mtan93/Installomator
1
0
Fork 0
mirror of https://github.com/mtan93/Installomator.git synced 2026-04-08 06:13:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into Theile-labels-9.0

Browse Source
This commit is contained in:
Søren Theilgaard
2022-01-09 21:32:59 +01:00
committed by GitHub
parent 9b47ed2e3f 188689f1fd
commit 18e3024604
14 changed files with 149 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
fragments/arguments.sh
View File

@@ -1,7 +1,8 @@
# MARK: check minimal macOS requirement
autoload is-at-least
if ! is-at-least 10.14 $(sw_vers -productVersion); then
installedOSversion=$(sw_vers -productVersion)
if ! is-at-least 10.14 $installedOSversion; then
printlog "Installomator requires at least macOS 10.14 Mojave."
exit 98
fi

74
fragments/functions.sh
View File

@@ -18,6 +18,10 @@ cleanupAndExit() { # $1 = exit code, $2 message
# If we closed any processes, reopen the app again
reopenClosedProcess
printlog "################## End Installomator, exit code $1 \n\n"
# if label is wrong and we wanted name of the label, then return ##################
if [[ $RETURN_LABEL_NAME -eq 1 ]]; then
echo "#"
fi
exit "$1"
}
@@ -66,7 +70,7 @@ log_location="/private/var/log/Installomator.log"
printlog(){
timestamp=$(date +%F\ %T)
if [[ "$(whoami)" == "root" ]]; then
echo "$timestamp" "$label" "$1" | tee -a $log_location
else
@@ -78,7 +82,7 @@ printlog(){
downloadURLFromGit() { # $1 git user name, $2 git repo name
gitusername=${1?:"no git user name"}
gitreponame=${2?:"no git repo name"}
if [[ $type == "pkgInDmg" ]]; then
filetype="dmg"
elif [[ $type == "pkgInZip" ]]; then
@@ -86,7 +90,7 @@ downloadURLFromGit() { # $1 git user name, $2 git repo name
else
filetype=$type
fi
if [ -n "$archiveName" ]; then
downloadURL=$(curl --silent --fail "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" \
| awk -F '"' "/browser_download_url/ && /$archiveName\"/ { print \$4; exit }")
@@ -108,7 +112,7 @@ versionFromGit() {
# $1 git user name, $2 git repo name
gitusername=${1?:"no git user name"}
gitreponame=${2?:"no git repo name"}
appNewVersion=$(curl --silent --fail "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | grep tag_name | cut -d '"' -f 4 | sed 's/[^0-9\.]//g')
if [ -z "$appNewVersion" ]; then
printlog "could not retrieve version number for $gitusername/$gitreponame"
@@ -122,7 +126,7 @@ versionFromGit() {
# Handling of differences in xpath between Catalina and Big Sur
xpath() {
# the xpath tool changes in Big Sur and now requires the `-e` option
# the xpath tool changes in Big Sur and now requires the `-e` option
if [[ $(sw_vers -buildVersion) > "20A" ]]; then
/usr/bin/xpath -e $@
# alternative: switch to xmllint (which is not perl)
@@ -142,7 +146,7 @@ getAppVersion() {
printlog "Custom App Version detection is used, found $appversion"
return
fi
# pkgs contains a version number, then we don't have to search for an app
if [[ $packageID != "" ]]; then
appversion="$(pkgutil --pkg-info-plist ${packageID} 2>/dev/null | grep -A 1 pkg-version | tail -1 | sed -E 's/.*>([0-9.]*)<.*/\1/g')"
@@ -154,7 +158,7 @@ getAppVersion() {
printlog "No version found using packageID $packageID"
fi
fi
# get app in /Applications, or /Applications/Utilities, or find using Spotlight
if [[ -d "/Applications/$appName" ]]; then
applist="/Applications/$appName"
@@ -211,7 +215,7 @@ checkRunningProcesses() {
if pgrep -xq "$x"; then
printlog "found blocking process $x"
appClosed=1
case $BLOCKING_PROCESS_ACTION in
quit|quit_kill)
printlog "telling app $x to quit"
@@ -298,7 +302,7 @@ checkRunningProcesses() {
reopenClosedProcess() {
# If Installomator closed any processes, let's get the app opened again
# credit: Søren Theilgaard (@theilgaard)
# don't reopen if REOPEN is not "yes"
if [[ $REOPEN != yes ]]; then
printlog "REOPEN=no, not reopening anything"
@@ -310,7 +314,7 @@ reopenClosedProcess() {
printlog "DEBUG mode 1, not reopening anything"
return
fi
if [[ $appClosed == 1 ]]; then
printlog "Telling app $appName to open"
#runAsUser osascript -e "tell app \"$appName\" to open"
@@ -345,8 +349,7 @@ installAppWithPath() { # $1: path to app to install in $targetDir
cleanupAndExit 5 "Team IDs do not match"
fi
# versioncheck
# credit: Søren Theilgaard (@theilgaard)
# app versioncheck
appNewVersion=$(defaults read $appPath/Contents/Info.plist $versionKey)
