Hello! To be able to use the bootstrap package, do you have to pay for the apple developer license to sign it? because it gives me the following error:

Error: Couldn't edit bootstrap_package. The bootstrap_package must be signed.

Hey Federico, Apple requires all packages installed through MDM to be signed, that's why we're checking before updating the setting. Indeed, you need to pay for a developer ID certificate, but again that's an Apple restriction.

After signing and upload bootstrap pkg, I create a pkg of fleet to enroll new mac and the pkg are not installed. My fleet config is:

mdm:
    apple_bm_default_team: ""
    apple_bm_terms_expired: false
    enabled_and_configured: true
    macos_settings:
      custom_settings: null
      enable_disk_encryption: true
    macos_setup:
      bootstrap_package: <http://my-server/munkitools-signed.pkg>
    macos_updates:
      deadline: ""
      minimum_version: ""

that config looks good. Just to sanity check: are you enrolling the machine using DEP or is this a manual enrollment? bootstrap packages are only supported for DEP

I am using manual enrollment 😞

for bootstrap packages no, at the moment those are intended to be installed when the machine is unboxed during DEP

We are beginning the ISO27001 certification and the certifications asked to have a software inventory of the company's workstations and control to install and uninstall software from workstations. Our idea was to use Fleet as inventory + MDM and munki as manager software. My idea is shared the fleet agent and ask them (i couldn't enforce) to do the manual enrollment and configure there so that munki is installed in the bootstrap. The other way would be to pass two installers, but I wanted to avoid that. If you have another form to do that, or any recommendations , please let me know 😄

gotcha, thanks for the details. What about adding the fleet agent + munki to a package and distributing that instead of fleet alone? optionally what about distributing munki and adding the fleet agent via munki?