autopkg-wrapper 2026.2.8__py3-none-any.whl → 2026.2.9__py3-none-any.whl

autopkg_wrapper/autopkg_wrapper.py

@@ -78,6 +78,12 @@ def get_override_repo_info(args):
 
 
 def update_recipe_repo(recipe, git_info, disable_recipe_trust_check, args):
+    if getattr(args, "dry_run", False):
+        logging.info(
+            "Dry run: would update trust info in override repo for %s",
+            recipe.identifier,
+        )
+        return
     logging.debug(f"recipe.verified: {recipe.verified}")
     logging.debug(f"disable_recipe_trust_check: {disable_recipe_trust_check}")
 
@@ -208,6 +214,21 @@ def parse_post_processors(post_processors):
 
 
 def process_recipe(recipe, disable_recipe_trust_check, args):
+    if getattr(args, "dry_run", False):
+        logging.info("Dry run: processing recipe %s", recipe.identifier)
+        if disable_recipe_trust_check:
+            logging.info(
+                "Dry run: trust verification disabled for %s", recipe.identifier
+            )
+            recipe.verified = None
+        else:
+            logging.info("Dry run: would verify trust info for %s", recipe.identifier)
+        logging.info("Dry run: would run recipe %s", recipe.identifier)
+        logging.info(
+            "Dry run: would evaluate trust update flow for %s",
+            recipe.identifier,
+        )
+        return recipe
     if disable_recipe_trust_check:
         logging.debug("Setting Recipe verification to None")
         recipe.verified = None
@@ -233,7 +254,7 @@ def main():
     setup_logger(args.debug if args.debug else False)
     logging.info("Running autopkg_wrapper")
 
-    override_repo_info = get_override_repo_info(args)
+    override_repo_info = None
 
     post_processors_list = parse_post_processors(post_processors=args.post_processors)
     recipe_list = parse_recipe_list(
@@ -245,12 +266,22 @@ def main():
 
     failed_recipes = []
 
+    if getattr(args, "dry_run", False):
+        logging.info("Dry run enabled: no external commands will be executed")
+        if args.disable_git_commands:
+            logging.info("Dry run: git commands already disabled")
+
     # Run recipes concurrently using a thread pool to parallelize subprocess calls
     max_workers = max(1, int(getattr(args, "concurrency", 1)))
     logging.info(f"Running recipes with concurrency={max_workers}")
 
     def run_one(r: Recipe):
         logging.info(f"Processing Recipe: {r.identifier}")
+        if args.dry_run:
+            logging.info(
+                "Dry run: would process recipe %s with trust checks and run",
+                r.identifier,
+            )
         process_recipe(
             recipe=r,
             disable_recipe_trust_check=args.disable_recipe_trust_check,
@@ -266,10 +297,17 @@ def main():
         )
         logging.info("Recipe processing batches:")
         batch_descriptions = describe_recipe_batches(batches)
-        for batch, batch_desc in zip(batches, batch_descriptions, strict=False):
+        for batch_desc in batch_descriptions:
             batch_type = batch_desc.get("type") or "unknown"
             logging.info(f"Batch type={batch_type} count={batch_desc.get('count', 0)}")
+        for batch, batch_desc in zip(batches, batch_descriptions, strict=False):
+            batch_type = batch_desc.get("type") or "unknown"
+            logging.info(f"Beginning {batch_type} batch")
             logging.info(f"Batch recipes: {batch_desc.get('recipes', [])}")
+            if args.dry_run:
+                for r in batch:
+                    run_one(r)
+                continue
             with ThreadPoolExecutor(max_workers=max_workers) as executor:
                 futures = [executor.submit(run_one, r) for r in batch]
                 for fut in as_completed(futures):
@@ -280,46 +318,89 @@ def main():
         logging.info("Recipe processing batches:")
         logging.info("Batch type=all count=%d", len(recipe_list))
         logging.info("Batch recipes: %s", [r.identifier for r in recipe_list])
-        with ThreadPoolExecutor(max_workers=max_workers) as executor:
-            futures = [executor.submit(run_one, r) for r in recipe_list]
-            for fut in as_completed(futures):
-                r = fut.result()
-                if r.error or r.results.get("failed"):
-                    failed_recipes.append(r)
+        if args.dry_run:
+            for r in recipe_list:
+                run_one(r)
+        else:
+            with ThreadPoolExecutor(max_workers=max_workers) as executor:
+                futures = [executor.submit(run_one, r) for r in recipe_list]
+                for fut in as_completed(futures):
+                    r = fut.result()
+                    if r.error or r.results.get("failed"):
+                        failed_recipes.append(r)
 
