Jenkins Setup on Os X server

Jenkins Os X – 3nd install

this time no jenkins group => using munki

1 Create jenkins Home Dir & log dirs

1.1 Create the jenkins folder + the Home folder

sudo su - jenkins

mkdir -p /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins/Home

1.2 Apply ownership

find "/Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins" \( -not -user jenkins -or -not -group munki \) -print0 | xargs -0 chown jenkins:munki

1.3 Create log folder

mkdir /var/log/jenkins
touch /var/log/jenkins/jenkins.log
touch /var/log/jenkins/jenkins_error.log
chown -R jenkins:munki /var/log/jenkins

1.4 Apply ownership

chown -R jenkins:munki /var/log/jenkins

1.5 create symlinks for some command line tools (optional)

Home dir symlink creation

Jenkins has its user dir at /Users/Shared/Jenkins. Some command line tools assumes that home dir is at /Users/jenkins. You have to make symlink:

sudo ln -s /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins /Users/jenkins
sudo chown jenkins:jenkins /Users/jenkins

Note: finally Doing so seems to help to get correct paths.
also note I changed jenkins home jenkins.war to reflect actual path. see 5.1! I did both actions together so not sure wich one or if both did the trick.

Obviously giving the correct path seems logic to me ;)

2 Create jenkins User & Group

  • used system Prefs
  • Edit user to be in group jenkins
  • Edit user to have NFSHomedir in /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins

3 jenkins install via brew

brew install jenkins

==> Downloading
######################################################################## 100.0%
==> Caveats
To have launchd start jenkins at login:
ln -sfv /usr/local/opt/jenkins/*.plist ~/Library/LaunchAgents
Then to load jenkins now:
launchctl load ~/Library/LaunchAgents/homebrew.mxcl.jenkins.plist
Or, if you don't want/need launchctl, you can just run:
java -jar /usr/local/opt/jenkins/libexec/jenkins.war
==> Summary
/usr/local/Cellar/jenkins/1.534: 3 files, 60M, built in 77 seconds
3.1 Important Note ! :

Don’t run “manually”

java -jar /usr/local/opt/jenkins/libexec/jenkins.war

as stated by brew after the install.

It has messed things up for me.

I noticed than if I launched it as my current user, it creates a .jenkins folder inside the current user (the one than runs the java jar).
AND it then configure user.home varaible with the user and not jenkins.

I would not try either as logged in as jenkins user.
Tried it too, it made the .jenkins folder inside the jenkins home dir.
We don’t want that as we edited plist and .sh scripts with variables.

Note : I may be wrong as .jenkins seems to be needed anyway. and it’s been recreated in my home dir ?

3.2 Important Note bis :

Concerning the LaunchAgent from brew. Just leave it, and follow on, as other have done work before and we can use that instead as it is more suited.

4 jenkins Setting-Up Defaults

With sudo

defaults write /Library/Preferences/org.jenkins-ci war "/usr/local/opt/jenkins/libexec/jenkins.war"

defaults write /Library/Preferences/org.jenkins-ci heapSize 512m

defaults write /Library/Preferences/org.jenkins-ci httpListenAddress

defaults write /Library/Preferences/org.jenkins-ci httpPort 8080

defaults write /Library/Preferences/org.jenkins-ci permGen 256m

defaults write /Library/Preferences/org.jenkins-ci JENKINS_HOME "/Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins/Home"

Will create the plist preferences file:


5 jenkins App support script

sudo cp /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/APPLICATIONS_DEV_git/jenkins_stuff/LIBRARY_APPSUP_JENKINS/ /Library/Application\ Support/jenkins/

sudo chown root:wheel /Library/Application\ Support/jenkins/ && chmod 644 /Library/Application\ Support/jenkins/

/Library/Application Support/jenkins/

5.1 Note :

On Line 15-16 Path /Applications/jenkins/jenkins.war is wrong.


#war=`$defaults war` || war="/Applications/jenkins/jenkins.war"


war=`$defaults war` || war="/usr/local/opt/jenkins/libexec/jenkins.war"

6 jenkins launchAgent

Copy the file

sudo cp /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/APPLICATIONS_DEV_git/jenkins_stuff/LIBRARY_LaunchAgent/org.jenkins-ci.plist /Library/LaunchAgents/org.jenkins-ci.plist

Apply root ownership and chmod 644

PLIST='/Library/LaunchAgents/org.jenkins-ci.plist'; chown root:wheel $PLIST && chmod 644 $PLIST


Finally let’s launch this:

WARNING be sure to be the jenkins user at any time you need to start and stop – no being so made errors on errors after updates or with java launched by me and notjenkins ????
didn’t get why – took me hours to figure out what was braking, notwhat but why. Please note also that I don’t know shit about java at all.
Well I know that I worked on the National French Launch of Java back in the days I was working in an agency ;)

launchctl load -w /Library/LaunchAgents/org.jenkins-ci.plist

Go to


launchd is ok

Note : you WANT to make a backup of the full jenkins directory (or not)

I use CarbonCopyCloner: easy GUI, fast cloning.

7 Setup Security once on the homepage

Setting up Security

7.1 step1 Security Realm

Security Realm

Choosed to UNIX user/group db (aka system)

  • Delegate to servlet container
  • Jenkins’s own user database
  • LDAP
  • Unix user/group database

change only this then apply and test if you can login !
If ok, then we can go on and change Authorization

Later on we’ll try to add LDAP support

  • Ok Success for me I now have the log in menu.
  • logged as jenkins ok

7.1 step2 Authorization


Choosed: Logged-in users can do anything

  • Anyone can do anything
  • Legacy mode
  • Logged-in users can do anything
  • Matrix-based security
  • Project-based Matrix Authorization Strategy

Ok Success for me I now have the log in menu

8 Configure from within the webapp


go there

in GLobal Properties

check Environment variables

value: /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins/Library/Keychains/login.keychain

value: jenkins

  • For now no keychain exists yet.
  • We could use the security commandline to create one, I’ll deal later with this in case we (an app) need it.

