Skip to content
This repository has been archived by the owner on Jul 27, 2021. It is now read-only.

pbihq/puppet-module-ignore_update

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

data

data

 
 

lib/facter

lib/facter

 
 

manifests

manifests

 
 

spec

spec

 
 

.gitignore

.gitignore

 
 

Gemfile

Gemfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Rakefile

Rakefile

 
 

hiera.yaml

hiera.yaml

 
 

Repository files navigation

puppet-module-ignore_update

⚠️ NOTE
On macOS 11 Big Sur, this module no longer works since Apple has removed the underlying 'softwareupdate' API call

This Puppet module allows you to manage ignored system software updates on macOS. It works as a wrapper for the built-in 'softwareupdate' binary.

How to use this module

Identifying software items to ignore

First, we need to find out the identifiers of the software we want to ignore:

softwareupdate --list

Sample output:

Software Update found the following new or updated software:
   * macOS Mojave 10.14.6 Supplemental Update 2-
  macOS Mojave 10.14.6 ergänzendes Update 2 ( ), 1223724K [recommended] [restart]
   * Safari13.0.2MojaveAuto-13.0.2
  Safari (13.0.2), 67268K [recommended]

The identifier for each item "is the first part of the item name (before the dash and version number)" (manpage for softwareupdate).

Hence, our resulting list of identifiers is:

  • macOS Mojave 10.14.6 Supplemental Update 2
  • Safari13.0.2MojaveAuto

Adding software items to Hiera

Now that we have identified the names of our items we want to ignore, we can add them to Hiera.

Ordinarily you would run the following command on a local machine to ignore the identified software updates:

softwareupdate --ignore \
  "macOS Mojave 10.14.6 Supplemental Update 2" \
  "Safari13.0.2MojaveAuto"

This is equivalent to the following YAML array in Hiera:

classes:
  - ignore_update

ignore_update::items:
  - macOS Mojave 10.14.6 Supplemental Update 2
  - Safari13.0.2MojaveAuto

Ignoring software upgrade for macOS Catalina

As of macOS 10.14.6 users are being prompted to install macOS Catalina directly via System Settings' Software Update pane. Add "macOS Catalina" to hide this prompt. Note: Starting with 'Security Update 2020-003' on macOS Mojave and macOS High Sierra as well as macOS Catalina 10.15.5, major new releases of macOS will no longer be hidden.

classes:
  - ignore_update

ignore_update::items:
  - macOS Catalina

Reset

To reset the list of ignored updates, remove the "ignore_update::items" key, remove its value or set it to an empty array

classes:
  - ignore_update

ignore_update::items: []

Miscellaneous

Tested with Puppet 5 on macOS 10.14.6 and macOS 10.15.4

For further information have a look at the manpage for "softwareupdate".

Thanks to Stephen and Robert Hamman for discovering how to to ignore macOS Catalina / macOS upgrades.

About

Puppet module to manage softwareupdate's list of ignored updates on macOS

Topics

macos puppet puppet-module

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages