Jenkins Slave for OS X
bash <( curl -L https://raw.github.com/rhwood/jenkins-slave-osx/master/install.sh )
OS X slaves created with this script:
- Starts on system boot
- Runs as an independent user
- Uses a Java Truststore for self-signed certificates (so your Jenkins master can use a self-signed certificate, and you do not have to instruct the slave to trust all certificates regardless of source)
- Uses the OS X Keychain for secrets
bash <( curl -L https://raw.github.com/rhwood/jenkins-slave-osx/master/install.sh ) [options]
The install script has the following options:
--master-cert=/path/to/cert.certo install either a self-signed certificate for the Jenkins master, or the root certificate of the CA that signed the Jenkins master certificate. Optional; the installer prompts for this as needed.
--java-args="ARGS"to specify any optional java arguments. Optional; the installer does not test these arguments.
--master=URLto specify the Jenkins Master on the command line. Optional; the installer prompts for this if not specified on the command line.
--node=NAMEto specify the Slave's node name. Optional; this defaults to the OS X hostname and is verified by the installer.
--user=NAMEto specify the Jenkins user who authenticates the slave. Optional; this defaults to your username on the OS X slave and is verified by the installer.
Simply rerun the installer. It will reinstall the scripts, but use existing configuration settings.
The following file in
/var/lib/jenkins (assuming you installed this service in the default location) can be used to configure this service:
Adding Server Certificates
If you decide to secure the Jenkins master, or need to add additional certificates for the slave to trust the Jenkins master, you only need (assuming your service account is "jenkins", and your CA is StartSSL.com) from a command line:
sudo launchctl unload /Library/LaunchDaemons/org.jenkins-ci.slave.jnlp.plist
sudo -i -u jenkins
curl -O http://www.startssl.com/certs/ca.crt
./security.sh add-java-certificate --authority --alias=root-ca --certificate=./ca.crt
curl -O http://www.startssl.com/certs/sub.class1.server.ca.crt
./security.sh add-java-certificate --alias=ca-server --certificate=./sub.class1.server.ca.crt
sudo launchctl load /Library/LaunchDaemons/org.jenkins-ci.slave.jnlp.plist