xcode 除非用户登录,否则钥匙串不会从 Jenkins 脚本解锁
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6416121/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Keychain won't unlock from Jenkins script unless user logged in
提问by
I'm running a Jenkins CI server on an OS X machine. The server is running as a standard user 'john', and is started by running launchctl. One of the things this server does is build XCode projects using keys and certificates stored in a keychain 'xcode.keychain':
我在 OS X 机器上运行 Jenkins CI 服务器。服务器以标准用户“john”的身份运行,并通过运行 launchctl 启动。该服务器所做的一件事是使用存储在钥匙串“xcode.keychain”中的密钥和证书构建 XCode 项目:
Jenkins (which is running under the user 'john' according to activity monitor) calls these commands from a script when the user presses a button on the web interface.
当用户按下 Web 界面上的按钮时,Jenkins(根据活动监视器在用户“john”下运行)从脚本中调用这些命令。
security default-keychain -s /Users/john/Library/Keychains/xcode.keychain
security unlock-keychain -p password /Users/john/Library/Keychains/xcode.keychain
xcodebuild ...
If I happen to be logged into the server as 'john' via the UI, the keychain gets unlocked properly when Jenkins calls those commands. But, if I'm not logged in, xcode.keychain doesn't get unlocked and the build fails. Any ideas?
如果我碰巧通过 UI 以“john”的身份登录到服务器,那么当 Jenkins 调用这些命令时,钥匙串会正确解锁。但是,如果我没有登录,则 xcode.keychain 不会解锁并且构建失败。有任何想法吗?
采纳答案by Raj
Running Jenkins without launchd works. I used the following command:
在没有 launchd 的情况下运行 Jenkins 有效。我使用了以下命令:
sudo su jenkins -c "JENKINS_HOME=/Users/Shared/Jenkins/Home /Library/Application\ Support/Jenkins/jenkins-runner.sh"
回答by Taytay
I had to:
我不得不:
- Right-click on the private key in my keychain that my build process was trying to use
- Click "Get Info"
- Then the "Access Control" tab.
- You can add specific apps (like "codesign") to the list of apps that are allowed access to that key, or just allow access from all applications.
- 右键单击我的钥匙串中我的构建过程试图使用的私钥
- 点击“获取信息”
- 然后是“访问控制”选项卡。
- 您可以将特定应用程序(如“代码设计”)添加到允许访问该密钥的应用程序列表中,或者只允许从所有应用程序访问。
This cleared it up for me.
这为我清除了它。
More info in these comments: https://stackoverflow.com/a/12235462/544130https://stackoverflow.com/a/14761060/544130
这些评论中的更多信息:https: //stackoverflow.com/a/12235462/544130 https://stackoverflow.com/a/14761060/544130
回答by Jens Kohl
I stumbled upon the exact same issue recently.
我最近偶然发现了完全相同的问题。
security list-keychains -s /Users/john/Library/Keychains/xcode.keychainprobably will fix your problem. Let me know if it works.
security list-keychains -s /Users/john/Library/Keychains/xcode.keychain可能会解决您的问题。让我知道它是否有效。
Recently I found a solution to this over there: Missing certificates and keys in the keychain while using Jenkins/Hudson as Continuous Integration for iOS and Mac development
最近我在那边找到了一个解决方案:在使用 Jenkins/Hudson 作为 iOS 和 Mac 开发的持续集成时,钥匙串中缺少证书和密钥
回答by sti
You could try Jenkins.app, an alternative way to run Jenkins. It runs Jenkins in a user session, so Keychain should not be a problem.
您可以尝试Jenkins.app,这是运行 Jenkins 的另一种方式。它在用户会话中运行 Jenkins,因此 Keychain 应该不成问题。
