ewilliams28/FFU
1
0
Fork 0
mirror of https://github.com/rbalsleyMSFT/FFU.git synced 2026-06-14 02:09:35 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixed a logic issue when downloading ARM KBs

Browse Source
This commit is contained in:
rbalsleyMSFT
2024-07-01 10:09:11 -07:00
parent 3d13774ee4
commit 7a0dd3435c
2 changed files with 125 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files
FFUDevelopment/BuildFFUVM.ps1
+124 -43
View File
@@ -310,7 +310,7 @@ param(
"Upgrade-Insecure-Requests" = "1" "Upgrade-Insecure-Requests" = "1"
} }
) )
$version = '2406.1' $version = '2407.1'
#Check if Hyper-V feature is installed (requires only checks the module) #Check if Hyper-V feature is installed (requires only checks the module)
$osInfo = Get-WmiObject -Class Win32_OperatingSystem $osInfo = Get-WmiObject -Class Win32_OperatingSystem
@@ -1748,57 +1748,120 @@ function Save-KB {
[array]$WindowsArch = @("x64", "amd64") [array]$WindowsArch = @("x64", "amd64")
} }
# foreach ($kb in $name) {
# $links = Get-KBLink -Name $kb
# foreach ($link in $links) {
# #Check if $WindowsArch is an array
# if ($WindowsArch -is [array]) {
# #Some file names include either x64 or amd64
# if ($link -match $WindowsArch[0] -or $link -match $WindowsArch[1]) {
# Start-BitsTransferWithRetry -Source $link -Destination $Path
# $fileName = ($link -split '/')[-1]
# break
# }
# # elseif (!($link -match 'x64' -or $link -match 'amd64' -or $link -match 'x86' -or $link -match 'arm64')) {
# # Write-Host "No architecture found in $link, assume it's for all architectures"
# # Start-BitsTransfer -Source $link -Destination $Path
# # $fileName = ($link -split '/')[-1]
# # break
# # }
# elseif (!($link -match 'x64' -or $link -match 'amd64' -or $link -match 'x86' -or $link -match 'arm64')) {
# WriteLog "No architecture found in $link, assume this is for all architectures"
# #FIX: 3/22/2024 - the SecurityHealthSetup fix was updated and now includes two files (one is x64 and the other is arm64)
# #Unfortunately there is no easy way to determine the architecture from the file name
# #There is a support doc that include links to download, but it's out of date (n-1)
# #https://support.microsoft.com/en-us/topic/windows-security-update-a6ac7d2e-b1bf-44c0-a028-41720a242da3
# #These files don't change that often, so will check the link above to see when it updates and may use that
# #For now this is hard-coded for these specific file names
# if ($link -match 'security'){
# #Make sure we're getting the correct architecture for the Security Health Setup update
# WriteLog "Link: $link matches security"
# if ($WindowsArch -eq 'x64'){
# if ($link -match 'securityhealthsetup_e1'){
# Writelog "Downloading $Link for $WindowsArch to $Path"
# Start-BitsTransferWithRetry -Source $link -Destination $Path
# $fileName = ($link -split '/')[-1]
# Writelog "Returning $fileName"
# break
# }
# }
# elseif ($WindowsArch -eq 'arm64'){
# if ($link -match 'securityhealthsetup_25'){
# Writelog "Downloading $Link for $WindowsArch to $Path"
# Start-BitsTransferWithRetry -Source $link -Destination $Path
# $fileName = ($link -split '/')[-1]
# Writelog "Returning $fileName"
# break
# }
# }
# continue
# }
# Start-BitsTransferWithRetry -Source $link -Destination $Path
# $fileName = ($link -split '/')[-1]
# }
# }
# else {
# if ($link -match $WindowsArch) {
# Start-BitsTransferWithRetry -Source $link -Destination $Path
# $fileName = ($link -split '/')[-1]
# break
# }
# }
# }
# }
foreach ($kb in $name) { foreach ($kb in $name) {
$links = Get-KBLink -Name $kb $links = Get-KBLink -Name $kb
foreach ($link in $links) { foreach ($link in $links) {
#Check if $WindowsArch is an array if (!($link -match 'x64' -or $link -match 'amd64' -or $link -match 'x86' -or $link -match 'arm64')) {
if ($WindowsArch -is [array]) { WriteLog "No architecture found in $link, assume this is for all architectures"
#Some file names include either x64 or amd64 #FIX: 3/22/2024 - the SecurityHealthSetup fix was updated and now includes two files (one is x64 and the other is arm64)
if ($link -match $WindowsArch[0] -or $link -match $WindowsArch[1]) { #Unfortunately there is no easy way to determine the architecture from the file name
