Now that Apple’s deprecating monolithic imaging, a lot of workflows have gone to DEP=>MDM=>something else (like Munki).
After doing some testing with InstallApplications, I think we’re probably going to stick with our custom script workflow, but I didn’t want our tinkering with it to be in vain, so hopefully some of these notes should help another school, org, or company that wants to get its feet wet with InstallApplications and may actually find it better suited for their situation than for ours.
This isn’t a comprehensive guide on how to set up InstallApplications—just some implementation notes that may help people on a few of the things we got hung up on when trying it. For more comprehensive details on InstallApplications, check out the README for it and also this blog post: CUSTOM DEP – PART 9: A PRACTICAL EXAMPLE OF INSTALLAPPLICATIONS, CRYPT, DEPNOTIFY AND MUNKI.
You will need a signing certificate for InstallApplications.The kind you want, though, can’t be obtained by an admin. It has to be created by the Team Agent.
Once you go through the steps of setting up the certificate, you should have a certificate on your Mac to import into your Keychain. Import it into your login (not system) keychain.
When you download the project from GitHub (or git clone it), you’ll see a bunch of files and folders.
The generatejson.py file you’ll use to generate a .json to put on a server somewhere (or build into your package).
When you run munkipkg on the InstallApplications project folder, you’ll get a .pkg in the build folder, which you can upload to your MDM.
Hat tip to jacobfgrant on the Mac Admins Slack for telling me the minimal files to modify.