Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jamf JSON Schema #106

Closed
erikng opened this issue Feb 16, 2021 · 31 comments
Closed

jamf JSON Schema #106

erikng opened this issue Feb 16, 2021 · 31 comments
Labels
broken-by-vendor Nudge is not at fault for the issue.

Comments

@erikng
Copy link
Member

erikng commented Feb 16, 2021

Can we have a JSON Schema that we can add to Jamf to build a mobileconfig Profile so all config can be done directly in Jamf, that would be ideal for those who don want to edit the local or remote JSON.

https://docs.jamf.com/technical-papers/jamf-pro/json-schema/10.26.0/Understanding_the_Structure_of_a_JSON_Schema_Manifest.html

https://www.jamf.com/jamf-nation/discussions/34839/custom-schemas-for-application-configuration-profiles
@fridomac
Copy link

I am working on a Jamf JSON Schema, will do a PR when I am finished (will be a couple of days)

@fridomac
Copy link

Ok, hit a roadblock:
Apparently, custom Schema can not include "date" as a field in the Config Profile.
I cannot find any documentation at Jamf that says otherwise, if anybody knows more about that, let me know!

@erikng
Copy link
Member Author

erikng commented Feb 18, 2021

Oh that's an interesting problem to have. JSON doesn't support date fields, so if you look at the json it's a string. The underlying Swift code converts it to a date.

However the MDM config is a date since plists do support dates.

That reminds me. I should document this in the wiki.

@talkingmoose
Copy link

Glad to see someone working on a Jamf manifest for this! The project Jamf has incorporated to add this functionality to Jamf Pro is this one, I believe.

https://github.com/json-editor/json-editor

And that endeavors to follow the JSON Schema spec as much as possible. As @erikng mentioned, JSON itself doesn't support a date/time datatype. The general consensus is to store those values as strings.

https://json-schema.org/specification.html

@fridomac
Copy link

Will try it out and report back!

@erikng
Copy link
Member Author

erikng commented Feb 18, 2021
edited

Strings do not work as currently coded. I played around with this and came up with: 0781b54 however I will be very honest here in that I'm torn.

Nudge supports JSON format to manage it and it is already being coerced into a Date format, but this is a built-in feature of Swift

let decoder = JSONDecoder()
decoder.dateDecodingStrategy = .iso8601

The format we should expect for a plist(mobileconfig) should be a <date>. The jamf team should fix this, but I'm sure it will be a while. Given that this is a "good to have" and not a requirement for managing Nudge with jamf, and that no other MDMs would have this issue, I think we should keep this issue/branch open.

If more jamf users want support for this, then we can discuss it.

@erikng erikng added wontfix This will not be worked on broken-by-vendor Nudge is not at fault for the issue. labels Feb 18, 2021
@erikng erikng closed this as completed Feb 19, 2021
@erikng erikng mentioned this issue Feb 19, 2021
Closed
@erikng erikng removed the wontfix This will not be worked on label Mar 10, 2021
@erikng erikng reopened this Mar 10, 2021
@erikng
Copy link
Member Author

erikng commented Mar 10, 2021

I've decided to merge #144.

I would love @talkingmoose to help spearhead how to support the entire MDM spec within jamf's JSON schema, but I think the only way I can potentially get movement on that is to help make it easier for jamf admins to use my tool.

@erikng erikng mentioned this issue Mar 10, 2021
Merged
@erikng
Copy link
Member Author

erikng commented Mar 10, 2021

@fridomac or anyone else, please work on the JSON Schema.

requiredInstallationDate will need to be a string in the schema and not a date

@fridomac
Copy link

Ok, will take it up again...

@erikng
Copy link
Member Author

erikng commented Mar 10, 2021

https://github.com/macadmins/nudge/wiki/osVersionRequirements#requiredinstallationdate---type-string-for-json-or-date-for-profile-default-value--required-yes is now updated to reflect this change

@erikng erikng mentioned this issue Mar 10, 2021
Closed
@fjprz
Copy link

fjprz commented Mar 10, 2021

@fridomac or whomever; I started this but it may need some tweaking...
https://github.com/fjprz/nudge-jamf-json-schema/blob/main/nudge-jamf-schema.json

@fridomac
Copy link

@fjprz Thank you! I sent you a first pull request, am trying to structure it a little more (with headers for "OS Version Requirements" and "User Experience" and "User Interface".
But maybe I am thinking too complicated and the easier approach would be to just put everything in one hierarchy.
(it is my first Jamf Schema, so be patient with me :-)

@fridomac
Copy link

fridomac commented Mar 11, 2021
edited

I tried the profile that is generated by Jamf, but Nudge does not seem to pick up the Configuration.
Guess I am being a bit stupid today, maybe someone can see what is wrong?
https://github.com/fridomac/nudge-jamf-json-schema/blob/main/nudge-jamf-schema.json generated Profile is at https://github.com/fridomac/nudge-jamf-json-schema/blob/main/Nudge%20Preferences-Unsigned.mobileconfig

@talkingmoose
Copy link

I've decided to merge #144.

