Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jgarcesres/git2jamf

Github action to create, update and delete scripts in jamf :octocat:
https://github.com/jgarcesres/git2jamf

actions api integration jamf jamf-github jamfpro jamfpro-scripts workflow

Last synced: 2 months ago
JSON representation

Github action to create, update and delete scripts in jamf :octocat:

Awesome Lists containing this project

README

        

# git2jamf [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
This action grabs the github repository (or any subdfolder of your choice) scans it for scripts and will create or update those scripts in jamf.

It starts by comparing filename of the github script (without the extension) against the name of the script in jamf:
* If it doesn't exist, it will create it
* if it exists, it will compare the hash of the body of both scripts and update it in jamf if they differ. Github is always treated as the source.
* If enabled, it will add a prefix with the `branch name_` to a script.

After creating and updating scripts, if enabled, it can delete any leftover script that is not found in github, thus keeping Github as your one source.

## Future state
* handle extension attributes.
* slack notifications
* suggestions are welcome!

## Inputs
### `jamf_url`

**Required** the url of your jamf instance

### `jamf_auth_type`

**Optional** Defaults to `auth` but can be set to `oauth` to use `client_id` and `client_secret` instead of a username and password.

### `jamf_username`

**Required** the username to auth against jamf. If `auth_type` is set to `oauth`, this is the `client_id` . **This user should have permission to update and create scripts.**

### `jamf_password`

**Required** password for the user. If `auth_type` is set to `oauth`, this is the `client_secret`

### `script_dir`

**optional** the directory where the scripts to upload will be, this could be a subdirectoy in your repository `path/to/scripts`. By default it will try to sync all .sh and .py files from the repo, so it's **greatly recommended to provide this input**, you can look for multiple subdirectories that share the same name, just provide a name like `**/scripts`

### `script_extensions`

**optional** the extensions for the types of files we'll be searching for. By default it tries to look for `*.sh and *.py` files. To change the behavior, separate each extension with spaces and no periods. ie `sh py ps1`

### `delete`

**optional** by default this will be `false`, if enabled it will delete any scripts that are not found in the github folder you're syncing. **Don't enable this and the prefix at the same time if you're running multiple workflows, they're not compatible**

### `prefix`

**optional** by default this will be `false`, it will add the branch name as a prefix to the script before uploading it.

## Outputs

### `results`

what scripts were updated

## Getting started.
* First, you'll want to create the secrets that will be needed for this to work. You can do this in the settings of your repository, you'll reference those secrets in the workflow file.
* Now create the workflow file in `.github/workflows/git2jamf.yml`
* You can use the example bellow as a basis(replace the secret values for the names of the ones you created).
* In this example, the action runs only when a push is sent to master and it's attempting to sync a folder called `scripts` at the root of the repository.
* You can customize it further using githubs [workflow documentation](https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions)

**NOTE**: If possible, I recommend running this on a test instance first. If you can't, then try syncing just one folder with a small set of scripts so you can get a feel for how it works.

```yaml
name: git2jamf
on:
push:
branches:
- master
jobs:
jamf_scripts:
runs-on: ubuntu-latest
name: git2jamf
steps:
- name: checkout
uses: actions/checkout@v3
- name: git2jamf
uses: jgarcesres/git2jamf@master
with:
jamf_url: ${{ secrets.jamf_test_url }}
jamf_username: ${{ secrets.jamf_test_username }}
jamf_password: ${{ secrets.jamf_test_password }}
script_dir: 'scripts'
```

## Example usage with 2 instances
you would probably have 2 sets of secrets, with url and credentials for each instance(or share the same user creds across both servers). You also will need 2 workflow files: one for pushes to the master branch and another that goes to test.

```yaml
name: git2jamf_test
on:
pull_request:
branches:
- master
push:
branches:
- test*
- dev*
jobs:
jamf_scripts:
runs-on: ubuntu-latest
name: git2jgit2jamf_testamf
steps:
- name: checkout
uses: actions/checkout@v3
- name: git2jamf_test
uses: jgarcesres/git2jamf@master
with:
jamf_url: ${{ secrets.jamf_test_url }}
jamf_username: ${{ secrets.jamf_test_username }}
jamf_password: ${{ secrets.jamf_test_password }}
script_dir: '**/scripts'
```
```yaml
name: git2jamf
on:
push:
branches:
- master
jobs:
jamf_scripts:
runs-on: ubuntu-latest
name: git2jamf
steps:
- name: checkout
uses: actions/checkout@v3
- name: git2jamf
uses: jgarcesres/git2jamf@master
with:
jamf_url: ${{ secrets.jamf_prod_url }}
jamf_username: ${{ secrets.jamf_prod_username }}
jamf_password: ${{ secrets.jamf_prod_password }}
script_dir: '**/scripts'
```

## Example usage with one instance
The prefix remains enabled for the test branch. This might create a bit of "garbage" as the scripts that have a prefix won't be deleted automatically.

```yaml
name: git2jamf_test
on:
push:
branches:
- test
jobs:
jamf_scripts:
runs-on: ubuntu-latest
name: git2jamf_test
steps:
- name: checkout
uses: actions/checkout@v3
- name: git2jamf_test
uses: jgarcesres/git2jamf@master
with:
jamf_url: ${{ secrets.jamf_url }}
jamf_username: ${{ secrets.jamf_username }}
jamf_password: ${{ secrets.jamf_password }}
script_dir: toplevelfolder/scripts
enable_prefix: true
```
```yaml
name: git2jamf
on:
push:
branches:
- master
jobs:
jamf_scripts:
runs-on: ubuntu-latest
name: git2jamf
steps:
- name: checkout
uses: actions/checkout@v3
- name: git2jamf
uses: jgarcesres/git2jamf@master
with:
jamf_url: ${{ secrets.jamf_url }}
jamf_username: ${{ secrets.jamf_username }}
jamf_password: ${{ secrets.jamf_password }}
script_dir: toplevelfolder/scripts
```