The application that requires access to your private key is “/usr/bin/codesign” if you don’t want to grant wildcard access to your private key. If you’re doing any simulator orchestration then you will also want to be sure that the user logged into the CI agent is the same user Jenkins is running as.

From: jenkinsci-***@googlegroups.com [mailto:jenkinsci-***@googlegroups.com] On Behalf Of kenstir
Sent: Thursday, April 05, 2012 4:38 AM
To: jenkinsci-***@googlegroups.com
Subject: Re: Jenkins with iOS development

I don't have any problem signing code with my iOS build fired by Jenkins. I think it is straightforward if not easy. I did not need to modify Jenkins in any way. My setup is:
- linux master fires osx slave using SSH
- osx slave runs as user jenkins
- user jenkins has the signing cert loaded into its keychain
- user jenkins must allow access to the signing cert. In the Keychain Access application, right-click on "XXX private key", choose Get Info, click Access Control, select "Allow all applications to access this item".
- key step here: build sh script executes this command:
security unlock-keychain -p $PASSWORD ~/Library/Keychains/login.keychain

Hope that helps,
Ken

IMPORTANT NOTICE: This e-mail message is intended to be received only by persons entitled to receive the confidential information it may contain. E-mail messages sent from this company may contain information that is confidential and may be legally privileged. Please do not read, copy, forward or store this message unless you are an intended recipient of it. If you received this transmission in error, please notify the sender by reply e-mail and delete the message and any attachments.

Great! I'm glad there is no problem building iOS applications using
Jenkins. The only funny thing is that plenty of people seem to have
trouble with it even though it is so easy.

I have a couple of follow-up questions:

You mention $PASSWORD needed to unlock the keychain. Since Jenkins Mac
installer creates the "jenkins" user with no password and with login
disabled, you have probably done some additional customization? What
did you need to do? Change login shell? Change password?

Did you also need to set up something in the jenkins user's home
directory? mkdir Library?

Thanks,

-- Sami

I would still like to know if installing the Xcode plugin only is enough or does the standard Jenkins installation on Mac need some tweaks.

-- Sami

Hi,

Sorry I was off for a long period and a lot overwhelmed
It should be better from now and I already saw new issues sent in the
plugin bugtracker and pull requests in github.
Many people are nowadays successfully using the xcode plugin on a jenkins
server. It can be hosted itself on macos or on any other platform with an
agent on macos.
At the Jenkins User Conference Paris last week I did a presentation about
this :
http://www.slideshare.net/aheritier/hands-on-ios-developments-with-jenkins
Feel free to ask more details if you need.

Cheers,

Arnaud