if [[ -n $appNewVersion && $appversion == $appNewVersion ]]; then
printlog "Downloaded version of $name is $appNewVersion, same as installed."
@@ -364,6 +367,21 @@ installAppWithPath() { # $1: path to app to install in $targetDir
printlog "Downloaded version of $name is $appNewVersion (replacing version $appversion)."
fi
# macOS versioncheck
minimumOSversion=$(defaults read $appPath/Contents/Info.plist LSMinimumSystemVersion)
if [[ $minimumOSversion =~ '[0-9.]*' ]]; then
printlog "App has LSMinimumSystemVersion: $minimumOSversion"
if ! is-at-least $minimumOSversion $installedOSversion; then
printlog "App requires higher System Version than installed: $installedOSversion"
message="Cannot install $name, version $appNewVersion, as it is not compatible with the running system version."
if [[ $currentUser != "loginwindow" && $NOTIFY == "all" ]]; then
printlog "notifying"
displaynotification "$message" "Error updating $name!"
fi
cleanupAndExit 6 "Installed macOS is too old for this app."
fi
fi
# skip install for DEBUG 1
if [ "$DEBUG" -eq 1 ]; then
printlog "DEBUG mode 1 enabled, skipping remove, copy and chown steps"
@@ -375,10 +393,10 @@ installAppWithPath() { # $1: path to app to install in $targetDir
printlog "DEBUG mode 2 enabled, exiting"
cleanupAndExit 0
fi
# Test if variable CLIInstaller is set
if [[ -z $CLIInstaller ]]; then
# remove existing application
if [ -e "$targetDir/$appName" ]; then
printlog "Removing existing $targetDir/$appName"
@@ -392,11 +410,12 @@ installAppWithPath() { # $1: path to app to install in $targetDir
fi
# set ownership to current user
if [ "$currentUser" != "loginwindow" ]; then
if [[ "$currentUser" != "loginwindow" && $SYSTEMOWNER -ne 1 ]]; then
printlog "Changing owner to $currentUser"
chown -R "$currentUser" "$targetDir/$appName"
else
printlog "No user logged in, not changing user"
printlog "No user logged in or SYSTEMOWNER=1, setting owner to root:wheel"
chown -R root:wheel "$targetDir/$appName"
fi
elif [[ ! -z $CLIInstaller ]]; then
@@ -441,12 +460,12 @@ installFromDMG() {
installFromPKG() {
# verify with spctl
printlog "Verifying: $archiveName"
if ! spctlout=$(spctl -a -vv -t install "$archiveName" 2>&1 ); then
printlog "Error verifying $archiveName"
cleanupAndExit 4
fi
teamID=$(echo $spctlout | awk -F '(' '/origin=/ {print $2 }' | tr -d '()' )
# Apple signed software has no teamID, grab entire origin instead
@@ -465,10 +484,11 @@ installFromPKG() {
# Check version of pkg to be installed if packageID is set
if [[ $packageID != "" && $appversion != "" ]]; then
printlog "Checking package version."
pkgutil --expand "$archiveName" "$archiveName"_pkg
#printlog "$(cat "$archiveName"_pkg/Distribution | xpath '//installer-gui-script/pkg-ref[@id][@version]' 2>/dev/null)"
appNewVersion=$(cat "$archiveName"_pkg/Distribution | xpath '//installer-gui-script/pkg-ref[@id][@version]' 2>/dev/null | grep -i "$packageID" | tr ' ' '\n' | grep -i version | cut -d \" -f 2) #sed -E 's/.*\"([0-9.]*)\".*/\1/g'
rm -r "$archiveName"_pkg
baseArchiveName=$(basename $archiveName)
expandedPkg="$tmpDir/${baseArchiveName}_pkg"
pkgutil --expand "$archiveName" "$expandedPkg"
appNewVersion=$(cat "$expandedPkg"/Distribution | xpath 'string(//installer-gui-script/pkg-ref[@id][@version]/@version)' 2>/dev/null )
rm -r "$expandedPkg"
printlog "Downloaded package $packageID version $appNewVersion"
if [[ $appversion == $appNewVersion ]]; then
printlog "Downloaded version of $name is the same as installed."
@@ -484,7 +504,7 @@ installFromPKG() {
fi
fi
fi
# skip install for DEBUG 1
if [ "$DEBUG" -eq 1 ]; then
printlog "DEBUG enabled, skipping installation"
@@ -494,7 +514,7 @@ installFromPKG() {
# skip install for DEBUG 2
if [ "$DEBUG" -eq 2 ]; then
printlog "DEBUG mode 2 enabled, exiting"
cleanupAndExit 0
cleanupAndExit 0
fi
# install pkg
@@ -508,17 +528,17 @@ installFromPKG() {
installFromZIP() {
# unzip the archive
printlog "Unzipping $archiveName"
# tar -xf "$archiveName"
# note: when you expand a zip using tar in Mojave the expanded
# app will never pass the spctl check
# unzip -o -qq "$archiveName"
# note: githubdesktop fails spctl verification when expanded
# with unzip
ditto -x -k "$archiveName" "$tmpDir"
installAppWithPath "$tmpDir/$appName"
}

