Updating MacOS Using Salt
For sometime now I have been maintaining Gnu/Linux machines using Saltstack, however I continued to apply updates to our Apple computers manually. Having finally grown tired of this tedious and time consuming manual task I decided to figure out how to update using Salt.
sudo salt -N all-no-a pkg.upgrade is a common command I use to target all my Linux machines and apply all available updates. When I target MacOS machines with a similar command they apply updates available for software installed by the Homebrew Package Manager, which is fine, however I want to apply OS and other updates supplied by Apple as well.
I discovered that using the softwareupdate command will allow me to do this. While this is a command with many options as can be seen below, the options I need to accomplish what I want, are –install, –all and –restart.
$ softwareupdate --help
usage: softwareupdate <cmd> [<args> ...]
** Manage Updates:
-l | --list List all appropriate update labels (options: --no-scan, --product-types)
-d | --download Download Only
-e | --cancel-download Cancel a download
-i | --install Install
<label> ... specific updates
-a | --all All appropriate updates
-R | --restart Automatically restart (or shut down) if required to complete installation.
-r | --recommended Only recommended updates
--background Trigger a background scan and update operation
--ignore <label> ... Ignore specific updates
--reset-ignored Clear all ignored updates
** Other Tools:
--dump-state Log the internal state of the SU daemon to /var/log/install.log
--evaluate-products Evaluate a list of product keys specified by the --products option
--history Show the install history. By default, only displays updates installed by softwareupdate.
--all Include all processes in history (including App installs)
** Options:
--no-scan Do not scan when listing or installing updates (use available updates previously scanned)
--product-types <type> Limit a scan to a particular product type only - ignoring all others
Ex: --product-types macOS || --product-types macOS,Safari
--products A comma-separated (no spaces) list of product keys to operate on.
--force Force an operation to complete. Use with --background to trigger a background scan regardless of "Automatically check" pref
--verbose Enable verbose output
--help Print this helpOne Liner
sudo salt -N apple cmd.run 'softwareupdate --install --all --restart' 2>/dev/null
State
State File
{% if grains['os'] == 'MacOS' %}
update:
cmd.run:
- name: 'softwareupdate --install --all --restart'
{% endif %}Apply state
Chrls is currently a technology transformation leader at one of the oldest American investment banking services holding companies, headquartered in New York City. Previous roles at current employer include project manager, front office support, retail and enterprise global Windows server support. Currently residing in Tennessee on the Cumberland Plateau and enjoying life, family and open source.
Mastodon Diaspora Funkwhale Pixelfed