     # Apply git updates serially to avoid branch/commit conflicts when concurrency > 1
-    for r in recipe_list:
-        update_recipe_repo(
-            git_info=override_repo_info,
-            recipe=r,
-            disable_recipe_trust_check=args.disable_recipe_trust_check,
-            args=args,
-        )
+    if args.dry_run:
+        logging.info("Dry run: skipping git updates")
+    elif args.disable_git_commands:
+        logging.info("Skipping git updates (disabled)")
+    else:
+        if override_repo_info is None:
+            override_repo_info = get_override_repo_info(args)
+        for r in recipe_list:
+            update_recipe_repo(
+                git_info=override_repo_info,
+                recipe=r,
+                disable_recipe_trust_check=args.disable_recipe_trust_check,
+                args=args,
+            )
 
     # Send notifications serially to simplify rate limiting and ordering
     if args.slack_token:
-        for r in recipe_list:
-            slack.send_notification(recipe=r, token=args.slack_token)
+        if args.dry_run:
+            logging.info("Dry run: skipping Slack notifications")
+        else:
+            for r in recipe_list:
+                slack.send_notification(recipe=r, token=args.slack_token)
 
     # Optionally open a PR for updated trust information
     if args.create_pr and recipe_list:
-        # Choose a representative recipe for the PR title/body
-        rep_recipe = next(
-            (r for r in recipe_list if r.updated is True or r.verified is False),
-            recipe_list[0],
-        )
-        pr_url = git.create_pull_request(git_info=override_repo_info, recipe=rep_recipe)
-        logging.info(f"Created Pull Request for trust info updates: {pr_url}")
+        if args.dry_run:
+            logging.info("Dry run: skipping PR creation")
+        elif args.disable_git_commands:
+            logging.info("Skipping PR creation (disabled git commands)")
+        else:
+            if override_repo_info is None:
+                override_repo_info = get_override_repo_info(args)
+            # Choose a representative recipe for the PR title/body
+            rep_recipe = next(
+                (r for r in recipe_list if r.updated is True or r.verified is False),
+                recipe_list[0],
+            )
+            pr_url = git.create_pull_request(
+                git_info=override_repo_info, recipe=rep_recipe
+            )
+            logging.info(f"Created Pull Request for trust info updates: {pr_url}")
 
     # Create GitHub issue for failed recipes
     if args.create_issues and failed_recipes and args.github_token:
-        issue_url = git.create_issue_for_failed_recipes(
-            git_info=override_repo_info, failed_recipes=failed_recipes
-        )
-        logging.info(f"Created GitHub issue for failed recipes: {issue_url}")
+        if args.dry_run:
+            logging.info("Dry run: skipping issue creation")
+        elif args.disable_git_commands:
+            logging.info("Skipping issue creation (disabled git commands)")
+        else:
+            if override_repo_info is None:
+                override_repo_info = get_override_repo_info(args)
+            issue_url = git.create_issue_for_failed_recipes(
+                git_info=override_repo_info, failed_recipes=failed_recipes
+            )
+            logging.info(f"Created GitHub issue for failed recipes: {issue_url}")
 
