From 711b5b5432c2501bf1b03239e829c20d24707ec7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 22 Dec 2024 08:49:20 +0000 Subject: [PATCH 1/8] [Automated] Update Api Privileges data for Jamf Pro Version (#541) Update Api Privileges data for Jamf Pro Version Co-authored-by: ShocOne <62835948+ShocOne@users.noreply.github.com> --- go.mod | 32 +++++++++---------- go.sum | 32 +++++++++++++++++++ .../resources/apiroles/api_privileges.json | 6 ++-- 3 files changed, 51 insertions(+), 19 deletions(-) diff --git a/go.mod b/go.mod index de8b4ecd..76bdf795 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ toolchain go1.22.9 require ( github.com/deploymenttheory/go-api-http-client v0.2.18 github.com/deploymenttheory/go-api-http-client-integrations v0.0.11 - github.com/deploymenttheory/go-api-sdk-jamfpro v1.16.0 + github.com/deploymenttheory/go-api-sdk-jamfpro v1.17.0 ) @@ -44,24 +44,24 @@ require ( github.com/antchfx/xpath v1.3.2 // indirect github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect github.com/armon/go-radix v1.0.0 // indirect - github.com/aws/aws-sdk-go-v2 v1.32.6 // indirect + github.com/aws/aws-sdk-go-v2 v1.32.7 // indirect github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7 // indirect - github.com/aws/aws-sdk-go-v2/config v1.28.6 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.17.47 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.21 // indirect + github.com/aws/aws-sdk-go-v2/config v1.28.7 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.17.48 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.22 // indirect github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.43 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.25 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.25 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.26 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.26 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect - github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.25 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.26 // indirect github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.6 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.6 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.6 // indirect - github.com/aws/aws-sdk-go-v2/service/s3 v1.71.0 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.24.7 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.6 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.33.2 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.7 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.7 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.7 // indirect + github.com/aws/aws-sdk-go-v2/service/s3 v1.71.1 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.24.8 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.7 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.33.3 // indirect github.com/aws/smithy-go v1.22.1 // indirect github.com/bgentry/speakeasy v0.1.0 // indirect github.com/bmatcuk/doublestar/v4 v4.7.1 // indirect @@ -112,7 +112,7 @@ require ( github.com/zclconf/go-cty v1.15.0 // indirect go.abhg.dev/goldmark/frontmatter v0.2.0 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/crypto v0.30.0 // indirect + golang.org/x/crypto v0.31.0 // indirect golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect golang.org/x/mod v0.21.0 // indirect golang.org/x/net v0.31.0 // indirect diff --git a/go.sum b/go.sum index 6ef5908a..2f33a1f1 100644 --- a/go.sum +++ b/go.sum @@ -27,40 +27,68 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/aws/aws-sdk-go-v2 v1.32.6 h1:7BokKRgRPuGmKkFMhEg/jSul+tB9VvXhcViILtfG8b4= github.com/aws/aws-sdk-go-v2 v1.32.6/go.mod h1:P5WJBrYqqbWVaOxgH0X/FYYD47/nooaPOZPlQdmiN2U= +github.com/aws/aws-sdk-go-v2 v1.32.7 h1:ky5o35oENWi0JYWUZkB7WYvVPP+bcRF5/Iq7JWSb5Rw= +github.com/aws/aws-sdk-go-v2 v1.32.7/go.mod h1:P5WJBrYqqbWVaOxgH0X/FYYD47/nooaPOZPlQdmiN2U= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7 h1:lL7IfaFzngfx0ZwUGOZdsFFnQ5uLvR0hWqqhyE7Q9M8= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7/go.mod h1:QraP0UcVlQJsmHfioCrveWOC1nbiWUl3ej08h4mXWoc= github.com/aws/aws-sdk-go-v2/config v1.28.6 h1:D89IKtGrs/I3QXOLNTH93NJYtDhm8SYa9Q5CsPShmyo= github.com/aws/aws-sdk-go-v2/config v1.28.6/go.mod h1:GDzxJ5wyyFSCoLkS+UhGB0dArhb9mI+Co4dHtoTxbko= +github.com/aws/aws-sdk-go-v2/config v1.28.7 h1:GduUnoTXlhkgnxTD93g1nv4tVPILbdNQOzav+Wpg7AE= +github.com/aws/aws-sdk-go-v2/config v1.28.7/go.mod h1:vZGX6GVkIE8uECSUHB6MWAUsd4ZcG2Yq/dMa4refR3M= github.com/aws/aws-sdk-go-v2/credentials v1.17.47 h1:48bA+3/fCdi2yAwVt+3COvmatZ6jUDNkDTIsqDiMUdw= github.com/aws/aws-sdk-go-v2/credentials v1.17.47/go.mod h1:+KdckOejLW3Ks3b0E3b5rHsr2f9yuORBum0WPnE5o5w= +github.com/aws/aws-sdk-go-v2/credentials v1.17.48 h1:IYdLD1qTJ0zanRavulofmqut4afs45mOWEI+MzZtTfQ= +github.com/aws/aws-sdk-go-v2/credentials v1.17.48/go.mod h1:tOscxHN3CGmuX9idQ3+qbkzrjVIx32lqDSU1/0d/qXs= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.21 h1:AmoU1pziydclFT/xRV+xXE/Vb8fttJCLRPv8oAkprc0= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.21/go.mod h1:AjUdLYe4Tgs6kpH4Bv7uMZo7pottoyHMn4eTcIcneaY= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.22 h1:kqOrpojG71DxJm/KDPO+Z/y1phm1JlC8/iT+5XRmAn8= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.22/go.mod h1:NtSFajXVVL8TA2QNngagVZmUtXciyrHOt7xgz4faS/M= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.43 h1:iLdpkYZ4cXIQMO7ud+cqMWR1xK5ESbt1rvN77tRi1BY= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.43/go.mod h1:OgbsKPAswXDd5kxnR4vZov69p3oYjbvUyIRBAAV0y9o= github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.25 h1:s/fF4+yDQDoElYhfIVvSNyeCydfbuTKzhxSXDXCPasU= github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.25/go.mod h1:IgPfDv5jqFIzQSNbUEMoitNooSMXjRSDkhXv8jiROvU= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.26 h1:I/5wmGMffY4happ8NOCuIUEWGUvvFp5NSeQcXl9RHcI= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.26/go.mod h1:FR8f4turZtNy6baO0KJ5FJUmXH/cSkI9fOngs0yl6mA= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.25 h1:ZntTCl5EsYnhN/IygQEUugpdwbhdkom9uHcbCftiGgA= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.25/go.mod h1:DBdPrgeocww+CSl1C8cEV8PN1mHMBhuCDLpXezyvWkE= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.26 h1:zXFLuEuMMUOvEARXFUVJdfqZ4bvvSgdGRq/ATcrQxzM= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.26/go.mod h1:3o2Wpy0bogG1kyOPrgkXA8pgIfEEv0+m19O9D5+W8y8= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc= github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.25 h1:r67ps7oHCYnflpgDy2LZU0MAQtQbYIOqNNnqGO6xQkE= github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.25/go.mod h1:GrGY+Q4fIokYLtjCVB/aFfCVL6hhGUFl8inD18fDalE= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.26 h1:GeNJsIFHB+WW5ap2Tec4K6dzcVTsRbsT1Lra46Hv9ME= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.26/go.mod h1:zfgMpwHDXX2WGoG84xG2H+ZlPTkJUU4YUvx2svLQYWo= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE= github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.6 h1:HCpPsWqmYQieU7SS6E9HXfdAMSud0pteVXieJmcpIRI= github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.6/go.mod h1:ngUiVRCco++u+soRRVBIvBZxSMMvOVMXA4PJ36JLfSw= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.7 h1:tB4tNw83KcajNAzaIMhkhVI2Nt8fAZd5A5ro113FEMY= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.7/go.mod h1:lvpyBGkZ3tZ9iSsUIcC2EWp+0ywa7aK3BLT+FwZi+mQ= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.6 h1:50+XsN70RS7dwJ2CkVNXzj7U2L1HKP8nqTd3XWEXBN4= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.6/go.mod h1:WqgLmwY7so32kG01zD8CPTJWVWM+TzJoOVHwTg4aPug= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.7 h1:8eUsivBQzZHqe/3FE+cqwfH+0p5Jo8PFM/QYQSmeZ+M= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.7/go.mod h1:kLPQvGUmxn/fqiCrDeohwG33bq2pQpGeY62yRO6Nrh0= github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.6 h1:BbGDtTi0T1DYlmjBiCr/le3wzhA37O8QTC5/Ab8+EXk= github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.6/go.mod h1:hLMJt7Q8ePgViKupeymbqI0la+t9/iYFBjxQCFwuAwI= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.7 