I've scoured through the 'Nation and not really found anyone discussing this. What with device based app installation from the App Store, and our issues with a VERY large (maybe close to 20GB package) for Xcode, we're trying to transition to the VPP/MAS delivery. Has anyone successfully done this and delivered SDKs/Simulators to workstations programmatically? Am I still going to end up packaging those up and deploying them manually? I've search and searched and not found a clean/easy way to do this.
And really, most of my headache revolves around not allowing our devs local admin rights, so when they need a new/updated simulator, they have to open a ticket, get someone to remote in, provide credentials, etc.
I've run the usual
/usr/sbin/DevToolsSecurity -enable /usr/bin/dscl . append /Groups/_developer GroupMembership $username
And the request is still for admin-level rights.
Thoughts? Am I not seeing the forest because of the trees?
We install via self service, but maybe our workflow would help you.
We take the .app and create a package of it by dragging into composer.
There's a post install script that runs that I think I got from Rich Trouton's blog
#!/bin/sh # Accept EULA so there is no prompt if [[ -e "/Applications/Xcode.app/Contents/Developer/usr/bin/xcodebuild" ]]; then /Applications/Xcode.app/Contents/Developer/usr/bin/xcodebuild -license accept fi # Install Mobile Device Package so there is no prompt if [[ -e "/Applications/Xcode.app/Contents/Resources/Packages/MobileDevice.pkg" ]]; then /usr/sbin/installer -dumplog -verbose -pkg "/Applications/Xcode.app/Contents/Resources/Packages/MobileDevice.pkg" -target / fi if [[ -e "/Applications/Xcode.app/Contents/Resources/Packages/MobileDeviceDevelopment.pkg" ]]; then /usr/sbin/installer -dumplog -verbose -pkg "/Applications/Xcode.app/Contents/Resources/Packages/MobileDeviceDevelopment.pkg" -target / fi exit 0
Then, via smart group, anyone who gets xcode gets this ran once per computer via policy
Run Unix command '/usr/sbin/DevToolsSecurity –enable'
and running ongoing at login for computers with xcode (wouldn't need to be ongoing if you weren't deploying to shared computer/labs)
#! /bin/sh loginUsername="$3" dseditgroup -o edit -a $3 -t user _developer exit 0