     # Optionally process reports after running recipes
     if getattr(args, "process_reports", False):
+        if args.dry_run:
+            logging.info("Dry run: skipping report processing")
+            return
+        repo_branch = ""
+        repo_url = None
+        repo_path = None
+        if override_repo_info is None and not args.disable_git_commands:
+            override_repo_info = get_override_repo_info(args)
+        if override_repo_info is not None:
+            repo_url = override_repo_info.get("override_repo_url")
+            repo_path = str(override_repo_info.get("override_repo_path"))
+            if not args.disable_git_commands:
+                repo_branch = git.get_current_branch(override_repo_info)
         rc = process_reports(
             zip_file=getattr(args, "reports_zip", None),
             extract_dir=getattr(
@@ -331,6 +412,9 @@ def main():
             out_dir=getattr(args, "reports_out_dir", "autopkg_reports_summary/summary"),
             debug=bool(getattr(args, "debug", False)),
             strict=bool(getattr(args, "reports_strict", False)),
+            repo_url=repo_url,
+            repo_branch=repo_branch,
+            repo_path=repo_path,
         )
         if rc:
             sys.exit(rc)

autopkg_wrapper/models/recipe.py

@@ -44,6 +44,10 @@ class Recipe:
         )
         logging.debug(f"cmd: {cmd}")
 
+        if getattr(args, "dry_run", False):
+            logging.info("Dry run: would verify trust info for %s", self.identifier)
+            return self.verified
+
         result = subprocess.run(cmd, capture_output=True, text=True)
         if result.returncode == 0:
             self.verified = True
@@ -60,6 +64,10 @@ class Recipe:
         cmd = [autopkg_bin, "update-trust-info", self.filename] + prefs_file
         logging.debug(f"cmd: {cmd}")
 
+        if getattr(args, "dry_run", False):
+            logging.info("Dry run: would update trust info for %s", self.identifier)
+            return
+
         # Fail loudly if this exits 0
         try:
             subprocess.check_call(cmd)
@@ -83,6 +91,34 @@ class Recipe:
         return {"imported": imported_items, "failed": failed_items}
 
     def run(self, args):
+        if getattr(args, "dry_run", False):
+            autopkg_bin = getattr(args, "autopkg_bin", "/usr/local/bin/autopkg")
+            prefs_file = (
+                ["--prefs", args.autopkg_prefs.as_posix()] if args.autopkg_prefs else []
+            )
+            verbose_output = ["-vvvv"] if args.debug else []
+            post_processor_cmd = (
+                list(
+                    chain.from_iterable(
+                        [("--post", processor) for processor in self.post_processors]
+                    )
+                )
+                if self.post_processors
+                else []
+            )
+            report_dir = Path("/private/tmp/autopkg")
+            report_time = datetime.now().strftime("%Y-%m-%dT%H-%M-%S")
+            report_name = Path(f"{self.name}-{report_time}.plist")
+            report = report_dir / report_name
+            cmd = (
+                [autopkg_bin, "run", self.filename, "--report-plist", report]
+                + verbose_output
+                + prefs_file
+                + post_processor_cmd
+            )
+            logging.info("Dry run: would run recipe %s", self.identifier)
+            logging.debug(f"cmd: {cmd}")
+            return self
         if self.verified is False:
             self.error = True
             self.results["failed"] = True

autopkg_wrapper/utils/args.py

@@ -94,6 +94,11 @@ def setup_args():
         default=os.getenv("AW_AUTOPKG_BIN", "/usr/local/bin/autopkg"),
         help="Path to the autopkg binary (default: /usr/local/bin/autopkg). Can also be set via AW_AUTOPKG_BIN.",
     )
+    parser.add_argument(
+        "--dry-run",
+        action="store_true",
+        help="Show planned actions without executing external commands",
+    )
 
     parser.add_argument(
         "--debug",

autopkg_wrapper/utils/report_processor.py

@@ -4,6 +4,7 @@ import os
 import plistlib
 import re
 import zipfile
+from pathlib import Path
 
 
 def find_report_dirs(base_path: str) -> list[str]:
@@ -45,6 +46,42 @@ def _infer_recipe_name_from_filename(path: str) -> str:
     return base
 
