Skip to content

Commit

Permalink
Merge pull request #112 from deploymenttheory/release
Browse files Browse the repository at this point in the history 
Refactor macOS configuration profiles and packages***
  • Loading branch information
@ShocOne
ShocOne authored Apr 4, 2024
2 parents b268953 + 8f1c629 commit a01e25e
Show file tree
Hide file tree
Showing 4 changed files with 176 additions and 176 deletions.
160 changes: 80 additions & 80 deletions workload/terraform/jamfpro/accounts.tf
View file
Original file line number Diff line number Diff line change
@@ -1,90 +1,90 @@

# resource "jamfpro_account" "jamf_pro_account_001" {
# name = "tf-ghapipeline-account-custom-privileges-full-access"
# directory_user = false
# full_name = "micky mouse"
# password = "mySecretThing10" // Password must be at least 10 characters long. password not stored in state
# email = "[email protected]"
# enabled = "Enabled"
# force_password_change = true
# access_level = "Full Access" // Full Access / Site Access / Group Access
# privilege_set = "Custom" // "Administrator", "Auditor", "Enrollment Only", "Custom"
resource "jamfpro_account" "jamf_pro_account_001" {
name = "tf-ghapipeline-account-custom-privileges-full-access"
directory_user = false
full_name = "micky mouse"
password = "mySecretThing10" // Password must be at least 10 characters long. password not stored in state
email = "[email protected]"
enabled = "Enabled"
force_password_change = true
access_level = "Full Access" // Full Access / Site Access / Group Access
privilege_set = "Custom" // "Administrator", "Auditor", "Enrollment Only", "Custom"

# jss_objects_privileges = [
# "Create Categories",
# "Read Categories",
# "Update Categories",
# "Delete Categories",
# "Create Directory Bindings",
# "Read Directory Bindings",
# "Update Directory Bindings",
# "Delete Directory Bindings",
# "Create Dock Items",
# "Read Dock Items",
# "Update Dock Items",
# "Delete Dock Items",
# "Create Packages",
# "Read Packages",
# "Update Packages",
# "Delete Packages",
# "Create Printers",
# "Read Printers",
# "Update Printers",
# "Delete Printers",
# "Create Scripts",
# "Read Scripts",
# "Update Scripts",
# "Delete Scripts",
# ]
# jss_settings_privileges = ["Read SSO Settings", "Update User-Initiated Enrollment"]
# jss_actions_privileges = ["Flush Policy Logs"]
# casper_admin_privileges = ["Use Casper Admin", "Save With Casper Admin"]
jss_objects_privileges = [
"Create Categories",
"Read Categories",
"Update Categories",
"Delete Categories",
"Create Directory Bindings",
"Read Directory Bindings",
"Update Directory Bindings",
"Delete Directory Bindings",
"Create Dock Items",
"Read Dock Items",
"Update Dock Items",
"Delete Dock Items",
"Create Packages",
"Read Packages",
"Update Packages",
"Delete Packages",
"Create Printers",
"Read Printers",
"Update Printers",
"Delete Printers",
"Create Scripts",
"Read Scripts",
"Update Scripts",
"Delete Scripts",
]
jss_settings_privileges = ["Read SSO Settings", "Update User-Initiated Enrollment"]
jss_actions_privileges = ["Flush Policy Logs"]
casper_admin_privileges = ["Use Casper Admin", "Save With Casper Admin"]

# }
}


# resource "jamfpro_account" "jamf_pro_account_002" {
# name = "tf-ghapipeline-account-group-privileges-group-access"
# directory_user = false
# full_name = "jonny bravo"
# password = "mySecretThing10" // Password must be at least 10 characters long. password not stored in state
# email = "[email protected]"
# enabled = "Enabled"
# force_password_change = true
# access_level = "Group Access" // Full Access / Site Access / Group Access
# privilege_set = "Custom" // Must be "Custom" for group access
# groups {
# id = 195
# name = "tf-localtest-standard-group"
# }
# }
resource "jamfpro_account" "jamf_pro_account_002" {
name = "tf-ghapipeline-account-group-privileges-group-access"
directory_user = false
full_name = "jonny bravo"
password = "mySecretThing10" // Password must be at least 10 characters long. password not stored in state
email = "[email protected]"
enabled = "Enabled"
force_password_change = true
access_level = "Group Access" // Full Access / Site Access / Group Access
privilege_set = "Custom" // Must be "Custom" for group access
groups {
id = 195
name = "tf-localtest-standard-group"
}
}

# resource "jamfpro_account" "jamf_pro_account_003" {
# name = "tf-ghapipeline-account-custom-privileges-site-access"
# directory_user = false
# full_name = "donald duck"
# password = "securePassword" // Password must be at least 10 characters long. password not stored in state
# email = "[email protected]"
# enabled = "Enabled"
# force_password_change = true
# access_level = "Site Access" // Full Access / Site Access / Group Access
# privilege_set = "Custom"
resource "jamfpro_account" "jamf_pro_account_003" {
name = "tf-ghapipeline-account-custom-privileges-site-access"
directory_user = false
full_name = "donald duck"
password = "securePassword" // Password must be at least 10 characters long. password not stored in state
email = "[email protected]"
enabled = "Enabled"
force_password_change = true
access_level = "Site Access" // Full Access / Site Access / Group Access
privilege_set = "Custom"