h1:Hi0KGbrnr57bEHWM0bJ1QcBzxLrL/k2DHvGYhb8+W1w= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.7/go.mod h1:wKNgWgExdjjrm4qvfbTorkvocEstaoDl4WCvGfeCy9c= github.com/aws/aws-sdk-go-v2/service/s3 v1.71.0 h1:nyuzXooUNJexRT0Oy0UQY6AhOzxPxhtt4DcBIHyCnmw= github.com/aws/aws-sdk-go-v2/service/s3 v1.71.0/go.mod h1:sT/iQz8JK3u/5gZkT+Hmr7GzVZehUMkRZpOaAwYXeGY= +github.com/aws/aws-sdk-go-v2/service/s3 v1.71.1 h1:aOVVZJgWbaH+EJYPvEgkNhCEbXXvH7+oML36oaPK3zE= +github.com/aws/aws-sdk-go-v2/service/s3 v1.71.1/go.mod h1:r+xl5yzMk9083rMR+sJ5TYj9Tihvf/l1oxzZXDgGj2Q= github.com/aws/aws-sdk-go-v2/service/sso v1.24.7 h1:rLnYAfXQ3YAccocshIH5mzNNwZBkBo+bP6EhIxak6Hw= github.com/aws/aws-sdk-go-v2/service/sso v1.24.7/go.mod h1:ZHtuQJ6t9A/+YDuxOLnbryAmITtr8UysSny3qcyvJTc= +github.com/aws/aws-sdk-go-v2/service/sso v1.24.8 h1:CvuUmnXI7ebaUAhbJcDy9YQx8wHR69eZ9I7q5hszt/g= +github.com/aws/aws-sdk-go-v2/service/sso v1.24.8/go.mod h1:XDeGv1opzwm8ubxddF0cgqkZWsyOtw4lr6dxwmb6YQg= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.6 h1:JnhTZR3PiYDNKlXy50/pNeix9aGMo6lLpXwJ1mw8MD4= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.6/go.mod h1:URronUEGfXZN1VpdktPSD1EkAL9mfrV+2F4sjH38qOY= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.7 h1:F2rBfNAL5UyswqoeWv9zs74N/NanhK16ydHW1pahX6E= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.7/go.mod h1:JfyQ0g2JG8+Krq0EuZNnRwX0mU0HrwY/tG6JNfcqh4k= github.com/aws/aws-sdk-go-v2/service/sts v1.33.2 h1:s4074ZO1Hk8qv65GqNXqDjmkf4HSQqJukaLuuW0TpDA= github.com/aws/aws-sdk-go-v2/service/sts v1.33.2/go.mod h1:mVggCnIWoM09jP71Wh+ea7+5gAp53q+49wDFs1SW5z8= +github.com/aws/aws-sdk-go-v2/service/sts v1.33.3 h1:Xgv/hyNgvLda/M9l9qxXc4UFSgppnRczLxlMs5Ae/QY= +github.com/aws/aws-sdk-go-v2/service/sts v1.33.3/go.mod h1:5Gn+d+VaaRgsjewpMvGazt0WfcFO+Md4wLOuBfGR9Bc= github.com/aws/smithy-go v1.22.1 h1:/HPHZQ0g7f4eUeK6HKglFz8uwVfZKgoI25rb/J+dnro= github.com/aws/smithy-go v1.22.1/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= @@ -84,6 +112,8 @@ github.com/deploymenttheory/go-api-sdk-jamfpro v1.15.4 h1:UO/5AlhNixQAIZrd9F2Cu0 github.com/deploymenttheory/go-api-sdk-jamfpro v1.15.4/go.mod h1:nV+ER45OZ+qXCDb6K+pH5VMe/dllg67V9nTADfUbY+I= github.com/deploymenttheory/go-api-sdk-jamfpro v1.16.0 h1:RlZsQ5QXKqFogShwOG1dWupR8X4qCx9C940zbnsuaYs= github.com/deploymenttheory/go-api-sdk-jamfpro v1.16.0/go.mod h1:nV+ER45OZ+qXCDb6K+pH5VMe/dllg67V9nTADfUbY+I= +github.com/deploymenttheory/go-api-sdk-jamfpro v1.17.0 h1:ECHnydQ22YAnz0AZo3+JoTynixafTmADEsP3x3Flc5c= +github.com/deploymenttheory/go-api-sdk-jamfpro v1.17.0/go.mod h1:YrZpgUFq+cg04ujnua+AC9OrWxD7injm6qPo2pKEgnk= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= @@ -264,6 +294,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.30.0 h1:RwoQn3GkWiMkzlX562cLB7OxWvjH1L8xutO2WoJcRoY= golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df h1:UA2aFVmmsIlefxMk29Dp2juaUSth8Pyn3Tq5Y5mJGME= golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= diff --git a/internal/resources/apiroles/api_privileges.json b/internal/resources/apiroles/api_privileges.json index ce9bc551..322de81b 100644 --- a/internal/resources/apiroles/api_privileges.json +++ b/internal/resources/apiroles/api_privileges.json @@ -37,8 +37,8 @@ "Create Infrastructure Managers", "Create Inventory Preload Records", "Create JSON Web Token Configuration", + "Create Jamf Cloud Distribution Service Files", "Create Jamf Connect Deployments", - "Create Jamf Content Distribution Server Files", "Create Jamf Protect Deployments", "Create Keystore", "Create LDAP Servers", @@ -121,8 +121,8 @@ "Delete Infrastructure Managers", "Delete Inventory Preload Records", "Delete JSON Web Token Configuration", + "Delete Jamf Cloud Distribution Service Files", "Delete Jamf Connect Deployments", - "Delete Jamf Content Distribution Server Files", "Delete Jamf Protect Deployments", "Delete Keystores", "Delete LDAP Servers", @@ -236,9 +236,9 @@ "Read Inventory Preload Records", "Read JSON Web Token Configuration", "Read JSS URL", + "Read Jamf Cloud Distribution Service Files", "Read Jamf Connect Deployments", "Read Jamf Connect Settings", - "Read Jamf Content Distribution Server Files", "Read Jamf Protect Deployments", "Read Jamf Protect Settings", "Read Keystores", From b5ed58db5573351b9076de5e77ad4b9871866005 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 22 Dec 2024 08:50:09 +0000 Subject: [PATCH 2/8] [Automated] Update User Account Privileges data for Jamf Pro 11.12.1 (#543) Update User Account Privileges data for Jamf Pro 11.12.1 - Added privileges for version 11.12.1 - Updated version constants in validate.go Co-authored-by: ShocOne <62835948+ShocOne@users.noreply.github.com> --- .../11.12.1/jss_actions_privileges.json | 87 +++++ .../11.12.1/jss_objects_privileges.json | 336 ++++++++++++++++++ .../11.12.1/jss_settings_privileges.json | 86 +++++ .../common/jamfprivileges/validate.go | 6 +- 4 files changed, 512 insertions(+), 3 deletions(-) create mode 100644 internal/resources/common/jamfprivileges/privileges/11.12.1/jss_actions_privileges.json create mode 100644 internal/resources/common/jamfprivileges/privileges/11.12.1/jss_objects_privileges.json create mode 100644 internal/resources/common/jamfprivileges/privileges/11.12.1/jss_settings_privileges.json diff --git a/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_actions_privileges.json b/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_actions_privileges.json new file mode 100644 index 00000000..b2f2ee93 --- /dev/null +++ b/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_actions_privileges.json @@ -0,0 +1,87 @@ +[ + "Jamf Connect Deployment Retry", + "Remove restrictions set by Jamf Parent", + "Remove Jamf Parent management capabilities", + "CLEAR_TEACHER_PROFILE_PRIVILEGE", + "Jamf Packages Action", + "Send MDM Check In Command", + "Jamf Protect Deployment Retry", + "Allow User to Enroll", + "Assign Users to Mobile Devices", + "Assign Users to Computers", + "Enroll Computers", + "Enroll Mobile Devices", + "Change Password", + "View License Serial Numbers", + "Send Email to End Users via JSS", + "Send Computer Remote Lock Command", + "Send Computer Remote Wipe Command", + "Send Computer Unmanage Command", + "Send Computer Unlock User Account Command", + "Send Computer Delete User Account Command", + "Send Computer Set Activation Lock Command", + "View Disk Encryption Recovery Key", + "View Activation Lock Bypass Code", + "Flush Policy Logs", + "Send Computer Remote Command to Download and Install OS X Update", + "Send Computer Bluetooth Command", + "Send Computer Remote Desktop Command", + "Send Computer Remote Command to Install Package", + "Send Set Recovery Lock Command", + "View Recovery Lock", + "Send Inventory Requests to Mobile Devices", + "Send Mobile Device Remote Lock Command", + "Send Apply Redemption Code Command", + "Send Mobile Device Remove Passcode Command", + "Send Mobile Device Remove Restrictions Password Command", + "Send Mobile Device Remote Wipe Command", + "Send Mobile Device Set Activation Lock Command", + "Unmanage Mobile Devices", + "Send Mobile Device Managed Settings Command", + "Send Mobile Device Mirroring Command", + "Send Mobile Device Set Wallpaper Command", + "Update watchOS Enrollment Settings", + "Send Blank Pushes to Mobile Devices", + "Send Mobile Device Enable Voice Roaming Command", + "Send Mobile Device Disable Voice Roaming Command", + "Send Mobile Device Enable Data Roaming Command", + "Send Mobile Device Disable Data Roaming Command", + "Send Mobile Device Set Device Name Command", + "Send Mobile Device Remote Command to Download and Install iOS Update", + "Send Mobile Device Lost Mode Command", + "View Mobile Device Lost Mode Location", + "Send Mobile Device Shared iPad Commands", + "Send Mobile Device Diagnostics and Usage Reporting and App Analytics Commands", + "Send Software Update Settings Command", + "Send Mobile Device Restart Device Command", + "View JSS Information", + "Send Messages to Self Service Mobile", + "View Event Logs", + "Dismiss Notifications", + "Send Update Passcode Lock