You should now have a working Munki repo, server and client tools tested from Part 2.

In Part 3 of our series, we’re going to explore AutoPkgr which can be used to automate the download and upload to the munki repository automatically on a schedule.

AutoPkgr

So you’re probably wondering what is AutoPkgr?

AutoPkgr is an awesomely powerful tool for automating macOS software packaging and distribution, but it requires its users to be comfortable with command-line tools and methods. If you’re not yet comfortable with the command-line, or if you just want to get AutoPkg set up from scratch quickly and reliably, AutoPkgr is for you. It has been written by the Linde Group.

The AutoPkgr GitHub project can be found here.

Prerequisites

  • Latest Version of AutoPkgr downloaded and installed on a Mac, (I’m using the same Mac as my Munki repo from Part 2), available here

First Run

When you first run AutoPkgr you’ll be asked to install Git if not present on the machine. You are looking for the initial screen to be the following:

Screen Shot 2018-04-12 at 11.40.00Screen Shot 2018-04-12 at 11.40.00

Automating your downloads and uploads to Munki Repo

So now that you’ve got AutoPkgr installed we can dive right into automating the downloads and upload to your munki repo, for this example, I am going to be using Google Chrome.

  • Click Repos & Recipes
    Screen Shot 2018-04-12 at 11.44.59Screen Shot 2018-04-12 at 11.44.59

  • Next, filter your results by “munki”
  • Find the software you require, i.e. GoogleChrome.munki, and Right-Click and click “Create Override
    Screen Shot 2018-04-12 at 12.00.27Screen Shot 2018-04-12 at 12.00.27
  • When a pop-up appears to name the override, click OK
    • You’ll then see two versions of the munki recipe one from the GitHub Repository and the local one you’ve just created.
    • It’s always a good idea to review the code that is listed in public repositories just to ensure you are comfortable with what is being executed.
    • Screen Shot 2018-04-12 at 12.01.24Screen Shot 2018-04-12 at 12.01.24
      Screen Shot 2018-04-12 at 12.10.29Screen Shot 2018-04-12 at 12.10.29
  • Now navigate to your Recipe Override folder in Finder, the default location is “~/Library/AutoPkg/Recipie/Overrides
    Screen Shot 2018-04-12 at 12.06.07Screen Shot 2018-04-12 at 12.06.07
  • Open the recipe with your favourite text editors and review/make any changes if required.
    Screen Shot 2018-04-12 at 12.07.15Screen Shot 2018-04-12 at 12.07.15
  • Once you’re happy with the code and the recipie override is just the way you want it, you’ll need to give this override the recipie the relevant parent-trust permission, open Terminal and type the following command:
    • Also review how parent-trust-info works by clicking the link here
  • autopkg update-trust-info GoogleChrome.munki
    Screen Shot 2018-04-12 at 12.31.40 copyScreen Shot 2018-04-12 at 12.31.40 copy
  • Once you see the “wrote updated” message your local recipie is now ready to be executed. In AutoPkgr tick your “local” software, and Click Run Recipies Now
    Screen Shot 2018-04-12 at 12.36.47Screen Shot 2018-04-12 at 12.36.47
  • Now check your Munki Repo and your new application will now be present and the catalog files updated.
    Screen Shot 2018-04-12 at 12.39.35Screen Shot 2018-04-12 at 12.39.35
  • Follow this for each app you wish to auto-update.

Scheduling AutoPkgr to Run

You can schedule how often AutoPkgr runs to avoid clicking the “Run Recipies Now” button manually. These settings are available on the Schedule tab.

Screen Shot 2018-04-12 at 12.41.47Screen Shot 2018-04-12 at 12.41.47

AutoPkgr Notifications

You can also set up AutoPkgr Notifications, I find it particularly useful to enable email notifications which I recive after my auto schedule has run, these settings can be confirgured in the Notifications tab.

Screen Shot 2018-04-12 at 12.44.03Screen Shot 2018-04-12 at 12.44.03
Screen Shot 2018-04-12 at 12.45.30 copy copyScreen Shot 2018-04-12 at 12.45.30 copy copy

Optional – VirusTotalAnalyzer

This is a particular useful add-on to AutoPkgr which checks the downloaded files against the VirusTotalAnalyzer database and gives you a score recommendation in your email notfication (as above).

To enable this, click “Folders & Integrations“, click “Install VirusTotalAnalyzer”

Screen Shot 2018-04-12 at 12.48.58Screen Shot 2018-04-12 at 12.48.58

 

That sums up Part 3 in our series, AutoPkgr does take some time to get used to so read the guides and wiki on GitHub, once you have it setup and working for you then it will work great and save you a mass amount of time having to download applications, package them etc. The only thing to remember is to review code that is available in the public repositories, especially if you’re deploying an application to your estate you want to be comfortable with what is being run.

Let me know how you get on! Stay tuned for the last part of the series that will cover dataJAR’s jamJAR project that will automate this use of munki and AutoPkgr to use in jamf Pro and show user notifications on their devices when software has been installed or patched.

Sachin