Update packer windows-update plugin

.drone.yml

@@ -11,8 +11,16 @@ volumes:
     name: flexvolsmb-drone-scratch
 
 steps:
+- name: Debugging information
+  image: bv11-cr01.bessems.eu/library/packer-extended
+  commands:
+  - yamllint --version
+  - packer --version
+  - pwsh --version
+  - ovftool --version
 - name: Windows 10
   image: bv11-cr01.bessems.eu/library/packer-extended
+  pull: always
   commands:
   - sed -i -e "s/<<img-productkey>>/$${PRODUCTKEY}/" packer/preseed/Windows10/Autounattend.xml
   - |
@@ -21,27 +29,28 @@ steps:
       packer/preseed/Windows10/Sysprep_Unattend.xml
   - |
     yamllint -d "{extends: relaxed, rules: {line-length: disable}}" scripts
+  - |
+    packer init -upgrade \
+      ./packer
   - |
     packer validate \
-      -var-file=packer/variables.vsphere.json \
       -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
       -var vm_guestos=win10 \
       -var repo_username=$${REPO_USERNAME} \
       -var repo_password=$${REPO_PASSWORD} \
       -var vsphere_password=$${VSPHERE_PASSWORD} \
       -var winrm_password=$${WINRM_PASSWORD} \
-      packer/windows10.json \
+      ./packer
   - |
     packer build \
       -on-error=cleanup \
-      -var-file=packer/variables.vsphere.json \
       -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \
       -var vm_guestos=win10 \
       -var repo_username=$${REPO_USERNAME} \
       -var repo_password=$${REPO_PASSWORD} \
       -var vsphere_password=$${VSPHERE_PASSWORD} \
       -var winrm_password=$${WINRM_PASSWORD} \
-      packer/windows10.json \
+      ./packer
   environment:
     VSPHERE_PASSWORD:
       from_secret: vsphere_password

packer/preseed/Windows10/Autounattend.xml

@@ -47,7 +47,7 @@
                     <InstallFrom>
                         <MetaData wcm:action="add">
                             <Key>/IMAGE/INDEX</Key>
-                            <Value>6</Value>
+                            <Value>3</Value>
                         </MetaData>
                     </InstallFrom>
                 </OSImage>

packer/variables.pkr.hcl

@@ -0,0 +1,18 @@
+variable "vcenter_server" {}
+variable "vsphere_username" {}
+variable "vsphere_password" {}
+
+variable "vsphere_host" {}
+variable "vsphere_datacenter" {}
+
+variable "vsphere_templatefolder" {}
+variable "vsphere_folder" {}
+variable "vsphere_datastore" {}
+variable "vsphere_network" {}
+
+variable "vm_name" {}
+variable "vm_guestos" {}
+variable "winrm_password" {}
+
+variable "repo_username" {}
+variable "repo_password" {}

packer/variables.vsphere.json

@@ -1,11 +0,0 @@
-{
-    "vcenter_server":           "bv11-vc01.bessems.lan",
-    "vsphere_username":         "administrator@vsphere.local",
-    "vsphere_datacenter":       "DeSchakel",
-    "vsphere_host":             "bv11-esx.bessems.eu",
-    "vsphere_hostip":           "192.168.11.200",
-    "vsphere_datastore":        "Datastore02.SSD",
-    "vsphere_folder":           "/Packer",
-    "vsphere_templatefolder":   "/Templates",
-    "vsphere_network":          "LAN"
-}

packer/vsphere.auto.pkrvars.hcl

@@ -0,0 +1,8 @@
+vcenter_server         = "bv11-vc.bessems.lan"
+vsphere_username       = "administrator@vsphere.local"
+vsphere_datacenter     = "DeSchakel"
+vsphere_host           = "bv11-esx.bessems.lan"
+vsphere_datastore      = "Datastore01.SSD"
+vsphere_folder         = "/Packer"
+vsphere_templatefolder = "/Templates"
+vsphere_network        = "LAN"