Grace Period Command", + "Send Mobile Device Shut Down Command", + "Send Mobile Device Bluetooth Command", + "Send Mobile Device Personal Hotspot Command", + "Send Mobile Device Refresh Cellular Plans Command", + "Send Command to Renew MDM Profile", + "Send Declarative Management Command", + "Flush MDM Commands", + "Send Mobile Device Shared Device Configuration Commands", + "Renewal of the Built-in Certificate Authority", + "View MDM command information in Jamf Pro API", + "Send MDM command information in Jamf Pro API", + "Send Set Timezone Command", + "Send Application Attributes Command", + "Send Enable Bootstrap Token Command", + "Send Disable Bootstrap Token Command", + "Send Mobile Device Software Update Recommendation Cadence Command", + "Update Local Admin Password Settings", + "View Local Admin Password", + "View Local Admin Password Audit History", + "Send Local Admin Password Command", + "Start Remote Assist Session", + "Edit Return To Service Configurations", + "View Return To Service Configurations", + "Delete Return To Service Configurations", + "Send Device Information Command" +] diff --git a/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_objects_privileges.json b/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_objects_privileges.json new file mode 100644 index 00000000..cf8f0a45 --- /dev/null +++ b/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_objects_privileges.json @@ -0,0 +1,336 @@ +[ + "Create Custom Paths", + "Read Custom Paths", + "Update Custom Paths", + "Delete Custom Paths", + "Create API Integrations", + "Read API Integrations", + "Update API Integrations", + "Delete API Integrations", + "Create API Roles", + "Read API Roles", + "Update API Roles", + "Delete API Roles", + "Create Self Service Branding Configuration", + "Read Self Service Branding Configuration", + "Update Self Service Branding Configuration", + "Delete Self Service Branding Configuration", + "Create Jamf Cloud Distribution Service Files", + "Read Jamf Cloud Distribution Service Files", + "Delete Jamf Cloud Distribution Service Files", + "Create Remote Administration", + "Read Remote Administration", + "Update Remote Administration", + "Delete Remote Administration", + "Create Managed Software Updates", + "Read Managed Software Updates", + "Update Managed Software Updates", + "Delete Managed Software Updates", + "Create Jamf Protect Deployments", + "Read Jamf Protect Deployments", + "Update Jamf Protect Deployments", + "Delete Jamf Protect Deployments", + "Create Jamf Connect Deployments", + "Read Jamf Connect Deployments", + "Update Jamf Connect Deployments", + "Delete Jamf Connect Deployments", + "Create Webhooks", + "Read Webhooks", + "Update Webhooks", + "Delete Webhooks", + "Create Maintenance Pages", + "Read Maintenance Pages", + "Update Maintenance Pages", + "Delete Maintenance Pages", + "Create Restricted Software", + "Read Restricted Software", + "Update Restricted Software", + "Delete Restricted Software", + "Create Patch Management Software Titles", + "Read Patch Management Software Titles", + "Update Patch Management Software Titles", + "Delete Patch Management Software Titles", + "Create VPP Invitations", + "Read VPP Invitations", + "Update VPP Invitations", + "Delete VPP Invitations", + "Create Advanced User Searches", + "Read Advanced User Searches", + "Update Advanced User Searches", + "Delete Advanced User Searches", + "Create Directory Bindings", + "Read Directory Bindings", + "Update Directory Bindings", + "Delete Directory Bindings", + "Create Mobile Device PreStage Enrollments", + "Read Mobile Device PreStage Enrollments", + "Update Mobile Device PreStage Enrollments", + "Delete Mobile Device PreStage Enrollments", + "Create File Attachments", + "Read File Attachments", + "Update File Attachments", + "Delete File Attachments", + "Create Enrollment Customizations", + "Read Enrollment Customizations", + "Update Enrollment Customizations", + "Delete Enrollment Customizations", + "Create Mobile Devices", + "Read Mobile Devices", + "Update Mobile Devices", + "Delete Mobile Devices", + "Create Sites", + "Read Sites", + "Update Sites", + "Delete Sites", + "Create Device Name Patterns", + "Read Device Name Patterns", + "Update Device Name Patterns", + "Delete Device Name Patterns", + "Create eBooks", + "Read eBooks", + "Update eBooks", + "Delete eBooks", + "Create Inventory Preload Records", + "Read Inventory Preload Records", + "Update Inventory Preload Records", + "Delete Inventory Preload Records", + "Create Mac Applications", + "Read Mac Applications", + "Update Mac Applications", + "Delete Mac Applications", + "Create Personal Device Configurations", + "Read Personal Device Configurations", + "Update Personal Device Configurations", + "Delete Personal Device Configurations", + "Create Policies", + "Read Policies", + "Update Policies", + "Delete Policies", + "Create Network Segments", + "Read Network Segments", + "Update Network Segments", + "Delete Network Segments", + "Create Personal Device Profiles", + "Read Personal Device Profiles", + "Update Personal Device Profiles", + "Delete Personal Device Profiles", + "Create Mobile Device Managed App Configurations", + "Read Mobile Device Managed App Configurations", + "Update Mobile Device Managed App Configurations", + "Delete Mobile Device Managed App Configurations", + "Create LDAP Servers", + "Read LDAP Servers", + "Update LDAP Servers", + "Delete LDAP Servers", + "Create iOS Configuration Profiles", + "Read iOS Configuration Profiles", + "Update iOS Configuration Profiles", + "Delete iOS Configuration Profiles", + "Create Keystore", + "Read Keystores", + "Update Keystores", + "Delete Keystores", + "Create Computer Extension Attributes", + "Read Computer Extension Attributes", + "Update Computer Extension Attributes", + "Delete Computer Extension Attributes", + "Create Smart User Groups", + "Read Smart User Groups", + "Update Smart User Groups", + "Delete Smart User Groups", + "Create Scripts", + "Read Scripts", + "Update Scripts", + "Delete Scripts", + "Create VPP Assignment", + "Read VPP Assignment", + "Update VPP Assignment", + "Delete VPP Assignment", + "Create Computer Enrollment Invitations", + "Read Computer Enrollment Invitations", + "Update Computer Enrollment Invitations", + "Delete Computer Enrollment Invitations", + "Create Disk Encryption Configurations", + "Read Disk Encryption Configurations", + "Update Disk Encryption Configurations", + "Delete Disk Encryption Configurations", + "Create Departments", + "Read Departments", + "Update Departments", + "Delete Departments", + "Create Infrastructure Managers", + "Read Infrastructure Managers", + "Update Infrastructure Managers", + "Delete Infrastructure Managers", + "Create iBeacon", + "Read iBeacon", + "Update iBeacon", + "Delete iBeacon", + "Create Device Enrollment Program Instances", + "Read Device Enrollment Program Instances", + "Update Device Enrollment Program Instances", + "Delete Device Enrollment Program Instances", + "Create Patch Policies", + "Read Patch Policies", + "Update Patch Policies", + "Delete Patch Policies", + "Create AirPlay Permissions", + "Read AirPlay Permissions", + "Update AirPlay Permissions", + "Delete AirPlay Permissions", + "Create User", + "Read User", + "Update User", + "Delete User", + "Create Printers", + "Read Printers", + "Update Printers", + "Delete Printers", + "Create Advanced User Content Searches", + "Read Advanced User Content Searches", + "Update Advanced User Content Searches", + "Delete Advanced User Content Searches", + "Create Static Mobile Device Groups", + "Read Static Mobile Device Groups", + "Update Static Mobile Device Groups", + "Delete Static Mobile Device Groups", + "Create Software Update Servers", + "Read Software Update Servers", + "Update Software Update Servers", + "Delete Software Update Servers", + "Create Advanced Mobile Device Searches", + "Read Advanced Mobile Device Searches", + "Update Advanced Mobile Device Searches", + "Delete Advanced Mobile Device Searches", + "Create Dock Items", + "Read Dock Items", + "Update Dock