Start-BitsTransferWithRetry -Source $link -Destination $Path #There is a support doc that include links to download, but it's out of date (n-1)
$fileName = ($link -split '/')[-1] #https://support.microsoft.com/en-us/topic/windows-security-update-a6ac7d2e-b1bf-44c0-a028-41720a242da3
break #These files don't change that often, so will check the link above to see when it updates and may use that
} #For now this is hard-coded for these specific file names
# elseif (!($link -match 'x64' -or $link -match 'amd64' -or $link -match 'x86' -or $link -match 'arm64')) { if ($link -match 'security') {
# Write-Host "No architecture found in $link, assume it's for all architectures" #Make sure we're getting the correct architecture for the Security Health Setup update
# Start-BitsTransfer -Source $link -Destination $Path WriteLog "Link: $link matches security"
# $fileName = ($link -split '/')[-1] if ($WindowsArch -eq 'x64') {
# break if ($link -match 'securityhealthsetup_e1') {
# } Writelog "Downloading $Link for $WindowsArch to $Path"
elseif (!($link -match 'x64' -or $link -match 'amd64' -or $link -match 'x86' -or $link -match 'arm64')) { Start-BitsTransferWithRetry -Source $link -Destination $Path
WriteLog "No architecture found in $link, assume this is for all architectures" $fileName = ($link -split '/')[-1]
#FIX: 3/22/2024 - the SecurityHealthSetup fix was updated and now includes two files (one is x64 and the other is arm64) Writelog "Returning $fileName"
#Unfortunately there is no easy way to determine the architecture from the file name break
#There is a support doc that include links to download, but it's out of date (n-1) }
#https://support.microsoft.com/en-us/topic/windows-security-update-a6ac7d2e-b1bf-44c0-a028-41720a242da3 }
#These files don't change that often, so will check the link above to see when it updates and may use that if ($WindowsArch -eq 'arm64') {
#For now this is hard-coded for these specific file names if ($link -match 'securityhealthsetup_25') {
if ($link -match 'security'){ Writelog "Downloading $Link for $WindowsArch to $Path"
#Make sure we're getting the correct architecture for the Security Health Setup update Start-BitsTransferWithRetry -Source $link -Destination $Path
if ($WindowsArch -eq 'x64'){ $fileName = ($link -split '/')[-1]
if ($link -match 'securityhealthsetup_e1'){ Writelog "Returning $fileName"
Start-BitsTransferWithRetry -Source $link -Destination $Path break
$fileName = ($link -split '/')[-1]
break
}
} }
elseif ($WindowsArch -eq 'arm64'){
if ($link -match 'securityhealthsetup_25'){
Start-BitsTransferWithRetry -Source $link -Destination $Path
$fileName = ($link -split '/')[-1]
break
}
}
continue
} }
Start-BitsTransferWithRetry -Source $link -Destination $Path
$fileName = ($link -split '/')[-1]
} }
} }
else {
if ($link -match $WindowsArch) { if ($link -match 'x64' -or $link -match 'amd64') {
if($WindowsArch -is [array]) {
if ($link -match $WindowsArch[0] -or $link -match $WindowsArch[1]) {
Writelog "Downloading $Link for $WindowsArch to $Path"
Start-BitsTransferWithRetry -Source $link -Destination $Path
$fileName = ($link -split '/')[-1]
Writelog "Returning $fileName"
break
}
}
}
if ($link -match 'arm64') {
if ($WindowsArch -eq 'arm64') {
Writelog "Downloading $Link for $WindowsArch to $Path"
Start-BitsTransferWithRetry -Source $link -Destination $Path Start-BitsTransferWithRetry -Source $link -Destination $Path
$fileName = ($link -split '/')[-1] $fileName = ($link -split '/')[-1]
Writelog "Returning $fileName"
break break
} }
} }
@@ -2900,6 +2963,19 @@ if (($InstallApps -eq $false) -and (($UpdateLatestDefender -eq $true) -or ($Upda
WriteLog 'You have selected to update Defender, OneDrive, or Edge, however you are setting InstallApps to false. These updates require the InstallApps variable to be set to true. Please set InstallApps to true and try again.' WriteLog 'You have selected to update Defender, OneDrive, or Edge, however you are setting InstallApps to false. These updates require the InstallApps variable to be set to true. Please set InstallApps to true and try again.'
