Apple - Can Mac App Store installs & upgrades be automated?
Most people can just turn on automatic updates and let Apple manage all updates. If there’s a reason why you can’t or won’t do that, a command line tool does exist to automate App Store installs and updates.
One notable open source tool to replicate the Mac App Store from the command-line is mas:
- https://github.com/argon/mas
To install:
brew install mas
Once it's in, you could update all the apps that are available with:
mas upgrade
If you don't want to trust third party software with your Apple ID, you could also automate your UI and can store the account name and password using keychain.
The Apple solution for non-App Store security patches and updates is to run the softwareupdate tool from the command line to update all software that Apple intends to be installed without user intervention or going through the App Store UI.
Currently on Lion and Mountain Lion - this means that the Mac will hit a local OS X server that is caching downloads for system updates and software installed outside the App store. If you don't have a local software update server, it will of course download files directly from Apple.
For Mountain Lion 10.8.2 and lower, - everything still comes through the App Store - so the Apple software like OS X updates is fully scriptable using this tool for updates and non-App Store updates only.
What isn't scriptable (yet or perhaps ever) are apps that are installed from the App Store like Xcode and Pages and third party applications. This means that you cannot just have one tool to update all the software without opening the App Store app and entering a password at the user interface screen.
What you can do is download the apps once and then copy the app to multiple macs as long as the Apple ID used to download the first copy of the app is also used on all of the Macs that will run the app.
I know of several institutions that buy one copy of each app for a lab of 20 computers to get a license for each seat, but then deploy one file to all the Macs so that once one update download is accomplished, a tool like Apple Remote Desktop or Caspar or a home made tool like scp or rsync is used to move the updated version of the app to all Macs in the lab.
If you go the route of individual Apple ID for each machine, you will not be able to script the installation of App updates since each will request the password for each account unless you are comfortable knowing all of the passwords and performing UI scripting where AppleScript can enter the correct username and password programatically and then click the button to begin the download process for each machine's updates. The way that app store apps are code signed makes it hard to just slide in an update without invalidating the package or somehow reverse engineering / jailbreaking the whole app store process and sidestepping the normal flow of letting the app installer do it's work.
This is possible using the open source mas command line utility:
mas-cli
A simple command line interface for the Mac App Store. Designed for scripting and automation.
Disclosure: I am the creator of mas
You may want to check out sprout-wrap and soloist. You can install OSX packages from a uri using the dmg_package provider. Check out some of the recipes in sprout for some examples.
To auto-update security updates, use the pivotal_workstation::osx_updates recipe. (Note that this uses softwareupdate)
For Homebrew apps, the brew provider has an upgrade action.
As far as I know, there's no provider to auto-update App Store apps. However, you may be able to use the built-in auto-update feature of some apps within an execute or bash provider block. You may also be able to use AppleScript within a chef recipe to automate the App Store app. For some examples of using inline AppleScript, take a look at the sprout-osx-settings::function_keys recipe. (Some other examples: sprout-osx-settings::remove_expose_keyboard_shortcuts, sprout-osx-settings::set_finder_show_user_home_in_sidebar)