Auto deploy scripts upon enrollment into Fleet.

[willmayhone88]

Problem

When a new device is enrolled with MDM into Fleet, there is no automatic process to run scripts after enrollment. This prevents the ability to easily run new device setup workflows such as DEPNotify or Setup Your Mac. Outside of a bootstrap package, there is a need to have scripts run once a device is enrolled. Currently if a device is enrolled, the scripts in the scripts library do not run unless some other action is completed such as an api workflow, or on a per host basis in the Fleet UI.

Potential solutions

1. Add a potential trigger for scripts or checkbox, to allow those scripts to run upon enrollment completion.

[noahtalerman]

@willmayhone88 thanks for tracking this! Bringing to feature fest.

@dherder are there any other customers / prospects looking to run scripts at enrollment time for macOS?

[dherder]

@noahtalerman, yes, we see this quite often and it would definitely help the IT admin. originally tracked in https://github.com/fleetdm/fleet/issues/15530

[noahtalerman]

originally tracked in https://github.com/fleetdm/fleet/issues/15530

@dherder I could be wrong but I think #15530 is a related but separate user story.

15530 is about configuring scripts to run at some interval (ex. daily).

This issue (#17592) is about configuring scripts to run once at enrollment time.

[noahtalerman]

Hey @willmayhone88, heads up, we discussed this request at feature fest.

We decided not to draft this one in the upcoming design sprint (4.49).

Removing from feature fest board.

[willmayhone88]

Retitled this as it could be useful not just for macOS/Windows enrollment, but any enrollment into fleet.

[glacieryc]

Our company would also benefit from such functionality. For remote employees we use custom ubuntu with preinstalled fleet inside an iso file. Also in this iso file we have software and different kind of pdf instructions which can be changed. To change these pdf files or to install a new version of the software we have to go through the iso file from time to time. In our case, the moment of adding a host to the fleet means that we have a new remote employee who turned on his work laptop for the first time and connected to the internet. It would be very convenient for us, the moment a host is added to the fleet, to run scripts to install the necessary software and download pdf files to the employee's desktop.