Items", + "Delete Dock Items", + "Create Smart Computer Groups", + "Read Smart Computer Groups", + "Update Smart Computer Groups", + "Delete Smart Computer Groups", + "Create User Extension Attributes", + "Read User Extension Attributes", + "Update User Extension Attributes", + "Delete User Extension Attributes", + "Create macOS Configuration Profiles", + "Read macOS Configuration Profiles", + "Update macOS Configuration Profiles", + "Delete macOS Configuration Profiles", + "Create Network Integration", + "Read Network Integration", + "Update Network Integration", + "Delete Network Integration", + "Create Static User Groups", + "Read Static User Groups", + "Update Static User Groups", + "Delete Static User Groups", + "Create Distribution Points", + "Read Distribution Points", + "Update Distribution Points", + "Delete Distribution Points", + "Create Enrollment Profiles", + "Read Enrollment Profiles", + "Update Enrollment Profiles", + "Delete Enrollment Profiles", + "Create Computer PreStage Enrollments", + "Read Computer PreStage Enrollments", + "Update Computer PreStage Enrollments", + "Delete Computer PreStage Enrollments", + "Create Attachment Assignments", + "Read Attachment Assignments", + "Update Attachment Assignments", + "Delete Attachment Assignments", + "Create Accounts", + "Read Accounts", + "Update Accounts", + "Delete Accounts", + "Create Mobile Device Applications", + "Read Mobile Device Applications", + "Update Mobile Device Applications", + "Delete Mobile Device Applications", + "Create Licensed Software", + "Read Licensed Software", + "Update Licensed Software", + "Delete Licensed Software", + "Create Patch External Source", + "Read Patch External Source", + "Update Patch External Source", + "Delete Patch External Source", + "Create Removable MAC Address", + "Read Removable MAC Address", + "Update Removable MAC Address", + "Delete Removable MAC Address", + "Create Mobile Device Extension Attributes", + "Read Mobile Device Extension Attributes", + "Update Mobile Device Extension Attributes", + "Delete Mobile Device Extension Attributes", + "Create Classes", + "Read Classes", + "Update Classes", + "Delete Classes", + "Create Buildings", + "Read Buildings", + "Update Buildings", + "Delete Buildings", + "Create Mobile Device Enrollment Invitations", + "Read Mobile Device Enrollment Invitations", + "Update Mobile Device Enrollment Invitations", + "Delete Mobile Device Enrollment Invitations", + "Create Categories", + "Read Categories", + "Update Categories", + "Delete Categories", + "Create Advanced Computer Searches", + "Read Advanced Computer Searches", + "Update Advanced Computer Searches", + "Delete Advanced Computer Searches", + "Create Computers", + "Read Computers", + "Update Computers", + "Delete Computers", + "Create Disk Encryption Institutional Configurations", + "Read Disk Encryption Institutional Configurations", + "Update Disk Encryption Institutional Configurations", + "Delete Disk Encryption Institutional Configurations", + "Create Peripheral Types", + "Read Peripheral Types", + "Update Peripheral Types", + "Delete Peripheral Types", + "Create Allowed File Extension", + "Read Allowed File Extension", + "Delete Allowed File Extension", + "Create Provisioning Profiles", + "Read Provisioning Profiles", + "Update Provisioning Profiles", + "Delete Provisioning Profiles", + "Create Packages", + "Read Packages", + "Update Packages", + "Delete Packages", + "Create Smart Mobile Device Groups", + "Read Smart Mobile Device Groups", + "Update Smart Mobile Device Groups", + "Delete Smart Mobile Device Groups", + "Create JSON Web Token Configuration", + "Read JSON Web Token Configuration", + "Update JSON Web Token Configuration", + "Delete JSON Web Token Configuration", + "Create Static Computer Groups", + "Read Static Computer Groups", + "Update Static Computer Groups", + "Delete Static Computer Groups", + "Create Volume Purchasing Locations", + "Read Volume Purchasing Locations", + "Update Volume Purchasing Locations", + "Delete Volume Purchasing Locations", + "Create Self Service Bookmarks", + "Read Self Service Bookmarks", + "Update Self Service Bookmarks", + "Delete Self Service Bookmarks", + "Create Push Certificates", + "Read Push Certificates", + "Update Push Certificates", + "Delete Push Certificates" +] diff --git a/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_settings_privileges.json b/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_settings_privileges.json new file mode 100644 index 00000000..f80f2b20 --- /dev/null +++ b/internal/resources/common/jamfprivileges/privileges/11.12.1/jss_settings_privileges.json @@ -0,0 +1,86 @@ +[ + "Read SSO Settings", + "Update SSO Settings", + "Read Automatically Renew MDM Profile Settings", + "Update Automatically Renew MDM Profile Settings", + "Read Computer Inventory Collection Settings", + "Update Computer Inventory Collection Settings", + "Read Login Disclaimer", + "Update Login Disclaimer", + "Read Parent App Settings", + "Update Parent App Settings", + "Read Teacher App Settings", + "Update Teacher App Settings", + "Read Onboarding Configuration", + "Update Onboarding Configuration", + "Read Engage Settings", + "Update Engage Settings", + "Read Device Compliance Information", + "Read Jamf Protect Settings", + "Update Jamf Protect Settings", + "Read Re-enrollment", + "Update Re-enrollment", + "Read App Request Settings", + "Update App Request Settings", + "Read Remote Assist", + "Update Remote Assist", + "Read Cloud Services Settings", + "Update Cloud Services Settings", + "Read Jamf Connect Settings", + "Update Jamf Connect Settings", + "Read Computer Check-In", + "Update Computer Check-In", + "Read Apache Tomcat Settings", + "Update Apache Tomcat Settings", + "Read Education Settings", + "Update Education Settings", + "Read Computer Inventory Collection", + "Update Computer Inventory Collection", + "Read Computer Security", + "Update Computer Security", + "Read PKI", + "Update PKI", + "Read Cloud Distribution Point", + "Update Cloud Distribution Point", + "Read Self Service", + "Update Self Service", + "Read Patch Management Settings", + "Update Patch Management Settings", + "Read SMTP Server", + "Update SMTP Server", + "Read Password Policy", + "Update Password Policy", + "Read Mobile Device Inventory Collection", + "Update Mobile Device Inventory Collection", + "Read User-Initiated Enrollment", + "Update User-Initiated Enrollment", + "Read JSS URL", + "Update JSS URL", + "Read Mobile Device Self Service", + "Update Mobile Device Self Service", + "Read Mobile Device App Maintenance Settings", + "Update Mobile Device App Maintenance Settings", + "Read Automatic Mac App Updates Settings", + "Update Automatic Mac App Updates Settings", + "Read Patch Internal Source", + "Read Clustering", + "Update Clustering", + "Read Conditional Access", + "Update Conditional Access", + "Read Change Management", + "Update Change Management", + "Read Cache", + "Update Cache", + "Read Computer Check-In", + "Update Computer Check-In", + "Read Limited Access Settings", + "Update Limited Access Settings", + "Read Retention Policy", + "Update Retention Policy", + "Read GSX Connection", + "Update GSX Connection", + "Read Apple Configurator Enrollment", + "Update Apple Configurator Enrollment", + "Read Activation Code", + "Update Activation Code" +] diff --git a/internal/resources/common/jamfprivileges/validate.go b/internal/resources/common/jamfprivileges/validate.go index 0cc25d7b..c97523b3 100644 --- a/internal/resources/common/jamfprivileges/validate.go +++ b/internal/resources/common/jamfprivileges/validate.go @@ -43,9 +43,9 @@ import ( var privilegesFS embed.FS const ( - LatestVersion = "11.11.1" - NMinus1Version = "11.10.2" - NMinus2Version = "11.10.1" + LatestVersion = "11.12.1" + NMinus1Version = "11.11.1" + NMinus2Version = "11.10.2" ) // PrivilegeSupport tracks which versions support a privilege From 98985c9d06e79b4d1ec00c7261a14364f6e0e55e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 22 Dec 2024 08:50:32 +0000 Subject: [PATCH 3/8] [Automated] Update App Catalog installer title data (#542) Update App Catalog Installer Title data Co-authored-by: ShocOne <62835948+ShocOne@users.noreply.github.com> --- .../app_catalog_app_installer_titles.json | 128 +++++++++--------- 1 file changed, 64 insertions(+), 64 deletions(-) diff --git a/internal/resources/appinstallers/app_catalog_app_installer_titles.json b/internal/resources/appinstallers/app_catalog_app_installer_titles.json index ca35b0aa..318fc797 100644 --- a/internal/resources/appinstallers/app_catalog_app_installer_titles.json +++ b/internal/resources/appinstallers/app_catalog_app_installer_titles.json @@ -7,7 +7,7 @@ "titleName": "Adobe Lightroom Classic", "publisher": "Adobe", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/027.png", - "version": "14.1", + "version": "14.