53
fragments/header.sh
View File

@@ -23,8 +23,8 @@ export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# set to 0 for production, 1 or 2 for debugging
# while debugging, items will be downloaded to the parent directory of this script
# also no actual installation will be performed
# debug mode 1 will download to the directory the script is run in, but will not check version
# debug mode 2 will download to the temp directory, check for blocking processes, check version, but will not install anything or remove the current version
# debug mode 1 will download to the directory the script is run in, but will not check the version
# debug mode 2 will download to the temp directory, check for blocking processes, check the version, but will not install anything or remove the current version
DEBUG=1
# notify behavior
@@ -39,14 +39,14 @@ NOTIFY=success
BLOCKING_PROCESS_ACTION=tell_user
# options:
# - ignore continue even when blocking processes are found
# - quit app will be told to quit nicely, if running
# - quit app will be told to quit nicely if running
# - quit_kill told to quit twice, then it will be killed
# Could be great for service apps, if they do not respawn
# Could be great for service apps if they do not respawn
# - silent_fail exit script without prompt or installation
# - prompt_user show a user dialog for each blocking process found
# abort after three attempts to quit
# (only if user accepts to quit the apps, otherwise
# the update is cancelled).
# (only if the user accepts to quit the apps, otherwise
# the update is canceled).
# - prompt_user_then_kill
# show a user dialog for each blocking process found,
# attempt to quit two times, kill the process finally
@@ -54,10 +54,10 @@ BLOCKING_PROCESS_ACTION=tell_user
# Like prompt-user, but clicking "Not Now", will just wait an hour,
# and then it will ask again.
# WARNING! It might block the MDM agent on the machine, as
# the scripts gets stuct in waiting until the hour has passed,
# the scripts get stuck in waiting until the hour has passed,
# possibly blocking for other management actions in this time.
# - tell_user User will be showed a notification about the important update,
# but user is only allowed to quit and continue, and then we
# - tell_user User will be shown a notification about the important update,
# but the user is only allowed to quit and continue, and then we
# ask the app to quit.
# - tell_user_then_kill
# Show dialog 2 times, and if the quitting fails, the
@@ -81,18 +81,25 @@ LOGO=appstore
# App Store apps handling
IGNORE_APP_STORE_APPS=no
# options:
# - no If installed app is from App Store (which include VPP installed apps)
# it will not be touched, no matter it's version (default)
# - yes Replace App Store (and VPP) version of app and handle future
# - no If the installed app is from App Store (which include VPP installed apps)
# it will not be touched, no matter its version (default)
# - yes Replace App Store (and VPP) version of the app and handle future
# updates using Installomator, even if latest version.
# Shouldnt give any problems for the user in most cases.
# Known bad example: Slack will loose all settings.
# Known bad example: Slack will lose all settings.
# Owner of copied apps
SYSTEMOWNER=0
