macOS Application Packaging Best Practices

Discover best practices for macOS application packaging and deployment via enterprise deployment solutions

Overview

This article is intended for macOS application developers who would like to make their applications easily deployable via modern enterprise deployment solutions. Many of the described techniques for package building and application development are considered industry best practice, however this article focuses on deployment solutions available via Jamf.

By taking the time and effort to follow these best practices, application developers will provide end users and IT administrators with an application that is easy to install for both enterprise deployments and individual users. Easing installation and update processes improves adoption and provides long-term retention for application developers.

Best Practices

The following recommendations apply to the Apple Flat Package (.pkg) format, which is the recommended format for providing both consumer and enterprise friendly application installers.

All payloads should be self-contained

The application installer should contain all contents necessary to fully install the application without the need to download resources from external sources.

No user interaction required

If your application typically prompts users for input, a mechanism should be implemented whereby an enterprise deployment solution can bypass this prompt and/or provide the prompted information.

Executable from the login window

Many deployment solutions include the ability to install applications while users are not logged in. Ensure that your installer can be executed outside the context of a specific user environment.

Do not require custom installation steps

If your installer provides a suite of tools or applications, split them into separate installers. Customization of installers to determine which components are necessary for a given organization adds overhead to IT administrators.

Use modern script shells and libraries as defined by Apple

Use of legacy or deprecated commands may result in unexpected behavior or complete failure on modern operating systems.

Scripts

Packages that include installation scripts should adhere to the following guidelines.

  • When preinstall or postinstall scripts are required, they should be minimal and easy to understand.
  • Scripts should be written in sh, bash or zsh.
  • Scripts should avoid calling external scripting languages (e.g. Python, Ruby, oascript, etc.).
  • Scripts should avoid moving or copying files to other locations.
  • Scripts should avoid modifying the user-space (e.g. adding a Dock icon)
  • Scripts should leverage standard XML tags in the installer Distribution file (e.g. <must-close> to quit applications, <locator> to find existing installations). For more information on Distribution files, see Apple's Distribution Definition XML Schema Reference
  • When Distribution files are required, scripts should contain minimal custom javascript.

Application Hosting

In addition to the packaging of applications, how enterprise deployment solutions access your repository of installers is also very important. Organizations often require that applications adhere to specific standards, including a versioning and patching strategy. In many cases, this means that organizations may not immediately update to the latest version of your software. This section focuses on how you can best enable enterprise organizations, to better manage application deployment and patching workflows.

Jamf recommends that the following information about your applications be made publicly available for a minimum of the last 2 years (5 years preferred).

  • Application Name
  • CFBundleIdentifier
  • CFBundleVersion
  • CFBundleShortVersionString
  • Minimum OS version required
  • Release date (ISO 8601)
  • Download URL

By providing this information, you'll provide a complete view of the recent history of your application. This makes patching and updating of your application in enterprise organizations much easier.

Additional Resources

Software Delivery Legacy Guide
Runtime Configuration Guidelines
Distribution Definition XML Schema Reference
Installer JS
Bundle Programming Guide