Execution policy exception registration failed with Jenkins on Catalina

Hello!


I'm trying to get our CI servers migrated over to Catalina, but I'm having quite the struggle. During the build phase, Xcode 11 is attempting to give the xctest bundles an execution policy exception in order to run, but it always fails with:


note: Execution policy exception registration failed and was skipped: Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"


This note is shown after the builtin-RegisterExecutionPolicyException build step is performed on the test bundle.


After everything is built, the run just hangs until it gets aborted by timeout, likely because it can't execute the test bundle.


This problem was occurring when running the CI script directly from terminal, but adding Terminal to the list of applications under Developer tools in the `Settings -> Security & Privacy -> Privacy` screen resolved the issue with terminal; I no longer get the error and the tests run successfully. Unfortunately, this did not fix the CI system. I've added a number of other applications to this list, including fastlane (which is the tool used to run the code), ruby, java (for jenkins), sh, bash, zsh, xcodebuild (along with every other tool in the directory that xcodebuild is in), etc. I've also attempted to disable gatekeeper with `sudo spctl --master-disable`, but I continue to see this error from Jenkins.


Has anyone else ran into this or know the proper way to get Jenkins to work on Catalina?


Thanks!

~James

Replies

Hi James!


I'm having the same problem as you: trying to set up a Jenkins node on macOS Catalina. When a build is running, it fails with this error message when trying to code sign an app. Interestingly, there are other codesigning steps before the failing one, which do succeed.


I looked at the command parameters and found differences between the successful and unsuccessful one. The first one has "--preserve-metadata=identifier,entitlements,flags" set, the failing one "--entitlements ..."


Which process fails during your build pase exactly?


Regards,

Christian

Hi all,


I'm seeing the same thing with TeamCity buildAgent 2019.2. I've added a bunch of shells and Xcode tools to Full Disk Access and Developer Tools privacy settings, but no luck so far. Please post if you find a solution.


note: Execution policy exception registration failed and was skipped: Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"


TIA,

Tim

Also receiving the same error. Tried both Xcode 11.1 and 11.3 on macOS 10.15

I have the same issue with fastlane since november 2019. And doesn't work so far.

had the same issue - I'm not sure why I did, but in my xcodebuild command, I pass UseModernBuildSystem=NO and now it works..

Please try again with the Xcode 12 Beta and file an issue on feedbackassistant.apple.com if the issue is still occurring.
Having the same issues.

@jan98 updating to a beta of Xcode 12 is not an acceptable solution. This is ridiculous!

Y'know developers have long been opposed to many of the new "security" restrictions being put into place, since all it does is makes hassles for developers and users. Malware authors just code around it.

You need to post an Xcode 11 update to fix this or tells us how we can simply disable whatever system daemon is killing our processes. Because this is ridiculous.


James are your builds running in VMs or directly on hardware?