# options:
# - 0 Current user will be owner of copied apps, just like if they
# installed it themselves (default).
# - 1 root:wheel will be set on the copied app.
# Useful for shared machines.
# install behavior
INSTALL=""
# options:
# - When not set, software will only be installed
# - When not set, the software will only be installed
# if it is newer/different in version
# - force Install even if its the same version
@@ -100,9 +107,17 @@ INSTALL=""
# Re-opening of closed app
REOPEN="yes"
# options:
# - yes App wil be reopened if it was closed
# - yes App will be reopened if it was closed
# - no App not reopened
# Only let Installomator return the name of the label
# RETURN_LABEL_NAME=0
# options:
# - 1 Installomator will return the name of the label and exit, so last line of
# output will be that name. When Installomator is locally installed and we
# use DEPNotify, then DEPNotify can present a more nice name to the user,
# instead of just the label name.
# NOTE: How labels work
@@ -126,7 +141,7 @@ REOPEN="yes"
#
# - packageID: (optional)
# The package ID of a pkg
# If given, will be used to find version of installed software, instead of searching for an app.
# If given, will be used to find the version of installed software, instead of searching for an app.
# Usefull if a pkg does not install an app.
# See label installomator_st
#
@@ -136,7 +151,7 @@ REOPEN="yes"
#
# - appNewVersion: (optional)
# Version of the downloaded software.
# If given, it will be compared to installed version, to see if download is different.
# If given, it will be compared to the installed version, to see if the download is different.
# It does not check for newer or not, only different.
#
# - versionKey: (optional)
@@ -207,10 +222,10 @@ REOPEN="yes"
#
# - CLIInstaller:
# - CLIArguments:
# If the downloaded dmg is actually an installer that we can call using CLI, we can
# If the downloaded dmg is an installer that we can call using CLI, we can
# use these two variables for what to call.
# We need to define `name` for the installed app (to be version checked), as well as
# `installerTool` for the installer app (if named differently that `name`. Installomator
# `installerTool` for the installer app (if named differently than `name`. Installomator
# will add the path to the folder/disk image with the binary, and it will be called like this:
`$CLIInstaller $CLIArguments`
# For most installations `CLIInstaller` should contain the `installerTool` for the CLI call

8
fragments/labels/boxdrive.sh
View File

@@ -1,12 +1,6 @@
boxdrive)
# credit: Isaac Ordonez, Mann consulting (@mannconsulting)
name="Box"
type="pkg"
if [[ $(arch) == "arm64" ]]; then
#Note: https://support.box.com/hc/en-us/articles/1500004479962-Box-Drive-support-on-devices-with-M1-chips
downloadURL="https://e3.boxcdn.net/desktop/pre-releases/mac/BoxDrive.2.20.140-M1-beta.pkg"
elif [[ $(arch) == "i386" ]]; then
downloadURL="https://e3.boxcdn.net/box-installers/desktop/releases/mac/Box.pkg"
fi
downloadURL="https://e3.boxcdn.net/box-installers/desktop/releases/mac/Box.pkg"
expectedTeamID="M683GB7CPW"
;;

7
fragments/labels/iina Normal file
View File

@@ -0,0 +1,7 @@
iina)
name="IINA"
type="dmg"
downloadURL=$(downloadURLFromGit iina iina )
appNewVersion=$(versionFromGit iina iina )
expectedTeamID="67CQ77V27R"
;;

