Skip to content
This repository has been archived by the owner on Jul 27, 2021. It is now read-only.

Puppet module to manage softwareupdate's list of ignored updates on macOS

License

Notifications You must be signed in to change notification settings

pbihq/puppet-module-ignore_update

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

puppet-module-ignore_update

⚠️ NOTE
On macOS 11 Big Sur, this module no longer works since Apple has removed the underlying 'softwareupdate' API call

This Puppet module allows you to manage ignored system software updates on macOS. It works as a wrapper for the built-in 'softwareupdate' binary.

How to use this module

Identifying software items to ignore

First, we need to find out the identifiers of the software we want to ignore:

softwareupdate --list

Sample output:

Software Update found the following new or updated software:
   * macOS Mojave 10.14.6 Supplemental Update 2-
  macOS Mojave 10.14.6 ergänzendes Update 2 ( ), 1223724K [recommended] [restart]
   * Safari13.0.2MojaveAuto-13.0.2
  Safari (13.0.2), 67268K [recommended]

The identifier for each item "is the first part of the item name (before the dash and version number)" (manpage for softwareupdate).

Hence, our resulting list of identifiers is:

  • macOS Mojave 10.14.6 Supplemental Update 2
  • Safari13.0.2MojaveAuto

Adding software items to Hiera

Now that we have identified the names of our items we want to ignore, we can add them to Hiera.

Ordinarily you would run the following command on a local machine to ignore the identified software updates:

softwareupdate --ignore \
  "macOS Mojave 10.14.6 Supplemental Update 2" \
  "Safari13.0.2MojaveAuto"

This is equivalent to the following YAML array in Hiera:

classes:
  - ignore_update

ignore_update::items:
  - macOS Mojave 10.14.6 Supplemental Update 2
  - Safari13.0.2MojaveAuto

Ignoring software upgrade for macOS Catalina

As of macOS 10.14.6 users are being prompted to install macOS Catalina directly via System Settings' Software Update pane. Add "macOS Catalina" to hide this prompt. Note: Starting with 'Security Update 2020-003' on macOS Mojave and macOS High Sierra as well as macOS Catalina 10.15.5, major new releases of macOS will no longer be hidden.

classes:
  - ignore_update

ignore_update::items:
  - macOS Catalina

Reset

To reset the list of ignored updates, remove the "ignore_update::items" key, remove its value or set it to an empty array

classes:
  - ignore_update

ignore_update::items: []

Miscellaneous

Tested with Puppet 5 on macOS 10.14.6 and macOS 10.15.4

For further information have a look at the manpage for "softwareupdate".

Thanks to Stephen and Robert Hamman for discovering how to to ignore macOS Catalina / macOS upgrades.

About

Puppet module to manage softwareupdate's list of ignored updates on macOS

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published