Also - sounds like a really neat blog post

Thanks! I know it's something the community has requested. While AWS is an option and I am considering it..... I am not thrilled about the cost. It's very $$$$$ to run a macOS VM in AWS.

GitHub Actions macOS runner in a public repo?

Also had some succes with the method @zwass is describing.

nice, I didnt realize GH actions had added MacOS

Yes and totally free for public repos 😄

that seems probably more affordable

I suppose that may not play nice with the "Gitlab" angle of this blog post

It’s good to know Github actions support MacOS. It might a good complimentary addition. But I would like to stick with Gitlab.

I do manual testing with macOS VMs on macOS (this is allowed).

i saw this today https://github.com/sickcodes/Docker-OSX

Oh my. Life changer if it works. Thank you @WS!

🙂

So I had an epiphany last night on this topic. Wanted to get some feedback on the idea. So the reason for spinning up a macOS VM with a Gitlab runner is to test an Osquery macOS specific config. As discussed above there is no good way to do this. So my epiphany is based on an assumption. If you want to test a macOS specific Osquery config you probably have macOS endpoints connected to Fleet. Therefore, instead of using a Gitlab runner to test my config, I would parse all the queries out of the config, and use the FleetCTL tool to test the queries on macOS endpoints.

so using an actual host?

Yes.

are you going to use a test machine? because then you have to account for it going offline right

The idea of using Fleet would be to query live macOS hosts that ideally would be a set of test hosts and online.