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -73,7 +73,7 @@ "titleName": "Microsoft OneDrive", "publisher": "Microsoft", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/09D.png", - "version": "24.211.1020.0001", + "version": "24.226.1110.0004", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -161,7 +161,7 @@ "titleName": "Microsoft Visual Studio Code", "publisher": "Microsoft", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0AF.png", - "version": "1.96.0", + "version": "1.96.2", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -183,7 +183,7 @@ "titleName": "Google Chrome", "publisher": "Google", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0BC.png", - "version": "131.0.6778.140", + "version": "131.0.6778.205", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -205,7 +205,7 @@ "titleName": "Microsoft Skype", "publisher": "Microsoft", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0BF.png", - "version": "8.133.0.202", + "version": "8.134.0.202", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -249,7 +249,7 @@ "titleName": "GitHub Desktop", "publisher": "GitHub", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0C8.png", - "version": "3.4.10", + "version": "3.4.12", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -282,7 +282,7 @@ "titleName": "Spotify", "publisher": "Spotify", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0E8.png", - "version": "1.2.52.442", + "version": "1.2.53.438", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -293,7 +293,7 @@ "titleName": "Vivi", "publisher": "Vivi International", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0E9.png", - "version": "3.8.4", + "version": "3.9.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -304,7 +304,7 @@ "titleName": "JetBrains IntelliJ IDEA Community", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0EA.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -315,7 +315,7 @@ "titleName": "JetBrains IntelliJ IDEA Ultimate", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0EB.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -326,7 +326,7 @@ "titleName": "JetBrains PhpStorm", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0EC.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -337,7 +337,7 @@ "titleName": "JetBrains PyCharm Community", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0ED.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -348,7 +348,7 @@ "titleName": "JetBrains PyCharm Professional", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0EE.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -359,7 +359,7 @@ "titleName": "JetBrains RubyMine", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0EF.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -370,7 +370,7 @@ "titleName": "JetBrains WebStorm", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0F0.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -392,7 +392,7 @@ "titleName": "Zoom Client for Meetings", "publisher": "Zoom Video Communications", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0F9.png", - "version": "6.2.11 (43613)", + "version": "6.3.0 (44805)", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -436,7 +436,7 @@ "titleName": "Dropbox", "publisher": "Dropbox", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/10B.png", - "version": "213.4.4597", + "version": "214.4.5217", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -447,7 +447,7 @@ "titleName": "Evernote", "publisher": "Evernote", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/10C.png", - "version": "10.119.2", + "version": "10.120.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -469,7 +469,7 @@ "titleName": "Postman", "publisher": "Postman", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/11E.png", - "version": "11.22.0", + "version": "11.23.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -524,7 +524,7 @@ "titleName": "Docker Desktop", "publisher": "Docker", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/156.png", - "version": "4.37.0", + "version": "4.37.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -535,7 +535,7 @@ "titleName": "Google Drive", "publisher": "Google", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/157.png", - "version": "100.0.2", + "version": "101.0.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -546,7 +546,7 @@ "titleName": "Mattermost", "publisher": "Mattermost", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/173.png", - "version": "5.10.1", + "version": "5.10.2", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -557,7 +557,7 @@ "titleName": "Insomnia", "publisher": "Kong Inc.", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/184.png", - "version": "10.2.0", + "version": "10.3.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -590,7 +590,7 @@ "titleName": "Brave Browser", "publisher": "Brave", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/1B7.png", - "version": "131.1.73.101", + "version": "131.1.73.104", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -623,7 +623,7 @@ "titleName": "TeamViewer 15", "publisher": "TeamViewer", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/1C2.png", - "version": "15.60.3", + "version": "15.61.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -634,7 +634,7 @@ "titleName": "TeamViewer 15 Host", "publisher": "TeamViewer", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/1C3.png", - "version": "15.60.3", + "version": "15.61.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -645,7 +645,7 @@ "titleName": "TeamViewer 15 QuickSupport", "publisher": "TeamViewer", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/1C4.png", - "version": "15.60.3", + "version": "15.61.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -667,7 +667,7 @@ "titleName": "Microsoft Edge", "publisher": "Microsoft", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/1D4.png", - "version": "131.0.2903.99", + "version": "131.0.2903.112", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -678,7 +678,7 @@ "titleName": "Google Earth Pro", "publisher": "Google", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/1DB.png", - "version": "7.3.6.9796", + "version": "7.3.6.10155", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -700,7 +700,7 @@ "titleName": "JetBrains CLion", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/206.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -722,7 +722,7 @@ "titleName": "Discord", "publisher": "Discord", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/22D.png", - "version": "0.0.329", + "version": "0.0.330", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -755,7 +755,7 @@ "titleName": "Box Drive", "publisher": "Box", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/269.png", - "version": "2.41.226", + "version": "2.42.212", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -777,7 +777,7 @@ "titleName": "JetBrains DataGrip", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/291.png", - "version": "2024.3.2", + "version": "2024.3.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -854,7 +854,7 @@ "titleName": "TeamViewer 15 QuickJoin", "publisher": "TeamViewer", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/341.png", - "version": "15.60.3", + "version": "15.61.