This is how we secure our build Macs: Enable auto-login of a user account to be fault tolerant to power failures (this requires disabling FileVault and running the boot partition unencrypted) Create a separate partition with encryption enabled and don't save the encryption password in the keychain Put all Jenkins data, source code, and everything else on the encrypted partition Use a separate keychain to store any important keychain items and have the keychain automatically lock when the computer sleeps or shuts down This will allow you to remotely access the Mac if it reboots, but all sensitive data will still be encrypted until you SSH/VNC in and unlock everything. We also run a launchd daemon that automatically locks the screen if it detects a USB device is plugged or unplugged as an extra layer of physical security.

We're still seeing the problem on beta 7. @alexanderwe This affects us on across all platforms (Mac/iOS/watchOS). We're using the same workaround on all platforms.

To elaborate on the workaround suggested by @sotkov (thank you!), the following shell script phase got us unblocked (as of beta 6). if [ "$XCODE_VERSION_MAJOR" = "1500" ]; then echo "Remove signature files (Xcode 15 beta 6 workaround)" rm "$BUILD_DIR/Release/framework.xcframework-macos.signature" ...repeat for other .signature files... fi