Help

Deploying Docker Desktop?

CarlosBrathwait
New Contributor

Posted on ‎12-23-2021 04:05 AM

We have a need to deploy Docker Desktop updates.

Our end users do NOT have local admin.

Once the updates are installed and the app is launched said user's are then prompted to input admin credentials for a Docker Helper Tool installation.

Is there a workaround for this either via installing the Helper Tool for Docker via JAMF or somehow approving the install etc?

https://19216811.cam/ https://1921681001.id/
0 Kudos
9 REPLIES 9

Chris
Valued Contributor

Posted on ‎12-23-2021 04:19 AM

You can run

 

/Applications/Docker.app/Contents/MacOS/Docker --install-privileged-components

 

 either via the "Execute Command" option in your install policy or via a separate script.

AVmcclint
Honored Contributor

Posted on ‎12-23-2021 04:40 AM

I can confirm that this works. I just encountered this myself recently.  I use the Execute Command option in "Files and Processes". If you feel compelled to use the separate script option, make sure to set the script to run "After".

mm2270
Legendary Contributor III

Posted on ‎12-23-2021 09:01 AM

Can confirm we do the same thing when deploying Docker and it works.

You might need to run it after each Docker application update as well.

0 Kudos

jimmy-swings
Contributor II

Posted on ‎12-27-2021 12:45 PM

Does anyone apply any policy enforcement of their Docker implementations? Do you limit which repos users can pull/push images to? Do you manage network interfaces?

0 Kudos

bmee
Contributor

Posted on ‎02-10-2022 08:46 AM

@Chris It works without requiring admin right but got and error below

Result of command:
LLVM Profile Error: Failed to write file "default.profraw": Read-only file system Privileged components installed

0 Kudos

AVmcclint
Honored Contributor
In response to bmee

Posted on ‎02-10-2022 08:51 AM

I get that too. I've looked into it and it appears to be a weird side effect. That "default.profraw" seems to be some unimportant file the tools they used to make Docker (and other apps) spits out and tries to put on the root of the hard drive. This error can safely be ignored.

bmee
Contributor
In response to AVmcclint

Posted on ‎02-10-2022 08:56 AM

I figure as much but thank you for the confirmation. :)

0 Kudos

bmee
Contributor

Posted on ‎02-10-2022 09:32 AM

also came across this one github "https://gist.github.com/SamStenton/716fb44fae9d59b320a4b92108af0beb"

having issue downloading it to the "download" so change it to /private/tmp/ location. tested and works great.

#!/bin/bash

if [[ `uname -m` == 'arm64' ]]; then
    # Apple Silicon
    echo 'Downloading Apple Silcon release'
    curl -o /private/tmp/Docker.dmg https://desktop.docker.com/mac/main/arm64/Docker.dmg
else
    # Intel 
    echo 'Downloading Apple Intel release'
    curl -o /private/tmp/Docker.dmg https://desktop.docker.com/mac/main/amd64/Docker.dmg
    # curl -o ~/Downloads/Docker.dmg https://desktop.docker.com/mac/main/amd64/72729/Docker.dmg #old version to test updating
fi


# Mount image 
hdiutil attach /private/tmp/Docker.dmg

# Copy to Applcation folder
rm -rf /Applications/Docker.app # For updates remove the old app
cp -R /Volumes/Docker/Docker.app /Applications

# Install docker privilaged components
/Applications/Docker.app/Contents/MacOS/Docker --unattended --install-privileged-components


# Accept license (doesn't seem to be working)
open -a /Applications/Docker.app --args --unattended --accept-license

# Clean up.
echo 'Cleaning up'
hdiutil unmount /Volumes/Docker/Docker.app 
rm /private/tmp/Docker.dmg
0 Kudos

tsylwest
Contributor

Posted on ‎02-11-2022 04:01 AM

So on the flip side, do any of you have a workflow to *remove* Docker? Thanks to their recent license change, we have to remove it from the whole of our fleet!

We kinda of hacked a simple "remove" script together, but finding that people are smart, and just installing it to folders other than /Applications, which screws up our simple script.

Any tips would be greatly appreciated.

0 Kudos