User Profile

We have a mac (10.15.1) build server setup running Xcode 11 and Jenkins for CI that I want to use for notarization on release builds. However, I am unable to access the keychain item from the build server (which is started with the machine via launchd).If I login to the mac as the jenkins user and run the same commands, everything works fine as long as I unlock the keychain. But I get a keychain error when I try to run it as part of a build job, even if I try to unlock they keychain first as part of the job:altool[3090:62816] *** Error: The keychain returned error code: -25291. Failed to get the password for the keychain item 'blah'.altool[3096:62956] *** Error: Use the -u option to specify the account in the keychain item 'blah'. Failed to get the password for the keychain item 'blah'.Any tips? Jenkins seems to be able to access the syste keychain without issue, but for whatever reason I cannot move or add the password item to it; it can only seem to be in the login keychain. I really don't want to put a password in plaintext as part of the build jobl; surely there is a better way?