fleet/.github/workflows/example-workflow.yaml

# This workflow applies the latest configuration profiles (macOS settings) and macOS updates minimum version and deadline to the provided team.
name: Apply latest configuration profiles (example)
on:
  push:
    branches:
      - main
    paths:
      - "path/to/**.mobileconfig"
  workflow_dispatch: # Manual

# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
  cancel-in-progress: true

defaults:
  run:
    # fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
    shell: bash

permissions:
  contents: read

env:
  FLEET_API_TOKEN: ${{ secrets.DOGFOOD_API_TOKEN }}
  FLEET_URL: ${{ secrets.DOGFOOD_URL }}
  TOKEN_USED_BY_PROFILE: ${{ secrets.TOKEN_USED_BY_PROFILE }}

jobs:
  apply-profiles:
    timeout-minutes: 5
    runs-on: ubuntu-latest
    steps:
      - name: Apply configuration profiles and updates
        uses: fleetdm/fleet-mdm-gitops@15072f2739ef92c6357414ddd86e89b6bf302a2b
        with:
          FLEET_API_TOKEN: $FLEET_API_TOKEN
          FLEET_URL: $FLEET_URL
          FLEET_TEAM_NAME: 💻🐣 Workstations (canary)
          MDM_CONFIG_REPO: fleetdm/fleet
          MDM_CONFIG_DIRECTORY: mdm_profiles
          MAC_OS_MIN_VERSION: 13.3.2
          MAC_OS_VERSION_DEADLINE: 2023-06-15
          MAC_OS_ENABLE_DISK_ENCRYPTION: true