diff --git a/GitHubActions/cleanup_completed.sh b/GitHubActions/cleanup_completed.sh
index 3dd2040..ee08803 100644
--- a/GitHubActions/cleanup_completed.sh
+++ b/GitHubActions/cleanup_completed.sh
@@ -1,6 +1,6 @@
#!/bin/sh
-rm -rf ~/actions-runner/_work/*
+rm -rf ~/runner/_work/*
xcrun simctl shutdown all
xcrun simctl erase all
diff --git a/LaunchVMs.app/Contents/Info.plist b/LaunchVMs.app/Contents/Info.plist
index a50aa74..fdf40ba 100644
--- a/LaunchVMs.app/Contents/Info.plist
+++ b/LaunchVMs.app/Contents/Info.plist
@@ -66,9 +66,9 @@
name
ScriptWindowState
positionOfDivider
- 443
+ 395
savedFrame
- 1126 274 700 678 0 0 2560 1415
+ 492 121 700 678 0 0 1512 944
selectedTab
description
diff --git a/LaunchVMs.app/Contents/MacOS/applet b/LaunchVMs.app/Contents/MacOS/applet
index 0b8ead3..9bc8f75 100755
Binary files a/LaunchVMs.app/Contents/MacOS/applet and b/LaunchVMs.app/Contents/MacOS/applet differ
diff --git a/LaunchVMs.app/Contents/Resources/Scripts/main.scpt b/LaunchVMs.app/Contents/Resources/Scripts/main.scpt
index 2e9e245..b4a9a80 100644
Binary files a/LaunchVMs.app/Contents/Resources/Scripts/main.scpt and b/LaunchVMs.app/Contents/Resources/Scripts/main.scpt differ
diff --git a/LaunchVMs.app/Contents/Resources/description.rtfd/TXT.rtf b/LaunchVMs.app/Contents/Resources/description.rtfd/TXT.rtf
index 93e16eb..58f422d 100644
--- a/LaunchVMs.app/Contents/Resources/description.rtfd/TXT.rtf
+++ b/LaunchVMs.app/Contents/Resources/description.rtfd/TXT.rtf
@@ -1,4 +1,4 @@
-{\rtf1\ansi\ansicpg1252\cocoartf2753
+{\rtf1\ansi\ansicpg1252\cocoartf2759
\cocoatextscaling0\cocoaplatform0{\fonttbl}
{\colortbl;\red255\green255\blue255;}
{\*\expandedcolortbl;;}
diff --git a/LaunchVMs.app/Contents/_CodeSignature/CodeResources b/LaunchVMs.app/Contents/_CodeSignature/CodeResources
new file mode 100644
index 0000000..85de87a
--- /dev/null
+++ b/LaunchVMs.app/Contents/_CodeSignature/CodeResources
@@ -0,0 +1,177 @@
+
+
+
+
+ files
+
+ Resources/Scripts/main.scpt
+
+ l6WILSOZV6hi5LUT91XLBCNkDbw=
+
+ Resources/applet.icns
+
+ sINd6lbiqHD5dL8c6u79cFvVXhw=
+
+ Resources/applet.rsrc
+
+ J3+hNFHkLy0mXYpptcjqgbfBUgE=
+
+ Resources/description.rtfd/TXT.rtf
+
+ j/ujZuIb/J+ljq2po6fnklpuxCQ=
+
+
+ files2
+
+ Resources/Scripts/main.scpt
+
+ hash
+
+ l6WILSOZV6hi5LUT91XLBCNkDbw=
+
+ hash2
+
+ LhDzrwJOqS013nlEyoLbspchSZaQ84j1hRkJFpDgpwY=
+
+
+ Resources/applet.icns
+
+ hash
+
+ sINd6lbiqHD5dL8c6u79cFvVXhw=
+
+ hash2
+
+ J7weZ6vlnv9r32tS5HFcyuPXl2StdDnfepLxAixlryk=
+
+
+ Resources/applet.rsrc
+
+ hash
+
+ J3+hNFHkLy0mXYpptcjqgbfBUgE=
+
+ hash2
+
+ +Ob588+w46s8Kfs94SaBHHnsyr+KrmjyfGPPdAjo6AM=
+
+
+ Resources/description.rtfd/TXT.rtf
+
+ hash
+
+ j/ujZuIb/J+ljq2po6fnklpuxCQ=
+
+ hash2
+
+ +WN4+1l96YqWzSn6BQ3C/zCuJ9/anI2lThNtUgqkDeo=
+
+
+
+ rules
+
+ ^Resources/
+
+ ^Resources/.*\.lproj/
+
+ optional
+
+ weight
+ 1000
+
+ ^Resources/.*\.lproj/locversion.plist$
+
+ omit
+
+ weight
+ 1100
+
+ ^Resources/Base\.lproj/
+
+ weight
+ 1010
+
+ ^version.plist$
+
+
+ rules2
+
+ .*\.dSYM($|/)
+
+ weight
+ 11
+
+ ^(.*/)?\.DS_Store$
+
+ omit
+
+ weight
+ 2000
+
+ ^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/
+
+ nested
+
+ weight
+ 10
+
+ ^.*
+
+ ^Info\.plist$
+
+ omit
+
+ weight
+ 20
+
+ ^PkgInfo$
+
+ omit
+
+ weight
+ 20
+
+ ^Resources/
+
+ weight
+ 20
+
+ ^Resources/.*\.lproj/
+
+ optional
+
+ weight
+ 1000
+
+ ^Resources/.*\.lproj/locversion.plist$
+
+ omit
+
+ weight
+ 1100
+
+ ^Resources/Base\.lproj/
+
+ weight
+ 1010
+
+ ^[^/]+$
+
+ nested
+
+ weight
+ 10
+
+ ^embedded\.provisionprofile$