 
+def _resolve_recipe_name(name: str, recipe_link_map: dict[str, str] | None) -> str:
+    if not recipe_link_map:
+        return name
+    if name in recipe_link_map:
+        return name
+    candidates = [
+        recipe_name
+        for recipe_name in recipe_link_map
+        if recipe_name.startswith(f"{name}.")
+    ]
+    if len(candidates) == 1:
+        return candidates[0]
+    return name
+
+
+def _build_recipe_link_map(
+    repo_path: str | None, repo_url: str | None, repo_branch: str | None
+) -> dict[str, str]:
+    if not repo_path or not repo_url or not repo_branch:
+        return {}
+    repo_root = Path(repo_path)
+    if not repo_root.exists():
+        return {}
+
+    recipe_link_map: dict[str, str] = {}
+    for path in repo_root.rglob("*.recipe*"):
+        if not path.is_file():
+            continue
+        rel = path.relative_to(repo_root).as_posix()
+        recipe_base = path.name
+        recipe_name = recipe_base.split(".recipe", 1)[0]
+        if recipe_name not in recipe_link_map:
+            recipe_link_map[recipe_name] = f"{repo_url}/blob/{repo_branch}/{rel}"
+    return recipe_link_map
+
+
 def parse_text_file(path: str) -> dict[str, list]:
     uploads: list[dict] = []
     policies: list[dict] = []
@@ -90,7 +127,9 @@ def parse_text_file(path: str) -> dict[str, list]:
     return {"uploads": uploads, "policies": policies, "errors": errors}
 
 
-def parse_plist_file(path: str) -> dict[str, list]:
+def parse_plist_file(
+    path: str, *, recipe_link_map: dict[str, str] | None = None
+) -> dict[str, list]:
     uploads: list[dict] = []
     policies: list[dict] = []
     errors: list[str] = []
@@ -116,10 +155,16 @@ def parse_plist_file(path: str) -> dict[str, list]:
     sr = plist.get("summary_results", {}) or {}
 
     recipe_name = _infer_recipe_name_from_filename(path)
+    if recipe_link_map:
+        recipe_name = _resolve_recipe_name(recipe_name, recipe_link_map)
     recipe_identifier: str | None = None
+    recipe_link = (recipe_link_map or {}).get(recipe_name)
+
+    handled_keys: set[str] = set()
 
     jpu = sr.get("jamfpackageuploader_summary_result")
     if isinstance(jpu, dict):
+        handled_keys.add("jamfpackageuploader_summary_result")
         rows = jpu.get("data_rows") or []
         for row in rows:
             name = (row.get("name") or row.get("pkg_display_name") or "-").strip()
@@ -139,12 +184,38 @@ def parse_plist_file(path: str) -> dict[str, list]:
                 {
                     "recipe_name": recipe_name,
                     "recipe_identifier": recipe_identifier or "-",
+                    "recipe_url": recipe_link,
                     "package": pkg_name,
                     "version": version or "-",
                 }
             )
 
+    jpol = sr.get("jamfpolicyuploader_summary_result")
+    if isinstance(jpol, dict):
+        handled_keys.add("jamfpolicyuploader_summary_result")
+        rows = jpol.get("data_rows") or []
+        for row in rows:
+            name = (
+                row.get("policy")
+                or row.get("policy_name")
+                or row.get("name")
+                or row.get("title")
+            )
+            if not name:
+                continue
+            policies.append({"name": str(name).strip(), "action": "-"})
+            policy_rows.append(
+                {
+                    "recipe_name": recipe_name,
+                    "recipe_identifier": recipe_identifier or "-",
+                    "recipe_url": recipe_link,
+                    "policy": str(name).strip(),
+                }
+            )
+
     for key, block in sr.items():
+        if key in handled_keys:
+            continue
         if not isinstance(block, dict):
             continue
         hdr = [h.lower() for h in (block.get("header") or [])]
@@ -170,6 +241,7 @@ def parse_plist_file(path: str) -> dict[str, list]:
                         {
                             "recipe_name": recipe_name,
                             "recipe_identifier": recipe_identifier or "-",
+                            "recipe_url": recipe_link,
                             "policy": str(name).strip(),
                         }
                     )
@@ -199,7 +271,11 @@ def parse_plist_file(path: str) -> dict[str, list]:
     }
 
