Use new fleet-mdm-gitops GitHub action to apply MDM configuration (#11681)

2024-11-06 08:55:24 +00:00 · 2023-05-16 10:16:22 -05:00 · 2023-05-16 10:16:22 -05:00 · e794356e07
commit e794356e07
parent b3e038fffc
2 changed files with 37 additions and 36 deletions
--- a/.github/workflows/fleetctl-workstations-canary.yml
+++ b/.github/workflows/fleetctl-workstations-canary.yml
@ -36,11 +36,12 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Apply configuration profiles and updates
-        uses: fleetdm/fleet-mdm-gitops@f733749565c313a60c81c00ec19162933955d97e
+        uses: fleetdm/fleet-mdm-gitops@026ee84a69cb89c869fedbe27c969bf89def418b
        with:
-          FLEET_API_TOKEN: ${{ secrets.DOGFOOD_API_TOKEN }}
-          FLEET_URL: ${{ secrets.DOGFOOD_URL }}
+          FLEET_API_TOKEN: $DOGFOOD_API_TOKEN
+          FLEET_URL: $DOGFOOD_URL
          FLEET_TEAM_NAME: 💻🐣 Workstations (canary)
+          MDM_CONFIG_REPO: fleetdm/fleet
          MDM_CONFIG_DIRECTORY: mdm_profiles
          MAC_OS_MIN_VERSION: 13.3.1
          MAC_OS_VERSION_DEADLINE: 2023-05-15
--- a/.github/workflows/fleetctl-workstations.yml
+++ b/.github/workflows/fleetctl-workstations.yml
@ -9,7 +9,7 @@ on:
    branches:
      - main
    paths:
-      - 'mdm_profiles/**.mobileconfig'
+      - "mdm_profiles/**.mobileconfig"
  workflow_dispatch: # Manual

 # This allows a subsequently queued workflow run to interrupt previous runs
@ -35,38 +35,38 @@ jobs:
    timeout-minutes: 15
    runs-on: ubuntu-latest
    steps:
-    - name: Checkout code
-      uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
-      with:
-        repository: fleetdm/fleet
+      - name: Checkout code
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
+        with:
+          repository: fleetdm/fleet

-    - name: Install fleetctl
-      run: npm install -g fleetctl
+      - name: Install fleetctl
+        run: npm install -g fleetctl

-    - name: Configure fleetctl
-      run: fleetctl config set --address $DOGFOOD_URL --token $DOGFOOD_API_TOKEN
+      - name: Configure fleetctl
+        run: fleetctl config set --address $DOGFOOD_URL --token $DOGFOOD_API_TOKEN

-    - name: Run fleetctl apply
-      run: |
-        profiles=""
-          for file in mdm_profiles/*.mobileconfig; do
-            envsubst < "$file" > "${file}.new"
-            mv "${file}.new" "$file"
-            profiles+="- $file
-                  "
-        done
-        echo "apiVersion: v1
-        kind: team
-        spec:
-          team:
-            name: 💻 Workstations
-            mdm:
-              macos_updates:
-                minimum_version: "13.3.1"
-                deadline: "2023-05-15"
-              macos_settings:
-                enable_disk_encryption: true
-                custom_settings:
-                  $profiles
-        " > team-workstations-config.yml
-        fleetctl apply -f team-workstations-config.yml
+      - name: Run fleetctl apply
+        run: |
+          profiles=""
+            for file in mdm_profiles/*.mobileconfig; do
+              envsubst < "$file" > "${file}.new"
+              mv "${file}.new" "$file"
+              profiles+="- $file
+                    "
+          done
+          echo "apiVersion: v1
+          kind: team
+          spec:
+            team:
+              name: 💻 Workstations
+              mdm:
+                macos_updates:
+                  minimum_version: "13.3.1"
+                  deadline: "2023-05-15"
+                macos_settings:
+                  enable_disk_encryption: true
+                  custom_settings:
+                    $profiles
+          " > team-workstations-config.yml
+          fleetctl apply -f team-workstations-config.yml