+
+ weight
+ 20
+
+ ^version\.plist$
+
+ weight
+ 20
+
+
+
+
diff --git a/README.md b/README.md
index 528b663..ecba4ca 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,6 @@ The repository contains the necessary steps, tools, and scripts to set up the en
2. Install the [UTM App](https://mac.getutm.app). Set up the application to "Open on Login" using the macOS dock context menu of the app. Ensure you set the UTM settings to never put the host machine to sleep if a VM is running.
3. Either generate [new macOS virtual machine using the app](https://docs.getutm.app/guest-support/macos/) or use a preexisting UTM VM. If you use a preexisting bundle that has done all the following steps, you can skip the setup steps.
4. Start the VM using the app and go through the setup process with the minimal possible setup, e.g., **no** location services, **no** Apple ID, and more ...
-5. Setup that the VM user automatically logs in when the VM starts: [Apple Support - How to log in automatically to a Mac user account](https://support.apple.com/en-au/HT201476).
6. Disable automatic screen saves, turn off the display, and require a passcode when the screen is locked and enable the "preserve automatic sleeping when the display is off" setting in the system: [Apple Support - Set sleep and wake settings for your Mac](https://support.apple.com/guide/mac-help/set-sleep-and-wake-settings-mchle41a6ccd/mac).
7. Enable automatic login of the user to ensure that the system is booting properly on restarts of the host Mac: [How to log in automatically to a Mac user account](https://support.apple.com/en-us/HT201476).
8. Download this repository from GitHub to the VM and run the installation steps by adapting the `.env` file and running `$ sh install.sh`. Optionally change the installed Xcode versions in the script. We recommend setting Safari to default to a private window on launch to ensure that any entered credentials or elements are never saved.
diff --git a/create-latest-svc.sh b/create-latest-svc.sh
deleted file mode 100644
index ff69059..0000000
--- a/create-latest-svc.sh
+++ /dev/null
@@ -1,233 +0,0 @@
-#/bin/bash
-#
-# This source file is part of the Stanford BDGH VirtualMachine project
-# Based on https://github.com/actions/runner/blob/main/scripts/create-latest-svc.sh
-#
-# SPDX-FileCopyrightText: 2023 Stanford University
-#
-# SPDX-License-Identifier: MIT
-#
-
-set -e
-
-
-# Notes:
-# PATS over envvars are more secure
-# Downloads latest runner release (not pre-release)
-# Configures it as a service more secure
-# Should be used on VMs and not containers
-# Works on OSX and Linux
-# Assumes arm64 arch
-# See EXAMPLES below
-
-
-flags_found=false
-
-
-while getopts 's:g:n:r:u:l:df' opt; do
- flags_found=true
-
-
- case $opt in
- s)
- runner_scope=$OPTARG
- ;;
- g)
- ghe_hostname=$OPTARG
- ;;
- n)
- runner_name=$OPTARG
- ;;
- r)
- runner_group=$OPTARG
- ;;
- u)
- svc_user=$OPTARG
- ;;
- l)
- labels=$OPTARG
- ;;
- f)
- replace='true'
- ;;
- d)
- disableupdate='true'
- ;;
- *)
- echo "
-Runner Service Installer
-Examples:
-RUNNER_CFG_PAT= ./create-latest-svc.sh myuser/myrepo my.ghe.deployment.net
-RUNNER_CFG_PAT= ./create-latest-svc.sh -s myorg -u user_name -l label1,label2
-Usage:
- export RUNNER_CFG_PAT=
- ./create-latest-svc scope [ghe_domain] [name] [user] [labels]
- -s required scope: repo (:owner/:repo) or org (:organization)
- -g optional ghe_hostname: the fully qualified domain name of your GitHub Enterprise Server deployment
- -n optional name of the runner, defaults to hostname
