1.0.3

This is a bugfix release to address Issue #165 - local distribution points failing to upload new packages due to failing to obtain a package ID. The package ID check has been removed from local DPs, but left for cloud DPs. Tested and now working on JCDS and SMB DPs.

1.0.2

This is the official 1.0.2 release, exactly the same as the former 1.0.2b8.

Changed

• @grahampugh added a feature that prevents policies from being overwritten if there is no new package to upload, called STOP_IF_NO_JSS_UPLOAD. It is enabled by default. To override this behaviour and force the processor to continue and overwrite policies etc., run your autopkg recipe with the --key STOP_IF_NO_JSS_UPLOAD=False parameter.
• @grahampugh added a do_update feature to prevent overwriting a computer group if it already exists on the server, while continuing to create the group if it is not there.
• @nstrauss added a skip_scope feature to allow the upload of a policy without changing any existing scope.
• @nstrauss added a skip_scripts feature to allow the upload of a policy without changing any existing script objects in the script.
• @grahampugh added a new wait_for_id definition, which provides a common method to check for feedback on the upload of each API object, in an attempt to reduce the chance of cloud clusters returning conflicting information about whether an object has been successfully uploaded or not.
• Verbosity is increased with respect to reporting object IDs.
• References to JSS are changed to "Jamf Pro Server"... except in the name JSSImporter of course! I think we're stuck with that one.

Fixed

• Fixed a bug that prevented Types AFP and SMB from being accepted (was introduced in 1.0.2b5).
• Fixed a bug that was introduced in 1.0.2b5 which prevented certain packages from uploading (relevant to #162).
• Changed the order of the code which waits for the creation of a package id, and added a wait for the creation of a category id, to fix problems with package objects not yet existing when uploading a package.
• Updated the embedded python-jss, which fixes a urllib problem when running in python2 (#151)
• @grahampugh contributed (#135) which prevents uploaded scripts from having certain special characters incorrectly escaped, namely >, < and &.

Note

• JCDS mode does not currently work and will cause a recipe to fail if configured. JCDS users should use the CDP mode.
• Efforts continue to be made to reduce intermittent failures of upload of packages to Jamf Cloud Distribution Points and CDPs, icons or other objects, but they may still occur. We believe this is due to the clustering involved with Jamf Cloud Distribution Points. See (#81), (#119), (#145) etc. Ultimately, we need Jamf to provide proper endpoints for package uploads and managing icons. Please bug your Jamf support and sales consultants as often as possible!
• The above efforts to improve package upload reliability may conversely cause problems on setups with multiple DPs of different types. Scenarios involving Cloud plus Local DPs are not yet tested, and there probably needs to be a more intelligent method of treating each DP as a separate package upload process than currently exists.

Bundled Dependency Testing

This release bundles dependencies to allow us to use requests again.
It also pulls in the boto library for connection to AWS S3 directly in future.
It supports a new Distribution Point Type, JCDS, for direct upload to JCDS. The CDP type will always remain for backwards compatibility.
In an upcoming release, the AWS type will be available to use with S3 direct uploads.

Hammer Pants

This release changes a lot about how JSSImporter is packaged and delivered to users, largely in response to the changes in the Python (or lack thereof) that Apple ships with macOS. Please read the changes below very carefully prior to updating, as there may be some surprises that you were not expecting otherwise.

The brief form is that the JSSImporter package now installs the actual processor into your autopkglib, and it will create a /Library/Application Support/JSSImporter folder and drop a copy of python-jss there. This python-jss is bundled into the package, so there won't be any pip updates or anything. What's bundled with JSSImporter is what you get. Also, JSSImporter will prioritize using that python-jss over any others.

JSSImporter, and really python-jss now uses the system curl to do all requests, so all SSL issues can be compared directly to normal curl requests.

Changed

• JSSImporter and JSS now support version 9 and newer of the JSS.
• Installation package Makefile is included in project repo.
• python-jss is now bundled with JSSImporter, and JSSImporter will use /Library/Application Support/JSSImporter/jss.
• Bundled python-jss is the 2.0.0 release, which overhauls a number of things including HTTP requests. JSSImporter has been updated to use the (very slightly-changed) API.
  • python-jss now uses curl unless python requests is available. This avoids the need for working around Apple's ancient python and OpenSSL situation.
• JSSImporter outputs its version, python-jss's version, and the JSS's version, during a verbose run.
• Reordered code.
• Fixed some style issues.
• Fixed some lint issues.
• JSSImporter now looks for categories used in templates, and creates them if they don't exist. This solves #55 (involving scripts). It does create a precedence situation for one case: if you have a policy_category input variable set will always win; even if there's no category tag in the policy template, even if it's not the same as policy_category. This should not be an issue for anybody, however.
• version is no longer a required input variable. It will default to "0.0.0.0" when it's not present, and issue a warning in the output because this is probably not what you want. (Solves #72).
• JSSImporter won't mount any of your configured distribution points if your pkg_path is empty (falsy). (#104).

