    sudo security add-trusted-cert -d -r unspecified -k /Library/Keychains/System.keychain $HOME/AppleWWDRCAG3.cer
-else
-    swiftc $HOME/image-generation/add-certificate.swift
-    sudo ./add-certificate $HOME/AppleWWDRCAG3.cer
-    rm add-certificate
+if ! is_Catalina; then
+    swiftc "${HOME}/image-generation/add-certificate.swift"
 fi
-rm $HOME/AppleWWDRCAG3.cer
+
+certs=(
+    AppleWWDRCAG3.cer
+    DeveloperIDG2CA.cer
+)
+for cert in ${certs[@]}; do
+    echo "Adding ${cert} certificate"
+    cert_path="${HOME}/${cert}"
+    curl "https://www.apple.com/certificateauthority/${cert}" --output ${cert_path} --silent
+
+    if is_Catalina; then
+        sudo security add-trusted-cert -d -r unspecified -k /Library/Keychains/System.keychain ${cert_path}
+    else
+        sudo ./add-certificate ${cert_path}
+    fi
+
+    rm ${cert_path}
+done
+
+rm -f ./add-certificate
 
 # Create symlink for tests running
 if [ ! -d "/usr/local/bin" ];then