Increasing macOS Instance Volume Size

To install an iOS application build tool like Xcode, sufficient disk space must be available. The macOS instance volume size can be modified at launch or after the Mac instance is running. If the volume size is not modified at launch time, the default disk size that is provisioned with the Amazon EC2 Mac instance might not be sufficient.

The macOS instance uses an Amazon Elastic Block Storage (EBS) volume. Increasing the storage capacity of a running macOS instance involves increasing the capacity of the attached EBS volume, rebooting the instance, and making the increased disk space available for use.

The instance volume size can be seen by selecting the macOS instance on the EC2 console as shown in Figure 5-1. To increase the volume size, click on the EBS volume ID as shown in Figure 5-1; this will direct you to the EBS console.

Access the volume modification page as shown in Figure 5-2.

Modify the instance EBS volume size. The example shown in Figure 5-3 increases the volume to 200 GB.

After resizing the attached EBS volume of a running macOS instance, it will not be visible within the instance until a reboot occurs. You can reboot the macOS instance from the EC2 console as shown in Figures 5-4 and 5-5.

Setting Up Xcode

Xcode can be installed manually on the macOS instance from the App Store just as discussed in Chapter 1. After Xcode installation, to begin using Xcode, you must accept the Xcode and iOS SDK License Agreement, as shown in Figure 5-6.

If prompted to enter password to grant Xcode permissions, enter your user password. If using the default ec2-user, this is the user password that is created for the user as discussed in Chapter 4.

Once Xcode is ready for usage, it should launch into its welcome page, as shown in Figure 5-7.

Setting Up Jenkins

Jenkins is an open-source automation and application build tool. It integrates with a variety of other tools, which makes it suitable for various types of builds and automations. Jenkins supports distributed builds; you can use different build environments for each build project using agents that run jobs in parallel.

These agents are controlled by a controller, which is the main Jenkins node where all build jobs are configured and scheduled. The agents can be the same type of environment as the controller where jobs are scheduled to balance workload or a different environment from the main controller where jobs are scheduled on the agent based on the build environment required by the application being built.

Let us explore in the next two sections how you can configure a Jenkins controller in a Linux environment on an Amazon EC2 instance and have a macOS build agent for building iOS applications.

Provisioning Jenkins Controller

The controller will be provisioned on an Amazon EC2 Linux instance, so, firstly, an EC2 instance must be created from the EC2 console, as shown in Figure 5-8.

The latest Amazon Linux Amazon Machine Image (AMI) for the applicable AWS region is selected, as shown in Figure 5-9.

Select the instance type and configure the instance and storage capacity as desired. For the security group, SSH (TCP Port 22) access is needed to enable access into the Jenkins server. Jenkins also serves traffic on TCP port 8080 so this must be allowed in the security group. An example security group configuration is shown in Figure 5-10. These rules can be further restricted with the source IP address of your workstation.

After the instance launch, the next step is to log in to the instance through SSH to install the Jenkins software.

Since an Amazon Linux EC2 instance is provisioned, yum package manager will be used to install Jenkins. Similarly, package managers in other operating systems can be used to install Jenkins on those operating systems.

First, a quick software update of all packages on the instance is performed, as in Listing 5-5.

[ec2-user ~]$ sudo yum update

Listing 5-5

Updating software packages

After updating software packages, the Jenkins repo can be added to yum, as shown in Listing 5-6.

[ec2-user ~]$ sudo wget -O /etc/yum.repos.d/jenkins.repo

    https://pkg.jenkins.io/redhat-stable/jenkins.repo

Listing 5-6

Adding Jenkins to yum repo

Next is to import the key file for RPM to verify the package. This is shown in Listing 5-7.

[ec2-user ~]$ sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key

[ec2-user ~]$ sudo yum upgrade

Listing 5-7

Import rpm key file to verify package

Jenkins can then be installed, as shown in Listing 5-8.

[ec2-user ~]$ sudo yum install jenkins java-1.8.0-openjdk-devel -y

[ec2-user ~]$ sudo systemctl daemon-reload

Listing 5-8

Installing Jenkins

After installation, Jenkins can be started as a service, as shown in Listing 5-9.

