Arnaud, I thought the Xcode plugin solved all the issues about keychain management? I tried to open up a discussion about it some time ago but I was assured there really is no problem if people just use the Xcode plugin.
Recent Jenkins Max OS X installers have the option to create a new account for Jenkins and run the Jenkins launch daemon under that account. It helps for some issues, but the Xcode plugin might still be needed for keychain management. If the original poster wants to try this, you should reinstall Jenkins and look for a button titled "Customize" in the installer. If the OP just wants a minimal, sure-to-work-with-keychain Jenkins installation, he could try my unofficial Jenkins.app, available at https://github.com/stisti/jenkins-app (ready-to-run packages are available under the Download tab.) -- Sami Arnaud Héritier kirjoitti 22.6.2012 kello 11.58: > Yes we had this feedback numerous times. It is greatly recommended to use a > jenkins server (or agent) running on a real user (but dedicated account). The > daemon mode creates a lot of issues sadly about rights, keychain, ... > management. > We might consider to add this advice on the plugin page I think. > > Arnaud > > On Fri, Jun 22, 2012 at 1:10 AM, Mark Waite <markwa...@yahoo.com> wrote: > Considering the frustration it is creating to run Jenkins under the daemon > user, you might consider running it under your user account instead. That > may not be as elegant as running it under the daemon user, but it seems like > it would let you start with an environment where you know the signing works. > > That's the type of technique we use on Windows (for a different reason - many > Windows processes need desktop access). > > Mark Waite > > From: rover <narendra....@gmail.com> > To: jenkinsci-users@googlegroups.com > Sent: Thursday, June 21, 2012 6:00 PM > Subject: Setting up Jenkins with xcode build with CI server > > I am getting frustrated with this and will really appreciate any help > > We set up jenkins for our CI environment on Mac OSX for building our xcode > project. Configured everything with SVn so that it syncs and all but when it > comes to build > > Code Sign error : There are no valid certificate/private key pairs in the > default keychain > > Jenkins as far as i know is running under the daemon and i am logged in as > myself on that machine so after hours of looking i copied the Iphone > Developer Certificates from the login.keychain to the system.keychain too and > now get this error . A valid provisioning profile matching the appliacation's > IDentifier "MZCZ.... . Icacher" could not be found > > So i deleted it > > As somebody suggested , I even set up the session create to info.plist too > as suggested on here > http://stackoverflow.com/questions/6827874/missing-certificates-and-keys-in-the-keychain-while-using-jenkins-hudson-as-cont/9482707#9482707 > > Did this too > > To keep a compartmentalized keychain for Jenkins/Hudson, I moved the > launchctl item from > /Library/LaunchDaemons/org.jenkins-ci.plist > > > > to > > /Users/Shared/Jenkins/Home/Library/LaunchAgents/org.jenkins-ci.plist > > > > > > This is how my launch Daemon org.jenkins-ci.plist looks > > <?xml version="1.0" encoding="UTF-8"?> > <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" > "http://www.apple.com/DTDs/PropertyList-1.0.dtd%22> > <plist version="1.0"> > <dict> > <key>EnvironmentVariables</key> > <dict> > <key>JENKINS_HOME</key> > <string>/Users/Shared/Jenkins/Home</string> > </dict> > <key>GroupName</key> > <string>daemon</string> > <key>KeepAlive</key> > <true/> > <key>Label</key> > <string>org.jenkins-ci</string> > <key>ProgramArguments</key> > <array> > <string>/bin/bash</string> > <string>/Library/Application > Support/Jenkins/jenkins-runner.sh</string> > </array> > <key>RunAtLoad</key> > <true/> > <key>UserName</key> > <string>daemon</string> > <key>SessionCreate</key> > </dict> > </plist> > > > Please help i have run out of options > > > > > > > > > -- > ----- > Arnaud Héritier > 06-89-76-64-24 > http://aheritier.net > Mail/GTalk: aherit...@gmail.com > Twitter/Skype : aheritier >