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -876,7 +876,7 @@ "titleName": "Sublime Text 4", "publisher": "Sublime HQ", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/355.png", - "version": "Build 4180", + "version": "Build 4189", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -887,7 +887,7 @@ "titleName": "Root3 Support", "publisher": "Root3", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/365.png", - "version": "2.6", + "version": "2.6.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -953,7 +953,7 @@ "titleName": "VyprVPN", "publisher": "Golden Frog", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/42E.png", - "version": "5.2.0", + "version": "5.2.4.10748", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -975,7 +975,7 @@ "titleName": "Grammarly Desktop", "publisher": "Grammarly", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/4D4.png", - "version": "1.99.3", + "version": "1.100.2", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -997,7 +997,7 @@ "titleName": "JetBrains DataSpell", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/4E6.png", - "version": "2024.3.1", + "version": "2024.3.1.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1151,7 +1151,7 @@ "titleName": "Adobe Animate 2023", "publisher": "Adobe", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/538.png", - "version": "23.0.9", + "version": "23.0.10", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1217,7 +1217,7 @@ "titleName": "VMware Fusion 13", "publisher": "VMware", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/547.png", - "version": "13.6.1", + "version": "13.6.2", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1228,7 +1228,7 @@ "titleName": "TablePlus", "publisher": "TablePlus", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/549.png", - "version": "6.2.0", + "version": "6.2.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1239,7 +1239,7 @@ "titleName": "swiftDialog", "publisher": "Bart Reardon", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/550.png", - "version": "2.5.4", + "version": "2.5.5", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1283,7 +1283,7 @@ "titleName": "Podman Desktop", "publisher": "Podman Desktop", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/5AD.png", - "version": "1.14.2", + "version": "1.15.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1305,7 +1305,7 @@ "titleName": "Daylite", "publisher": "Marketcircle", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/5B1.png", - "version": "2024.47.0", + "version": "2024.50.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1349,7 +1349,7 @@ "titleName": "Cloudflare WARP", "publisher": "Cloudflare", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/621.png", - "version": "2024.11.309.0", + "version": "2024.12.554.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1360,7 +1360,7 @@ "titleName": "Jamf Composer", "publisher": "Jamf", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/Composer.png", - "version": "11.12.0", + "version": "11.12.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1382,7 +1382,7 @@ "titleName": "Cypress", "publisher": "Cypress.io", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/54C.png", - "version": "13.16.1", + "version": "13.17.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1393,7 +1393,7 @@ "titleName": "Adobe Photoshop 2024", "publisher": "Adobe", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/5C4.png", - "version": "25.12.0", + "version": "25.12.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1404,7 +1404,7 @@ "titleName": "Adobe Bridge 2024", "publisher": "Adobe", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/5C5.png", - "version": "14.1.4", + "version": "14.1.5", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1415,7 +1415,7 @@ "titleName": "Microsoft Teams", "publisher": "Microsoft", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/5E3.png", - "version": "24295.615.3297.8324", + "version": "24335.204.3298.2649", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1492,7 +1492,7 @@ "titleName": "Adobe Animate 2024", "publisher": "Adobe", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/5EB.png", - "version": "24.0.6", + "version": "24.0.7", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1778,7 +1778,7 @@ "titleName": "Arc", "publisher": "The Browser Company", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/5C6.png", - "version": "1.73.0", + "version": "1.74.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1811,7 +1811,7 @@ "titleName": "Jetbrains Aqua", "publisher": "JetBrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/640.png", - "version": "2024.3", + "version": "2024.3.1", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1822,7 +1822,7 @@ "titleName": "Jetbrains RustRover", "publisher": "Jetbrains", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/641.png", - "version": "2024.3.1", + "version": "2024.3.2", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1844,7 +1844,7 @@ "titleName": "LibreOffice", "publisher": "The Document Foundation", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/0F2.png", - "version": "24.8.3.2", + "version": "24.8.4.2", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1921,7 +1921,7 @@ "titleName": "Asana", "publisher": "Asana", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/4F8.png", - "version": "2.2.3", + "version": "2.3.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1932,7 +1932,7 @@ "titleName": "DeepL", "publisher": "DeepL", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/637.png", - "version": "24.11.21416769", + "version": "24.12.11514700", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1943,7 +1943,7 @@ "titleName": "Mendeley Reference Manager", "publisher": "Elsevier", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/626.png", - "version": "2.127.1", + "version": "2.128.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1976,7 +1976,7 @@ "titleName": "Microsoft Windows App", "publisher": "Microsoft", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/67E.png", - "version": "11.0.7", + "version": "11.0.8", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -1987,7 +1987,7 @@ "titleName": "Parallels Desktop 20", "publisher": "Parallels International", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/680.png", - "version": "20.1.2", + "version": "20.1.3", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -2097,7 +2097,7 @@ "titleName": "Adobe Photoshop 2025", "publisher": "Adobe", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/675.png", - "version": "26.1.0", + "version": "26.2.0", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -2119,7 +2119,7 @@ "titleName": "Proxyman", "publisher": "Proxyman", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/2D6.png", - "version": "5.11.0", + "version": "5.12.2", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null @@ -2141,7 +2141,7 @@ "titleName": "Cisco Jabber", "publisher": "Cisco Systems", "iconUrl": "https://appinstallers-packages.services.jamfcloud.com/icons/17F.png", - "version": "15.0.1", + "version": "15.0.2", "launchDaemonIncluded": null, "notificationAvailable": null, "suppressAutoUpdate": null From 0d56b960ba9f3137a94028fb96ffbfb752f4cd94 Mon Sep 17 00:00:00 2001 From: ShocOne <62835948+ShocOne@users.noreply.github.com> Date: Mon, 23 Dec 2024 10:12:55 +0000 Subject: [PATCH 4/8] =?UTF-8?q?feat:=20update=20app=20installer=20retrieva?