Added

• If a mountable distribution point is mounted prior to the JSSImporter run, JSSImporter won't unmount at the conclusion of the run (#100).
• You can now set a policy_action_type to set the package_configuration section of a Policy to Cache or Install Cached in addition to the default value of Install. (#75).
• New Package input variables allow you to specify the priority, restart, and boot drive after imaging requirements (#87 - Thanks @jusmig!)
• Ability to add exclusion_groups to the policy scope. This feature works exactly like the regular scoping groups. Thanks to @badstreff for the contribution, #93. Issue #92.
• Added Name and Version to the AutoPkg summary. Thanks for the contribution @ChrOst (#71).
• JSSImporter will warn you that no distribution points are configured (and python-jss will fail if you configure a DP that doesn't configure correctly). (#85).
• JSSImporter will enable python-jss's verbose output when AutoPkg has a verbosity of 4 or more (i.e. autopkg run -vvvv yo.jss.

Fixed

• An underscore was added to the report header for Extension_Attributes so AutoPkgr doesn't freak out. Thanks @homebysix (#83).
• JSSImporter now takes scripts, reads them in, escapes them for XML, and adds them to the script object's script_contents tag and does not try to copy them ever. This was needed in the past, but now presumably all JSS have been "migrated" and need the script in the DB rather than on disk. (#116).

Removed

• The JSS_MIGRATED preference has been removed. If you have it in your config, it will be ignored, but there is no need for this with version 9+ of the JSS. (#118).

I've Got a Bike, You Can Ride it if You Like

Fixed

• Updates for use with python-jss 1.4.0
• Installs templates and temporary python-jss egg installer in /usr/local/share instead of /usr/share for El Capitan friendship.

Added

• Adds a tiny bit of increased verbose reporting: As a package is copied to each repo, you should see a line in the output telling you which repo is being targeted.

0.5.0: Careful With That Axe Eugene

Fixed

• Package values package_info, package_notes, and os_requirements couldn't be enforced as blank. (Now they can.)

Changed

• Requires python-jss 1.2.0 for compatibility with JSS 9.73.
• Adds arguments package_info and package_notes. Thanks to @quovadimus for the suggestion. (#41)
• os_requirements now defaults to "".
• Set JSS_SUPPRESS_WARNINGS to default to True.
• If you have no repos configured, JSSImporter will skip the package creation/upload/update process, and won't put a package into the install policy. Log message indicates that it is skipped in case this is an accident.

0.4.1 It's not a Tumor

Fixed

• Fix file searching mistake with path generation using recipe filename.

0.4.0 Get to the Chopper

Changed

• Any files referenced in a JSS Recipe will now be searched for in this order:

  1. Path as specified.
  2. The parent folder of the path.
  3. First ParentRecipe's folder.
  4. First ParentRecipe's parent folder.
  5. Second ParentRecipe's folder.
  6. Second ParentRecipe's parent folder.
  7. Nth ParentRecipe's folder.
  8. Nth ParentRecipe's parent folder.

  This search-path method is primarily in place to support using recipe
  overrides. It applies to policy_template, computer group templates,
  self_service_icon, script templates, and extension attribute templates. It
  allows users to avoid having to copy the file to the override directory for
  each recipe.

• Updates required python-jss to 1.0.2.

0.3.8 (April 3, 2015) The Soft Bullet In

CHANGES:

• ALL AutoPkg environment variable string values are now available for text replacement in your templates.
  • Use the environment variable name wrapped in %'s, e.g. , for AUTOPKG_VERSION, use %AUTOPKG_VERSION% in your template, and it will get substituted.
  • Non-string types (For example, PARENT_RECIPES) are not available.
  • Inject whatever you want by adding a key to your recipe input variables with a string value. See the blog post on this
• Adds summary reporting to AutoPkg >= 0.4.3. Reports on all new or updated elements of a recipe.
  • Some object types always get updated (e.g. smart groups, policies) as you can't really determine whether they've changed. So JSSImporter enforces the recipe values.
• Moves most of the output variables to be included under a single jss_changed_objects output variable. Values now are object names rather than a bool.

0.3.7 (March 17, 2015) Dire Weasel

CHANGES:

• Adds support for Sites.
  • See PolicyTemplate.xml and SmartGroupTemplate.xml for example of proper block to include.
  • Will do text replacement. Adds input variables:
    • site_id
    • site_name
    • You don't need both!
• Extension Attribute input variable name is deprecated and removed since it is redundent and can potentially clash with the name value in the Extension Attribute template (#26).
  • Existing recipes will safely work as long as the template has a name.
• Input variable validation for groups (#33)
  • Most recipes are written to scope a policy to a group. However, if you want to override that recipe to NOT scope, it fails, because there is still a groups input variable that just isn't getting text replacement.
  • Now, you can specify blank values in the override to skip group creation.
  • Groups with un-replaced text values (i.e. anything with % pre/postfix) will be skipped as well.
  • This validation could be added to other inputs (scripts, extension attributes, etc) if needed.