 
-def aggregate_reports(base_path: str) -> dict:
+def aggregate_reports(
+    base_path: str,
+    *,
+    recipe_link_map: dict[str, str] | None = None,
+) -> dict:
     summary = {
         "uploads": [],
         "policies": [],
@@ -218,7 +294,7 @@ def aggregate_reports(base_path: str) -> dict:
                 ext = os.path.splitext(fn)[1].lower()
 
                 if ext == ".plist":
-                    data = parse_plist_file(p)
+                    data = parse_plist_file(p, recipe_link_map=recipe_link_map)
                     summary["uploads"] += data.get("uploads", [])
                     summary["policies"] += data.get("policies", [])
                     summary["errors"] += data.get("errors", [])
@@ -391,8 +467,13 @@ def render_job_summary(summary: dict, environment: str, run_date: str) -> str:
             pkg = row.get("package", "-")
             pkg_url = row.get("package_url")
             pkg_cell = f"[{pkg}]({pkg_url})" if pkg_url else pkg
+            recipe_name = row.get("recipe_name", "-")
+            recipe_url = row.get("recipe_url")
+            recipe_cell = (
+                f"[{recipe_name}]({recipe_url})" if recipe_url else recipe_name
+            )
             lines.append(
-                f"| {row.get('recipe_name', '-')} | {row.get('recipe_identifier', '-')} | {pkg_cell} | {row.get('version', '-')} |"
+                f"| {recipe_cell} | {row.get('recipe_identifier', '-')} | {pkg_cell} | {row.get('version', '-')} |"
             )
         lines.append("")
     else:
@@ -407,8 +488,16 @@ def render_job_summary(summary: dict, environment: str, run_date: str) -> str:
         for row in sorted(
             summary["policy_rows"], key=lambda r: str(r.get("recipe_name", "")).lower()
         ):
+            recipe_name = row.get("recipe_name", "-")
+            recipe_url = row.get("recipe_url")
+            recipe_cell = (
+                f"[{recipe_name}]({recipe_url})" if recipe_url else recipe_name
+            )
+            policy = row.get("policy", "-")
+            policy_url = row.get("policy_url")
+            policy_cell = f"[{policy}]({policy_url})" if policy_url else policy
             lines.append(
-                f"| {row.get('recipe_name', '-')} | {row.get('recipe_identifier', '-')} | {row.get('policy', '-')} |"
+                f"| {recipe_cell} | {row.get('recipe_identifier', '-')} | {policy_cell} |"
             )
         lines.append("")
 
@@ -552,17 +641,63 @@ def build_pkg_map(jss_url: str, client_id: str, client_secret: str) -> dict[str,
     return pkg_map
 
 
+def build_policy_map(
+    jss_url: str, client_id: str, client_secret: str
+) -> dict[str, str]:
+    host = _normalize_host(jss_url)
+    _ = host  # silence linters about unused var; kept for readability
+    policy_map: dict[str, str] = {}
+    try:
+        from jamf_pro_sdk import (  # type: ignore
+            ApiClientCredentialsProvider,
+            JamfProClient,
+        )
+
+        client = JamfProClient(
+            _normalize_host(jss_url),
+            ApiClientCredentialsProvider(client_id, client_secret),
+        )
+        policies = client.pro_api.get_policies()
+        for p in policies:
+            try:
+                name = str(p.name).strip()
+                pid = str(p.id).strip()
+            except Exception:
+                continue
+            if not name or not pid:
+                continue
+            url = f"{jss_url}/policies.html?id={pid}"
+            if name not in policy_map:
+                policy_map[name] = url
+    except Exception:
+        return {}
+    return policy_map
+
+
 def enrich_upload_rows(upload_rows: list[dict], pkg_map: dict[str, str]) -> int:
     linked = 0
+    norm_map = {k.lower(): v for k, v in pkg_map.items()}
     for row in upload_rows:
         pkg_name = str(row.get("package") or "").strip()
-        url = pkg_map.get(pkg_name)
+        url = pkg_map.get(pkg_name) or norm_map.get(pkg_name.lower())
         if url:
             row["package_url"] = url
             linked += 1
     return linked
 
