Installation
The following assets are required to run the JC-AutoPkg-Importer
- JumpCloud Tenant
- Git
- AutoPkg 2.x+
- awscli
- S3 Storage Bucket to store AutoPkg Packages
- Python Modules installed to AutoPkg's embedded copy of Python
On a macOS system, if Git is not installed, open a new Terminal window and type 'git'. A prompt to install Apple's command-line developer tools (which include Git) will appear. Follow the prompt to install the command-line tools.
To install the JumpCloud AutoPkg Importer, first ensure AutoPkg is installed. Because AutoPkg contains it's own version of Python, the JumpCloud AutoPkg Importer must be made accessible to that version of Python.
Copy the JumpCloudImporter.py file to /Library/AutoPkg/autopkglib/ to make the importer available in the AutoPkg context.
After copying the JumpCloudImporter.py file to AutoPkg's python library, follow the remaining steps to ensure AutoPkg can access your S3 bucket and the JumpCloud Python API.
Your JumpCloud API key is required to makes changes to your JumpCloud organization. See the arguments documentation for more information on the API Key variable. Add your API Key to the your autopkg preferences profile using the defaults command.
defaults write ~/Library/Preferences/com.github.autopkg.plist JC_API yourApiKey
AutoPkg 2.0+ contains it's own distribution of Python3, the following modules should be installed to the AutoPkg python3 framework as they are out of the scope of the standard python modules. All the modules below are referenced by the JumpCloud AutoPkg Importer during an AutoPkg run, they need to be made available to AutoPkg's distribution of Python3
Install the JumpCloud Python APIs, v1 and v2
sudo /usr/local/autopkg/python -m pip install git+https://github.com/TheJumpCloud/jcapi-python.git#subdirectory=jcapiv1
sudo /usr/local/autopkg/python -m pip install git+https://github.com/TheJumpCloud/jcapi-python.git#subdirectory=jcapiv2Install the AWS SKD boto3
sudo /usr/local/autopkg/python -m pip install boto3Currently, a 1MB file size limit exists for all files on JumpCloud commands, as such AWS S3 buckets are used to store larger files. The JumpCloud AutoPkg Importer uploads packages to an S3 bucket and returned the bucket item's url. The AWS SDK is required to process packages and add AWS objects, the AWS CLI is required to authenticate to S3. By using this software you accept any and all costs associated with Amazon Web Services.
Setup AWS Credentials:
AWS requests are cryptographically signed through the AWS CLI. To configure AWS credentials to connect to your AWS S3 Bucket run the aws configure command at any terminal window. Amazon's documentation on configuring the AWS CLI documents this process.
aws configureWithin your AWS portal, create and name a new S3 bucket. The default value for the AWS_Bucket is "jcautopkg".
If your S3 bucket is named anything other than "jcautopkg" specify the name of the bucket in each recipe override.
Make the bucket accessible to your systems. Before making a bucket public, attempt to run the processor with a recipe and check the output, a .pkg file should be uploaded to s3.
Here's an example public bucket policy for systems public access to GetObject. Create a bucket policy that fits the needs of your organization and security requirements.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicRead",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::jcautopkg/*"
}
]
}