macadmins / nudge Goto Github PK
View Code? Open in Web Editor NEWA tool for encouraging the installation of macOS security updates.
License: Apache License 2.0
A tool for encouraging the installation of macOS security updates.
License: Apache License 2.0
Python Nudge has a feature to randomly delay the launch by up to 1200 seconds.
maxRandomDelayInSeconds
with a default of 1200nudgeStartLogic()
functionThe one I made works but I was thinking about this:
A cute avatar with a sad/disappointed face looking down at a pending OS update
Currently in nudge it's shell outs. There must be a native way to do this in Swift
We should give the user an option to manually defer and then count that amount of times (+ calculate seconds deferred).
some ideas:
This giant PR on nudge python added support for mobileconfigs: macadmins/nudge-python#49
We need to add this support as well, so things can be managed via MDM.
where should it go?
I'm thinking /Applications/Utilities
where should the screenshots/json files exist?
do not do this for M1 macs
for @groob - I have no idea how this will work, but it would likely need to be some kind of custom plugin system.
I'm hesitant to support micromdm/ws1/etc within the app due me having to then support it.
Maybe there is a way to read files outside of the app bundle
In our environment we have users who care a lot about when they're expected to do something. I proposed the "update device" button changes to a dropdown with the following actions.
In our internal implementation of nudge we already have the first three options and the fourth is the most highly requested. People don't like getting nagged during meetings and will also refuse to touch their system while they're oncall, which is understandable.
needed for #7
the preference keys and the entire design should be redone.
I'd like to see something like
{
"os_requirements": {
"minimum_os": "11.3"
},
"user_interface": {
"en-us": {}
}
}
Also I think all the current key names are dumb and should be re-done as well.
currently it only renders via the embedded asset
This was likely an issue with python nudge only because it's a hack, but just check that the app doesn't double launch
Right now Nudge is going in the direction of a built-in timer, which would make the app also acts as a long running process.
The alternative is to have Nudge be managed by a LaunchAgent with a StartInterval. The system state would be evaluated at an interval and the GUI would be opened only if necessary.
There's pros/cons to both, but one of the advantages to a LaunchAgent is that it gives each admin a lot of flexibility to when the app is launched, without adding extra complexity to the code.
Thoughts?
Nudge and UMAD are the same but similar. Rather than make two tools, it would be nice if nudge could just be a universal tool.
so you can't force quit it.
eventually it would be cool to try experiments where people get aggressive ui and other weird UI behaviors.
Nudge could look at some file and then do it.
softwareupdate
and download updates without user interaction. We need to skip this unless apple changes the behavior in a future OS.Test prebuild using GitHub actions
softwareupdate
(does this work with Apple Silicon?)local JSON support.
we need an entire logging pipeline for this. It will need to write to some path nudge can have access to.
Note: We will not be sandboxing the app, so don't have to worry about logs being in the container.
I'm not sure how this will work, but I want to merge this repo directly into there with all the git history.
It may not be possible, but if anyone knows, I'm interested. :)
@groob mentioned that we can't just look at a single build we want to enforce because of forked builds.
Apple could potentially release one build of 11.3.0 and another build of it later.
We need to do the following:
requiredMinimumOSVersionBuild
to an arrayfullyUpdated()
to figure all of this out by moving to some new logic that utilizes equiredMinimumOSVersionBuild
Should be fun, you want to support both light and dark mode @erikng?
Every button on current nudge except for "Update Machine" is configurable. We need to add this support + fix that bug.
Given that we will be supporting MDM profiles, we shouldn't add https support for jsons. There is no point.
The one I made works but I was thinking about this:
A cute avatar with a sad/disappointed face looking down at a pending OS update
Right now because of the main
thread in SwiftUI, I believe it only works on Big Sur and higher.
We should refactor this to add Catalina support or see if there is some kind of if/else statement we can use. I'm not sure if we will be able to support 10.14 and lower with SwiftUI and to be honest, people can just deploy the python version if they need support there.
Currently, nudge in python has a bug where if you connect multi monitors, it might not render centered (not sure why).
We need to test for this behavior when nudge is launched with 2 or even 3 monitors. It needs to launch on the primary monitor only and move to new primary, always being centered.
deleted
I've had some client feedback about wanting a one-button solution instead of having the update trigger opening System Preferences - would it be possible to consider an alternative to "path_to_app" and "local_url_for_upgrade" that could run a supplied bash command?
where should it go?
Normal behavior:
Agressive behavior
NSWorkspace.sharedWorkspace().runningApplications()
and hide every singe appcode is a mess of me probably doing python style Swift code and also just banging my head on the wall until it all works.
The code will need a giant refactor. I am up for comments and suggestions.
Now that dark mode is covered, it kind of looks weird with a black/dark logo. We should support two logos and swap them depending on state
@rorymurdock this is for you :)
/Library/Preferences/com.github.macadmins.Nudge.json
and you can find a full example within the xcode project-demo
mode and how to invoke itAlso note that you don't have to specify all the keys. The following could be used as an example.
{
"optionalFeatures": {
"iconDarkPath": "/anywhere/logoDark.png",
"iconLightPath": "/anywhere/logoLight.png",
"informationButtonPath": "https://github.com/macadmins/Nudge",
"randomDelay": false,
"screenShotDarkPath": "/anywhere/screenShotDark.png",
"screenShotLightPath": "/anywhere/screenShotLight.png"
},
"osVersionRequirements": [
{
"majorUpgradeAppPath": "/Applications/Install macOS Big Sur.app",
"requiredInstallationDate": "2021-02-13T00:00:00Z",
"requiredMinimumOSVersion": "11.2.1",
"targetedOSVersions": [
"11.0",
"11.0.1",
"11.1",
"11.2"
]
}
],
"userInterface": {
"updateElements": {
"mainContentHeader": "A security update is required on your machine.",
"mainContentText": "A fully up-to-date device is required to ensure that we can adequately protect your computer.\n\nIf you do not update your computer, you may lose access to some items necessary for your day-to-day tasks including Wi-Fi.\n\nTo begin the update, simply click on the button below and follow the provided steps.",
"mainHeader": "macOS Update Available",
"subHeader": "A friendly reminder from your Client Platform Engineering (CPE) team"
}
}
}
I want GitHub Actions to build packages (not dmgs) of Nudge
This will then allow us to make an autopkg recipe so people can quickly deploy new versions. I prefer pkgs over dmgs as it's one less step for non-munki tooling
I've never done automated xcbuild
stuff so hoping someone else might already know what to do.
Currently if there's no config the app just crashes, let's allow it to launch with some defaults
now that we have a timer, we need to create the logic for the noTimers
key
this is especially important given: #41
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.