 
+def enrich_policy_rows(policy_rows: list[dict], policy_map: dict[str, str]) -> int:
+    linked = 0
+    norm_map = {k.lower(): v for k, v in policy_map.items()}
+    for row in policy_rows:
+        policy_name = str(row.get("policy") or "").strip()
+        url = policy_map.get(policy_name) or norm_map.get(policy_name.lower())
+        if url:
+            row["policy_url"] = url
+            linked += 1
+    return linked
+
+
 def enrich_upload_rows_with_jamf(
     summary: dict, jss_url: str, client_id: str, client_secret: str
 ) -> tuple[int, list[str]]:
@@ -571,6 +706,14 @@ def enrich_upload_rows_with_jamf(
     return linked, sorted(set(pkg_map.keys()))
 
 
+def enrich_policy_rows_with_jamf(
+    summary: dict, jss_url: str, client_id: str, client_secret: str
+) -> tuple[int, list[str]]:
+    policy_map = build_policy_map(jss_url, client_id, client_secret)
+    linked = enrich_policy_rows(summary.get("policy_rows", []), policy_map)
+    return linked, sorted(set(policy_map.keys()))
+
+
 def process_reports(
     *,
     zip_file: str | None,
@@ -581,6 +724,9 @@ def process_reports(
     out_dir: str,
     debug: bool,
     strict: bool,
+    repo_url: str | None = None,
+    repo_branch: str | None = None,
+    repo_path: str | None = None,
 ) -> int:
     os.makedirs(out_dir, exist_ok=True)
 
@@ -595,7 +741,8 @@ def process_reports(
     else:
         process_dir = reports_dir or extract_dir
 
-    summary = aggregate_reports(process_dir)
+    recipe_link_map = _build_recipe_link_map(repo_path, repo_url, repo_branch)
+    summary = aggregate_reports(process_dir, recipe_link_map=recipe_link_map)
 
     jss_url = os.environ.get("AUTOPKG_JSS_URL")
     jss_client_id = os.environ.get("AUTOPKG_CLIENT_ID")
@@ -603,15 +750,29 @@ def process_reports(
     jamf_attempted = False
     jamf_linked = 0
     jamf_keys: list[str] = []
+    jamf_policy_linked = 0
+    jamf_policy_keys: list[str] = []
     jamf_total = len(summary.get("upload_rows", []))
-    if jss_url and jss_client_id and jss_client_secret and jamf_total:
+    jamf_policy_total = len(summary.get("policy_rows", []))
+    if (
+        jss_url
+        and jss_client_id
+        and jss_client_secret
+        and (jamf_total or jamf_policy_total)
+    ):
         jamf_attempted = True
         try:
-            jamf_linked, jamf_keys = enrich_upload_rows_with_jamf(
-                summary, jss_url, jss_client_id, jss_client_secret
-            )
+            if jamf_total:
+                jamf_linked, jamf_keys = enrich_upload_rows_with_jamf(
+                    summary, jss_url, jss_client_id, jss_client_secret
+                )
+            if jamf_policy_total:
+                jamf_policy_linked, jamf_policy_keys = enrich_policy_rows_with_jamf(
+                    summary, jss_url, jss_client_id, jss_client_secret
+                )
         except Exception:
             jamf_linked = 0
+            jamf_policy_linked = 0
 