I would love @talkingmoose to help spearhead how to support the entire MDM spec within jamf's JSON schema, but I think the only way I can potentially get movement on that is to help make it easier for jamf admins to use my tool.

So, JSON Schema is unlikely to support a date type, which limits what Jamf can do with it.

However, would an effective workaround be something like this?

If an ISO 8601 compliant date/time string is detected, then replace <string></string> tags with <date></date> tags in the resulting plist used to generate the configuration profile.

It might be beneficial to add Nudge to the Jamf Marketplace where it can get additional exposure and generate more awareness of it at Jamf. There's a specific section for "Configuration" where I think it may fit best.

@erikng
Copy link
Member Author

erikng commented Mar 11, 2021

https://github.com/fridomac/nudge-jamf-json-schema/blob/main/Nudge%20Preferences-Unsigned.mobileconfig

@fridomac https://github.com/fridomac/nudge-jamf-json-schema/blob/main/Nudge%20Preferences-Unsigned.mobileconfig#L48-L53 these lines should be under the optionalFeatures key and https://github.com/fridomac/nudge-jamf-json-schema/blob/main/Nudge%20Preferences-Unsigned.mobileconfig#L54-L70 should be under the osVersionRequirements key. It also looks like there's a few more preferences missing, but that may be that you didn't generate those keys in your test.

@erikng
Copy link
Member Author

erikng commented Mar 11, 2021

I've decided to merge #144.
I would love @talkingmoose to help spearhead how to support the entire MDM spec within jamf's JSON schema, but I think the only way I can potentially get movement on that is to help make it easier for jamf admins to use my tool.

So, JSON Schema is unlikely to support a date type, which limits what Jamf can do with it.

However, would an effective workaround be something like this?

If an ISO 8601 compliant date/time string is detected, then replace <string></string> tags with <date></date> tags in the resulting plist used to generate the configuration profile.

It might be beneficial to add Nudge to the Jamf Marketplace where it can get additional exposure and generate more awareness of it at Jamf. There's a specific section for "Configuration" where I think it may fit best.

I like the idea around ISO compliant strings as I believe that's exactly what apple does with JSON strings within Swift. I'll try and work on getting into Jamf Marketplace.

@fridomac
Copy link

@fridomac https://github.com/fridomac/nudge-jamf-json-schema/blob/main/Nudge%20Preferences-Unsigned.mobileconfig#L48-L53 these lines should be under the optionalFeatures key and https://github.com/fridomac/nudge-jamf-json-schema/blob/main/Nudge%20Preferences-Unsigned.mobileconfig#L54-L70 should be under the osVersionRequirements key. It also looks like there's a few more preferences missing, but that may be that you didn't generate those keys in your test.

Yes, there are not all keys there yet. I reworked the Schema to put the preferences in the right keys, and updated the Repo.
Is there a possibility to see every key that Nudge is pulling from the Profile? (already tried Console.app with DEBUG and INFO), which results in the following:
Bildschirmfoto 2021-03-12 um 13 47 50

I suspect that Nudge does not like it when the keys are wrapped into an before the , therefore it thinks the "optionalFeatures" and "userInterface" keys are empty.

Will do more testing around this and report back, have a nice weekend!

@erikng
Copy link
Member Author

erikng commented Mar 12, 2021

There is not a way to see every key in debug or info mode but it does say in that screenshot that keys are empty so that's a key indicator that profile is not configured correctly.

It's interesting that the resulting profile is MCX Forced. That's actually the old style of profiles. The style of profile I create is essentially the same and backwards compatible. That might be a great enhancement for Jamf to resolve but for now makes it incredibly hard for you to compare my profile to yours. :/

@fridomac
Copy link

Ok, thank you Erik. I noticed that the profiles generated by the JSON Schema are always "MCX Forced". (always reminds me of Profile Manager and the "golden Triangle" with AD and OD).
Will do some more testing and try to compare it as good as I can. The upper part of the Profile with "osVersionRequirements" seems to work.
Bye, Fridolin.

