App Auto-Patch combines local application discovery, an Installomator integration, and user-friendly swiftDialog prompts to automate application patch management across Mac computers.
App Auto-Patch simplifies the process of taking an inventory of installed applications and patching them, eliminating the need for creating multiple Smart Groups, Policies, Patch Management Titles, etc., within Jamf Pro. It provides an easy solution for keeping end-users' applications updated with minimal effort.
This project has since been applied to MDMs outside of Jamf Pro, showcasing its versatility and adaptability.
- Fixed order of
get_installomatorandget_preferences - Complete re-write of logic to populate app names, icons, status and statustext in the various dialogs: Fixes missing icons, inconsistent app names, status and statustext updates
- Flipped buttons on deferral dialog so that Defer is the primary button, preventing accidental installs. Renamed
ContinuetoInstall Now
- Added App Auto-Patch Script Self Update functionality (Feature Request #128)
- Managed Config: Configure using the SelfUpdateEnabled | SelfUpdateFrequency keys
- CLI: Configure using the --self-update-enabled | --self-update-disabled | --self-update-frequency triggers. Force update using --force-self-update-check trigger
- Monthly Patching Cadence Functionality: Added the ability to set a Monthly Patching Cadence (e.g., Patch Tuesday).
- MonthlyPatchingCadenceEnabled (TRUE|FALSE)
- MonthlyPatchingCadenceOrdinalValue: Week of the month you want AAP to be scheduled (first|second|third|fourth|fifth|final)
- MonthlyPatchingCadenceWeekdayIndex: Day of the week you want AAP to be scheduled (sunday|monday|tuesday|wednesday|thursday|friday|saturday)
- MonthlyPatchingCadenceStartTime: Local time you want AAP to be scheduled (ex:
09:00:00)
- Standardize timestamp format and use actual timezones instead of hard-coded UTC. Cleaned up and adjusted NextAutoLaunch format to use date datatype (#152)
- Added check for appName in Installomator label to populate the correct app name to improve app detection (Issue #155)
- Updated logic to populate app icons correctly for apps not located in /Applications folder
- Added logic to check for appCustomVersion in Installomator label to pull the correct version of installed apps
- Fixed logic to clear the targetDir variable when scrubbing Installomator label fragments
- Fixed case on variables (Issue #178)
- Added logic to ignore PWA apps from Chrome & Edge (Issue #178)
- Added --reset-labels trigger functionality (Issue #171)
- Fixed error extraction from Installomator logs. Used in webhooks. The previous implementation returned null. (PR #174)
- Fixed Jamf Self Service Icon Overlay & added support for Jamf Self Service+ (PR #173)
- Added option to set the Dialog Icon to a custom filepath or URL via MDM or CLI (#179)
- New
restart_aapfunction to handle all LaunchDaemon restart logic - Fixed a bug that would result in a
Print: Entry, ":userInterface:dialogElements", Does Not Existmessage if no language entries exist in the PLIST - Logging improvements
- Added receipt support for patching events. Each app patched by App Auto Patch now writes a JSON receipt into the AAP management folder
/Library/Management/AppAutoPatch/receipts. Successful and failed patch attempts are recorded. - New
AAP-LatestPatchesJamf Pro EA makes reporting on app patching easy. The script will report the successful and failed patch attempts along with a timestamp, version, Installomator exit code, and status.
- Added multi-language support: Entries can be added to the managed configuration profile for multiple languages, based on the setting for the user in macOS
- Added --workflow-install-now-silent option which runs through the workflow without deferrals but does not display dialogs
- Added option to disable Installomator Updates using InstallomatorUpdateDisable TRUE,FALSE
- Added dialogTargetVersion and set to version 2.5.5 as minimum required due to issues with the deferral menu on older versions
App Auto-Patch 3.3 automatically installs itself and necessary components anytime it's ran from outside the working folder /Library/Management/AppAutoPatch/
For more information on getting started and testing, please visit the AAP 3.3.0 Wiki page for more information
- After installed, you can simply run
sudo appautopatchfrom terminal with any parameters to configure as you'd like. Examples:
sudo appautopatch --interactiveMode=2 --workflow-install-now --deadline-count-focus=2 --deadline-count-hard=4 --ignored-labels="microsoft* googlechrome* jamfconnect zoom* 1password* firefox* swiftdialog" --verbose-mode
Or trigger from the script directly to perform an install with parameters as you'd like. Example:
./App-Auto-Patch-via-Dialog.zsh --interactiveMode=2 --workflow-install-now --deadline-count-focus=2 --deadline-count-hard=4 --ignored-labels="microsoft* googlechrome* jamfconnect zoom* 1password* firefox* swiftdialog" --verbose-mode
-
You can find a mapping of 2.x variables to 3.3.0 configuration and command line options from the following TSV file: Migration Options
-
Profile Manifests to assist with building a configuration profile can be found in the Resources folder: Profile Manifests
-
An example configuration profile and a profile & plist containing all available options can be found in the resources: Example Configurations
-
To reset AAP to defaults:
./App-Auto-Patch-via-Dialog.zsh --reset-defaults -
Clear Ignored, Required, and Optional Labels:
./App-Auto-Patch-via-Dialog.zsh --reset-labels -
Uninstall App Auto Patch:
./App-Auto-Patch-via-Dialog.zsh --uninstall
Please review the wiki: App Auto-Patch Wiki
You can also join the conversation at the Mac Admins Foundation Slack in channel #app-auto-patch.
To everyone who has helped contribute to App Auto-Patch, including but not limited to:
- Robert Schroeder (@robjschroeder)
- Andrew Spokes (@TechTrekkie)
- Dan Snelson (@dan-snelson)
- Andrew Clark (@drtaru)
- Andrew Barnett (@andrewmbarnett)
- Trevor Sysock (@bigmacadmin)
- Bart Reardon (@bartreardon)
- Charles Mangin (@option8)
- Gil Burns (@gilburns)
- Armin Briegel (@scriptingosx)
- Isaac Ordonez (@issacatmann)
- Søren Theilgaard (@Theile)
- Adam Codega (@acodega)