= =?UTF-8?q?l=20method=20and=20add=20automated=20workflo=E2=80=A6=20(#544)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit feat: update app installer retrieval method and add automated workflows for dependency management and documentation generation --- .github/workflows/auto-merge-dependabot.yml | 25 +++++++ .github/workflows/dependancy-review.yml | 24 +++++++ .github/workflows/generate-docs.yml | 76 +++++++++++++++++++++ .github/workflows/pr-title-validation.yml | 48 +++++++++++++ internal/resources/appinstallers/crud.go | 2 +- 5 files changed, 174 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/auto-merge-dependabot.yml create mode 100644 .github/workflows/dependancy-review.yml create mode 100644 .github/workflows/generate-docs.yml create mode 100644 .github/workflows/pr-title-validation.yml diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml new file mode 100644 index 00000000..0ecf2227 --- /dev/null +++ b/.github/workflows/auto-merge-dependabot.yml @@ -0,0 +1,25 @@ +name: Auto-Merge Dependabot + +on: + pull_request: + +jobs: + auto-merge: + name: '🤖 Auto-Merge Dependabot' + runs-on: ubuntu-latest + if: github.actor == 'dependabot[bot]' + steps: + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + + - uses: actions/checkout@v4.2.2 + with: + fetch-depth: 0 + + - uses: ahmadnassri/action-dependabot-auto-merge@v2.6.6 + with: + target: minor + github-token: ${{ secrets.DEPENDABOT_PAT }} \ No newline at end of file diff --git a/.github/workflows/dependancy-review.yml b/.github/workflows/dependancy-review.yml new file mode 100644 index 00000000..0a79edaa --- /dev/null +++ b/.github/workflows/dependancy-review.yml @@ -0,0 +1,24 @@ +name: 'Dependency Review' +on: [pull_request] + +permissions: + contents: read + +jobs: + dependency-review: + name: '🔎 Dependency Review' + runs-on: ubuntu-latest + steps: + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + + - name: 'Checkout Repository' + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: 'Dependency Review' + uses: actions/dependency-review-action@v4 \ No newline at end of file diff --git a/.github/workflows/generate-docs.yml b/.github/workflows/generate-docs.yml new file mode 100644 index 00000000..6a3e23a4 --- /dev/null +++ b/.github/workflows/generate-docs.yml @@ -0,0 +1,76 @@ +name: Generate Docs + +on: + pull_request: + branches: + - main + paths-ignore: + - '.github/**/*' + - 'scripts/**/*' + workflow_dispatch: + +permissions: + contents: write # Required to update documentation in the repo + pull-requests: write + +jobs: + provider-docs: + name: '📚 Generate Go and TF Provider Docs' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4.2.2 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - uses: actions/setup-go@v5.2.0 + with: + cache: true + go-version-file: 'go.mod' + + - uses: hashicorp/setup-terraform@v3.1.2 + with: + terraform_version: '1.10.2' + terraform_wrapper: true + + # Creates provider documentation for godoc.org and pkg.go.dev + - name: 'go generate' + run: go generate ./... + + # Format all Terraform files + - name: Format Terraform files + run: | + find . -type f -name "*.tf" -exec terraform fmt {} \; + + # Creates provider documentation for Terraform + - name: Generate tf docs + run: | + go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs + cd $GITHUB_WORKSPACE + tfplugindocs generate --examples-dir $GITHUB_WORKSPACE/examples + + - name: Check for changes in generated Go docs and formatted Terraform files + id: go-gen-check + run: | + if [[ -n $(git status --porcelain) ]]; then + echo "changes=true" >> $GITHUB_OUTPUT + else + echo "changes=false" >> $GITHUB_OUTPUT + fi + + - name: Commit changes in Go + provider docs and Terraform formatting + if: steps.go-gen-check.outputs.changes == 'true' + uses: stefanzweifel/git-auto-commit-action@v5.0.1 + with: + commit_message: "chore: update go documentation, provider documentation and format terraform files" + file_pattern: '**/*.go **/*.tf docs/**/*' + + commit_options: '--no-verify --signoff' + commit_user_name: "GitHub Actions Bot" + commit_user_email: "github-actions[bot]@users.noreply.github.com" + commit_author: "GitHub Actions Bot " + status_options: '--untracked-files=no' + add_options: '-u' + push_options: '--force' + skip_dirty_check: false + skip_fetch: true + skip_checkout: true \ No newline at end of file diff --git a/.github/workflows/pr-title-validation.yml b/.github/workflows/pr-title-validation.yml new file mode 100644 index 00000000..9d8706ac --- /dev/null +++ b/.github/workflows/pr-title-validation.yml @@ -0,0 +1,48 @@ +name: PR Title Validation + +on: + pull_request: + types: [opened, edited, synchronize, reopened] + +jobs: + validate-pr-title: + name: '✅ Validate PR Title' + runs-on: ubuntu-latest + steps: + - name: Check PR Title + run: | + PR_TITLE="${{ github.event.pull_request.title }}" + PATTERN="^(([Ff]eat|[Ff]ix|[Dd]ocs|[Ss]tyle|[Rr]efactor|[Tt]est|[Cc]hore|[Bb]uild|[Cc]i|[Pp]erf)(\(.+\))?: .+|dependabot.*)$" + + if ! echo "$PR_TITLE" | grep -qE "$PATTERN"; then + echo "❌ ERROR: Invalid PR title format" + echo "" + echo "Got PR title: $PR_TITLE" + echo "" + echo "PR titles must:" + echo "1. Start with one of these prefixes (case-insensitive first letter):" + echo " - feat / Feat (for new features)" + echo " - fix / Fix (for bug fixes)" + echo " - docs / Docs (for documentation)" + echo " - style / Style (for formatting)" + echo " - refactor / Refactor (for code restructuring)" + echo " - test / Test (for adding tests)" + echo " - chore / Chore (for maintenance)" + echo " - build / Build (for build system)" + echo " - ci / CI (for CI/CD)" + echo " - perf / Perf (for performance)" + echo "" + echo "2. Optionally include a scope in parentheses after the type" + echo "" + echo "3. Include a description after a colon and space" + echo "" + echo "Examples:" + echo "✅ feat: add new resource" + echo "✅ feat(api): add new endpoint" + echo "✅ fix: resolve connection timeout" + echo "✅ fix(database): fix query performance" + echo "✅ dependabot: bump lodash from 4.17.20 to 4.17.21" + exit 1 + fi + + echo "✅ PR title '$PR_TITLE' follows the conventional commit format and is compatible with the release-please" \ No newline at end of file diff --git a/internal/resources/appinstallers/crud.go b/internal/resources/appinstallers/crud.go index 2d7982dd..2d8c98b0 100644 --- a/internal/resources/appinstallers/crud.go +++ b/internal/resources/appinstallers/crud.go @@ -66,7 +66,7 @@ func read(ctx context.Context, d *schema.ResourceData, meta interface{}, cleanup var response *jamfpro.ResourceJamfAppCatalogDeployment err := retry.RetryContext(ctx, d.Timeout(schema.TimeoutRead), func() *retry.RetryError { var apiErr error - response, apiErr = client.GetJamfAppCatalogAppInstallerDeploymentByID(resourceID) + response, apiErr = client.GetJamfAppCatalogAppInstallerByID(resourceID) if apiErr != nil { return retry.RetryableError(apiErr) } From 628b68b790aab9561a391d85fbf2d6c8416a7fc0 Mon Sep 17 00:00:00 2001 From: ShocOne <62835948+ShocOne@users.noreply.github.com> Date: Mon, 23 Dec 2024 10:24:29 +0000 Subject: [PATCH 5/8] fix: pipeline testing for tf docs (#546) * feat: update GitHub Actions workflows to use latest terraform-docs version and enhance documentation generation * chore: comment out tf docs generation step in workflow --- .github/workflows/documentation.yml | 4 ++-- .github/workflows/generate-docs.yml | 22 +++++++++++++++++----- 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml index 0a1dcb7c..3ccfcd23 100644 --- a/.github/workflows/documentation.yml +++ b/.github/workflows/documentation.yml @@ -7,9 +7,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Source - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.2 - name: Render terraform docs and push changes back to PR - uses: terraform-docs/gh-actions@main + uses: terraform-docs/gh-actions@v1.3.0 with: working-dir: examples/ git-push: "true" diff --git a/.github/workflows/generate-docs.yml b/.github/workflows/generate-docs.yml index 6a3e23a4..ec7d843e 100644 --- a/.github/workflows/generate-docs.yml +++ b/.github/workflows/generate-docs.yml @@ -42,11 +42,23 @@ jobs: find . -type f -name "*.tf" -exec terraform fmt {} \; # Creates provider documentation for Terraform - - name: Generate tf docs - run: | - go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs - cd $GITHUB_WORKSPACE - tfplugindocs generate --examples-dir $GITHUB_WORKSPACE/examples + - name: Render terraform docs and push changes back to PR + uses: terraform-docs/gh-actions@v1.3.0 + with: + working-dir: examples/ + git-push: "true" + output-format: markdown document + output-file: USAGE.md + output-method: replace + args: --sensitive=false --hide requirements --required=false + indention: 3 + config-file: .terraform-docs.yml + + # - name: Generate tf docs + # run: | + # go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs + # cd $GITHUB_WORKSPACE + # tfplugindocs generate --examples-dir $GITHUB_WORKSPACE/examples - name: Check for changes in generated Go docs and formatted Terraform files id: go-gen-check From aa637a6e3984fae2629c77f8db01d0dba5da5e96 Mon Sep 17 00:00:00 2001 From: ShocOne <62835948+ShocOne@users.noreply.github.com> Date: Mon, 23 Dec 2024 10:57:04 +0000 Subject: [PATCH 6/8] Update generate-docs.yml (#548) --- .github/workflows/generate-docs.