7
fragments/labels/itsycal.sh Normal file
View File

@@ -0,0 +1,7 @@
itsycal)
name="Itsycal"
type="zip"
downloadURL=$(curl -fs https://s3.amazonaws.com/itsycal/itsycal-apple-silicon.xml | xpath '(//rss/channel/item/enclosure/@url)[1]' 2>/dev/null | head -1 | cut -d '"' -f 2)
appNewVersion=$(curl -fs https://s3.amazonaws.com/itsycal/itsycal-apple-silicon.xml | xpath '(//rss/channel/item/enclosure/@sparkle:shortVersionString)[1]' 2>/dev/null | head -1 | cut -d '"' -f 2)
expectedTeamID="HFT3T55WND"
;;

13
fragments/labels/pritunl.sh Normal file
View File

@@ -0,0 +1,13 @@
pritunl)
name="Pritunl"
type="pkgInZip"
packageID="com.pritunl.pkg.Pritunl"
if [[ $(arch) == "arm64" ]]; then
archiveName="Pritunl.arm64.pkg.zip"
elif [[ $(arch) == "i386" ]]; then
archiveName="Pritunl.pkg.zip"
fi
downloadURL=$(downloadURLFromGit pritunl pritunl-client-electron)
appNewVersion=$(versionFromGit pritunl pritunl-client-electron)
expectedTeamID="U22BLATN63"
;;

8
fragments/labels/secretive.sh Normal file
View File

@@ -0,0 +1,8 @@
secretive)
name="Secretive"
type="zip"
downloadURL=$(downloadURLFromGit maxgoedjen secretive)
appNewVersion=$(versionFromGit maxgoedjen secretive)
expectedTeamID="Z72PRUAWF6"
;;

4
fragments/labels/textexpander.sh
View File

@@ -1,7 +1,7 @@
textexpander)
name="TextExpander"
type="dmg"
downloadURL="https://textexpander.com/cgi-bin/redirect.pl?cmd=download&platform=osx"
appNewVersion=$( curl -fsIL "https://textexpander.com/cgi-bin/redirect.pl?cmd=download&platform=osx" | grep -i "^location" | awk '{print $2}' | tail -1 | cut -d "_" -f2 | sed -nre 's/^[^0-9]*(([0-9]+\.)*[0-9]+).*/\1/p' )
downloadURL="https://cgi.textexpander.com/cgi-bin/redirect.pl?cmd=download&platform=osx"
appNewVersion=$( curl -fsIL "https://cgi.textexpander.com/cgi-bin/redirect.pl?cmd=download&platform=osx" | grep -i "^location" | awk '{print $2}' | tail -1 | cut -d "_" -f2 | sed -nre 's/^[^0-9]*(([0-9]+\.)*[0-9]+).*/\1/p' )
expectedTeamID="7PKJ6G4DXL"
;;

7
fragments/labels/tidal.sh Normal file
View File

@@ -0,0 +1,7 @@
tidal)
name="TIDAL"
type="dmg"
downloadURL="https://download.tidal.com/desktop/TIDAL.dmg"
appNewVersion=$(curl -fs https://update.tidal.com/updates/latest\?v\=1 | cut -d '"' -f4 | sed -E 's/https.*\/TIDAL\.([0-9.]*)\.zip/\1/g')
expectedTeamID="GK2243L7KB"
;;

12
fragments/main.sh
View File

@@ -5,6 +5,13 @@
;;
esac
# Are we only asked to return label name
if [[ $RETURN_LABEL_NAME -eq 1 ]]; then
printlog "Only returning label name."
printlog "$name"
echo "$name"
exit
fi
# MARK: application download and installation starts here
@@ -116,9 +123,8 @@ getAppVersion
printlog "appversion: $appversion"
# MARK: Exit if new version is the same as installed version (appNewVersion specified)
# credit: Søren Theilgaard (@theilgaard)
if [[ $INSTALL == "force" ]]; then
printlog "Using force to install, so not using updateTool."
if [[ "$type" != "updateronly" && ($INSTALL == "force" || $IGNORE_APP_STORE_APPS == "yes") ]]; then
printlog "Label is not of type “updateronly”, and its set to use force to install or ignoring app store apps, so not using updateTool."
updateTool=""
fi
if [[ -n $appNewVersion ]]; then