xolo-server 1.0.1 → 2.0.2

data/lib/xolo/server/version.rb

@@ -223,12 +223,86 @@ module Xolo
         }
       end
 
+      # add a new version in response to a patch title update webhook event.
+      # This doesn't upload a pkg - it just creates the version in Xolo, and then
+      # someone can upload a pkg to it via xadm or autopkg will do it if configured.
+      #
+      # @param title_object [Xolo::Server::Title] the title object for the subscribed title
+      # @param new_version [String] the new version to add
+      # @return [void]
+      ######################
+      def self.add_version_via_subscription(title_object:, new_version:)
+        title_object.log_info "Adding new version '#{new_version}' for subscribed title '#{title_object.title}'"
+
+        # get more details about this version from the JPAPI
+        patch_version_data = title_object.patch_versions(version: new_version).first
+        unless patch_version_data
+          msg = "Could not get patch version data from JPAPI for version '#{new_version}' of subscribed title '#{title_object.title}'. Cannot create new version in Xolo without this data. Aborting."
+          title_object.log_error msg, alert: true
+          return
+        end
+
+        title_object.log_debug "Got patch version data from JPAPI for version '#{new_version}': #{patch_version_data}"
+
+        # put the data into a hash for creating a new version object
+        vobj_data = {
+          publish_date: Time.parse(patch_version_data[:releaseDate]),
+          standalone: patch_version_data[:standalone],
+          min_os: patch_version_data[:minimumOperatingSystem],
+          reboot: patch_version_data[:rebootRequired],
+          killapps: []
+        }
+
+        # Killapps for subscribed titles? The API only shows app names without the .app, e.g.
+        # "killApps": [
+        #   {
+        #     "appName": "ChrislTestHelper"
+        #   },
+        #   {
+        #     "appName": "Chrisl Test"
+        #   }
+        # ]
+        # Since we don't manage them, we'll just record them in the data like this...
+        unless patch_version_data[:killApps].pix_empty?
+          patch_version_data[:killApps].each do |ka|
+            vobj_data[:killapps] << "#{ka[:appName]}.app;unknown.from.subscription"
+          end
+        end
+
+        # instantiate the version object
+        title_object.log_debug "Instantiating version via subscription '#{new_version}' of title '#{title_object.title}' (#{title_object.class}) with data: #{vobj_data}"
+
+        vobj = title_object.server_app_instance.instantiate_version(
+          title: title_object,
+          version: new_version,
+          **vobj_data
+        )
+
+        # create it in xolo
+        vobj.create
+
+        # tell someone
+        msg = "ACTION REQUIRED: New pilot version '#{new_version}' for subscribed title '#{title_object.title}' has been created in Xolo via subscription."
+
+        # if not autopkg enabled, we need to tell someone to upload a pkg for this new version
+        unless title_object.autopkg_enabled?
+          # update general alert msg
+          msg = "#{msg}\nPlease upload a .pkg for it ASAP using this command:\n   xadm edit-version #{title_object.title} #{new_version} --pkg-to-upload /path/to/installer.pkg"
+
+          # email to title contact
+          vobj.server_app_instance.send_email to: title_object.contact_email, subject: 'Need manual upload of xolo pkg', msg: msg
+        end # if title_object.autopkg_enabled?
+
+        # send general alert
+        vobj.log_info msg, alert: true
+      end
+
       # Attributes
       ######################
       ######################
 
       # The instance of Xolo::Server::App that instantiated this
-      # title object. This is how we access things that are available in routes
+      # version object. This is how we access things that are available in routes
       # and helpers, like the single Jamf and TEd
       # connections for this App instance.
       attr_accessor :server_app_instance
@@ -297,6 +371,9 @@ module Xolo
       #   one of :creating, :updating, :deleting
       attr_accessor :current_action
 
+      # @return [Boolean] is the pkg being processed now from an autopkg recipe?
+      attr_accessor :pkg_is_from_autopkg
+
       # Constructor
       ######################
       ######################
@@ -314,15 +391,15 @@ module Xolo
         @jamf_pkg_id ||= data_hash[:jamf_pkg_id]
 
         # and these can be generated now
-        @jamf_obj_name_pfx = "#{Xolo::Server::JAMF_OBJECT_NAME_PFX}#{title}-#{version}"
+        @jamf_obj_name_pfx = "#{jamf_obj_name_pfx_base}#{title}-#{version}"
 
