Jenkins上后台持续集成时如何绕过Mac的keychain机制

大家都知道,Mac上做持续集成时,是经常需要访问keychain的,而一般的命令行是不允许这么交互的,如果直接build可能会有这样的效果:

Signing Identity:     "iPhone Distribution: xxxxxx (yyyyyy)"

    /usr/bin/codesign --force --sign zzzzzz --preserve-metadata=identifier,entitlements --timestamp=none aaaa
aaaaa: replacing existing signature
bbbbb: User interaction is not allowed.
Command /usr/bin/codesign failed with exit code 1

其中,User interaction is not allowed很好的说明了这个问题。

我们可以用如下方法绕过这个限制:

security unlock-keychain -p password $HOME/Library/Keychains/login.keychain

执行完毕后,会对当前的shell解锁keychain,可以全部访问keychain。虽然有点trick,也不太安全,但总归是个方法。

Leave a Reply

Your email address will not be published.