-
Bug
-
Resolution: Fixed
-
Major
-
None
-
Ubuntu 12.04.3 (Master), OSX Mavericks 10.9.2 (slave)
I have a build set up using the Xcode plugin with a restriction set to run on an OSX build slave. The first build step in this job is to import the developer profile using the "Import Developer Profile" function. When I set it up this way, the first time I execute the build, the job launches and completes successfully. The second time I try to run this build, however, the job fails at the "import developer profile" step. The console log for the builds shows the following:
$ security list-keychains
$ security create-keychain -p ******** jenkins-iOS-Client-Dev
security: SecKeychainCreate jenkins-iOS-Client-Dev: A keychain with the same name already exists.
ERROR: Failed to create a keychain
Finished: FAILURE
If I manually run the 'security list-keychains' on the build slave as the build user (jenkins), I don't see any keychains listed:
$ sudo -u jenkins security list-keychains
Password:
"/Library/Keychains/System.keychain"
However, if I look in the Keychains directory for the 'jenkins' user on the OSX machine, I see a file named with the keychain:
$ pwd
/var/lib/jenkins/Library/Keychains
$ ls -l
total 176
rw-rr- 1 jenkins jenkins 37292 Mar 11 11:33 jenkins-iOS-Client-Dev
rw-rr- 1 jenkins jenkins 45164 Feb 21 17:30 login.keychain
This is a major issue for us as, without being able to import developer profiles dynamically in the job config, we have to go manually tweak the build environment to include the proper certs, mobileprofiles and credentials.
[JENKINS-22130] "keychain with the same name already exists" error with developer profile import
I experienced the same problem, but it seems I found an easy bypass.
I add a step to the build "execute shel script"
and my script is just : security delete-keychain "jenkins-Building <Your Project>"
deleting the key prior to building as chewbee suggested worked for me:
security delete-keychain "jenkins-$JOB_NAME" || :
Cesar Carrasco
added a comment - - edited deleting the key prior to building as chewbee suggested worked for me:
security delete-keychain "jenkins-$JOB_NAME" || :
It worked for me too.
security delete-keychain jenkins-jobName
The problem is that if the build crashes (for any other reason) it removes the jobName and on the next build (Let's say that the other problem was causing the crash has been fixed) 'security delete-keychain jenkins-jobName' tries to remove jobName which has been removed on last build already and therefore it crashes again since it can't find the jobName.
Is there anyway to ensure that jobName does exist before trying to delete it?
Or any other ideas please?
Younes Nouri Soltan
added a comment - - edited It worked for me too.
security delete-keychain jenkins-jobName
The problem is that if the build crashes (for any other reason) it removes the jobName and on the next build (Let's say that the other problem was causing the crash has been fixed) 'security delete-keychain jenkins-jobName' tries to remove jobName which has been removed on last build already and therefore it crashes again since it can't find the jobName.
Is there anyway to ensure that jobName does exist before trying to delete it?
Or any other ideas please? younes20: execute null or true after that command (note the "|| :" in my comment).
This way, if removing the key fails due to no key existing, the next command (: or true) returns success and the job won't fail.
Also, use the env variable $JOB_NAME rather than hardcoding the name
Cesar Carrasco
added a comment - - edited younes20 : execute null or true after that command (note the "|| :" in my comment).
This way, if removing the key fails due to no key existing, the next command (: or true) returns success and the job won't fail.
Also, use the env variable $JOB_NAME rather than hardcoding the name 
lacostej
added a comment - The cause of the issue is that we use list-keychains incorrectly. list-keychains is used to manage it's own list of keychains not to list the existing ones.
I have a fix for the issue. I will push it later today.
lacostej
added a comment - The cause of the issue is that we use list-keychains incorrectly. list-keychains is used to manage it's own list of keychains not to list the existing ones.
I have a fix for the issue. I will push it later today. Code changed in jenkins
User: Jerome Lacoste
Path:
src/main/java/au/com/rayh/DeveloperProfileLoader.java
http://jenkins-ci.org/commit/xcode-plugin/a313c4677b55dc20291d2f364b014284b5c88921
Log:
JENKINS-22130 list-keychains doesn't do what its name seem to imply but manipulates a search list. show-keychain might require a pasword, so let's just force delete
discovered this issue actually applies to all my Xcode build jobs, not just the multi config. it always happens on the second run. i have update d the bug to reflect this