         @jamf_pkg_name ||= @jamf_obj_name_pfx
 
-        @jamf_installed_group_name = "#{jamf_obj_name_pfx}#{JAMF_SMART_GROUP_NAME_INSTALLED_SFX}"
+        @jamf_installed_group_name = "#{jamf_obj_name_pfx}-#{JAMF_SMART_GROUP_NAME_INSTALLED_SFX}"
 
-        @jamf_auto_install_policy_name = "#{jamf_obj_name_pfx}#{JAMF_POLICY_NAME_AUTO_INSTALL_SFX}"
-        @jamf_manual_install_policy_name = "#{jamf_obj_name_pfx}#{JAMF_POLICY_NAME_MANUAL_INSTALL_SFX}"
-        @jamf_auto_reinstall_policy_name = "#{jamf_obj_name_pfx}#{JAMF_POLICY_NAME_AUTO_REINSTALL_SFX}"
+        @jamf_auto_install_policy_name = "#{jamf_obj_name_pfx}-#{JAMF_POLICY_NAME_AUTO_INSTALL_SFX}"
+        @jamf_manual_install_policy_name = "#{jamf_obj_name_pfx}-#{JAMF_POLICY_NAME_MANUAL_INSTALL_SFX}"
+        @jamf_auto_reinstall_policy_name = "#{jamf_obj_name_pfx}-#{JAMF_POLICY_NAME_AUTO_REINSTALL_SFX}"
 
         @jamf_patch_policy_name = @jamf_obj_name_pfx
 
@@ -391,7 +468,17 @@ module Xolo
       def pilot_groups_to_use
         return @pilot_groups_to_use if @pilot_groups_to_use
 
+        # any defined in the version override any in the title
         @pilot_groups_to_use = changes_for_update&.key?(:pilot_groups) ? changes_for_update[:pilot_groups][:new] : pilot_groups
+        return @pilot_groups_to_use unless @pilot_groups_to_use.empty?
+
+        # if none defined in the version, look in the title
+        @pilot_groups_to_use =
+          if title_object.changes_for_update&.key?(:pilot_groups)
+            title_object.changes_for_update[:pilot_groups][:new]
+          else
+            title_object.pilot_groups
+          end
       end
 
       # The scope excluded groups to use in policies and patch policies for all versions of
@@ -456,10 +543,12 @@ module Xolo
         # @session ||= {}
       end
 
+      # This can be manually set earlier in the request handling to use a non-standard
+      # admin username
       # @return [String]
       ###################
       def admin
-        session[:admin]
+        @admin ||= session[:admin]
       end
 
       # Append a message to the progress stream file,
@@ -472,8 +561,8 @@ module Xolo
       #
       # @return [void]
       ###################
-      def progress(msg, log: :debug)
-        server_app_instance.progress msg, log: log
+      def progress(msg, log: :debug, alert: false)
+        server_app_instance.progress msg, log: log, alert: alert
       end
 
       # This might have been set already if we were instantiated via our title
@@ -559,7 +648,7 @@ module Xolo
         progress 'Saving version data to Xolo server'
         save_local_data
 
-        create_patch_in_ted
+        create_patch_in_ted unless subscribed?
 
         create_in_jamf
 
@@ -576,10 +665,68 @@ module Xolo
         log_change msg: 'Version Created'
 
         progress "Version '#{version}' of Title '#{title}' has been created in Xolo.", log: :info
+
+        # all done unless we need to get a pkg via autopkg
+        # pkg upload from xadm will happen in a separate process,
+        # so we don't want to do it here in the create method
+
+        # do we have an uploaded pkg?
+        if pkg_to_upload.to_s.start_with? '/'
+          progress "Pkg will be uploaded to xolo via xadm shortly, from path '#{pkg_to_upload}'", log: :info
+
+        # if we have an autopkg recipe and dir, get the .pkg and upload it to Jamf
+        elsif title_object.autopkg_enabled?
+          handle_autopkg_during_create
+
+        # otherwise tell someone we need a .pkg
+        else
+          msg = "No --pkg-to-upload given for version '#{version}' of title #{title}, and no autopkg recipe enabled. Please upload a pkg via xadm or enable autopkg for this title."
+
+          # no alert when subscribed because a better alert mesg is sent from add_version_via_subscription
+          subscribed? ? progress(msg, log: :warn) : progress(msg, log: :warn, alert: true)
+        end
       ensure
         unlock
       end
 
