Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GitHub as the Source of Truth for Scripts in Jamf Pro

9d350fa2294e1192f8f12b0ebf1a1d8b?s=47 Jamf
October 23, 2018

GitHub as the Source of Truth for Scripts in Jamf Pro

Presentation from JNUC 2018, the world's largest rally of Apple IT administrators.

GitHub as the Source of Truth for Scripts in Jamf Pro

Presented by:
Brad Schmidt, Target
Brian LaShomb, Target

View all session slides, recordings and more at https://www.jamf.com/events/jamf-nation-user-conference/2018/.



October 23, 2018

More Decks by Jamf

Other Decks in Technology


  1. None
  2. © JAMF Software, LLC Brad Schmidt Senior Engineer, EDGE team

    @ Target @bradschm (Twitter, GitHub, Slack) Brian LaShomb Senior Engineer, EDGE team @ Target @lashomb (GitHub, Slack) 275x275 head shot
  3. © JAMF Software, LLC GitHub as the Source of Truth

    for Scripts in Jamf Pro Agenda: • What are we trying to solve for? • Overview of CI/CD and version control • git2jss • Step-by-step implementation
  4. © JAMF Software, LLC What are we trying to solve

    • Code can be difficult to manage in Jamf Pro • Lack of version control • Lack of change approval • Collaboration and review are manual Managing code that lives in a web application
  5. © JAMF Software, LLC

  6. © JAMF Software, LLC Basics of git on the command-line

    • Start with creating a new repo on github.com • git clone https://github.com/bradschm/repo • git add . (adds all files you create/modify) • git commit -m “Nice beard” • git push
  7. © JAMF Software, LLC CI/CD • Jenkins, Travis CI ,

    Bamboo, GitLab CI • Often the glue that sticks other tools together • Great for many other uses as well (AutoPKG)
  8. © JAMF Software, LLC Getting scripts into Jamf Pro •

    We need something to take our repo of scripts and get them into Jamf Pro • git2jss by Adam Furbee to the rescue! • Looks for changes and uploads them
  9. © JAMF Software, LLC Workflow overview • Merge to master

    triggers webhook for Jenkins • Jenkins clones the git2jss repo to slave and calls sync.py • sync.py determines changes and sends them to Jamf Pro • Optional: Slack notification
  10. © JAMF Software, LLC Prerequisites • Jamf Pro with REST

    API credentials to create, read and update scripts and extension attributes • Jenkins with a node running Python3 • GitHub account - free might work if you are OK with your scripts living in the public
  11. © JAMF Software, LLC Set up Git2JSS Project - Run

    locally # Clone the project to a local folder git clone https://github.com/BadStreff/git2jss.git # Make a directory to hold virtual environments, -p silences the error if the folder exists mkdir -p ~/.virtualenv # Tell Python to make a new virtual environment python3.6 -m venv ~/.virtualenv/git2jss-jnuc2018 # Activate the virtual environment source ~/.virtualenv/git2jss-jnuc2018/bin/activate # Install the 3rd party dependencies pip install -r requirements.txt # Run the download.py script to download all scripts and extension attributes python download.py --url https://your.jss.com --username api_git2jss_user --password potato # Run the sync.py script to now upload your scripts and extension attributes python sync.py --url https://your.jss.com --username api_git2jss_user
 --password potato --update_all
  12. © JAMF Software, LLC Set up GitHub repository • Create

    a private repository • Setup a personal access token to allow Jenkins to connect to the private repository • Add the webhook for Jenkins
  13. © JAMF Software, LLC GitHub: Webhook

  14. © JAMF Software, LLC Set up Git2JSS Project - Set

    up CI/CD # Prepare to upload scripts and extension attributes to the private repository # Remove the public remote origin from the clone process git remote remove origin # Add the private repo as the remote origin git remote add origin https://github.company.com/username/reponame.git # Add and commit the scripts and extension attributes git add extension_attributes scripts # Commit the files git commit -m 'Initial Scripts and Extension Attributes Upload' # Push the downloaded scripts and extension attributes to the remote private repo git push -u origin master
  15. © JAMF Software, LLC Configure a Jenkins job • New

    freestyle project • Set up Source Code Management • Build Trigger - GitHub hook trigger for
 GITScm polling • Create a Build Step
  16. © JAMF Software, LLC Jenkins: Source Code Management

  17. © JAMF Software, LLC Jenkins: Credentials

  18. © JAMF Software, LLC Jenkins: Build Step

  19. © JAMF Software, LLC GitHub: Branch Protection

  20. © JAMF Software, LLC

  21. © JAMF Software, LLC Resources git2jss :: git.io/fAuF8 Brad Schmidt

    on GitHub :: git.io/fAuFA Jenkins :: jenkins.io Git Tutorial :: atlassian.com/git/tutorials Caching your GitHub password in Git :: git.io/fAuFP Setup a Jenkins Build Server in AWS :: amzn.to/2NTwud8 Twin Cities MacAdmins #twincities_macadmins
  22. © JAMF Software, LL THANK YOU!