macOS upgrade 10.15: Checksum Not Valid

@Musicmaker When an installer .pkg is uploaded to your DP, Jamf calculates a checksum for it to verify it after downloading. It sounds like this is what's failing, not the macOSUpgrade script's check if the macOS installer checksum.

Agreed Use Jamf Admin and locate the uploaded PKG. Right click it and click calculate checksum

@sdagley and @Cayde-6 thanks for your replies.
I've clicked 'calculate checksum' in Jamf admin but still no luck. It gives me the same error "macOS Installer Downloaded 3 Times - Checksum is Not Valid".

It downloads the installer and then you see this:
Verifying package integrity...
Installing Install macOS Catalina 10.15.5.pkg...
Successfully installed Install macOS Catalina 10.15.5.pkg.
Submitting log to https://xxxxx.jamfcloud.com:443/
Downloading macOS Installer...
And again downloading....3 times.
When I have a look in /Applications the macOS installer is actually there.

Actuallly, the error is exact the error which is in the script, so it looks like the script gives me the error. Not Jamf.
Could this happen because I'm using Jamfcloud instead of an on-premise DP?

hmm interesting.

verifyChecksum() {
    if [ -n "$installESDChecksum" ]; then
        osChecksum=$( /sbin/md5 -q "$OSInstaller/Contents/SharedSupport/InstallESD.dmg" )
        if [ "$osChecksum" = "$installESDChecksum" ]; then
            /bin/echo "Checksum: Valid"
            validChecksum=1
            return
        else
            /bin/echo "Checksum: Not Valid"
            /bin/rm -rf "$OSInstaller"
            jamf recon
        fi
    else
        ## Checksum not specified as script argument, assume true
        validChecksum=1
        return
    fi
}

Based on the above I would suggest making validChecksum=1

@Musicmaker Are you sure the checksum field is blank? Having anything, including a space, in that field will trigger a checksum verification

@Cayde-6 As a test I've alreayd made this value '1'. So my last test running this script was by setting validChecksum=1 .

And @sdagley I'm 100% sure that this field is empty. Checked this more than once ;-).

@Musicmaker If you comment out the call to verifyChecksum and add validChecksum=1 below that commented out call does the installer actually work?

@sdagley Hmm, that needs some more research of wat to comment out. If I comment out 'verifyChecksum" this is the result:

Script result: /Library/Application Support/JAMF/tmp/OS - Catalina 10.15 install & download: line 300: return: can only `return' from a function or sourced script
/Library/Application Support/JAMF/tmp/OS - Catalina 10.15 install & download: line 303: syntax error near unexpected token `}'
/Library/Application Support/JAMF/tmp/OS - Catalina 10.15 install & download: line 303: `}'

After that I commented out the whole part of 'verifychecksum' (all lines) which resulted in '303: syntax error ... unexpected token'

So I think I need to find out what can be commented out and what not.

@Musicmaker When did you download the macOSUpgrade script? Looking at the latest version, you need to comment out line 363, and add the validChecksum=1 below it. To illustrate:

Original version

        if [ "$currentInstallerVersion" = "$installerVersion" ] || [[ ! -e "$OSInstaller/Contents/SharedSupport/InstallInfo.plist" ]]; then
            /bin/echo "Installer found, version matches. Verifying checksum..."
            verifyChecksum
        else
            ## Delete old version.

Modified version

        if [ "$currentInstallerVersion" = "$installerVersion" ] || [[ ! -e "$OSInstaller/Contents/SharedSupport/InstallInfo.plist" ]]; then
            /bin/echo "Installer found, version matches. Verifying checksum..."
            # verifyChecksum
            validChecksum=1
        else
            ## Delete old version.

@sdagley I downloaded this script about 1 / 1,5 week before I started this thread. For now I have a new challenge. Due to the Covid-19 I'm at home and have only one test-macBook. After testing 10.15 I bring it back to 10.12, because I have users with 10.12. So I want to test it from the lowest macOS version in production.
But after done this 4, 5 times successfully I have a problem on this macBook with SelfService. I can't install anything. It's stucked on 'Executing'. When I deploy a push application it does work. Already completely re-installed macOS 10.12 but it doesn't work....
So first I have to fix this before testing again with the 'valid checksum'.

@Musicmaker I've run into a couple of instances where the macOSUpgrade script reports the invalid checksum error. It appears to happen when the script thinks the installer download has completed when it actually hasn't. I have not figured out what triggers that sequence of events yet however.

Also posted this question on Github and someone replied with this:

You can fix this by changing if [ -n "$installESDChecksum" ]; then to if [ "$installESDChecksum" != "0" ]; then and replace the empty value with 0 or to an actual hash if you want to use the feature.

After changing this the upgrade scripts works. It doesn't get stucked on Check is not valid. But what happens now is that the installer will be downloaded twice!
After the first time downloading it says this in de policy logs:

Installer found, version matches. Verifying checksum... Checksum: Not Valid Beginning new download of installer Downloading macOS Installer...

After the second time downloading the OS installer will start. So eventually the machine will be upgraded but the installer will download 2 times. That is not a huge problem, but nowadays where employees are mostly working in home-places, sometimes with slow connections, this is could be an issue.