+      # Do autopkg stuff during creation
+      #
+      ############################
+      def handle_autopkg_during_create
+        return unless title_object.autopkg_enabled?
+
+        pkg_src = title_object.run_autopkg_recipe
+
+        if pkg_src.nil?
+          msg = 'AutoPkg recipe is enabled for this title, but no pkg was found after running the recipe. Please check the AutoPkg recipe and the server log for details.'
+          progress msg, log: :warn, alert: true
+          return
+        end
+
+        oldest_allowed = Time.now - 1200 # 20 minutes ago
+        if pkg_src.mtime < oldest_allowed
+          msg = "AutoPkg recipe is enabled for this title, and a pkg was found after running the recipe, but it was last modified at #{pkg_src.mtime}, which is more than 20 minutes ago. To avoid accidentally uploading an old pkg, the server will not upload this pkg. Please check the AutoPkg recipe and the server log for details."
+          progress msg, log: :warn, alert: true
+          return
+        end
+
+        # this lets future code know that the pkg we're working with came from autopkg
+        self.pkg_is_from_autopkg = true
+
+        # Upload the pkg to Jamf, and associate it with this version
+        server_app_instance.process_and_upload_autopkg_pkg(title, self, pkg_src)
+      end
+
+      # Is this version part of a subscribed title?
+      def subscribed?
+        title_object.subscribed?
+      end
+
+      # or a managed title?
+      def managed?
+        !subscribed?
+      end
+
       # Update a this version, updating to the
       # local filesystem, Jamf Pro, and the Title Editor as needed
       #
@@ -666,13 +813,16 @@ module Xolo
           progress "Fixing original upload date: #{new_date}, by: #{new_by}", log: :debug
           self.upload_date = new_date
           self.uploaded_by = new_by
-          save_local_data
+
         end
+        save_local_data
       ensure
         unlock
       end
 
       # Release this version, possibly rolling back from a previously newer version
+      # This should only be called by the title. The initial 'release' action starts in the title,
+      # and then calls this method on the version to do the version-specific release steps.
       #
       # @param rollback [Boolean] If true, this version is being released as a rollback
       #
@@ -823,15 +973,25 @@ module Xolo
       #   know the version is gone. Set this to false when the title itself
       #   is being deleted and calling this method.
       #
+      # @param deleting_title [Boolean] Is the title itself being deleted?
+      #
       # @return [void]
       ##########################
-      def delete(update_title: true)
+      def delete(update_title: true, deleting_title: false)
         lock
         @current_action = :deleting
 
-        delete_patch_from_ted
         delete_version_from_jamf
 
+        # NOTE: we no longer delete the patch from the Title Editor
+        # unless the whole title is being deleted, because
+        # patches may be needed for reporting purposes.
+        # When the title is deleted, the title's delete method
+        # will delete all patches for all versions.
+        # If other situations arise where we need to delete
+        # ted patches individually, set deleting_title to true.
+        delete_patch_from_ted if deleting_title && managed?
+
         # remove from the title's list of versions
         progress 'Deleting version from title data on the Xolo server', log: :debug
         title_object.remove_version(version) if update_title
@@ -858,14 +1018,16 @@ module Xolo
         raise Xolo::ServerError, 'Server is shutting down' if Xolo::Server.shutting_down?
 
         while locked?
-          log_debug "Waiting for update lock on Version '#{version}' of title '#{title}'..." if (Time.now.to_i % 5).zero?
+          if (Time.now.to_i % 5).zero?
+            log_debug "Method #{caller_locations.first.label} is waiting for update lock on Version '#{version}' of title '#{title}'..."
+          end
           sleep 0.33
         end
         Xolo::Server.object_locks[title] ||= { versions: {} }
 
         exp = Time.now + Xolo::Server::ObjectLocks::OBJECT_LOCK_LIMIT
         Xolo::Server.object_locks[title][:versions][version] = exp
-        log_debug "Locked version '#{version}' of title '#{title}' for updates until #{exp}"
+        log_debug "Locked version '#{version}' of title '#{title}' for updates until #{exp}, by method #{caller_locations.first.label}"
       end
 