- -r optional name of the runner group to add the runner to, defaults to the Default group
- -u optional user svc will run as, defaults to current
- -l optional list of labels (split by comma) applied on the runner
- -d optional allow runner to remain on the current version for one month after the release of a newer version
- -f optional replace any existing runner with the same name"
- exit 0
- ;;
- esac
-done
-
-
-shift "$((OPTIND - 1))"
-
-
-if ! "$flags_found"; then
- runner_scope=${1}
- ghe_hostname=${2}
- runner_name=${3:-$(hostname)}
- svc_user=${4:-$USER}
- labels=${5}
- runner_group=${6}
-fi
-
-
-# apply defaults
-runner_name=${runner_name:-$(hostname)}
-svc_user=${svc_user:-$USER}
-
-
-echo "Configuring runner @ ${runner_scope}"
-sudo echo
-
-
-#---------------------------------------
-# Validate Environment
-#---------------------------------------
-runner_plat=linux
-[ ! -z "$(which sw_vers)" ] && runner_plat=osx;
-
-
-function fatal()
-{
- echo "error: $1" >&2
- exit 1
-}
-
-
-if [ -z "${runner_scope}" ]; then fatal "supply scope as argument 1"; fi
-if [ -z "${RUNNER_CFG_PAT}" ]; then fatal "RUNNER_CFG_PAT must be set before calling"; fi
-
-
-which curl || fatal "curl required. Please install in PATH with apt-get, brew, etc"
-which jq || fatal "jq required. Please install in PATH with apt-get, brew, etc"
-
-
-# bail early if there's already a runner there. also sudo early
-if [ -d ./runner ]; then
- fatal "Runner already exists. Use a different directory or delete ./runner"
-fi
-
-
-sudo -u ${svc_user} mkdir runner
-
-
-# TODO: validate not in a container
-# TODO: validate systemd or osx svc installer
-
-
-#--------------------------------------
-# Get a config token
-#--------------------------------------
-echo
-echo "Generating a registration token..."
-
-
-base_api_url="https://api.github.com"
-if [ -n "${ghe_hostname}" ]; then
- base_api_url="https://${ghe_hostname}/api/v3"
-fi
-
-
-# if the scope has a slash, it's a repo runner
-orgs_or_repos="orgs"
-if [[ "$runner_scope" == *\/* ]]; then
- orgs_or_repos="repos"
-fi
-
-
-export RUNNER_TOKEN=$(curl -s -X POST ${base_api_url}/${orgs_or_repos}/${runner_scope}/actions/runners/registration-token -H "accept: application/vnd.github.everest-preview+json" -H "authorization: token ${RUNNER_CFG_PAT}" | jq -r '.token')
-
-
-if [ "null" == "$RUNNER_TOKEN" -o -z "$RUNNER_TOKEN" ]; then fatal "Failed to get a token"; fi
-
-
-#---------------------------------------
-# Download latest released and extract
-#---------------------------------------
-echo
-echo "Downloading latest runner ..."
-
-
-# For the GHES Alpha, download the runner from github.com
-latest_version_label=$(curl -s -X GET 'https://api.github.com/repos/actions/runner/releases/latest' | jq -r '.tag_name')
-latest_version=$(echo ${latest_version_label:1})
-runner_file="actions-runner-${runner_plat}-arm64-${latest_version}.tar.gz"
-
-
-if [ -f "${runner_file}" ]; then
- echo "${runner_file} exists. skipping download."
-else
- runner_url="https://github.com/actions/runner/releases/download/${latest_version_label}/${runner_file}"
-
-
- echo "Downloading ${latest_version_label} for ${runner_plat} ..."
- echo $runner_url
-
-
- curl -O -L ${runner_url}
-fi
-
-
-ls -la *.tar.gz
-
-
-#---------------------------------------------------
-# extract to runner directory in this directory
-#---------------------------------------------------
-echo
-echo "Extracting ${runner_file}"
-
-
-tar xzf "./${runner_file}" -C .