packer/windows10.json

@@ -1,134 +0,0 @@
-{
-    "builders": [
-      {
-        "type":                 "vsphere-iso",
-        "name":                 "win10",
-
-        "vcenter_server":       "{{user `vcenter_server`}}",
-        "username":             "{{user `vsphere_username`}}",
-        "password":             "{{user `vsphere_password`}}",
-        "insecure_connection":  "true",
-
-        "vm_name":              "{{user `vm_guestos`}}-{{user `vm_name`}}",
-        "datastore":            "{{user `vsphere_datastore`}}",
-        "folder":               "{{user `vsphere_folder`}}",
-        "datacenter":           "{{user `vsphere_datacenter`}}",
-        "host":                 "{{user `vsphere_host`}}",
-        "boot_order":           "disk,cdrom",
-
-        "guest_os_type":        "windows9_64Guest",
-
-        "communicator":         "winrm",
-        "winrm_username":       "administrator",
-        "winrm_password":       "{{user `winrm_password`}}",
-        "winrm_timeout":        "10m",
-
-        "cpus":                 2,
-        "RAM":                  8192,
-
-        "network_adapters": [
-          {
-            "network":          "{{user `vsphere_network`}}",
-            "network_card":     "vmxnet3"
-          }
-        ],
-        "storage": [
-          {
-            "disk_size":        20480,
-            "disk_thin_provisioned": true
-          }
-        ],
-        "disk_controller_type": "lsilogic-sas",
-        "usb_controller":       "xhci",
-
-        "iso_url":              "https://{{user `repo_username`}}:{{user `repo_password`}}@sn.itch.fyi/Repository/iso/Microsoft/Windows%2010/20H2/Win10_20H2_v2_English_x64.iso",
-        "iso_checksum":         "sha256:6C6856405DBC7674EDA21BC5F7094F5A18AF5C9BACC67ED111E8F53F02E7D13D",
-        "iso_paths": [
-            "ISO-files/VMware-tools-windows-11.2.1-17243207/VMware-tools-windows-11.2.1-17243207.iso"
-        ],
-
-        "floppy_files": [
-            "packer/preseed/Windows10/Autounattend.xml",
-            "packer/preseed/Windows10/Sysprep_Unattend.xml",
-            "scripts/Set-NetworkProfile.ps1",
-            "scripts/Disable-WinRM.ps1",
-            "scripts/Enable-WinRM.ps1",
-            "scripts/Install-VMwareTools.cmd"
-        ],
-
-        "boot_command":         "",
-        "boot_wait":            "5m",
-
-        "shutdown_command":     "C:\\Windows\\System32\\Sysprep\\sysprep.exe /generalize /oobe /unattend:A:\\Sysprep_Unattend.xml",
-        "shutdown_timeout":     "1h",
-
-        "export": {
-          "images":             false
-        }
-      }     
-    ],
-    "provisioners": [
-      {
-        "type":                 "windows-update",
-        "filters": [
-          "exclude:$_.Title -like '*Preview*'",
-          "include:$true"
-        ]
-      },
-      {
-        "type":                 "powershell",
-        "inline": [
-          "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12",
-          "Invoke-Expression ((New-Object Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))"
-        ]
-      },
-      {
-        "type":                 "powershell",
-        "inline": [
-          "choco config set --name=limit-output --value=LimitOutput",
-          "choco install -y 7zip.install",
-          "choco install -y sysinternals",
-          "choco install -y firefox"
-        ]
-      },
-      {
-        "type":                 "windows-update",
-        "filters": [
-          "exclude:$_.Title -like '*Preview*'",
-          "include:$true"
-        ]
-      },
-      {
-        "type":                 "powershell",
-        "inline": [
-          "New-Item -Path 'C:\\Payload\\Scripts' -ItemType 'Directory' -Force:$True -Confirm:$False"
-        ]
-      },
-      {
-        "type":                 "file",
-        "source":               "scripts/Windows10/payload/",
-        "destination":          "C:\\Payload\\"
-      },
-      {
-        "type":                 "powershell",
-        "scripts": [
-          "scripts/Windows10/Register-ScheduledTask.ps1"
-        ]
-      }
-    ],
-    "post-processors": [[
-      {
-        "type":                 "shell-local",
-        "inline": [
-          "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",
-          " -OVFFile '/scratch/win10/{{user `vm_guestos`}}-{{user `vm_name`}}.ovf' \\",
-          " -Parameter @{'appliance.name'='{{user `vm_guestos`}}';'appliance.version'='{{user `vm_name`}}'}\"",
-          "pwsh -file scripts/Update-Manifest.ps1 \\",
-          " -ManifestFileName '/scratch/win10/{{user `vm_guestos`}}-{{user `vm_name`}}.mf'",
-          "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\",
-          " '/scratch/win10/{{user `vm_guestos`}}-{{user `vm_name`}}.ovf' \\",
-          " /output/Windows10.ova"
-        ]
-      }
-    ]]    
-  }

