Fix tests, minor style issues, offline CAB update#80
Fix tests, minor style issues, offline CAB update#80johlju merged 5 commits intodsccommunity:mainfrom Borgquite:offline-export-fixes
Conversation
|
@johlju Are you able to take a look at this sometime please? |
|
When I have time I will take a look. 🙂 |
johlju
left a comment
johlju
left a comment
There was a problem hiding this comment.
Reviewed 13 of 14 files at r1, all commit messages.
Reviewable status: 13 of 14 files reviewed, 1 unresolved discussion (waiting on @Borgquite)
source/DSCResources/MSFT_UpdateServicesServer/WSUS.cab line 0 at r1 (raw file):
Why do we need to change this file? What is it used for? Since the content of the file cannot be reviewed, what would it take to update this file in the pipeline, so that the pipeline installs the correct things and add the correct file to the package?
There was a problem hiding this comment.
Reviewable status: 13 of 14 files reviewed, 1 unresolved discussion (waiting on @johlju)
source/DSCResources/MSFT_UpdateServicesServer/WSUS.cab line at r1 (raw file):
Previously, johlju (Johan Ljunggren) wrote…
Why do we need to change this file? What is it used for? Since the content of the file cannot be reviewed, what would it take to update this file in the pipeline, so that the pipeline installs the correct things and add the correct file to the package?
It's a current export of Microsoft's WSUS product metadata. The contents can be reviewed, but not automatically through Reviewable - just download, extract, and look at the before/after XML files.
The purpose of the file and how it is generated is documented here:
https://learn.microsoft.com/en-us/mem/configmgr/sum/get-started/synchronize-software-updates-disconnected
But the basics are - it allows the WSUS server to be set up offline without requiring connectivity to Microsoft Update. The process is:
- Choose a WSUS server that is synchronized with Microsoft Update by using the software update classifications, products, and languages that you need in your Configuration Manager environment. (FOR THE PURPOSE HERE, I set up a fully patched Windows Server 2022 Standard VM with all classifications, products and languages).
- Perform a sync
- Run wsusutil.exe export packagename logfilename
- Grab a copy of the packagename
I found that without the updated version, I was unable to configure a new WSUS server to synchronise new products that came out since the last update (e.g. 'Windows Admin Center'). The CAB needs to be periodically updated (as far as I can see, this has been done before in the lifetime of this module).
I did look to see if the Microsoft published and regularly updated Windows Update offline scan file, Wsusscan2.cab, could be used instead (see below). This would make your pipeline suggestion feasable. However, the contents of that file do not match the output of 'wsusutil.exe export' generated in the above process.
This comment was marked as duplicate.
This comment was marked as duplicate.
johlju
left a comment
johlju
left a comment
There was a problem hiding this comment.
Reviewed 1 of 14 files at r1.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @Borgquite)
source/DSCResources/MSFT_UpdateServicesServer/WSUS.cab line at r1 (raw file):
Previously, Borgquite (Chris Hill) wrote…
It's a current export of Microsoft's WSUS product metadata. The contents can be reviewed, but not automatically through Reviewable - just download, extract, and look at the before/after XML files.
The purpose of the file and how it is generated is documented here:
https://learn.microsoft.com/en-us/mem/configmgr/sum/get-started/synchronize-software-updates-disconnectedBut the basics are - it allows the WSUS server to be set up offline without requiring connectivity to Microsoft Update. The process is:
- Choose a WSUS server that is synchronized with Microsoft Update by using the software update classifications, products, and languages that you need in your Configuration Manager environment. (FOR THE PURPOSE HERE, I set up a server with all classifications, products and languages).
- Perform a sync
- Run wsusutil.exe export packagename logfilename
- Grab a copy of the packagename
I found that without the updated version, I was unable to configure a new WSUS server to synchronise new products that came out since the last update (e.g. 'Windows Admin Center'). The CAB needs to be periodically updated (as far as I can see, this has been done before in the lifetime of this module).
I did look to see if the Microsoft published and regularly updated Windows Update offline scan file, Wsusscan2.cab, could be used instead (see below). This would make your pipeline suggestion feasable. However, the contents of that file do not match the output of 'wsusutil.exe export' generated in the above process.
Thanks for the detailed explanation! 🙂 So to be able to do this in the pipeline, we would have to install a WSUS server, sync it to MS Update and configure the new classifications and products then run the command. Would it be feasible to do all that without user intervention for each deploy in Azure Pipelines on a Win2022 Server build worker within its 4 hour run time?
|
The diff of the .cab file is so large so it is not feasible to review it, I have to assume it is correct and valid. 🙂 |
|
I added issue #81 to track if there is a way to automate generating the .cab file. |
Borgquite
left a comment
Borgquite
left a comment
There was a problem hiding this comment.
Reviewable status: all files reviewed, 1 unresolved discussion
source/DSCResources/MSFT_UpdateServicesServer/WSUS.cab line at r1 (raw file):
Previously, johlju (Johan Ljunggren) wrote…
Thanks for the detailed explanation! 🙂 So to be able to do this in the pipeline, we would have to install a WSUS server, sync it to MS Update and configure the new classifications and products then run the command. Would it be feasible to do all that without user intervention for each deploy in Azure Pipelines on a Win2022 Server build worker within its 4 hour run time?
No worries! I think this would be possible, as the initial sync takes minutes, not hours. Not something I'd be keen to do myself, but I can't see why it couldn't be done...
Borgquite
left a comment
Borgquite
left a comment
There was a problem hiding this comment.
Reviewable status:
complete! all files reviewed, all discussions resolved
2 participants
Pull Request (PR) description
@johlju Have started work on this module with a lot of small ‘cleanup’ tasks.
Hopefully there’s no argument over these changes - gets the tests working, fixes some dodgy strings, updates the offline CAB, adds some additional Classification GUIDs to the notes for convenience. It should hopefully be a quick and easy one for review & approval :)
This Pull Request (PR) fixes the following issues
None
Task list
Entry should say what was changed, and how that affects users (if applicable).
and comment-based help.
This change is