     job_md = render_job_summary(summary, environment, run_date)
     issue_md = None
@@ -633,20 +794,38 @@ def process_reports(
                 str(r.get("package") or "").strip()
                 for r in summary.get("upload_rows", [])
             ]
+            policy_names = [
+                str(r.get("policy") or "").strip()
+                for r in summary.get("policy_rows", [])
+            ]
             matched = [
                 r for r in summary.get("upload_rows", []) if r.get("package_url")
             ]
             unmatched = [
                 r for r in summary.get("upload_rows", []) if not r.get("package_url")
             ]
+            policy_matched = [
+                r for r in summary.get("policy_rows", []) if r.get("policy_url")
+            ]
+            policy_unmatched = [
+                r for r in summary.get("policy_rows", []) if not r.get("policy_url")
+            ]
             diag = {
                 "jss_url": jss_url or "",
                 "jamf_keys_count": len(jamf_keys),
                 "jamf_keys_sample": jamf_keys[:20],
+                "jamf_policy_keys_count": len(jamf_policy_keys),
+                "jamf_policy_keys_sample": jamf_policy_keys[:20],
                 "uploads_count": len(upload_pkg_names),
                 "matched_count": len(matched),
                 "unmatched_count": len(unmatched),
                 "unmatched_names": [r.get("package") for r in unmatched][:20],
+                "policies_count": len(policy_names),
+                "policy_matched_count": len(policy_matched),
+                "policy_unmatched_count": len(policy_unmatched),
+                "policy_unmatched_names": [r.get("policy") for r in policy_unmatched][
+                    :20
+                ],
             }
             with open(jamf_log_path, "w", encoding="utf-8") as jf:
                 json.dump(diag, jf, indent=2)
@@ -659,11 +838,13 @@ def process_reports(
         f"Errors file: {'errors_issue.md' if issue_md else 'none'}",
     ]
     if jamf_attempted:
-        status.append(f"Jamf links added: {jamf_linked}/{jamf_total}")
+        status.append(
+            f"Jamf links added: packages {jamf_linked}/{jamf_total}, policies {jamf_policy_linked}/{jamf_policy_total}"
+        )
         if jamf_log_path:
             status.append(f"Jamf lookup log: '{jamf_log_path}'")
     else:
-        status.append("Jamf links: skipped (missing env or no uploads)")
+        status.append("Jamf links: skipped (missing env or no uploads/policies)")
     logging.info(". ".join(status))
 
     if strict and summary.get("errors"):

{autopkg_wrapper-2026.2.8.dist-info → autopkg_wrapper-2026.2.9.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: autopkg-wrapper
-Version: 2026.2.8
+Version: 2026.2.9
 Summary: A package used to execute some autopkg functions, primarily within the context of a GitHub Actions runner.
 Project-URL: Repository, https://github.com/smithjw/autopkg-wrapper
 Author-email: James Smith <james@smithjw.me>
@@ -45,7 +45,7 @@ mise run build
 usage: autopkg_wrapper [-h] [--recipe-file RECIPE_FILE |
                        --recipes [RECIPES ...]]
                        [--recipe-processing-order [RECIPE_PROCESSING_ORDER ...]]
-                       [--autopkg-bin AUTOPKG_BIN] [--debug]
+                       [--autopkg-bin AUTOPKG_BIN] [--dry-run] [--debug]
                        [--disable-recipe-trust-check] [--disable-git-commands]
                        [--concurrency CONCURRENCY]
                        [--github-token GITHUB_TOKEN]
@@ -111,6 +111,8 @@ options:
                         Path to the autopkg binary (default:
                         /usr/local/bin/autopkg). Can also be set via
                         AW_AUTOPKG_BIN.
+  --dry-run             Show planned actions without executing external
+                        commands
   --debug               Enable debug logging when running script
   --disable-recipe-trust-check
                         If this option is used, recipe trust verification will

