GitHub as the Source of Truth for Scripts in Jamf Pro

Transcript

1. None

2. © JAMF Software, LLC Brad Schmidt Senior Engineer, EDGE team

   @ Target @bradschm (Twitter, GitHub, Slack) Brian LaShomb Senior Engineer, EDGE team @ Target @lashomb (GitHub, Slack) 275x275 head shot

3. © JAMF Software, LLC GitHub as the Source of Truth

   for Scripts in Jamf Pro Agenda: • What are we trying to solve for? • Overview of CI/CD and version control • git2jss • Step-by-step implementation

4. © JAMF Software, LLC What are we trying to solve

   • Code can be difficult to manage in Jamf Pro • Lack of version control • Lack of change approval • Collaboration and review are manual Managing code that lives in a web application

5. © JAMF Software, LLC

6. © JAMF Software, LLC Basics of git on the command-line

   • Start with creating a new repo on github.com • git clone https://github.com/bradschm/repo • git add . (adds all files you create/modify) • git commit -m “Nice beard” • git push

7. © JAMF Software, LLC CI/CD • Jenkins, Travis CI ,

   Bamboo, GitLab CI • Often the glue that sticks other tools together • Great for many other uses as well (AutoPKG)

8. © JAMF Software, LLC Getting scripts into Jamf Pro •

   We need something to take our repo of scripts and get them into Jamf Pro • git2jss by Adam Furbee to the rescue! • Looks for changes and uploads them

9. © JAMF Software, LLC Workflow overview • Merge to master

   triggers webhook for Jenkins • Jenkins clones the git2jss repo to slave and calls sync.py • sync.py determines changes and sends them to Jamf Pro • Optional: Slack notification

10. © JAMF Software, LLC Prerequisites • Jamf Pro with REST

    API credentials to create, read and update scripts and extension attributes • Jenkins with a node running Python3 • GitHub account - free might work if you are OK with your scripts living in the public

11. © JAMF Software, LLC Set up Git2JSS Project - Run

    locally # Clone the project to a local folder git clone https://github.com/BadStreff/git2jss.git # Make a directory to hold virtual environments, -p silences the error if the folder exists mkdir -p ~/.virtualenv # Tell Python to make a new virtual environment python3.6 -m venv ~/.virtualenv/git2jss-jnuc2018 # Activate the virtual environment source ~/.virtualenv/git2jss-jnuc2018/bin/activate # Install the 3rd party dependencies pip install -r requirements.txt # Run the download.py script to download all scripts and extension attributes python download.py --url https://your.jss.com --username api_git2jss_user --password potato # Run the sync.py script to now upload your scripts and extension attributes python sync.py --url https://your.jss.com --username api_git2jss_user
 --password potato --update_all

12. © JAMF Software, LLC Set up GitHub repository • Create

    a private repository • Setup a personal access token to allow Jenkins to connect to the private repository • Add the webhook for Jenkins

13. © JAMF Software, LLC GitHub: Webhook

14. © JAMF Software, LLC Set up Git2JSS Project - Set

    up CI/CD # Prepare to upload scripts and extension attributes to the private repository # Remove the public remote origin from the clone process git remote remove origin # Add the private repo as the remote origin git remote add origin https://github.company.com/username/reponame.git # Add and commit the scripts and extension attributes git add extension_attributes scripts # Commit the files git commit -m 'Initial Scripts and Extension Attributes Upload' # Push the downloaded scripts and extension attributes to the remote private repo git push -u origin master

15. © JAMF Software, LLC Configure a Jenkins job • New

    freestyle project • Set up Source Code Management • Build Trigger - GitHub hook trigger for
 GITScm polling • Create a Build Step

16. © JAMF Software, LLC Jenkins: Source Code Management

17. © JAMF Software, LLC Jenkins: Credentials

18. © JAMF Software, LLC Jenkins: Build Step

19. © JAMF Software, LLC GitHub: Branch Protection

20. © JAMF Software, LLC

21. © JAMF Software, LLC Resources git2jss :: git.io/fAuF8 Brad Schmidt

    on GitHub :: git.io/fAuFA Jenkins :: jenkins.io Git Tutorial :: atlassian.com/git/tutorials Caching your GitHub password in Git :: git.io/fAuFP Setup a Jenkins Build Server in AWS :: amzn.to/2NTwud8 Twin Cities MacAdmins #twincities_macadmins

22. © JAMF Software, LL THANK YOU!