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/generate-docs.yml b/.github/workflows/generate-docs.yml index ec7d843e..8c496b63 100644 --- a/.github/workflows/generate-docs.yml +++ b/.github/workflows/generate-docs.yml @@ -54,11 +54,11 @@ jobs: indention: 3 config-file: .terraform-docs.yml - # - name: Generate tf docs - # run: | - # go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs - # cd $GITHUB_WORKSPACE - # tfplugindocs generate --examples-dir $GITHUB_WORKSPACE/examples + - name: Generate tf docs + run: | + go install github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs + cd $GITHUB_WORKSPACE + tfplugindocs generate --examples-dir $GITHUB_WORKSPACE/examples - name: Check for changes in generated Go docs and formatted Terraform files id: go-gen-check @@ -85,4 +85,4 @@ jobs: push_options: '--force' skip_dirty_check: false skip_fetch: true - skip_checkout: true \ No newline at end of file + skip_checkout: true From 9a4cd529ceb32959d7917cb6ebdfc464f51c8bb9 Mon Sep 17 00:00:00 2001 From: ShocOne <62835948+ShocOne@users.noreply.github.com> Date: Mon, 23 Dec 2024 11:21:38 +0000 Subject: [PATCH 7/8] =?UTF-8?q?feat:=20enhance=20security=20by=20adding=20?= =?UTF-8?q?Harden=20Runner=20to=20workflows=20and=20updat=E2=80=A6=20(#549?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit feat: enhance security by adding Harden Runner to workflows and update checkout action version --- .../workflows/api-privileges-maintenance.yml | 8 ++++++- .../workflows/app-installers-maintenance.yml | 8 ++++++- .github/workflows/code-check-and-tests.yaml | 12 +++++++++- .github/workflows/dependancy-review.yml | 2 +- .github/workflows/documentation.yml | 21 ----------------- .github/workflows/generate-docs.yml | 6 +++++ .github/workflows/gosec-scan.yml | 12 ++++++++-- .github/workflows/test.yml | 23 +++++++++++++++++-- .../workflows/user-account-maintenance.yml | 8 ++++++- 9 files changed, 70 insertions(+), 30 deletions(-) delete mode 100644 .github/workflows/documentation.yml diff --git a/.github/workflows/api-privileges-maintenance.yml b/.github/workflows/api-privileges-maintenance.yml index a96fad2d..f4976b0f 100644 --- a/.github/workflows/api-privileges-maintenance.yml +++ b/.github/workflows/api-privileges-maintenance.yml @@ -25,8 +25,14 @@ jobs: update-api-privileges: runs-on: ubuntu-latest steps: + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + - name: Checkout repository - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.2 - name: Set up Go uses: actions/setup-go@v5.0.2 diff --git a/.github/workflows/app-installers-maintenance.yml b/.github/workflows/app-installers-maintenance.yml index 52983612..66d6a5a7 100644 --- a/.github/workflows/app-installers-maintenance.yml +++ b/.github/workflows/app-installers-maintenance.yml @@ -15,8 +15,14 @@ jobs: update-app-catalog-app-installer-titles: runs-on: ubuntu-latest steps: + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + - name: Checkout repository - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.2 - name: Set up Go uses: actions/setup-go@v5.0.2 diff --git a/.github/workflows/code-check-and-tests.yaml b/.github/workflows/code-check-and-tests.yaml index cfc493ef..3698ae3a 100644 --- a/.github/workflows/code-check-and-tests.yaml +++ b/.github/workflows/code-check-and-tests.yaml @@ -23,11 +23,21 @@ jobs: runs-on: ubuntu-20.04 timeout-minutes: 10 steps: - - uses: actions/checkout@v4 + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + + - uses: actions/checkout@v4.2.2 + with: + fetch-depth: 0 + - uses: actions/setup-go@v5 with: go-version-file: 'go.mod' cache: true + - name: get dependencies run: | go mod tidy diff --git a/.github/workflows/dependancy-review.yml b/.github/workflows/dependancy-review.yml index 0a79edaa..569f10f6 100644 --- a/.github/workflows/dependancy-review.yml +++ b/.github/workflows/dependancy-review.yml @@ -16,7 +16,7 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml deleted file mode 100644 index 3ccfcd23..00000000 --- a/.github/workflows/documentation.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: Generate terraform docs -on: - - pull_request - -jobs: - docs: - runs-on: ubuntu-latest - steps: - - name: Checkout Source - uses: actions/checkout@v4.2.2 - - name: Render terraform docs and push changes back to PR - uses: terraform-docs/gh-actions@v1.3.0 - with: - working-dir: examples/ - git-push: "true" - output-format: markdown document - output-file: USAGE.md - output-method: replace - args: --sensitive=false --hide requirements --required=false - indention: 3 - config-file: .terraform-docs.yml diff --git a/.github/workflows/generate-docs.yml b/.github/workflows/generate-docs.yml index 8c496b63..8d5835cb 100644 --- a/.github/workflows/generate-docs.yml +++ b/.github/workflows/generate-docs.yml @@ -18,6 +18,12 @@ jobs: name: '📚 Generate Go and TF Provider Docs' runs-on: ubuntu-latest steps: + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + - uses: actions/checkout@v4.2.2 with: ref: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/gosec-scan.yml b/.github/workflows/gosec-scan.yml index 3ccbed82..ec1b9445 100644 --- a/.github/workflows/gosec-scan.yml +++ b/.github/workflows/gosec-scan.yml @@ -16,8 +16,16 @@ jobs: env: GO111MODULE: on steps: - - name: Checkout Source - uses: actions/checkout@v4.1.7 + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + + - uses: actions/checkout@v4.2.2 + with: + fetch-depth: 0 + - name: Run Gosec Security Scanner uses: securego/gosec@v2.21.4 with: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 97c6fd1c..898f0ec1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,16 @@ runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@v4 + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + + - uses: actions/checkout@v4.2.2 + with: + fetch-depth: 0 + - uses: actions/setup-go@v5 with: go-version-file: 'go.mod' @@ -36,11 +45,21 @@ generate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + + - uses: actions/checkout@v4.2.2 + with: + fetch-depth: 0 + - uses: actions/setup-go@v5 with: go-version-file: 'go.mod' cache: true + - run: go generate ./... - name: git diff run: | diff --git a/.github/workflows/user-account-maintenance.yml b/.github/workflows/user-account-maintenance.yml index 61d725b6..51b8de73 100644 --- a/.github/workflows/user-account-maintenance.yml +++ b/.github/workflows/user-account-maintenance.yml @@ -26,8 +26,14 @@ jobs: update-user-account-privileges: runs-on: ubuntu-latest steps: + + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + - name: Checkout repository - uses: actions/checkout@v4.1.7 + uses: actions/checkout@v4.2.2 - name: Set up Go uses: actions/setup-go@v5.0.2 From f0638b15a11f106ef66de7c31a22352876073964 Mon Sep 17 00:00:00 2001 From: ShocOne <62835948+ShocOne@users.noreply.github.com> Date: Mon, 23 Dec 2024 11:24:21 +0000 Subject: [PATCH 8/8] Fix: harden runners (#550) * feat: enhance security by adding Harden Runner to workflows and update checkout action version * feat: add Harden Runner to CodeQL workflow and update checkout action version --- .github/workflows/codeql.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 531b5dfa..1bda6960 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -39,8 +39,15 @@ jobs: # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support steps: + - name: Harden Runner + uses: step-security/harden-runner@v2.10.2 + with: + egress-policy: audit + - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 + with: + fetch-depth: 0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL