Sketch 3.0.3: Not packageable for Self Service?

njwinter
New Contributor II

Sketch 3.0.1 worked fine.

Sketch 3.0.3 appears to create a perfectly viable DMG in Composer but it will not deploy via Self Service. When the policy is run it reports as "Succeeded" but the app does not appears in the Applications folder.

Opening the DMG from the JSS Packages share: Everything is peachy, app launches and works fine.

Casper Suite version: 9.32

20 REPLIES 20

pblake
Contributor III

What happens if you make it a pkg?

donmontalvo
Esteemed Contributor III

@njwinter Can you post an image of the Composer window before creating your DMG?

--
https://donmontalvo.com

Banks
Contributor

Are you licensing it separately, or are you distributing the App Store version? If you push the trial and then license it, you could create new download/pkg recipes
http://www.bohemiancoding.com/sketch/appcast3.xml
almost certainly works like every other drag-drop, sparkle-URL app.
If it's not doing strict receipt verification and you are pushing one packaged app DRM'd with your institutional AppleID to many, you can run ```
autopkg repo-add nmcspadden-recipes

and then ```
autopkg make-override AppStoreApp

and modify accordingly.

Or not. I'm talking about the jss-autopkg-addon at the NY Metro Area JUG tomorrow, if you wanted to discuss it in person.

(And sorry if this seems thread-jack-y, the spirit of the OP was 'can this be packaged', and there are obviously multiple releases that environment has tried to deploy, so I thought to recommend https://github.com/autopkg/autopkg)

donmontalvo
Esteemed Contributor III

@Banks wrote:

(And sorry if this seems thread-jack-y, the spirit of the OP was 'can this be packaged', and there are obviously multiple releases that environment has tried to deploy, so I thought to recommend https://github.com/autopkg/autopkg)

Why would anyone think that? :)

http://osx.michaellynn.org/freenode-osx-server/freenode-osx-server_2014-06-25.html

Direct link: http://donmontalvo.com/jamf/jamfnation/why-would-anyone-think-that.png
external image link

@njwinter were you able to sort out the problem?

Don

--
https://donmontalvo.com

chuck3000
Contributor

Sketch 2 packaged normally via Casper's Composer. However, once Sketch 3 was released, it's now looking for some sort of specific DRM'd package receipt that gets installed from the App store.

I have not found any autopkg recipe for Sketch and Composer, even trying to do a detailed before/and/after check, doesn't seem to get the appropriate file(s)/receipt(s).

We will be moving to VPP from Apple soon (paperwork is being worked on), but that might take a few months for all the checks and balances to go through. So in the meantime, with Sketch updating itself every week or two, I need to be able to package and deploy.

Anybody?
Fry?

Thanks!

donmontalvo
Esteemed Contributor III

@chuck3000 The standard process we follow is to log on to App Store using a specific (ie: "institutional") Apple ID, package and deploy. The App Store app will end up with the right receipt (/Applications/Yadayada.app/Contents/_MAS_Receipt/) installed.

Then going forward do the same for updates. Only someone with the Apple ID credentials used to get the software will be able to update it (ie: us, pushing with our favorite tool/method).

Yea, can't wait to get VPP2 in place, these problems will be a thing of the past. :)

Don

--
https://donmontalvo.com

njwinter
New Contributor II

Strangely enough, @chuck3000, it worked after I removed all vestiges of Sketch 3 and downloaded a fresh copy from the MAS. I didn't save the old non-working version so I can't checksum them.

chuck3000
Contributor

Well all, here's an update... As of earlier versions of Sketch 3.2.x that we purchased via credit card from the vendor directly (we bought a 20 user license), I was able to distribute the Application, user prefs and the "hidden" .license file. However, as of their release last month of 3.2.1, they've changed the way the software checks for registration, so installing updates appears to break the registration and forces the user to have to re-register.

We receive a popup dialog message

Your license has expired. The license server is currently unreachable from this computer - if you have already renewed your license, please connect to the internet to allow Sketch to fetch it.

Even though the computer IS connected to the web, I must re-enter the SN for it to take effect. If I review the actual license file, it now contains, in the meta-tage of the file, the computer name and a signed hash, plus a license expiry date.

Does anybody have any suggestions?

One thing I'm thinking about is a way to Apple Script to automatically enter the License key into the dialog box, but I'm not sure how to attempt that as it's a popup built into the app.

daz_wallace
Contributor III

Hi @chuck3000

Is it worth opening a support ticket with the developer to ask about mass deployment to OS X?

Sometimes they may be helpful and have a method that will work.

Darren

chuck3000
Contributor

Thanks @daz_dar but I have done this. Unfortunately they currently don't support the Enterprise. Their response, when I asked them, was that they expect each installation to be done one-at-at time while face-to-face with the machine.

daz_wallace
Contributor III

Aww, that sucks a lot. The cynic in me says in that case, don't buy their product (ie vote with your wallet).

The more helpful answer maybe, I'm afraid, that you'll have to package and deploy the software, then manually license it one.

Unless anyone else on JAMF nation has any advice, or experience with this app?

Sorry I can't be much more help.

Darren

donmontalvo
Esteemed Contributor III

Just gonna put this here...

Somewhere at every software company is a developer hiding out in a cube, collecting a hefty paycheck, writing software that meets requirements and his or her deadline. Somewhere else at that same company is a manager responsible for defining requirements and deadline. Neither will budge until they are outed for thumbing their nose at enterprise. AAMEE wouldn't exist if it weren't for a steady stream of public lambasting.

--
https://donmontalvo.com

chriscollins
Valued Contributor

We just started doing VPP through MDM for Sketch for new licenses.

chuck3000
Contributor

VPP isn't realistic here as our users don't and can't log into the App Store (we have it blocked) to download and install software. Due to SOX Federal law and our corporate policies, all software installed must be vetted and approved by Executive Management. Licensing must be reviewed to be sure the software doesn't constitute a confidentiality breach (i.e., no Google Docs/Drive), and all software is installed by IT through a Casper push.

Very challenging. It's an uphill battle every day.

donmontalvo
Esteemed Contributor III

@chuck3000][/url wrote:

Due to SOX Federal law and our corporate policies

Not sure SOX has anything to do with software deployment, vetting Mac App Store software is no different than vetting stuff you download/package. But yea the stuff coming through Mac App Store is becoming increasingly difficult to capture/deploy. Might need to present a case that shows your Firm what road Apple is going down. Leveraging native Apple technologies/methodologies is the game plan for most big companies. APNS, VPP2, DEP, aren't going away, they're the (very near) future. But yea,it is a tough job to present a compelling case to the Firm, get their buy-in, putting the pieces in place so you eventually are where you want/need to be. Not impossible, but not probable without a lot of time/effort. Opening dialog with Apple/JAMF and your IT folks could start you down the right road. Let them sell the Firm on the reasons why...

--
https://donmontalvo.com

lucascantor
New Contributor

Bohemian Coding announced today that Sketch will no longer be available via the Mac App Store.

We were previously using VPP to distribute Sketch via the Mac App Store, and now that I've tried creating a policy to deploy it as a .pkg via Self Service, I'm running into the issue described by njwinter. The Sketch App is installed in the user's Applications folder, but it simply won't open.

njwinter
New Contributor II

We stopped using Sketch after playing too much whack-a-mole with their constant changes.

Marcel_75
New Contributor

The problem with Sketch 3.x.x is connected to permission failures.

My workaround for this issue:

1) I've created a "Sketch343.dmg" with Sketch.app (actual version 3.4.3) inside and cache it with a policy. To "double check", this policy also creates a hidden file in /var/db/ (for some special ExtensionAttribute-SmartGroups).

2) The install policy scopes for the cached "Sketch343.dmg" and as a second prerequisite it's also checking for the hidden file with the help of an EA.

3) The install policy will start the installation with the following script:

#!/bin/sh

hdiutil attach /Library/Application Support/JAMF/Waiting Room/Sketch343.dmg
sleep 10s
ditto -v /Volumes/Sketch343/Sketch.app/ /Volumes/Macintosh HD/Applications/Sketch.app
sleep 5s
umount /Volumes/Sketch343/
rm /var/db/.SketchDMGcached
touch /var/db/.SketchDMGinstalled
rm -Rf /Library/Application Support/JAMF/Waiting Room/Sketch*

exit 0

Tested and works fine. :)

PS: But as I can see, this solution might be easier ... https://jamfnation.jamfsoftware.com/discussion.html?id=18029

greatkemo
Contributor II

Hi Guys,

If anyone needs help with Sketch, here is something I wrote to download the latest copy, serialize it and set preferences. Just replace this with you key LicenseKey="SK3-XXX-XXXX-XXXX-XXXX-XXXX" in the script.

