<# .SYNOPSIS Installs all available Windows Updates via PSWindowsUpdate module. .DESCRIPTION Installs the PSWindowsUpdate module from PSGallery and runs a full Windows Update pass. Does not auto-reboot - the operator restarts manually after all deployment steps complete. Skips drivers (handled by step 11 Dell Command Update or Windows Update for Business). .ITEMS nainstalovat-pswindowsupdate-modul: Installs NuGet provider and PSWindowsUpdate module from PSGallery. Required only on first run - subsequent runs reuse the cached module. spustit-windows-update-vsechny-aktualizace: Calls Install-WindowsUpdate -AcceptAll -IgnoreReboot. Installs all Quality, Security and Feature updates. Skips reboot - operator restarts manually after deployment completes. #> param( [object]$Config, [string]$LogFile ) $ErrorActionPreference = "Continue" function Write-Log { param([string]$Message, [string]$Level = "INFO") $line = "[$(Get-Date -Format 'HH:mm:ss')] [$Level] $Message" $null = New-Item -ItemType Directory -Force -Path (Split-Path $LogFile -Parent) -ErrorAction SilentlyContinue Add-Content -Path $LogFile -Value $line -Encoding UTF8 Write-Output $line } Write-Log "=== Step 12 - Windows Update ===" -Level STEP # ----------------------------------------------------------------------- # 1. NuGet provider (required for Install-Module from PSGallery) # ----------------------------------------------------------------------- Write-Log "Installing NuGet provider..." -Level INFO try { Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Scope AllUsers | Out-Null Write-Log " NuGet provider ready" -Level OK } catch { Write-Log " NuGet provider install failed: $_" -Level WARN } # ----------------------------------------------------------------------- # 2. PSWindowsUpdate module # ----------------------------------------------------------------------- Write-Log "Installing PSWindowsUpdate module..." -Level INFO try { $existing = Get-Module -ListAvailable -Name PSWindowsUpdate | Select-Object -First 1 if ($existing) { Write-Log " PSWindowsUpdate $($existing.Version) already installed" -Level INFO } else { Install-Module -Name PSWindowsUpdate -Force -Scope AllUsers -AllowClobber | Out-Null Write-Log " PSWindowsUpdate installed" -Level OK } Import-Module PSWindowsUpdate -Force } catch { Write-Log " PSWindowsUpdate module setup failed: $_" -Level ERROR Write-Log " Skipping Windows Update step" -Level WARN exit 1 } # ----------------------------------------------------------------------- # 3. Run Windows Update # ----------------------------------------------------------------------- Write-Log "Checking for available updates..." -Level INFO try { $updates = Get-WindowsUpdate -AcceptAll -IgnoreReboot 2>&1 if (-not $updates) { Write-Log " No updates available - system is up to date" -Level OK } else { $count = ($updates | Measure-Object).Count Write-Log " Found $count update(s) - installing..." -Level INFO Install-WindowsUpdate -AcceptAll -IgnoreReboot -Verbose 2>&1 | ForEach-Object { if ($_ -match '\S') { Write-Log " $_" -Level INFO } } Write-Log " Windows Update complete ($count updates processed)" -Level OK } } catch { Write-Log " Windows Update failed: $_" -Level ERROR exit 1 } Write-Log "Step 12 - Windows Update complete" -Level OK