# site {
# id = 967
# name = "test"
# }
site {
id = 967
name = "test"
}

# jss_objects_privileges = ["Create Advanced Computer Searches",
# "Read Advanced Computer Searches",
# "Update Advanced Computer Searches",
# "Delete Advanced Computer Searches",
# "Create Advanced Mobile Device Searches",
# "Read Advanced Mobile Device Searches",
# "Update Advanced Mobile Device Searches",
# "Delete Advanced Mobile Device Searches",
# ]
jss_objects_privileges = ["Create Advanced Computer Searches",
"Read Advanced Computer Searches",
"Update Advanced Computer Searches",
"Delete Advanced Computer Searches",
"Create Advanced Mobile Device Searches",
"Read Advanced Mobile Device Searches",
"Update Advanced Mobile Device Searches",
"Delete Advanced Mobile Device Searches",
]

# jss_actions_privileges = ["Allow User to Enroll", "Assign Users to Computers", "Assign Users to Mobile Devices", "Change Password"]
jss_actions_privileges = ["Allow User to Enroll", "Assign Users to Computers", "Assign Users to Mobile Devices", "Change Password"]

# }
}
36 changes: 18 additions & 18 deletions workload/terraform/jamfpro/macosconfigurationprofiles.tf
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,20 @@

# resource "jamfpro_macos_configuration_profile" "jamfpro_macos_configuration_profile_001" {
# name = "tf-ghatest-macosconfigprofile-accessibility-options"
# distribution_method = "Install Automatically"
# payload = file("${path.module}/support_files/configuration_profiles/accessibility-chara-nosub-test.mobileconfig")
# category {
# id = -1
# }
# scope {
# all_computers = false
# computer_ids = sort([17, 18])
# computer_group_ids = sort([53])
# jss_user_ids = [4]
# jss_user_group_ids = [4]
resource "jamfpro_macos_configuration_profile" "jamfpro_macos_configuration_profile_001" {
name = "tf-ghatest-macosconfigprofile-accessibility-options"
distribution_method = "Install Automatically"
payload = file("${path.module}/support_files/configuration_profiles/accessibility-chara-nosub-test.mobileconfig")
category {
id = -1
}
scope {
all_computers = false
computer_ids = sort([17, 18])
computer_group_ids = sort([53])
jss_user_ids = [4]
jss_user_group_ids = [4]

# exclusions {
# department_ids = [27653]
# }
# }
# }
exclusions {
department_ids = [27653]
}
}
}
50 changes: 25 additions & 25 deletions workload/terraform/jamfpro/packages.tf
View file
Original file line number Diff line number Diff line change
@@ -1,29 +1,29 @@

# resource "jamfpro_package" "jamfpro_package_001" {
# name = "tf-ghatest-package-suspiciouspackage"
# package_file_path = "support_files/packages/SuspiciousPackage.dmg"
# category = "Unknown"
# info = "tf package deployment for demonstration"
# notes = "This package is used for Terraform provider documentation example."
# priority = 10
# reboot_required = false
# fill_user_template = true
# fill_existing_users = true
# boot_volume_required = false
# allow_uninstalled = false
# os_requirements = "macOS 10.15.1, macOS 10.15.7"
# install_if_reported_available = false
# send_notification = true
# }
resource "jamfpro_package" "jamfpro_package_001" {
name = "tf-ghatest-package-suspiciouspackage"
package_file_path = "support_files/packages/SuspiciousPackage.dmg"
category = "Unknown"
info = "tf package deployment for demonstration"
notes = "This package is used for Terraform provider documentation example."
priority = 10
reboot_required = false
fill_user_template = true
fill_existing_users = true
boot_volume_required = false
allow_uninstalled = false
os_requirements = "macOS 10.15.1, macOS 10.15.7"
install_if_reported_available = false
send_notification = true
}

# data "jamfpro_package" "jamfpro_package_001_data" {
# id = jamfpro_package.jamfpro_package_001.id
# }
data "jamfpro_package" "jamfpro_package_001_data" {
id = jamfpro_package.jamfpro_package_001.id
}

# output "jamfpro_package_001_data_id" {
# value = data.jamfpro_package.jamfpro_package_001_data.id
# }
output "jamfpro_package_001_data_id" {
value = data.jamfpro_package.jamfpro_package_001_data.id
}