Hope it helps someone

#!/bin/bash

function ConfigureSkecth () {

    echo "`date` Adding preferences for all users"
    defaults write /Library/Preferences/com.bohemiancoding.sketch3.plist SUEnableAutomaticChecks -bool NO
    defaults write /Library/Preferences/com.bohemiancoding.sketch3.plist SUAutomaticallyUpdate -bool NO
    defaults write /Library/Preferences/com.bohemiancoding.sketch3.plist SUHasLaunchedBefore -bool YES
    defaults write /Library/Preferences/com.bohemiancoding.sketch3.plist hasShown23Welcome -bool YES
    echo "`date` All preferences are now added"
    echo "`date` Installation is now complete"
    echo "`date` ========== Installation Ended =========="

}


function SerializeSketch () {

    # add serial number for current and all future users
    CurrentUsers=`sudo -u $(ls -l /dev/console | awk {'print $3'}) ls /Users/  | tr '
' ' '`
    LicenseKey="SK3-XXX-XXXX-XXXX-XXXX-XXXX"
    echo "`date` Adding license key for current users"
    if [[ -e /Library/Application Support/com.bohemiancoding.sketch3 ]]; then
        rm -rf /Library/Application Support/com.bohemiancoding.sketch3
        mkdir -p /Library/Application Support/com.bohemiancoding.sketch3
        touch /Library/Application Support/com.bohemiancoding.sketch3/.deployment
        echo "$LicenseKey" > /Library/Application Support/com.bohemiancoding.sketch3/.deployment
    else    
        mkdir -p /Library/Application Support/com.bohemiancoding.sketch3
        touch /Library/Application Support/com.bohemiancoding.sketch3/.deployment
        echo "$LicenseKey" > /Library/Application Support/com.bohemiancoding.sketch3/.deployment
    fi
    echo "`date` All license keys are now added"
    echo "`date` Starting Configuration"
    ConfigureSkecth

}


function InstallSketch () {

    # download and install the latest version
    until [[ -d '/Applications/Sketch.app' ]]; do
        if [[ -e /tmp/sketch.zip ]]; then
            rm -rf /tmp/sketch.zip
        fi
        if [[ -d /tmp/__MACOSX ]]; then
            rm -rf /tmp/__MACOSX/
        fi
        if [[ -d /tmp/Sketch.app ]]; then
            rm -rf /tmp/Sketch.app
        fi
        echo "`date` Downloading Sketch"
        curl -L -o /tmp/sketch.zip "http://download.sketchapp.com/sketch.zip" >/dev/null 2>&1
        echo "`date` Download complete"
        cd /tmp/
        echo "`date` Unzipping archive"
        unzip sketch.zip  >/dev/null 2>&1
        echo "`date` Archive unizpped"
        echo "`date` Moving Sketch.app to the Applications directory"
        mv Sketch.app /Applications
        echo "`date` Editing permissions"
        chown -R root:wheel /Applications/Sketch.app
        chmod -R 755 /Applications/Sketch.app
        cd ~
        echo "`date` Removing temporary files"
        rm -rf /tmp/sketch.zip && rm -rf /tmp/__MACOSX && rm -rf /tmp/Sketch.app
    done
    echo "`date` App Installed"
    echo "`date` Starting Serialization"
    SerializeSketch

}


function RemoveSketch () {

    # Remove and all related files if sketch if installed
    echo "`date` Removing Sketch.app"
    if [[ -d '/Applications/Sketch.app' ]]; then
        until [[ ! -d '/Applications/Sketch.app' ]]; do
            rm -rf /Applications/Sketch.app
        done
        echo "`date` Sketch.app was removed"
        echo "`date` Removing related files"
        for dir in Users private System; do
            find /$dir -name "*bohemiancoding*" -exec rm -rf {} ; >/dev/null 2>&1
        done
        echo "`date` All related files were removed"
        echo "`date` Begining installation of sketch3"
        InstallSketch
    fi

}

function DetectSketch () {

    # Check to see whether Sketch is installed or not, if yes, remove it, then install latest, if no, then install latest.
    pgrep Sketch >/dev/null
    if [[ $? = 0 ]]; then
        pkill Sketch
    fi
    echo "`date` ========== Installation Started =========="
    echo "`date` Detecting if Sketch is installed or not"
    if [[ -d '/Applications/Sketch.app' ]]; then
        echo "`date` Sketch was detected, will remove"
        RemoveSketch
    else
        echo "`date` Sketch was not detected, will install"
        InstallSketch
    fi

}

function LogSketch () {

    # Setup log files if logs do not exists, create it, otherwise start logging
    LogFile="/Library/Logs/sketch3_install.log"
    if [[ ! -e $LogFile ]]; then
        touch $LogFile && exec >> $LogFile
        echo "`date` ========== Log File Created =========="
    else
        exec >> $LogFile
    fi

}

LogSketch
DetectSketch

exit 0

alexissantina
New Contributor

@greatkemo Thank you so much! That script is great--you just solved all my Slack deployment problems.