9 jenkins ssh-keygen

I want jenkins to be able to do commits with git
(not done yet)

so let’s prepare the work

  • Create .ssh dir
  • Create the file known_hosts
  • Create id_rsa (and then add the public key to your gitlab)

let’s go

sudo su - jenkins

check we’re in jenkins home

mkdir .ssh
touch .ssh/known_hosts
cd .ssh ; ls -la
ssh-keygen -t rsa -C "moc.l1656641550iamee1656641550mos@s1656641550nikne1656641550j1656641550" 

I copied my own known_hosts to get things faster.

10 Start and stop jenkins

with launchctl (launchd)

Do it as jenkins user

launchctl stop org.jenkins-ci

to stop

launchctl stop org.jenkins-ci

or you might want to unload

launchctl unload -w /Library/LaunchAgents/org.jenkins-ci.plist

to start again

(if you unloaded)

launchctl load -w /Library/LaunchAgents/org.jenkins-ci.plist

or start

launchctl start org.jenkins-ci

from web interface:


jenkins is ok

Note : you WANT to make a backup of the full jenkins directory (or not)

I use CarbonCopyCloner: easy GUI, fast cloning.

11 jenkins Updates

*nix/Mac Auto-Upgrade With Container
If you run Jenkins with java -jar jenkins.war, Jenkins will be able to update itself from the Manage Jenkins page. This is the simplest way to do automatic upgrades.

If you've installed via the OS X installer, the 'jenkins' running the process does not own the .war file. To get auto-upgrade working, just fix the permissions so the jenkins user can write the WAR (in /Applications/Jenkins).

Finnaly got it to work with a simple brew update jenkins !

Quick tip:

  • unload jenkins (from jenkins user!)
  • brew update
  • brew switch
  • load jenkins
  • go back to webapp, let jenkins works and restart
  • you (should be) good to go!

• we need to stop jenkins with launchctl

sudo launchctl unload -w /Library/LaunchAgents/org.jenkins-ci.plist

• do the switch (or install? or upgrade then switch)

brew switch jenkins 1.535

• reboot — no need to reboot when properly configured :)

• start jenkins again

sudo launchctl load -w /Library/LaunchAgents/org.jenkins-ci.plist

12 reimport olders jobs

I screwed my first and second setups, (and finally it was good on my third attempt, see 3.1)

sudo su - jenkins
cp -R /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/APPLICATIONS_DEV_git/jenkins_stuff/1st_setup_jobs.backup/jobs/* /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins/Home/jobs/
  • go back to webapp
  • ==> Manage Jenkins ==> Reload Configuration from Disk

Tada ! All my jobs are here.

Importing old jobs is successfull.

Now let’s see if they are still working as I did not add environment variables for autopkg (will see if needed in a minute)

Had Failures as I said (permissions pb on autopkg and/or munki repo)
from my experience, Autopkg Cache and recipes must be owned by jenkins. if owned by “me” even with munki group it’s a no go.

So I add my user to the munki group. maybe will add some ACLS if needed to get reed of that annoying stuff.

a. /Library/AutoPkgs -> jenkins:munki

Permissions ok (jenkins:munki), so not that.

cp -R /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/APPLICATIONS_DEV_git/jenkins_stuff/com.github.autopkg.* /Users/jenkins/Library/Preferences/
b. munkirepo -> myaccount:munki

Check the munki repo premissions (I deleted jenkins user lots of time and changed UID sometimes too)

sudo chown -R localadminoem:munki MUNKI_REPO_MASTER

Failure again with jenkins User

c. autopkg from jenkinsuser

Failure from within jenkins user, success from current user (me). Seems to be Autopkg config problems .

sudo su - jenkins

Assuming you are in jenkins homedir

sudo chown -R jenkins:munki .
chmod -R g+xa .

move to Autopkg in ~homedir.

cd Library/AutoPkg

ln -s /Library/AutoPkg/Cache .
ln -s /Library/AutoPkg/RecipeRepos .
ls -l
lrwxr-xr-x  1 jenkins  staff  22 Oct 16 18:03 Cache -> /Library/AutoPkg/Cache
lrwxr-xr-x  1 jenkins  staff  28 Oct 16 18:03 RecipeRepos -> /Library/AutoPkg/RecipeRepos

OR you could just configure from jenkins user (RTFM)

defaults write com.github.

now run the “jenkins command” manually in the terminal.

macpro:Cache jenkins$ /usr/local/bin/autopkg run --search-dir=/Library/AutoPkg/RecipeRepos/ Cyberduck.munki
Processing Cyberduck.munki...

Nothing downloaded, packaged or imported.

No errors, all is fine now.

note the result just indicate ther is no new updates

See this post for autopkg command syntax

Next, I’ll have to get git working with gitlab.

Some usefull links

That helped me out in my quest


Product and graphic designer turned to be a Mac SysAdmin.

Posted in Admin, Deploy, Mac Tagged with: , , , , , , , ,
0 comments on “Jenkins Setup on Os X server
1 Pings/Trackbacks for "Jenkins Setup on Os X server"
  1. […] Jenkins setup on Os X server Jenkins setup on Os X server […]

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>