[ec2-user ~]$ sudo systemctl start jenkins

Listing 5-9

Starting Jenkins as a service

Jenkins status can be checked as shown in Listing 5-10.

[ec2-user ~]$ sudo systemctl status jenkins

Listing 5-10

Checking Jenkins status

To set up Jenkins initially, it requires an initial administrator password. This password can be retrieved as shown in Listing 5-11.

[ec2-user ~]$ sudo cat /var/lib/jenkins/secrets/initialAdminPassword

Listing 5-11

Retriving initial Admin Password

To access your Jenkins server for the first time through its management interface, connect to http://<your_server_public_DNS>:8080 from your web browser. The initial setup page is as shown in Figure 5-11. Enter the initial password retrieved as shown in Listing 5-11.

To support different types of applications and tools, Jenkins uses plugins to extend its functionalities. During Jenkins initial setup, you can select specific plugins to install, or install the suggested plugins as shown in Figure 5-12.

An initial admin user must also be created to authenticate into Jenkins. The initial admin user can be set up as shown in Figure 5-13.

After all the plugins are installed and the initial admin user is set up, Jenkins is ready for use to start creating jobs and registering build agents. A fresh Jenkins installation welcome page is as shown in Figure 5-14.

EC2 Mac Instance As Jenkins Build Agent

After creating the Jenkins controller, you can set up build agents for distributed builds. To build iOS applications, a macOS build agent must be present. Let us explore how to add an EC2 Mac instance as a build agent to the Jenkins controller via SSH.

To add a Jenkins build agent, Java must be installed. Listing 5-12 shows how to install Java development kit with Homebrew on EC2 Mac.

ec2-user@ip-172-31-47-239 ~ % su ec2-user -c '/usr/local/bin/brew install openjdk@8'

Password:

Updating Homebrew...

==> Auto-updated Homebrew!

Updated 1 tap (homebrew/core).

==> Updated Formulae

Updated 20 formulae.

==> Downloading https://ghcr.io/v2/homebrew/core/libpng/manifests/1.6.37

######################################################################## 100.0%

.

.

.

.

.

==> Installing dependencies for openjdk@8: libpng and freetype

==> Installing openjdk@8 dependency: libpng

Listing 5-12

Installing OpenJDK on EC2 Mac

After installing OpenJDK with Homebrew, you create a symbolic link for it and verify installation as shown in Listing 5-13.

sh-3.2# ln -sfn /usr/local/opt/openjdk@8/libexec/openjdk.jdk /Library/Java/JavaVirtualMachines/openjdk-8.jdk

sh-3.2# java -version

openjdk version "1.8.0_282"

OpenJDK Runtime Environment (build 1.8.0_282-bre_2021_01_20_16_06-b00)

OpenJDK 64-Bit Server VM (build 25.282-b00, mixed mode)

Listing 5-13

Create symlink for OpenJDK and verify Installation

After having Java installed, the next requirement is to create a Jenkins user and set up SSH access for that user. The Jenkins controller will use this user to connect to the macOS build agent via SSH to submit build jobs. You can create a new Jenkins user as shown in Listing 5-14.

sh-3.2# sysadminctl -addUser jenkins

2021-07-10 19:50:42.793 sysadminctl[6437:155160] --------------

2021-07-10 19:50:42.793 sysadminctl[6437:155160] No clear text password or interactive option was specified (adduser, change/reset password will not allow user to use FDE) !

2021-07-10 19:50:42.793 sysadminctl[6437:155160] --------------

2021-07-10 19:50:42.970 sysadminctl[6437:155160] Creating user record...

2021-07-10 19:50:43.043 sysadminctl[6437:155160] Assigning UID: 503 GID: 20

2021-07-10 19:50:43.076 sysadminctl[6437:155160] Creating home directory at /Users/jenkins

Listing 5-14

Creating Jenkins user

With the user created, you can either set up a new key or reuse the existing default ec2-user key on the macOS instance. Listing 5-15 shows how to reuse the default ec2-user SSH credentials with the new Jenkins user.

sh-3.2# mkdir /Users/jenkins/.ssh/

sh-3.2# cp -a /Users/ec2-user/.ssh/. /Users/jenkins/.ssh/

sh-3.2# cp /Users/ec2-user/.ssh/* /Users/jenkins/.ssh/.

sh-3.2# chown -R jenkins /Users/jenkins/.ssh

sh-3.2# chmod 700 /Users/jenkins/.ssh

sh-3.2# chmod 600 /Users/jenkins/.ssh/authorized_keys

Listing 5-15

Setting up SSH keys for Jenkins user

Next let us ensure that the Jenkins controller has SSH access to the EC2 Mac instance from the security groups.

