GitHub as the Source of Truth for Scripts in Jamf Pro

9d350fa2294e1192f8f12b0ebf1a1d8b?s=47 Jamf
October 23, 2018

GitHub as the Source of Truth for Scripts in Jamf Pro

Presentation from JNUC 2018, the world's largest rally of Apple IT administrators.

Session:
GitHub as the Source of Truth for Scripts in Jamf Pro

Presented by:
Brad Schmidt, Target
Brian LaShomb, Target

View all session slides, recordings and more at https://www.jamf.com/events/jamf-nation-user-conference/2018/.

9d350fa2294e1192f8f12b0ebf1a1d8b?s=128

Jamf

October 23, 2018
Tweet

Transcript

  1. None
  2. © JAMF Software, LLC Brad Schmidt Senior Engineer, EDGE team

    @ Target @bradschm (Twitter, GitHub, Slack) Brian LaShomb Senior Engineer, EDGE team @ Target @lashomb (GitHub, Slack) 275x275 head shot
  3. © JAMF Software, LLC GitHub as the Source of Truth

    for Scripts in Jamf Pro Agenda: • What are we trying to solve for? • Overview of CI/CD and version control • git2jss • Step-by-step implementation
  4. © JAMF Software, LLC What are we trying to solve

    • Code can be difficult to manage in Jamf Pro • Lack of version control • Lack of change approval • Collaboration and review are manual Managing code that lives in a web application
  5. © JAMF Software, LLC

  6. © JAMF Software, LLC Basics of git on the command-line

    • Start with creating a new repo on github.com • git clone https://github.com/bradschm/repo • git add . (adds all files you create/modify) • git commit -m “Nice beard” • git push
  7. © JAMF Software, LLC CI/CD • Jenkins, Travis CI ,

    Bamboo, GitLab CI • Often the glue that sticks other tools together • Great for many other uses as well (AutoPKG)
  8. © JAMF Software, LLC Getting scripts into Jamf Pro •

    We need something to take our repo of scripts and get them into Jamf Pro • git2jss by Adam Furbee to the rescue! • Looks for changes and uploads them
  9. © JAMF Software, LLC Workflow overview • Merge to master

    triggers webhook for Jenkins • Jenkins clones the git2jss repo to slave and calls sync.py • sync.py determines changes and sends them to Jamf Pro • Optional: Slack notification
  10. © JAMF Software, LLC Prerequisites • Jamf Pro with REST

    API credentials to create, read and update scripts and extension attributes • Jenkins with a node running Python3 • GitHub account - free might work if you are OK with your scripts living in the public
  11. © JAMF Software, LLC Set up Git2JSS Project - Run

    locally # Clone the project to a local folder git clone https://github.com/BadStreff/git2jss.git # Make a directory to hold virtual environments, -p silences the error if the folder exists mkdir -p ~/.virtualenv # Tell Python to make a new virtual environment python3.6 -m venv ~/.virtualenv/git2jss-jnuc2018 # Activate the virtual environment source ~/.virtualenv/git2jss-jnuc2018/bin/activate # Install the 3rd party dependencies pip install -r requirements.txt # Run the download.py script to download all scripts and extension attributes python download.py --url https://your.jss.com --username api_git2jss_user --password potato # Run the sync.py script to now upload your scripts and extension attributes python sync.py --url https://your.jss.com --username api_git2jss_user
 --password potato --update_all
  12. © JAMF Software, LLC Set up GitHub repository • Create

    a private repository • Setup a personal access token to allow Jenkins to connect to the private repository • Add the webhook for Jenkins
  13. © JAMF Software, LLC GitHub: Webhook

  14. © JAMF Software, LLC Set up Git2JSS Project - Set

    up CI/CD # Prepare to upload scripts and extension attributes to the private repository # Remove the public remote origin from the clone process git remote remove origin # Add the private repo as the remote origin git remote add origin https://github.company.com/username/reponame.git # Add and commit the scripts and extension attributes git add extension_attributes scripts # Commit the files git commit -m 'Initial Scripts and Extension Attributes Upload' # Push the downloaded scripts and extension attributes to the remote private repo git push -u origin master
  15. © JAMF Software, LLC Configure a Jenkins job • New

    freestyle project • Set up Source Code Management • Build Trigger - GitHub hook trigger for
 GITScm polling • Create a Build Step
  16. © JAMF Software, LLC Jenkins: Source Code Management

  17. © JAMF Software, LLC Jenkins: Credentials

  18. © JAMF Software, LLC Jenkins: Build Step

  19. © JAMF Software, LLC GitHub: Branch Protection

  20. © JAMF Software, LLC

  21. © JAMF Software, LLC Resources git2jss :: git.io/fAuF8 Brad Schmidt

    on GitHub :: git.io/fAuFA Jenkins :: jenkins.io Git Tutorial :: atlassian.com/git/tutorials Caching your GitHub password in Git :: git.io/fAuFP Setup a Jenkins Build Server in AWS :: amzn.to/2NTwud8 Twin Cities MacAdmins #twincities_macadmins
  22. © JAMF Software, LL THANK YOU!