packer/windows10.pkr.hcl

@@ -0,0 +1,133 @@
+packer {
+  required_plugins {
+    windows-update = {
+      version = ">= 0.14.0"
+      source  = "github.com/rgl/windows-update"
+    }
+  }
+}
+
+source "vsphere-iso" "win10" {
+  vcenter_server          = var.vcenter_server
+  username                = var.vsphere_username
+  password                = var.vsphere_password
+  insecure_connection     = "true"
+
+  vm_name                 = "${var.vm_guestos}-${var.vm_name}"
+  datacenter              = var.vsphere_datacenter
+  host                    = var.vsphere_host
+  folder                  = var.vsphere_folder
+  datastore               = var.vsphere_datastore
+
+  guest_os_type           = "windows9_64Guest"
+
+  boot_order              = "disk,cdrom"
+  boot_command            = [""]
+  boot_wait               = "5m"
+
+  communicator            = "winrm"
+  winrm_username          = "administrator"
+  winrm_password          = var.winrm_password
+  winrm_timeout           = "10m"
+
+  CPUs                    = 2
+  RAM                     = 8192
+
+  network_adapters {
+    network               = var.vsphere_network
+    network_card          = "vmxnet3"
+  }
+  storage {
+    disk_size             = 20480
+    disk_thin_provisioned = true
+  }
+  disk_controller_type    = ["lsilogic-sas"]
+  usb_controller          = ["xhci"]
+
+  floppy_files            = [
+    "packer/preseed/Windows10/Autounattend.xml",
+    "packer/preseed/Windows10/Sysprep_Unattend.xml",
+    "scripts/Set-NetworkProfile.ps1",
+    "scripts/Disable-WinRM.ps1",
+    "scripts/Enable-WinRM.ps1",
+    "scripts/Install-VMwareTools.cmd"
+  ]
+  iso_checksum            = "sha256:8D1663B71280533824CF95C7AB48ADAF5A187C38FCFF5B16A569F903688916D0"
+  iso_paths               = [
+    "ISO-files/VMware-tools-windows-11.3.5-18557794/VMware-tools-windows-11.3.5-18557794.iso"
+  ]
+  iso_url                 = "https://${var.repo_username}:${var.repo_password}@sn.itch.fyi/Repository/iso/Microsoft/Windows%2010/20H2/en_windows_10_enterprise_20H2_x64.iso"
+
+  shutdown_command        = "C:\\Windows\\System32\\Sysprep\\sysprep.exe /generalize /oobe /unattend:A:\\Sysprep_Unattend.xml"
+  shutdown_timeout        = "1h"
+
+  export {
+    images                = false
+    output_directory      = "/scratch/win10"
+  }
+  remove_cdrom            = true
+}
+
+build {
+  sources = ["source.vsphere-iso.win10"]
+
+  provisioner "windows-update" {
+    filters = [
+      "exclude:$_.Title -like '*Preview*'",
+      "include:$true"
+    ]
+  }
+
+  provisioner "powershell" {
+    inline = [
+      "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12",
+      "Invoke-Expression ((New-Object Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))"
+    ]
+  }
+
+  provisioner "powershell" {
+    inline = [
+      "choco config set --name=limit-output --value=LimitOutput",
+      "choco install -y 7zip.install",
+      "choco install -y sysinternals",
+      "choco install -y firefox"
+    ]
+  }
+
+  provisioner "windows-update" {
+    filters = [
+      "exclude:$_.Title -like '*Preview*'",
+      "include:$true"
+    ]
+  }
+
+  provisioner "powershell" {
+    inline = [
+      "New-Item -Path 'C:\\Payload\\Scripts' -ItemType 'Directory' -Force:$True -Confirm:$False"
+    ]
+  }
+
+  provisioner "file" {
+    destination = "C:\\Payload\\"
+    source      = "scripts/Windows10/payload/"
+  }
+
+  provisioner "powershell" {
+    scripts = [
+      "scripts/Windows10/Register-ScheduledTask.ps1"
+    ]
+  }
+
+  post-processor "shell-local" {
+    inline = [
+      "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\",
+      " -OVFFile '/scratch/win10/${var.vm_guestos}-${var.vm_name}.ovf' \\",
+      " -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"",
+      "pwsh -file scripts/Update-Manifest.ps1 \\",
+      " -ManifestFileName '/scratch/win10/${var.vm_guestos}-${var.vm_name}.mf'",
+      "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\",
+      " '/scratch/win10/${var.vm_guestos}-${var.vm_name}.ovf' \\",
+      " /output/Windows10.ova"
+    ]
+  }
+}

scripts/Windows10/payload/Apply-FirstBootConfig.ps1

@@ -183,7 +183,7 @@ Switch ($ovfPropertyValues['deployment.type']) {
             Force       = $True
         }
         $SetLocalUserSplat = @{
-            InputObject = $BuiltinAdministrator
+            InputObject           = $BuiltinAdministrator
             Password              = ConvertTo-SecureString @ConvertToSecureStringSplat
             PasswordNeverExpires  = $True
             AccountNeverExpires   = $True
@@ -192,6 +192,12 @@ Switch ($ovfPropertyValues['deployment.type']) {
             Confirm               = $False
         }
         Set-LocalUser @SetLocalUserSplat
+
+        $EnableLocalUserSplat = @{
+            InputObject = $BuiltinAdministrator
+            Confirm     = $False
+        }
+        Enable-LocalUser @EnableLocalUserSplat
     }
 }