Can Mac App Store installs & upgrades be automated?
How can I script installing or upgrading apps from the Mac App Store? I'd prefer command line tools, but AppleScript or some other API would suffice.
Relevant puzzle pieces:
-
installer
: note especially the-store
flag which is used to simulate App Store installs for package devs. -
systemupdate
: capable of handling updates to Apple apps, flags-i
installs and-a
tells it to install all available updates
Most people can just turn on automatic updates and let Apple manage all updates. If there’s a reason why you can’t or won’t do that, a command line tool does exist to automate App Store installs and updates.
One notable open source tool to replicate the Mac App Store from the command-line is mas:
- https://github.com/argon/mas
To install:
brew install mas
Once it's in, you could update all the apps that are available with:
mas upgrade
If you don't want to trust third party software with your Apple ID, you could also automate your UI and can store the account name and password using keychain.
The Apple solution for non-App Store security patches and updates is to run the softwareupdate
tool from the command line to update all software that Apple intends to be installed without user intervention or going through the App Store UI.
Currently on Lion and Mountain Lion - this means that the Mac will hit a local OS X server that is caching downloads for system updates and software installed outside the App store. If you don't have a local software update server, it will of course download files directly from Apple.
For Mountain Lion 10.8.2 and lower, - everything still comes through the App Store - so the Apple software like OS X updates is fully scriptable using this tool for updates and non-App Store updates only.
What isn't scriptable (yet or perhaps ever) are apps that are installed from the App Store like Xcode and Pages and third party applications. This means that you cannot just have one tool to update all the software without opening the App Store app and entering a password at the user interface screen.
What you can do is download the apps once and then copy the app to multiple macs as long as the Apple ID used to download the first copy of the app is also used on all of the Macs that will run the app.
I know of several institutions that buy one copy of each app for a lab of 20 computers to get a license for each seat, but then deploy one file to all the Macs so that once one update download is accomplished, a tool like Apple Remote Desktop or Caspar or a home made tool like scp
or rsync
is used to move the updated version of the app to all Macs in the lab.
If you go the route of individual Apple ID for each machine, you will not be able to script the installation of App updates since each will request the password for each account unless you are comfortable knowing all of the passwords and performing UI scripting where AppleScript can enter the correct username and password programatically and then click the button to begin the download process for each machine's updates. The way that app store apps are code signed makes it hard to just slide in an update without invalidating the package or somehow reverse engineering / jailbreaking the whole app store process and sidestepping the normal flow of letting the app installer do it's work.
This is possible using the open source mas
command line utility:
mas-cli
A simple command line interface for the Mac App Store. Designed for scripting and automation.
Disclosure: I am the creator of mas
You may want to check out sprout-wrap and soloist. You can install OSX packages from a uri using the dmg_package
provider. Check out some of the recipes in sprout for some examples.
To auto-update security updates, use the pivotal_workstation::osx_updates recipe. (Note that this uses softwareupdate
)
For Homebrew apps, the brew
provider has an upgrade
action.
As far as I know, there's no provider to auto-update App Store apps. However, you may be able to use the built-in auto-update feature of some apps within an execute
or bash
provider block. You may also be able to use AppleScript within a chef recipe to automate the App Store app. For some examples of using inline AppleScript, take a look at the sprout-osx-settings::function_keys recipe. (Some other examples: sprout-osx-settings::remove_expose_keyboard_shortcuts, sprout-osx-settings::set_finder_show_user_home_in_sidebar)
I'm not sure about an AppleScript type solution, but there are tools for managing large numbers of OS X systems.
The one I'm most familiar with is radmind (which started out at UMich for managing their labs (old site)).
radmind is really geared toward deploying a standard OS template to a bunch of machines and keeping it up to date, so for a small site it may be a bit too much work. The basic workflow is:
- Make a clean "build machine" and install radmind & all your standard software.
- Create radmind transcripts for that build machine.
- Install radmind on your client machines and pull/apply the transcripts to install them.
- For updates, update the build server and make an update/patch transcript, then apply it to the clients.
…So in the strictest sense it's not automating the install, but you only have to do the interactive bit once and then distribute the updated OS to your clients.
Obviously this works best if you can install a standard set of software everywhere - If your clients are all special and unique this might not be a great solution.