{autopkg_wrapper-2026.2.8.dist-info → autopkg_wrapper-2026.2.9.dist-info}/RECORD

@@ -1,17 +1,17 @@
 autopkg_wrapper/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-autopkg_wrapper/autopkg_wrapper.py,sha256=YBXttf3JDDP7tI3zoTAtBnXSGXssltLY7qk3Gy_cgNI,12728
-autopkg_wrapper/models/recipe.py,sha256=OQabJ-4ORbhueYZuZrq9bovXbcAC9flBoTc8A998mlE,4953
+autopkg_wrapper/autopkg_wrapper.py,sha256=bb63BJMcWekfLiE-qeBqsa5C9_bSHo1QkxyOEAz_TD8,16186
+autopkg_wrapper/models/recipe.py,sha256=yZOkYyTCd4D6fB7AGJrBETEK0-asf4YwJbhrs1gowlg,6471
 autopkg_wrapper/notifier/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 autopkg_wrapper/notifier/slack.py,sha256=O5Dc3ux7w258zTkfyDkjNbpfFLLCaCCoGUguOYfOETk,2056
 autopkg_wrapper/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-autopkg_wrapper/utils/args.py,sha256=1uEdjTIuqQQcealiEqihZNAamSDLbU9qBzJ6M-tpsS4,8423
+autopkg_wrapper/utils/args.py,sha256=I3-Xgljv5gt-GHRUPbdlPGScgt1pcLgiMUXa8eIwjuU,8577
 autopkg_wrapper/utils/git_functions.py,sha256=5egBB4itrEusGrANoL2_8F13diRAZSfBcnZrUxn6Z5M,4976
 autopkg_wrapper/utils/logging.py,sha256=3knpMViO_zAU8WM5bSImQaz5M01vMFk_raB4lt1cbvo,324
 autopkg_wrapper/utils/recipe_batching.py,sha256=ohZUPyr6IFD8j4m9VSASsLOFh_9Fs0_UkIo6MIR4fIQ,1722
 autopkg_wrapper/utils/recipe_ordering.py,sha256=LWxbktRo_NlDNaW7NL63GJHSXGspYHDvu-2mP1JATFE,6190
-autopkg_wrapper/utils/report_processor.py,sha256=iB48pV_K2P11jkR9IZbeoA7dmyaZBiD0BHKwDOBwHgQ,22296
-autopkg_wrapper-2026.2.8.dist-info/METADATA,sha256=vWcsRVxM3ymlfXEEZmrfjEODzCkaNsPMvcfFdhFrSfc,10750
-autopkg_wrapper-2026.2.8.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-autopkg_wrapper-2026.2.8.dist-info/entry_points.txt,sha256=TVIcOt7OozzX1c00pwMGbBysaHg_v_N3mO3juoFqPpo,73
-autopkg_wrapper-2026.2.8.dist-info/licenses/LICENSE,sha256=PpNOQjZGcsKFuA0wU16YU7PueVxqPX4OnyZ7TlLQlq4,1602
-autopkg_wrapper-2026.2.8.dist-info/RECORD,,
+autopkg_wrapper/utils/report_processor.py,sha256=SfF5Ybtzo5u5O_PwnejDkhDR4-BB1SngJDnKL69VeFY,28864
+autopkg_wrapper-2026.2.9.dist-info/METADATA,sha256=xYq-R6pJdaPYqUnXp8SBP9UIfdUOTyluHJLS5pN9GdY,10867
+autopkg_wrapper-2026.2.9.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+autopkg_wrapper-2026.2.9.dist-info/entry_points.txt,sha256=TVIcOt7OozzX1c00pwMGbBysaHg_v_N3mO3juoFqPpo,73
+autopkg_wrapper-2026.2.9.dist-info/licenses/LICENSE,sha256=PpNOQjZGcsKFuA0wU16YU7PueVxqPX4OnyZ7TlLQlq4,1602
+autopkg_wrapper-2026.2.9.dist-info/RECORD,,