I'm running a Jenkins CI server on an OS X machine. The server is running as a standard user 'john', and is started by running launchctl. One of the things this server does is build XCode projects using keys and certificates stored in a keychain 'xcode.keychain':
Jenkins (which is running under the user 'john' according to activity monitor) calls these commands from a script when the user presses a button on the web interface.
security default-keychain -s /Users/john/Library/Keychains/xcode.keychain
security unlock-keychain -p password /Users/john/Library/Keychains/xcode.keychain
xcodebuild ...
If I happen to be logged into the server as 'john' via the UI, the keychain gets unlocked properly when Jenkins calls those commands. But, if I'm not logged in, xcode.keychain doesn't get unlocked and the build fails. Any ideas?
I had to:
This cleared it up for me.
More info in these comments: https://stackoverflow.com/a/12235462/544130 https://stackoverflow.com/a/14761060/544130