Skip to content


Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Ansible Playbook: Setup OSX/iOS CI Environment

GPL-3.0 licensed Build Status

This playbook uses two roles:

They setup a CI user and install and configure common tools used for OSX/iOS CI environment:

The default role inventory targets localhost (found in inventory/main). This means that the playbook should be executed on the machine that needs to be configured. If you want to execute the playbook remotely, you will need to provide another Ansible inventory. You can find a detailed description of what an inventory is and how to use it in the Ansible documentation


The playbook requires Ansible to be installed on both the host and the target machine. In the default setup, the host and target machine are one and the same. You can find a configuration bash script in scripts/


sudo scripts/

will install:

  • Xcode Command Line Tools
  • pip
  • Ansible

Both roles come from Ansible Galaxy. In order to install them, you need to run:

ansible-galaxy install -r requirements.yml

The Xcode Command Line Tools and Xcode installations require a UI session. This means the user you are using to execute the playbook must be logged on to the OSX machine.


The playbook will need several variables in order to work correctly. Their default values can be found in group_vars/all.yml.

ansible_user: admin

The default user name to use for installing and configuring the needed tooling.


The privilege escalation password. It is highly recommended not to pass the password in plain text. To encrypt it we will use Ansible Vault. You can add the variable to group_vars/all.yml and execute the following command:

ansible-vault encrypt group_vars/all.yml

You will be asked for a vault password. It will be later used to decrypt the file. Once the operation is executed the file will be encrypted. Then you can run ansible-playbook with the --ask-vault-pass flag. You will be asked for the vault password you used to encrypt the file. Once the vault password is submitted the playbook will continue its execution. More on Ansible Vault can be found here.

For information about the variables that osx-ci and xcode roles expect you can check their repositories:




ansible-playbook site.yml -i inventory -e ansible_user=administrator -e xcode_xip_location='/Users/administrator/Downloads/Xcode_10.1.xip' -e xcode_major_version=10 -e ci_user_public_key_location='/tmp/' --ask-vault-pass



Author Information

This playbook was created in 2019 by MacStadium, Inc.



No releases published


No packages published