As shown in Figure 5-15, TCP port 22 access is configured for the /32 private IP address of the Jenkins controller instance. The private IP address is used because the Jenkins controller and EC2 Mac instance are in the same Virtual Private Cloud (VPC). If they are in different VPCs and the Jenkins controller will connect with the Mac instance via the Internet, you will add the public IP address of the Jenkins controller instead.

With Java installed, Jenkins user created, SSH access set up, and security group configured, you are ready to add the EC2 macOS instance as a build node.

On the Jenkins user interface, select “Manage Jenkins” option, then select “Manage Nodes and Clouds” as shown in Figure 5-16.

Initiate the process to add a new node and provide a name for the node, as shown in Figure 5-17.

Connectivity information of the node will be configured which includes the IP address of the node, the launch method, label, credentials of the node, etc. The label is configured in build jobs and used by the controller to identify the build agent to schedule a specific job on. An example configuration of a node with SSH launch method and an iOS label is shown in Figure 5-18.

The SSH credentials must be configured separately. The credentials can be created in advance or at the time of adding a node. Figure 5-18 shows how to add new credentials when configuring the build node.

To add SSH credentials, you provide the Jenkins username and the SSH private key. To get the private key content, open the private key file that is configured for Jenkins user SSH access.

• In this example, the same SSH private key is used for ec2-user and Jenkins user as configured in Listing 5-15 so retrieve the content of that private key from your workstation.

Figure 5-19 shows an example of configuring SSH credentials.

Environment variables such as path variables can be configured for the node, as shown in Figure 5-20.

Save the configuration for the new node. From Figure 5-18, the host key verification is configured as a manual trust, so after the new node configuration is saved, the Jenkins controller attempts to connect via SSH to the build agent and a prompt is shown on the left-side options of the Jenkins node with a request to trust the Jenkins controller; select this to allow the connection to proceed.

You can view the console output on Jenkins to view the status and see it in action. A console output example for a successful agent added is shown in Listing 5-16.

[07/11/21 17:31:16] [SSH] Checking java version of java

[07/11/21 17:31:16] [SSH] java -version returned 1.8.0_282.

[07/11/21 17:31:16] [SSH] Starting sftp client.

[07/11/21 17:31:16] [SSH] Copying latest remoting.jar...

[07/11/21 17:31:16] [SSH] Copied 1,502,119 bytes.

Expanded the channel window size to 4MB

[07/11/21 17:31:16] [SSH] Starting agent process: cd "/Users/Jenkins" && java  -jar remoting.jar -workDir /Users/Jenkins -jar-cache /Users/Jenkins/remoting/jarCache

Jul 11, 2021 5:31:17 PM org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDir

INFO: Using /Users/Jenkins/remoting as a remoting work directory

Jul 11, 2021 5:31:17 PM org.jenkinsci.remoting.engine.WorkDirManager setupLogging

INFO: Both error and output logs will be printed to /Users/Jenkins/remoting

<===[JENKINS REMOTING CAPACITY]===>channel started

Remoting version: 4.7

This is a Unix agent

Evacuated stdout

Agent successfully connected and online

Listing 5-16

Output snippet of adding Jenkins agent

After a build node is added, it will be visible in the list of nodes, as shown in Figure 5-21.

Setting Up Fastlane

Fastlane can be integrated with Jenkins to create a full end-to-end Continuous Integration Continuous Delivery (CICD) process for iOS application development.

After installation, you can verify installation and start using Fastlane. An example of starting Fastlane and an example output are shown in Listing 5-18.

Listing 5-18. Starting Fastlane

Setting Up GitLab

GitLab is a DevOps platform that provides a host of features to increase agility in software development process. Some of the features are git repository manager for managing source code, continuous integration, and deployment pipelines for automatically building and deploying applications etc.

