Deployment scripts for setting up developer machines with a complete container-based development environment. Supports Windows (via Intune) and macOS (via Jamf).
Who this is for: Enterprise ops teams responsible for software rollout on Windows and Mac machines. The scripts are designed for MDM deployment (Intune/Jamf), but can also be tested manually using a USB stick -- no MDM infrastructure required.
The goal: a developer gets a new machine, the scripts install everything, and they can open any project in a fully configured devcontainer within minutes.
Full documentation: docs/README.md -- systems overview, script packages, folder structure, and ops guide.
The scripts install a container runtime and the Devcontainer Toolbox -- a command-line tool that gives developers a complete, ready-to-use development environment with 20+ pre-configured tools (Python, Go, TypeScript, Azure CLI, Kubernetes, and more).
| macOS | Windows | |
|---|---|---|
| Step 1 | Rancher Desktop | WSL2 (Windows features) |
| Step 2 | Devcontainer Toolbox | Rancher Desktop |
| Step 3 | Devcontainer Toolbox | |
| Reboot needed | No | Yes (after WSL2) |
| Managed via | Jamf | Intune |
Windows requires an extra step because WSL2 must be enabled before Rancher Desktop can run.
scripts-mac/ macOS scripts (bash), deployed via Jamf
rancher-desktop/ install, uninstall, configuration
devcontainer-toolbox/ devcontainer setup scripts
scripts-win/ Windows scripts (PowerShell), deployed via Intune
wsl2/ WSL2 install and detection
rancher-desktop/ install, uninstall, detection
devcontainer-toolbox/ Docker image pull and init tool
diagnostics/ environment diagnostic
docs/ documentation, guides, plans
Each script package contains install.ps1, detect.ps1, uninstall.ps1 (Windows) or equivalent bash scripts (Mac), plus README.md, TESTING.md, and automated tests.
Every script follows a strict standard enforced by validation tools:
- Version number, unique ID, numbered error codes (ERR001, etc.)
--help/-Helpflag with consistent format- Structured logging (
log_info,log_error,log_success) - Automatic patch version bumping via pre-commit hook
# Validate all scripts
bash docs/ai-developer/tools/validate-bash.sh
bash docs/ai-developer/tools/validate-powershell.shSee docs/SCRIPT-STANDARDS.md for details.
Windows .intunewin packages are built automatically by Azure Pipelines when changes are pushed to main. Mac scripts are validated on push. See docs/CICD.md.
Scripts can be copied to a USB stick for manual testing on Windows PCs. See docs/MANUAL-TEST-WINDOWS-REINSTALL.md for the full end-to-end test procedure.
The biggest unsolved problem in this repo is automating the WSL2 install on Windows via Intune. WSL2 requires enabling Windows features and a reboot, which is tricky to do silently in an MDM pipeline. The current scripts-win/wsl2/install.ps1 works manually, but a fully unattended Intune deployment remains an open challenge.
If you have experience with Intune and WSL2 deployment, we'd love your help. See docs/wsl-install-challenge.md for the full problem description.
See docs/QUICK-START.md for the step-by-step setup guide (clone, open in VS Code, devcontainer starts automatically).
This repo uses Claude Code for plan-based development. Plans and investigations live in docs/ai-developer/plans/. See docs/AI-SUPPORTED-DEVELOPMENT.md for the workflow.