@talkingmoose
Copy link

I've decided to merge #144.
I would love @talkingmoose to help spearhead how to support the entire MDM spec within jamf's JSON schema, but I think the only way I can potentially get movement on that is to help make it easier for jamf admins to use my tool.

So, JSON Schema is unlikely to support a date type, which limits what Jamf can do with it.
However, would an effective workaround be something like this?
If an ISO 8601 compliant date/time string is detected, then replace <string></string> tags with <date></date> tags in the resulting plist used to generate the configuration profile.
It might be beneficial to add Nudge to the Jamf Marketplace where it can get additional exposure and generate more awareness of it at Jamf. There's a specific section for "Configuration" where I think it may fit best.

I like the idea around ISO compliant strings as I believe that's exactly what apple does with JSON strings within Swift. I'll try and work on getting into Jamf Marketplace.

Following up on this.

While JSON Schema doesn't support the "date" datatype, it does support a "date" format option that can be added to a property. Its intended use is to validate an ISO 8601 compliant "string" datatype. In the JSON Schema, it would look something like this:

"dateInstalled": {
   "title": "Date Installed",
   "description": "Date Installed.",
   "default": "2018-11-13",
   "format": "date",
   "property_order": 14,
   "type": "string"
},

I've proposed a change internally at Jamf that if this "format": "date" option appears, we convert <string></string> tags to <date></date> tags for the resulting plist and profile. I think that would satisfy everyone's requirements without making implementation very difficult. (I'm not a developer, though, and will never say, "It should be quick and easy to do.")

Development decisions for implementing a new feature or change to an existing feature aren't always made on the basis of completeness or "that's a good idea". (Time, money, quality: pick any two.) I don't currently see a feature request on Jamf Nation for anything like this. Someone from the community should create one and then recruit others to vote it up. Feel free to use the suggestion I've proposed here, if you think it's the best way to implement the feature.

@erikng
Copy link
Member Author

erikng commented Mar 13, 2021

Jamf users on this thread. Please do what @talkingmoose is suggesting. I think his idea is great.

@fridomac
Copy link

I created a Feature Request on Jamf Nation for this:
https://www.jamf.com/jamf-nation/feature-requests/10232/suppport-date-key-in-jamf-custom-json-schema

Please vote it up, if you care about this!

@fridomac
Copy link

(crossposted from Slack #nudge):
I did some more work on the Schema, but no key apart from "osVersionRequirements" is honoured.
My current guess is that “osVersionRequirements” is an array and is working, because it is also an array in the examples. The Jamf JSON Schema implementation wraps everything in an array if you do a Key with Sub-Keys. Nudge expects the other Keys with just a after that, which the Schema does not deliver, therefore it sees them as empty.
Did some more testing, if I remove the enclosing <array> Tags, it is working.
@talkingmoose Is there a possibility to make JAMF Pro leave out these tags?

@erikng
Copy link
Member Author

erikng commented Mar 23, 2021
edited

@fridomac @fjprz I have created my own initial version of the jamf json schema for Nudge. Before I go into setting defaults and adding more items, I'd like someone else to check it. It looks good on my end.

https://github.com/macadmins/nudge/blob/development/Schema/jamf/com.github.macadmins.Nudge.json

@fridomac
Copy link

fridomac commented Mar 23, 2021 via email

@fjprz
Copy link

fjprz commented Mar 23, 2021

Looks good so far; the osVersionRequirements are coming up empty at the moment, but I assume that's because you are still adding stuff.

@erikng
Copy link
Member Author

erikng commented Mar 23, 2021

Try now. :)

@erikng
Copy link
Member Author

erikng commented Mar 23, 2021

Confirmed with a few users that it's working as expected and I'm also happy with it looking at my jamf instance. If any other have issues come up, please file a new github ticket.

@erikng erikng closed this as completed Mar 23, 2021
@dan-snelson
Copy link
Contributor

@erikng Does your latest update workaround @fridomac's Jamf Feature Request Suppport "Date" Key in Jamf Custom JSON Schema ?

@erikng
Copy link
Member Author

erikng commented Mar 23, 2021

Indeed it does, but as soon as Jamf works on that, I'm reverting that code.

@fridomac
Copy link

Thank you @erikng, works here, too. Now I just have to find out what I did wrong in my Version!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
broken-by-vendor Nudge is not at fault for the issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@talkingmoose @fjprz @erikng @fridomac @dan-snelson