skoobasteeve/jamfops
1
0
Fork 0
mirror of https://github.com/skoobasteeve/jamfops.git synced 2026-03-20 05:08:55 +00:00
Code Issues Projects Releases Wiki Activity
Files
main
jamfops/github-actions/autopkg-recipe-test.yml
Ray Lyon ca11e90e99 updates for reliability, efficiency
2021-11-05 14:40:14 -04:00

103 lines
4.1 KiB
YAML
Raw Permalink Blame History

#### README ####
#
# This action "tests" your AutoPKG JSS recipes by running them on a macOS machine and uploading them to your JAMF instance via JSSImporter
# I recommend using a sandbox/dev instance for this, which your JAMF rep will happily provide for you on request.
#
#### REQUIREMENTS ####
#
# The below action assumes that your repository contains a RecipeOverrides folder at its root that contains your overrides
# It also assumes you have a file called repo_list.txt in the root of your repository which lists the parent repositories used by your recipes.
#
# This action also references (3) Github repository secrets:
# - JSS_USERNAME
# - JSS_PASSWORD
# - JSS_URL
#
# I HIGHLY RECOMMEND USING A JAMF SANDBOX/DEV ENVIRONMENT
#
####
name: AutoPkg Recipe Test
on:
pull_request:
branches:
- main
paths:
- 'RecipeOverrides/**'
jobs:
AutoPkg:
runs-on: macos-latest
timeout-minutes: 25
steps:
- name: Checkout it-autopkg
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Get file changes
uses: dorny/paths-filter@v2
id: filter
with:
filters: |
recipes:
- 'RecipeOverrides/**.recipe'
templates:
- 'RecipeOverrides/**.xml'
- name: List new recipes in temp file
if: steps.filter.outputs.recipes == 'true'
run: |
git diff --name-status origin/main | grep ".*\.recipe$" | sed '/^D/d' | grep -v '^R100' | cut -c 3- | sort -u > /tmp/new_recipes.txt
- name: List new recipe templates in temp file
if: steps.filter.outputs.templates == 'true'
run: |
git diff --name-status origin/main | grep ".*\.xml" | sed '/^D/d' | grep -v '^R100' | cut -c 3- | sort -u > /tmp/new_templates.txt
- name: Validate XML syntax for recipes
if: steps.filter.outputs.recipes == 'true'
run: |
while read recipe; do xmllint --noout "$recipe"; done < <(cat /tmp/new_recipes.txt)
- name: Validate XML syntax for recipe templates
if: steps.filter.outputs.templates == 'true'
run: |
while read template; do xmllint --noout "$template"; done < <(cat /tmp/new_templates.txt)
- name: Install AutoPkg
if: steps.filter.outputs.recipes == 'true'
run: |
curl -L https://github.com/autopkg/autopkg/releases/download/v2.3.1/autopkg-2.3.1.pkg --output /tmp/autopkg.pkg
sudo installer -pkg /tmp/autopkg.pkg -target /
- name: Install JSSImporter
if: steps.filter.outputs.recipes == 'true'
run: |
curl -L https://github.com/jssimporter/JSSImporter/releases/download/v1.1.5/jssimporter-1.1.5.pkg --output /tmp/jssimporter.pkg
sudo installer -pkg /tmp/jssimporter.pkg -target /
- name: Configure AutoPkg
if: steps.filter.outputs.recipes == 'true'
env:
JSS_USERNAME: ${{ secrets.JSS_USERNAME_SANDBOX }}
JSS_PASSWORD: ${{ secrets.JSS_PASSWORD_SANDBOX }}
JSS_URL: ${{ secrets.JSS_URL }}
GH_TOKEN: ${{ secrets.GH_TOKEN }}
run: |
defaults write com.github.autopkg RECIPE_OVERRIDE_DIRS $(pwd)/RecipeOverrides/
defaults write com.github.autopkg RECIPE_REPO_DIR $(pwd)/repos/
defaults write com.github.autopkg FAIL_RECIPES_WITHOUT_TRUST_INFO -bool YES
defaults write com.github.autopkg JSS_URL $JSS_URL
defaults write com.github.autopkg API_USERNAME $JSS_USERNAME
defaults write com.github.autopkg API_PASSWORD $JSS_PASSWORD
defaults write com.github.autopkg GITHUB_TOKEN $GH_TOKEN
- name: Clone AutoPkg parent repos
if: steps.filter.outputs.recipes == 'true'
run: |
for repo in $(cat repo_list.txt); do autopkg repo-add $repo && autopkg repo-update $repo; done
- name: Verify trust info
if: steps.filter.outputs.recipes == 'true'
run: |
while read recipe; do autopkg verify-trust-info -vv "$recipe"; done < <(cat /tmp/new_recipes.txt)
- name: Run recipes
if: steps.filter.outputs.recipes == 'true'
run: |
while read recipe; do autopkg run -vvvv "$recipe" --key STOP_IF_NO_JSS_UPLOAD=False; done < <(cat /tmp/new_recipes.txt)
Reference in New Issue View Git Blame Copy Permalink