For its continuous integration and deployment feature, it uses GitLab runner. GitLab Runner is an application that works with GitLab CICD to run jobs in a pipeline. The GitLab Runner application can be installed on a separate infrastructure and operating system depending on the job the runner will perform.

GitLab Runner can also be installed on macOS for running iOS-related jobs, so let us explore how to set up GitLab and install a GitLab Runner on macOS EC2 instance.

Creating GitLab Project

To start using GitLab, you must sign up for a GitLab account. You can sign up for free on https://gitlab.com/. Then, create a project as shown in Figure 5-22.

Next, you are given the option to choose how you want to create the project, as shown in Figure 5-23, you can create a blank project or use a template which will prepopulate your project with files.

Configure the project name, URL, and the visibility level (Private or Public). Figure 5-24 shows an example project configuration.

Setting Up macOS GitLab Runner

When you create a GitLab project, a repository is created for the project, and you get access to lots of DevOps features, among which is CICD. To set up a GitLab CICD pipeline that can build iOS applications, a macOS GitLab Runner must be set up.

GitLab Runner configuration for a project can be accessed in the project settings, as shown in Figure 5-25.

To register a GitLab runner on your macOS instance, it requires the URL of the GitLab location and a unique registration token. You can retrieve both by expanding Runners in project CICD settings, as shown in Figure 5-26.

The GitLab Runner is available as a binary. You can download the binary and provide appropriate permission on your macOS instance, as shown in Listing 5-19.

ec2-user@ip-172-31-47-239 ~ % sudo curl --output /usr/local/bin/gitlab-runner "https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-darwin-amd64"

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100 53.0M  100 53.0M    0     0  92.6M      0 --:--:-- --:--:-- --:--:-- 92.4M

ec2-user@ip-172-31-47-239 ~ % sudo chmod +x /usr/local/bin/gitlab-runner

Listing 5-19

Download GitLab Runner binary for macOS

Now you can register the runner as shown in Listing 5-20. The registration is an interactive operation where you will provide the registration token, GitLab URL, runner description, etc.

ec2-user@ip-172-31-47-239 ~ % gitlab-runner register

Runtime platform                                    arch=amd64 os=darwin pid=4212 revision=c1edb478 version=14.0.1

WARNING: Running in user-mode.

WARNING: Use sudo for system-mode:

WARNING: $ sudo gitlab-runner...

Enter the GitLab instance URL (for example, https://gitlab.com/):

https://gitlab.com/

Enter the registration token:

nxxxxxxxxxxxxxxi

Enter a description for the runner:

[ip-172-31-47-239.ec2.internal]: mac os runner

Enter tags for the runner (comma-separated):

Registering runner... succeeded                     runner=nYR2beCG

Enter an executor: custom, docker, parallels, docker-ssh, shell, ssh, virtualbox, docker+machine, docker-ssh+machine, kubernetes:

shell

Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!

Listing 5-20

GitLab Runner registration

A successful runner registration does not install the runner, you must install the runner separately. Listing 5-21 shows how to install and start the GitLab Runner.

ec2-user@ip-172-31-47-239 ~ % gitlab-runner install

Runtime platform                                    arch=amd64 os=darwin pid=4237 revision=c1edb478 version=14.0.1

ec2-user@ip-172-31-47-239 ~ % gitlab-runner start

Runtime platform                                    arch=amd64 os=darwin pid=4240 revision=c1edb478 version=14.0.1

Listing 5-21

Installing and starting GitLab Runner

Once the GitLab Runner is installed, you can start scheduling jobs to this runner from a GitLab CICD pipeline. To verify that the runner has been registered with your GitLab project and ready to receive jobs, ensure that you can see the registered macOS runner on the list of runners on your GitLab project. Figure 5-27 shows the macOS instance registered as a runner on GitLab.

• See https://docs.gitlab.com/ee/ci/pipelines/index.html for more information on setting up GitLab CICD pipelines.

Summary

Setting up an iOS application development environment requires installation of different software such as iOS-specific Xcode and other third-party and open-source tools. We have covered the installation and setup of all these tools on a macOS Amazon EC2 instance to get it ready for development.