From 25b71141743d48206d98f7158d9ec86246cafb48 Mon Sep 17 00:00:00 2001
From: Luke Heath <luke@fleetdm.com>
Date: Fri, 12 May 2023 16:54:26 -0500
Subject: [PATCH] Use new Fleet MDM gitops action (#11678)

---
 .../fleetctl-workstations-canary.yml          | 51 +++++--------------
 1 file changed, 13 insertions(+), 38 deletions(-)

diff --git a/.github/workflows/fleetctl-workstations-canary.yml b/.github/workflows/fleetctl-workstations-canary.yml
index d015dcc920..fcf6ce9b76 100644
--- a/.github/workflows/fleetctl-workstations-canary.yml
+++ b/.github/workflows/fleetctl-workstations-canary.yml
@@ -2,14 +2,14 @@
 # It uses a fleet instance also built and executed from source.
 #
 # It runs automatically when a file is changed in /mdm_profiles.
-name: Apply latest MDM profiles (Canary)
+name: Apply latest MDM profiles (Canary) (Test)
 
 on:
   push:
     branches:
       - main
     paths:
-      - 'mdm_profiles/**.mobileconfig'
+      - "mdm_profiles/**.mobileconfig"
   workflow_dispatch: # Manual
 
 # This allows a subsequently queued workflow run to interrupt previous runs
@@ -32,41 +32,16 @@ env:
 
 jobs:
   apply-profiles:
-    timeout-minutes: 15
+    timeout-minutes: 5
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout code
-      uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
-      with:
-        repository: fleetdm/fleet
-
-    - name: Install fleetctl
-      run: npm install -g fleetctl
-
-    - name: Configure fleetctl
-      run: fleetctl config set --address $DOGFOOD_URL --token $DOGFOOD_API_TOKEN
-
-    - name: Run fleetctl apply
-      run: |
-        profiles=""
-          for file in mdm_profiles/*.mobileconfig; do
-            envsubst < "$file" > "${file}.new"
-            mv "${file}.new" "$file"
-            profiles+="- $file
-                  "
-        done
-        echo "apiVersion: v1
-        kind: team
-        spec:
-          team:
-            name: 💻🐣 Workstations (canary)
-            mdm:
-              macos_updates:
-                minimum_version: "13.3.1"
-                deadline: "2023-04-07"
-              macos_settings:
-                enable_disk_encryption: true
-                custom_settings:
-                  $profiles
-        " > team-workstations-config.yml
-        fleetctl apply -f team-workstations-config.yml
+      - name: Apply configuration profiles and updates
+        uses: fleetdm/fleet-mdm-gitops@f733749565c313a60c81c00ec19162933955d97e
+        with:
+          FLEET_API_TOKEN: ${{ secrets.DOGFOOD_API_TOKEN }}
+          FLEET_URL: ${{ secrets.DOGFOOD_URL }}
+          FLEET_TEAM_NAME: 💻🐣 Workstations (canary)
+          MDM_CONFIG_DIRECTORY: mdm_profiles
+          MAC_OS_MIN_VERSION: 13.3.1
+          MAC_OS_VERSION_DEADLINE: 2023-05-15
+          MAC_OS_ENABLE_DISK_ENCRYPTION: true