Closed verdx closed 3 weeks ago
(26/07/2024) Researching munkipkg documentation, investigating changes impact and requirements. Set up and environment for development purposes. (29/07/2024) Testing munkipkg capabilities. I have found some problems regarding our package format and munkipkg capabilities to package it. It needs additional research and it's being done. (30/07/2024) Successfully created an installable and functional package using munkipkg. The testing package has not been signed or notarized, so this part of the procedure is still pending to be tested, but as mentioned, the created package is functional, simplifies the SPECS file, and maintains the permission level in the packaged files as it has been done until now. (30/07/2024) Created development brach working on tool changes adapting script and SPEC files. (05/08/2024) Added some modifications related to signature and notarization to successfully build a package using workflows. Opened PR: https://github.com/wazuh/wazuh-agent-packages/pull/69 to test and implement a change in the workflow. (06/08/2024) Added some minor fixes related to package name and version. (07/08/2024) Opened wazuh/wazuh PR with the final proposed solution.
Problems with
packagesbuild
To build the macOS Agent Packages, the tool
packagesbuilder
, from packagePackages.dmg
, which we download from website http://s.sudre.free.fr/. There is not much information on the website, only one tutorial, which doesn't mention the tools we use, only the graphical ones the package provides. There isn't a reference to the source code in the web, although there are some repositories in GitHub which could be related, although no mention of versions or how is it related to the downloadable package:There is also no manual for the tool inside the man pages, only the help message:
Summary:
Proposed solution
During the investigation for issue #1917 an alternative was found, https://github.com/munki/munki-pkg. The idea of the tool is the same, it creates packages for macOS, as well as their own managed software installation. It has a web with a well-structured tutorial of usage, a GitHub repository with the source code and even more documentation, and it is also mentioned in 3rd party tutorials and articles: