Skip to content

feat: IPSW detection cron and VNC Setup Assistant automation#29

Open
celanthe wants to merge 7 commits into
mainfrom
add/ipsw-automation
Open

feat: IPSW detection cron and VNC Setup Assistant automation#29
celanthe wants to merge 7 commits into
mainfrom
add/ipsw-automation

Conversation

@celanthe

@celanthe celanthe commented May 6, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

  • check-ipsw-updates.yml: weekly cron detecting new stable VirtualMac2,1 IPSW releases via SOFA (version/buildid) and mesu.apple.com (updates.cdn-apple.com URL). Opens a PR updating `ipsw-versions.json` and triggers `update-vm-tools.yml` for images with new versions.
  • ipsw-versions.json: tracks current stable version, buildid, and IPSW URL per macOS (tahoe, sequoia, sonoma).
  • vnc-setup-assistant.py: automates macOS Setup Assistant on fresh IPSW VMs via VNC. Requires `pip install vncdotool` on the runner.

Buildid mismatch handling: SOFA and Apple's catalog don't always report the same buildid for the same release (e.g. SOFA: `25F71`, catalog: `25F80` for tahoe 26.5). The URL lookup does an exact buildid match first, then falls back to a prefix match (first 2 chars) if the exact match returns nothing. Sequoia and sonoma have no VirtualMac2,1 entry in Apple's catalog, so their URL fields are empty by design.

Test plan

  • Triggered manually: exits cleanly with no PR when versions are current
  • Detects stale versions correctly for all three macOS releases
  • URL lookup resolves correctly for tahoe (exact and prefix-fallback paths verified)
  • Bump a version in `ipsw-versions.json` and re-trigger to verify PR opens and `update-vm-tools.yml` fires for that image only
  • Test `vnc-setup-assistant.py` against a fresh IPSW VM

Last two items are blocked until merge: `workflow_dispatch` can't run from a non-default branch. Plan is to trigger immediately after merge.

@celanthe celanthe force-pushed the add/ipsw-automation branch from 9dc5f82 to 0f9a53e Compare May 6, 2026 20:33
@celanthe celanthe self-assigned this May 6, 2026
@celanthe celanthe marked this pull request as draft May 6, 2026 20:37
@celanthe celanthe marked this pull request as ready for review May 8, 2026 17:49
celanthe and others added 3 commits May 8, 2026 12:56
@celanthe @claude
feat: add IPSW detection cron and VNC Setup Assistant automation
105bc7e 
- check-ipsw-updates.yml: daily cron that polls ipsw.me for new stable
  VirtualMac2,1 firmwares and opens a PR when a new version is found
- ipsw-versions.json: tracks the last known stable version per macOS
  (tahoe, sequoia, sonoma) — updated by the cron workflow
- vnc-setup-assistant.py: automates macOS Setup Assistant via VNC on
  fresh IPSW VMs, covering tahoe, sequoia, and sonoma; adapted from
  Cirrus Labs macos-image-templates boot_command sequences

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@celanthe
fix: replace em dash with colon in auto-generated PR title
6005771
@celanthe
feat: auto-trigger vm-tools update when new IPSW versions are detected
6bdd3fb
@celanthe celanthe force-pushed the add/ipsw-automation branch from 8f2256b to 6bdd3fb Compare May 8, 2026 18:03
@celanthe celanthe marked this pull request as draft May 11, 2026 14:11
@celanthe

celanthe commented Jun 1, 2026

Copy link
Copy Markdown
Contributor Author

Testing notes (local, pre-merge)

Ran the detection logic locally against live SOFA and Apple catalog data. A few findings:

Detection works correctly. All three versions (tahoe, sequoia, sonoma) are currently stale and would correctly trigger an update PR. The version and buildid lookups from SOFA are accurate.

Buildid mismatch bug found and fixed. SOFA reported tahoe build `25F71` but Apple's catalog has `25F80` for the same release. The original exact-match lookup returned an empty URL for tahoe as a result. Fixed in the latest commit by falling back to a build prefix match (first 2 chars of buildid) when the exact match fails. Verified the fix resolves the correct `updates.cdn-apple.com` URL for tahoe. Sequoia and sonoma return empty URLs as expected (no VirtualMac2,1 entry in Apple's catalog for those).

What's verified:

  • Detection exits cleanly with no PR when versions are current
  • Detects stale versions correctly for all three macOS releases
  • URL lookup resolves correctly for tahoe after buildid fix
  • Both Python scripts pass syntax check; `vncdotool` dependency is available

What still needs CI (post-merge):

  • Bump a version and trigger to verify the PR-opening flow end-to-end
  • `vnc-setup-assistant.py` against a real fresh IPSW VM — this one needs an actual IPSW provisioning in progress and is probably an engineering-level test

`workflow_dispatch` can't be triggered from a non-default branch, so the PR-opening flow test is blocked until merge. Plan is to trigger immediately after merge.

@celanthe celanthe marked this pull request as ready for review June 1, 2026 18:48
@celanthe celanthe requested a review from spikeburton June 4, 2026 14:37
@spikeburton

spikeburton commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

Is this ready for review btw? Is there anything that the test plan is waiting on?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@spikeburton spikeburton Awaiting requested review from spikeburton

At least 1 approving review is required to merge this pull request.

Assignees

@celanthe celanthe

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@celanthe @spikeburton