Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for Apple Installer Packages for CUA installations #109

Open
wegotoeleven opened this issue Nov 10, 2022 · 8 comments
Open

Support for Apple Installer Packages for CUA installations #109

wegotoeleven opened this issue Nov 10, 2022 · 8 comments

Comments

@wegotoeleven
Copy link

Hey! 👋

I would like to request that an Apple installer package is made available and included in releases. This would bring the following benefits:

  1. A package makes it easier to deploy en masse, and would make it a more standard method used by MacAdmins for testing and distribution.
  2. Utilising a script to pull down a package to be installed on the Mac is inherently insecure, especially if the process that's executing the script is running as root. Having a package that installs the application (that is signed and notarised, see point 3) gives piece of mind that the package is genuine.
  3. Additionally, it would be prudent to notarise/sign the package and code too, so it passes Apple's Gatekeeper checks, as per the following:
@Lotusshaney
Copy link

+1 for this please

@wkrause13
Copy link
Collaborator

@wegotoeleven this is actually great timing. Work to add brew support was done earlier this week. The team is working through a few final issues found in QA for this, but it should be available very soon.

@wegotoeleven
Copy link
Author

Thanks, that's good to know about Brew. Will this mean that you are working on a .pkg installer to distribute the binary to devices that aren't using Homebrew?

@bp88
Copy link

bp88 commented Nov 10, 2022

Would also add my vote for getting a standard .pkg installer as well. While brew might be in use at some organizations, it's not the standard package method that is used on macOS. A .pkg has been and continues to be a standard way to deploy/install software on macOS. To make a comparison, this would be the equivalent of using an .msi installer on Windows.

Would it help to provide some resources on how to build .pkg installers on macOS?

@wkrause13
Copy link
Collaborator

Thanks @bp88, there isn't work actively planned to create a pkg for the agent, though providing a .dmg may be doable in the near term since it is a supported output of the build tooling. I'd appreciate if you could share some resources on pkg creation so we can scope what adding support might look like.

@wegotoeleven
Copy link
Author

wegotoeleven commented Nov 11, 2022

Hey @wkrause13, thanks for the updates. The following documentation from Apple is a good place to start RE packaging:

Happy to help out where possible, and if needed.

@wkrause13
Copy link
Collaborator

Thanks @wegotoeleven , we're going through the process of generating signed builds now. I'll keep this issue open as a way to communicate progress on that.

For now, brew is available to install the agent:

brew tap circonus-labs/homebrew-circonus-unified-agent
brew update
brew install circonus-unified-agent

Then edit /opt/homebrew/etc/circonus-unified-agent/circonus-unified-agent.conf to include your api token. Then run
brew services restart circonus-labs/circonus-unified-agent/circonus-unified-agent

You can also edit /opt/homebrew/Cellar/circonus-unified-agent/<version>/homebrew.mxcl.circonus-unified-agent.plist to include the key as an environement variable such as CIRCONUS_API_TOKEN and then reference it in the conf file as "${CIRCONUS_API_TOKEN}" if it makes version controlling the conf file easier.

@wegotoeleven
Copy link
Author

@wkrause13 Great news on the signature and developer ID! Just checked this on 0.2.5 and it's looking good. Any news on the package? Did you receive my example pkg file?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants