-
-
Notifications
You must be signed in to change notification settings - Fork 33
Backup
Tobias Almén edited this page Oct 9, 2023
·
17 revisions
List of available arguments that can be passed when running IntuneCD-startbackup
.
Argument | Description |
---|---|
-o, --output | The format backups will be saved as, valid options are json or yaml . Default is json |
-p, --path | The path to which the configurations will be saved |
-m, --mode | The mode in which the script is run, 0 = devtoprod (backup from dev -> update to prod) uses os.environ DEV_TENANT_NAME, DEV_CLIENT_ID, DEV_CLIENT_SECRET 1 = standalone (backup from prod) uses os.environ TENANT_NAME, CLIENT_ID,CLIENT_SECRET
|
-a, --localauth | When this parameter is set, provide a path to a local dict file containing the following keys: params:TENANT_NAME, CLIENT_ID, CLIENT_SECRET when run in standalone mode andparams:DEV_TENANT_NAME, DEV_CLIENT_ID, DEV_CLIENT_SECRET when run in devtoprod
|
-c, --certauth | When using certificate auth, the following ENV variables is required:
|
-i, --interactive | When using interactive auth, the following ENV variables is required:
|
-e, --exclude | List of objects to exclude from the backup, separated by space. Available options are:
|
-f, --frontend | DEPRECATED |
--intunecdmonitor | When this parameter is set, the script is run in the IntuneCDMonitor context |
--prefix | When set, only backs up configurations whose name starts with the configured prefix |
-ap, --autopilot | If set to True, a record of autopilot devices will be saved |
--append-id | When set, the id of the configuration will be appended to the name of the exported file |
When a backup is performed, the configurations will be saved using the following folder structure in the path specified in -p
:
- Root
- App Configuration
- App Protection
- Apple Push Notification
- Apple VPP Tokens
- Applications
- Android
- iOS
- macOS
- Windows
- Compliance Policies
- Message Templates
- Policies
- Conditional Access'
- Custom Attributes
- Device Categories
- Device Configurations
- mobileconfig
- Enrollment Configurations
- Enrollment Profiles
- Apple
- Windows
- Filters
- Group Policy Configurations
- Managed Google Play
- Management Intents
- Intent Type
- Proactive Remediations
- Script Data
- Scripts
- Powershell
- Script Data
Shell
- Script Data
- Settings Catalog
In the example below, since it is run from the terminal interactively, the -i
argument is used for interactive authentication. Additionally, the backup's output will be in YAML format instead of JSON as specified in -o
.
IntuneCD-startbackup -i -p /tmp/IntuneBackup -o yaml
In the example pipeline below, the backup is running with the parameters -m 1
(standalone mode) and -o yaml
(output configurations in yaml format). If you are running this in DEV -> PROD mode, remove -m and add DEV_ in front of all env: variables except for REPO_DIR. CLIENT_SECRET should be added as a secret variable.
env:
REPO_DIR: $(REPO_DIR)
DEV_TENANT_NAME: $(TENANT_NAME)
DEV_CLIENT_ID: $(CLIENT_ID)
DEV_CLIENT_SECRET: $(CLIENT_SECRET)
pool:
vmImage: ubuntu-latest
variables:
REPO_DIR: $(Build.SourcesDirectory)
TENANT_NAME: example.onmicrosoft.com
CLIENT_ID: xxxxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxxxx
steps:
- checkout: self
persistCredentials: true
- script: pip3 install IntuneCD
displayName: Install IntuneCD
- script: |
git config --global user.name "devopspipeline"
git config --global user.email "devopspipeline@azuredevops.local"
displayName: Configure Git
- script: IntuneCD-startbackup -m 1 -o yaml
env:
REPO_DIR: $(REPO_DIR)
TENANT_NAME: $(TENANT_NAME)
CLIENT_ID: $(CLIENT_ID)
CLIENT_SECRET: $(CLIENT_SECRET)
displayName: Run IntuneCD backup
- script: |
export branch_name=configs-`date +'%Y-%m-%d-%H-%M'`
cd $(REPO_DIR)
git checkout -b $branch_name
git add --all
git commit -m "Updated configurations"
git push --set-upstream origin $branch_name
displayName: Commit changes