-
-
-# export of pass
-sudo chown -R $svc_user .
-
-
-#---------------------------------------
-# Unattend config
-#---------------------------------------
-runner_url="https://github.com/${runner_scope}"
-if [ -n "${ghe_hostname}" ]; then
- runner_url="https://${ghe_hostname}/${runner_scope}"
-fi
-
-
-echo
-echo "Configuring ${runner_name} @ $runner_url"
-echo "./config.sh --unattended --url $runner_url --token *** --name $runner_name ${labels:+--labels $labels} ${runner_group:+--runnergroup \"$runner_group\"} ${disableupdate:+--disableupdate}"
-sudo -E -u ${svc_user} ./config.sh --unattended --url $runner_url --token $RUNNER_TOKEN ${replace:+--replace} --name $runner_name ${labels:+--labels $labels} ${runner_group:+--runnergroup "$runner_group"} ${disableupdate:+--disableupdate}
-
-
-#---------------------------------------
-# Configuring as a service
-#---------------------------------------
-echo
-echo "Configuring as a service ..."
-prefix=""
-if [ "${runner_plat}" == "linux" ]; then
- prefix="sudo "
-fi
-
-
-${prefix}./svc.sh install ${svc_user}
-${prefix}./svc.sh start
\ No newline at end of file
diff --git a/install.sh b/install.sh
index f7ac673..66cb795 100644
--- a/install.sh
+++ b/install.sh
@@ -69,8 +69,8 @@ firebase emulators:exec --project test "echo 'Firebase emulator installed and st
# 6. Install Xcode
# We install Xcode right at the beginning to avoid any interactive requests in the middle of the script like asking for a 2FA authentication code.
# Download Xcode Releases
-xcodes install --update --experimental-unxip --empty-trash 15.0
-sudo xcode-select -s /Applications/Xcode-15.0.app
+xcodes install --update --experimental-unxip --empty-trash 15.2
+sudo xcode-select -s /Applications/Xcode-15.2.app
xcodebuild -downloadAllPlatforms
xcodes signout
@@ -84,27 +84,28 @@ brew install swiftlint
# 8. Install GitHub Action Runners - https://github.com/actions/runner/blob/main/docs/automate.md
-# Setup the GitHub Action Runner tools to connect to GitHub
-rm -rf ~/actions-runner
-mkdir ~/actions-runner
+brew install jq
+
+# Setup the GitHub Action Runner setup script & copy cleanup scripts
+curl -fsSL -o ~/create-latest-svc.sh https://raw.githubusercontent.com/actions/runner/main/scripts/create-latest-svc.sh
+chmod 755 ~/create-latest-svc.sh
-# Move the cleanup scripts and the `.env` file in the GitHub Actions Folder to enable an automatic reset of the simulators & cleaning of the working directory.
-echo "ACTIONS_RUNNER_HOOK_JOB_STARTED=/Users/$USER/cleanup_started.sh" >> ~/actions-runner/.env
cp -f ./GitHubActions/cleanup_started.sh ~/cleanup_started.sh
chmod 755 ~/cleanup_started.sh
-echo "ACTIONS_RUNNER_HOOK_JOB_COMPLETED=/Users/$USER/cleanup_completed.sh" >> ~/actions-runner/.env
cp -f ./GitHubActions/cleanup_completed.sh ~/cleanup_completed.sh
chmod 755 ~/cleanup_completed.sh
-cp -f ./create-latest-svc.sh ~/actions-runner/
-chmod 755 ~/actions-runner/create-latest-svc.sh
+# Install the runner
+cd $HOME
-# Install the GitHub Runner
-cd ~/actions-runner
export RUNNER_CFG_PAT=$GITHUB_ACTION_RUNNER_PAT
-./create-latest-svc.sh -s $GITHUB_ACTION_SCOPE -n $GITHUB_ACTION_NAME
-rm -f ~/actions-runner/create-latest-svc.sh
+sh ~/create-latest-svc.sh -s $GITHUB_ACTION_SCOPE -n $GITHUB_ACTION_NAME
+rm -f ~/create-latest-svc.sh
+
+# Move the cleanup scripts and the `.env` file in the GitHub Actions Folder to enable an automatic reset of the simulators & cleaning of the working directory.
+echo "ACTIONS_RUNNER_HOOK_JOB_STARTED=/Users/$USER/cleanup_started.sh" >> ~/runner/.env
+echo "ACTIONS_RUNNER_HOOK_JOB_COMPLETED=/Users/$USER/cleanup_completed.sh" >> ~/runner/.env
# 9. Cleanup