       # Unlock this version for updates

data/lib/xolo/server.rb

@@ -27,6 +27,7 @@ require 'base64'
 require 'resolv'
 require 'shellwords'
 require 'net/smtp'
+require 'etc'
 
 # Gems
 ######
@@ -102,6 +103,11 @@ module Xolo
     ##############################
     ##############################
 
+    ################
+    def self.test_server?
+      Xolo::Server.config.test_server
+    end
+
     ################
     def self.start_time
       @start_time
@@ -194,6 +200,8 @@ require 'xolo/server/helpers/versions'
 require 'xolo/server/helpers/client_data'
 require 'xolo/server/helpers/file_transfers'
 require 'xolo/server/helpers/maintenance'
+require 'xolo/server/helpers/subscriptions'
+require 'xolo/server/helpers/autopkg'
 
 require 'xolo/server/configuration'
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: xolo-server
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 2.0.2
 platform: ruby
 authors:
 - Chris Lasell
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-10-03 00:00:00.000000000 Z
+date: 2026-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -152,14 +152,8 @@ dependencies:
         version: '1.0'
 description: |
   == Xolo
-  Xolo (sorta pronounced 'show-low') is an HTTPS server and set of command-line tools for macOS that provide automatable access to the software deployment and patch management aspects of {Jamf Pro}[https://www.jamf.com/products/jamf-pro/] and the {Jamf Title Editor}[https://learn.jamf.com/en-US/bundle/title-editor/page/About_Title_Editor.html]. It enhances Jamf Pro's abilities in many ways:
+  Xolo (sorta pronounced 'show-low') is an HTTPS server and set of command-line tools for macOS that provide automatable access to the software deployment and patch management aspects of {Jamf Pro}[https://www.jamf.com/products/jamf-pro/] and the {Jamf Title Editor}[https://learn.jamf.com/en-US/bundle/title-editor/page/About_Title_Editor.html]. It enhances Jamf Pro's abilities in many ways.
 
-  * Management of titles and versions/patches is scriptable and automatable, allowing developers and admins to integrate with CI/CD workflows.
-  * Simplifies and standardizes the complex, multistep manual process of managing titles and patches using the Title Editor and Patch Management web interfaces.
-  * Client installs can be performed by remotely via ssh and/or MDM
-  * Automated pre-release piloting of new versions/patches
-  * Titles can be expired (auto-uninstalled) after a period of disuse, reclaiming unused licenses.
-  * And more!
 
   The xolo-server gem packages the code needed to run `xoloserver`, the sinatra-based HTTPS server at the heart of Xolo.
 email: xolo@pixar.com
@@ -188,6 +182,7 @@ files:
 - lib/xolo/core/json_wrappers.rb
 - lib/xolo/core/loading.rb
 - lib/xolo/core/output.rb
+- lib/xolo/core/security_cmd.rb
 - lib/xolo/core/version.rb
 - lib/xolo/server.rb
 - lib/xolo/server/app.rb
@@ -195,6 +190,7 @@ files:
 - lib/xolo/server/configuration.rb
 - lib/xolo/server/constants.rb
 - lib/xolo/server/helpers/auth.rb
+- lib/xolo/server/helpers/autopkg.rb
 - lib/xolo/server/helpers/client_data.rb
 - lib/xolo/server/helpers/file_transfers.rb
 - lib/xolo/server/helpers/jamf_pro.rb
@@ -203,6 +199,7 @@ files:
 - lib/xolo/server/helpers/notification.rb
 - lib/xolo/server/helpers/pkg_signing.rb
 - lib/xolo/server/helpers/progress_streaming.rb
+- lib/xolo/server/helpers/subscriptions.rb
 - lib/xolo/server/helpers/title_editor.rb
 - lib/xolo/server/helpers/titles.rb
 - lib/xolo/server/helpers/versions.rb
@@ -217,6 +214,7 @@ files:
 - lib/xolo/server/routes/auth.rb
 - lib/xolo/server/routes/jamf_pro.rb
 - lib/xolo/server/routes/maint.rb
+- lib/xolo/server/routes/subscriptions.rb
 - lib/xolo/server/routes/title_editor.rb
 - lib/xolo/server/routes/titles.rb
 - lib/xolo/server/routes/uploads.rb