Thanks for the thorough instructions. I did follow them, but when I went to the Access Control tab for the private key, I see "Allow all applications to access this item" is selected.
On Wednesday, March 7, 2012 3:50:32 PM UTC-7, Elkin, Michael wrote: > > The problem is that keychains need to be unlocked to access the contents > of it, and also that codesign is an untrusted application requesting access > to a private key. You need to add /usr/bin/codesign as a trusted > application to the private key via the following steps: > > > 1) Login to the system where you are building as the user > > 2) Open Keychain Access “/Applications/Utilities/Keychain Access.app” > > 3) Locate your certificate that you are trying to build with (iPhone > Developer: *) and locate its corresponding private key > > 4) Right click to “Get Info” of the private key and go to the “Access > Control” tab > > 5) Click the plus sign > > 6) Locate /usr/bin/codesign, and add it > > 7) Type your keychain password if prompted > > 8) Ensure that the Xcode plugin is referencing the correct keychain with > the correct keychain password, or script in a “security unlock-keychain” > command > > > > There are some command line ways to do the above but I have never gotten > them working 100%. If everything is setup as above you should never be > prompted for access control and everything works just fine. If you’re doing > any simulator testing I believe you need the Jenkins user to be logged into > the desktop as well – we set this up on our CI boxes with the “Automatic > Login” feature found under “System Preferences / Users & Groups”. To reduce > risk you can setup the Jenkins user as a standard/unprivileged account. > > > > > > *From:* jenkinsci-users@googlegroups.com [mailto: > jenkinsci-users@googlegroups.com] *On Behalf Of *Arnaud Héritier > *Sent:* Wednesday, March 07, 2012 1:47 PM > *To:* jenkinsci-users@googlegroups.com > *Subject:* Re: Getting Jenkins to work on Mac with the XCode integration > plugin > > > > you'll probably never see it. You'll have to to logon on this account and > launch manually the codesign command you can see in your build logs > > On Wed, Mar 7, 2012 at 10:35 PM, Hilton Campbell wrote: > > I haven't seen that dialog appear. But then, I've never been logged in to > the desktop as the jenkins user while a build was happening. I'll try that > out and report. > > > > On Wednesday, March 7, 2012 8:52:28 AM UTC-7, Arnaud Héritier wrote: > > Hi > > > > Couldn't it be a problem with the codesign program trying to access to > the keychain ? > > Did you ask it manually to always allow it ? > > > https://wiki.jenkins-ci.org/display/JENKINS/XCode+Plugin#XcodePlugin-Installationguide > > > > > > Arnaud > > > > On Wed, Mar 7, 2012 at 4:35 PM, Hilton Campbell wrote: > > Whenever I reboot my Mac, all subsequent Xcode builds fail with "Code Sign > error: The identity 'iPhone Distribution: Blah blah blah' doesn't match any > valid certificate/private key pair in the default keychain". I have the > certificate/private key pair it is looking for in my jenkins user's login > keychain, and my jobs are configured to unlock the keychain, which they do > successfully according to the build log. > > Whenever this happens I try a lot of things, like moving the > certificate/private key pair to the system keychain, or logging in as the > jenkins user, or whatever else my desperate Google searches turn up. But > then I remember what I did to fix it last time, which is to reinstall > Jenkins using the Mac installer, turning off the install as daemon option > and turning on the install as jenkins user. Once installation completes, > the jobs work again. > > Any ideas what it is that the installation is doing that a reboot is > undoing? > > > > > > -- > > ----- > > Arnaud Héritier > > 06-89-76-64-24 > > http://aheritier.net > > Mail/GTalk: aherit...@gmail.com > > Twitter/Skype : aheritier > > > > > > > > -- > > ----- > > Arnaud Héritier > > 06-89-76-64-24 > > http://aheritier.net > > Mail/GTalk: aherit...@gmail.com > > Twitter/Skype : aheritier > > > > IMPORTANT NOTICE: This e-mail message is intended to be received only by > persons entitled to receive the confidential information it may contain. > E-mail messages sent from this company may contain information that is > confidential and may be legally privileged. Please do not read, copy, > forward or store this message unless you are an intended recipient of it. > If you received this transmission in error, please notify the sender by > reply e-mail and delete the message and any attachments. >
