d30767ef8b
Some checks failed
release / build-and-release (push) Failing after 32s
Critical fixes: - Fix resume mode: StepsByIDs returned Enabled=false, all resume steps would be SKIPPED (deployment could never resume after reboot) - Add reboot loop protection: per-step retry counter (max 5) prevents infinite reboot cycles when a step always exits with code 9 - Block reboot when state.Save() fails in resumePhase (prevents state loss leading to full restart from scratch) - Atomic state file write (write-to-tmp + rename) prevents JSON corruption on BSOD/power loss mid-write - Script watchdog: kills scripts after 30 min of no output (resets on each line, so active long-running scripts are never killed) - Fix copyFile: check Close() error explicitly instead of deferred close that silently drops flush errors (e.g. disk full) High severity: - Cleanup() now logs errors instead of silently ignoring them - Email report: 3 retries with backoff + always saves C:\X9\report.html - Winget parallel jobs: 10 min timeout, kill hung jobs - UCPD stop verification: 2s wait + state check before PDF association - Atera installer: /qn -> /qb so MFA window can appear - GVLK activation: match by EditionID (registry, not localized) instead of fragile OS caption string matching Medium severity: - Default profile hive unload: retry loop (5 attempts, increasing delay) - LayoutModification.xml: UTF-8 without BOM (PS 5.1 Set-Content adds BOM) - Set-Reg SYSTEM task: try/finally ensures temp file + task cleanup - Windows Update: @($available).Count for PS 5.1 single-result edge case - config.json: add missing kmsServer field in activation section Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
78 lines
3 KiB
PowerShell
78 lines
3 KiB
PowerShell
<#
|
|
.SYNOPSIS
|
|
Installs all available Windows Updates via PSWindowsUpdate module.
|
|
|
|
.DESCRIPTION
|
|
Installs all currently available updates without rebooting.
|
|
Exits with code 9 when updates were installed (reboot required for
|
|
further rounds) or code 0 when the system is already fully up to date.
|
|
|
|
The xetup.exe state machine handles the reboot cycle:
|
|
- exit 9 -> xetup saves state, sets autologon + X9-Resume task, reboots
|
|
- on each subsequent logon X9-Resume launches xetup --resume
|
|
- xetup re-runs this step until it exits 0 (no more updates)
|
|
- then disables autologon, removes X9-Resume, shows the summary screen
|
|
|
|
.ITEMS
|
|
nainstalovat-pswindowsupdate-modul: Installs NuGet provider and PSWindowsUpdate module from PSGallery.
|
|
spustit-kolo-windows-update: One update pass without reboot. Exits 9 when updates were applied (more rounds needed). Exits 0 when system is fully up to date.
|
|
#>
|
|
param(
|
|
[string]$ConfigPath,
|
|
[string]$LogFile
|
|
)
|
|
|
|
. "$PSScriptRoot\common.ps1"
|
|
$Config = Load-Config $ConfigPath
|
|
|
|
Write-Log "=== Step 12 - Windows Update ===" -Level STEP
|
|
|
|
# -----------------------------------------------------------------------
|
|
# 1. NuGet provider + PSWindowsUpdate module
|
|
# -----------------------------------------------------------------------
|
|
Write-Log "Setting up PSWindowsUpdate module..." -Level INFO
|
|
try {
|
|
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Scope AllUsers | Out-Null
|
|
$existing = Get-Module -ListAvailable -Name PSWindowsUpdate | Select-Object -First 1
|
|
if ($existing) {
|
|
Write-Log " PSWindowsUpdate $($existing.Version) already installed" -Level INFO
|
|
} else {
|
|
Install-Module -Name PSWindowsUpdate -Force -Scope AllUsers -AllowClobber | Out-Null
|
|
Write-Log " PSWindowsUpdate installed" -Level OK
|
|
}
|
|
Import-Module PSWindowsUpdate -Force
|
|
} catch {
|
|
Write-Log " Module setup failed: $_" -Level ERROR
|
|
exit 1
|
|
}
|
|
|
|
# -----------------------------------------------------------------------
|
|
# 2. Check and install available updates
|
|
# -----------------------------------------------------------------------
|
|
Write-Log "Checking for available Windows Updates..." -Level INFO
|
|
try {
|
|
$available = Get-WindowsUpdate -AcceptAll -IgnoreReboot -ErrorAction Stop
|
|
} catch {
|
|
Write-Log " Failed to check for updates: $_" -Level ERROR
|
|
exit 1
|
|
}
|
|
|
|
if (-not $available -or @($available).Count -eq 0) {
|
|
Write-Log " System is fully up to date" -Level OK
|
|
Write-Log "Step 12 complete" -Level OK
|
|
exit 0
|
|
}
|
|
|
|
Write-Log " Found $($available.Count) update(s) - installing..." -Level INFO
|
|
try {
|
|
$result = Install-WindowsUpdate -AcceptAll -IgnoreReboot -Verbose 2>&1
|
|
$result | Where-Object { "$_" -match '\S' } | ForEach-Object { Write-Log " $_" -Level INFO }
|
|
Write-Log " Update pass complete - reboot required for next round" -Level OK
|
|
} catch {
|
|
Write-Log " Update install failed: $_" -Level ERROR
|
|
exit 1
|
|
}
|
|
|
|
# Signal xetup that a reboot is needed before running this step again
|
|
Write-Log "Step 12 - reboot required (exit 9)" -Level OK
|
|
exit 9
|