throw "InstallApps variable must be set to `$true to update Defender, OneDrive, or Edge" throw "InstallApps variable must be set to `$true to update Defender, OneDrive, or Edge"
} }
if (($WindowsArch -eq 'ARM64') -and ($InstallOffice -eq $true)) {
$InstallOffice = $false
WriteLog 'M365 Apps/Office currently fails to install on ARM64 VMs without an internet connection. Setting InstallOffice to false'
}
if (($WindowsArch -eq 'ARM64') -and ($UpdateOneDrive -eq $true)) {
$UpdateOneDrive = $false
WriteLog 'OneDrive currently fails to install on ARM64 VMs (even with the OneDrive ARM setup files). Setting UpdateOneDrive to false'
}
# if(($WindowsArch -eq 'ARM64') -and ($UpdateLatestDefender -eq $true)){
# $UpdateLatestDefender = $false
# WriteLog 'Defender ARM and x64 updates currently fail to install on ARM64 VMs. Setting UpdateLatestDefender to false'
# }
#Get script variable values #Get script variable values
LogVariableValues LogVariableValues
@@ -3094,6 +3170,11 @@ if ($InstallApps) {
Invoke-Process Expand "$EdgeCABFilePath -F:*.msi $EdgeFullFilePath" Invoke-Process Expand "$EdgeCABFilePath -F:*.msi $EdgeFullFilePath"
WriteLog "Expansion complete" WriteLog "Expansion complete"
#Remove Edge CAB file
WriteLog "Removing $EdgeCABFilePath"
Remove-Item -Path $EdgeCABFilePath -Force
WriteLog "Removal complete"
#Modify InstallAppsandSysprep.cmd to add in $KBFilePath on the line after REM Install Edge Stable #Modify InstallAppsandSysprep.cmd to add in $KBFilePath on the line after REM Install Edge Stable
WriteLog "Updating $AppsPath\InstallAppsandSysprep.cmd to include Edge Stable $WindowsArch release" WriteLog "Updating $AppsPath\InstallAppsandSysprep.cmd to include Edge Stable $WindowsArch release"
$CmdContent = Get-Content -Path "$AppsPath\InstallAppsandSysprep.cmd" $CmdContent = Get-Content -Path "$AppsPath\InstallAppsandSysprep.cmd"
FFUDevelopment/WinPEDeployFFUFiles/ApplyFFU.ps1
+1 -1
View File
@@ -117,7 +117,7 @@ $LogFileName = 'ScriptLog.txt'
$USBDrive = Get-USBDrive $USBDrive = Get-USBDrive
New-item -Path $USBDrive -Name $LogFileName -ItemType "file" -Force | Out-Null New-item -Path $USBDrive -Name $LogFileName -ItemType "file" -Force | Out-Null
$LogFile = $USBDrive + $LogFilename $LogFile = $USBDrive + $LogFilename
$version = '2406.1' $version = '2407.1'
WriteLog 'Begin Logging' WriteLog 'Begin Logging'
WriteLog "Script version: $version" WriteLog "Script version: $version"