# output "jamfpro_package_001_data_name" {
# value = data.jamfpro_package.jamfpro_package_001_data.name
# }
output "jamfpro_package_001_data_name" {
value = data.jamfpro_package.jamfpro_package_001_data.name
}
106 changes: 53 additions & 53 deletions workload/terraform/jamfpro/scripts.tf
View file
Original file line number Diff line number Diff line change
@@ -1,65 +1,65 @@
# resource "jamfpro_script" "jamfpro_script_001" {
# name = "tf-ghatest-correct-application-permissions-v1.0"
# script_contents = file("${path.module}/support_files/scripts/Correct Application Permissions.sh")
# os_requirements = "13"
# priority = "BEFORE"
# info = "Adds target user or group to specified group membership, or removes said membership."
# notes = "Jamf Pro script parameters: 4 -> 7"
# parameter4 = "Google Chrome" // targetApplication
# }
resource "jamfpro_script" "jamfpro_script_001" {
name = "tf-ghatest-correct-application-permissions-v1.0"
script_contents = file("${path.module}/support_files/scripts/Correct Application Permissions.sh")
os_requirements = "13"
priority = "BEFORE"
info = "Adds target user or group to specified group membership, or removes said membership."
notes = "Jamf Pro script parameters: 4 -> 7"
parameter4 = "Google Chrome" // targetApplication
}

# data "jamfpro_script" "jamfpro_script_001_data" {
# id = jamfpro_script.jamfpro_script_001.id
# }
data "jamfpro_script" "jamfpro_script_001_data" {
id = jamfpro_script.jamfpro_script_001.id
}

# output "jamfpro_script_001_data_id" {
# value = data.jamfpro_script.jamfpro_script_001_data.id
# }
output "jamfpro_script_001_data_id" {
value = data.jamfpro_script.jamfpro_script_001_data.id
}

# output "jamfpro_script_001_data_name" {
# value = data.jamfpro_script.jamfpro_script_001_data.name
# }
output "jamfpro_script_001_data_name" {
value = data.jamfpro_script.jamfpro_script_001_data.name
}

# resource "jamfpro_script" "jamfpro_script_002" {
# name = "tf-ghatest-encrypt-apfs-volume-v5.0.1"
# script_contents = file("${path.module}/support_files/scripts/Encrypt APFS Volume.zsh")
# os_requirements = "13"
# priority = "BEFORE"
# info = "Adds target user or group to specified group membership, or removes said membership."
# notes = "Jamf Pro script parameters: 4"
# parameter4 = "/" // targetVolume
# }
resource "jamfpro_script" "jamfpro_script_002" {
name = "tf-ghatest-encrypt-apfs-volume-v5.0.1"
script_contents = file("${path.module}/support_files/scripts/Encrypt APFS Volume.zsh")
os_requirements = "13"
priority = "BEFORE"
info = "Adds target user or group to specified group membership, or removes said membership."
notes = "Jamf Pro script parameters: 4"
parameter4 = "/" // targetVolume
}

# data "jamfpro_script" "jamfpro_script_002_data" {
# id = jamfpro_script.jamfpro_script_002.id
# }
data "jamfpro_script" "jamfpro_script_002_data" {
id = jamfpro_script.jamfpro_script_002.id
}

# output "jamfpro_script_002_data_id" {
# value = data.jamfpro_script.jamfpro_script_002_data.id
# }
output "jamfpro_script_002_data_id" {
value = data.jamfpro_script.jamfpro_script_002_data.id
}

# output "jamfpro_script_002_data_name" {
# value = data.jamfpro_script.jamfpro_script_002_data.name
# }
output "jamfpro_script_002_data_name" {
value = data.jamfpro_script.jamfpro_script_002_data.name
}

# resource "jamfpro_script" "jamfpro_script_003" {
# name = "tf-ghatest-reset-safari-v2.1.4"
# script_contents = file("${path.module}/support_files/scripts/Reset Safari.sh")
# os_requirements = "13"
# priority = "BEFORE"
# info = "Deleting Safari preference files to reset to system default."
# notes = "Jamf Pro script parameters: none"
resource "jamfpro_script" "jamfpro_script_003" {
name = "tf-ghatest-reset-safari-v2.1.4"
script_contents = file("${path.module}/support_files/scripts/Reset Safari.sh")
os_requirements = "13"
priority = "BEFORE"
info = "Deleting Safari preference files to reset to system default."
notes = "Jamf Pro script parameters: none"

# }
}

# data "jamfpro_script" "jamfpro_script_003_data" {
# id = jamfpro_script.jamfpro_script_003.id
# }
data "jamfpro_script" "jamfpro_script_003_data" {
id = jamfpro_script.jamfpro_script_003.id
}

# output "jamfpro_script_003_data_id" {
# value = data.jamfpro_script.jamfpro_script_003_data.id
# }
output "jamfpro_script_003_data_id" {
value = data.jamfpro_script.jamfpro_script_003_data.id
}

# output "jamfpro_script_003_data_name" {
# value = data.jamfpro_script.jamfpro_script_003_data.name
# }
output "jamfpro_script_003_data_name" {
value = data.jamfpro_script.jamfpro_script_003_data.name
}

0 comments on commit a01e25e

Please sign in to comment.