macosx-scripting-examples

Enterprise-style macOS automation examples for internal technology operations teams.

The repository now focuses on production-friendly patterns instead of one-off script snippets:

• scripts/collect_endpoint_inventory.py gathers redacted endpoint inventory in JSON for asset, security, and audit workflows.
• scripts/collect_network_diagnostics.py runs built-in networkQuality checks and evaluates the results against operational thresholds.
• scripts/assign_device_name.py allocates the next compliant device name from an approved inventory export without embedding management API credentials.
• scripts/deploy_dmg_application.py installs signed macOS applications from a validated DMG with checksum enforcement and dry-run support.
• scripts/remove_managed_application.py removes managed applications and optional support files during offboarding or remediation.
• scripts/plan_macos_upgrade.py performs preflight validation for macOS upgrades and can produce a controlled startosinstall execution plan.

Why this layout

This project is designed to look like a small internal automation repository used by a growing enterprise technology operations team:

• security-conscious defaults
• thin CLI scripts over testable core logic
• full unit and integration coverage
• documented operational runbooks
• branch and review guidance for shared ownership

Quick start

make venv
make test

Typical usage:

python3 scripts/collect_endpoint_inventory.py
python3 scripts/collect_network_diagnostics.py --threshold-download 200 --threshold-upload 50
python3 scripts/assign_device_name.py --prefix NY-MAC --existing-names-file examples/device_names.txt
python3 scripts/deploy_dmg_application.py --source-dmg /tmp/App.dmg --app-name Example.app --expected-sha256 <sha256>
python3 scripts/plan_macos_upgrade.py --target-version 15.7.4 --installer-path "/Applications/Install macOS Sequoia.app"

Documentation

• User Guide
• Testing Strategy
• Architecture Notes
• Security Model
• Contribution Workflow

Testing

The repository follows a solitary-unit / realistic-integration approach inspired by Unit Testing: Principles, Practices, and Patterns:

• unit tests validate domain logic in src/
• integration tests exercise the CLI entrypoints with fixtures, temporary files, and macOS-compatible resources
• destructive workflows support --dry-run or temporary destinations for safe verification

Run all checks:

make compile
make test

Legacy examples

The original flat scripts are preserved under legacy/README.md for reference. They are not the maintained interface for this repository.