The server started with just a plain setup of Jenkins 1.24 (where some php workflows where tested only).

After upgrading to the latest version of Jenkins 2 (and congratulations to all involved for the smooth upgrade process, no issues at all), there where some xcode jobs created.

After setting up everything, with all the users / certificates installed on the system keystore (which is supposed to be available from all users on the system), the commands:

$> /usr/bin/security find-identity -p codesigning -v

and

$> sudo su jenkins
$> /usr/bin/security find-identity -p codesigning -v

return a completly different list of identities (the first with the correct identities, the second empty).

As a work-around, i defined a password for the jenkins user, logged-in with it, opened xcode (in this case xcode 7), and on the xcode preferences | accounts, added my dev account and imported all the related teams, certificates and provisioning profiles.

After that, the command would return the correct signatures and the compilation process would proceed with success.

What was supposed to happen would be that the jenkins user created by the macos installer, to be able to read the system keystore and find the associated identities (in this case).

As an alternative, to automatically create a "login" keystore and state on the configuration that the identities / certificates etc need to be added to it (either would work fine).