Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-30979

Unlock Keychain integrate with Developer Profile

XMLWordPrintable

    • Icon: New Feature New Feature
    • Resolution: Unresolved
    • Icon: Minor Minor
    • xcode-plugin
    • None

      Selecting "Unlock Keychain" option only show the globally configured keychains, or manual option.

      There should be an option to unlock the keychain provided by the Credentials plugin through the ".developerprofile" file.

      Current workaround is having a execute script step that runs this line:

      security list-keychain -s "jenkins-${JOB_NAME}"

      Which works because the Credentials plugin already unlocks the keychain, just doesn't it add it to the keychain list.

      Ideally the Xcode Plugin should have the option to easily just use that keychain.

          [JENKINS-30979] Unlock Keychain integrate with Developer Profile

          Paul Eipper added a comment - - edited

          This is the script I need to run to add the keychain and keep it unlocked without timeouts:

          # enable temporary keychain
security list-keychain -s "jenkins-${JOB_NAME}"
security list-keychain
# disable keychain timeout
security set-keychain-settings "jenkins-${JOB_NAME}"
security show-keychain-info "jenkins-${JOB_NAME}"

          The only issue is that concurrent builds with different temporary keychains have conflicts, since the keychain is serial.

          Another option would be to use this build option (not tried yet):

          OTHER_CODE_SIGN_FLAGS='--keychain jenkins-${JOB_NAME}'

          To force xcodebuild to use that.

          Paul Eipper added a comment - - edited This is the script I need to run to add the keychain and keep it unlocked without timeouts: # enable temporary keychain security list-keychain -s "jenkins-${JOB_NAME}" security list-keychain # disable keychain timeout security set-keychain-settings "jenkins-${JOB_NAME}" security show-keychain-info "jenkins-${JOB_NAME}" The only issue is that concurrent builds with different temporary keychains have conflicts, since the keychain is serial. Another option would be to use this build option (not tried yet): OTHER_CODE_SIGN_FLAGS= '--keychain jenkins-${JOB_NAME}' To force xcodebuild to use that.

            Unassigned Unassigned
            lkraider Paul Eipper
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: