Cbreit/windows 2019

ci-windows-2019.yml

@@ -9,6 +9,8 @@ variables:
   travis_cookbooks_edge_branch: master
   travis_cookbooks_sha: "{{ env `TRAVIS_COOKBOOKS_SHA` }}"
   travis_uid: "{{ env `TRAVIS_UID` }}"
+
+
 builders:
 - type: googlecompute
   name: googlecompute
@@ -32,6 +34,8 @@ builders:
   - windows-2019
   - travis-ci-packer-templates
   state_timeout: 10m
+
+
 provisioners:
 - type: file
   source: tmp/git-meta
@@ -42,12 +46,21 @@ provisioners:
 - type: file
   source: packer-scripts/Run-BashScript.ps1
   destination: c:/windows/temp/Run-BashScript.ps1
+
+- type: powershell
+  scripts:
+   - packer-scripts/Install-EssentialApps.ps1
+- type: powershell
+  scripts:
+   - packer-scripts/Disable-Disturbing-Functionality.ps1
+
 - type: powershell
   scripts:
   - packer-scripts/Bootstrap-Windows.ps1
   environment_vars:
   - "JOB_BOARD_REGISTER_FILE=c:/travis-job-board-register.yml"
   - "SYSTEM_INFO_JSON=c:/travis_system_info.json"
+
 - type: powershell
   scripts:
   - packer-scripts/packer-env-dump
@@ -76,10 +89,19 @@ provisioners:
   - DPKG_MANIFEST_JSON=/c/.dpkg-manifest.json
   - BIN_LIB_CHECKSUMS=/c/.bin-lib.SHA256SUMS
   execute_command: powershell -executionpolicy bypass "& { if (Test-Path variable:global:ProgressPreference){$ProgressPreference='SilentlyContinue'};. {{.Vars}}; & c:/windows/temp/Run-BashScript.ps1 -bashscript '{{.Path}}'; exit $LastExitCode }"
+
+- type: powershell
+  scripts:
+   - packer-scripts/Compact.ps1
+  environment_vars: 
+    - "doExtraCompact=true"
+
 - type: file
   source: "c:/windows/temp/image-metadata-{{ user `image_name` }}.tar.bz2"
   destination: tmp/image-metadata-{{ user `image_name` }}.tar.bz2
   direction: download
+
+
 post-processors:
 -
   - type: shell-local

packer-assets/windows-server-2019-packages.txt

@@ -11,10 +11,13 @@ rsync
 ruby
 wget
 winscp
-visualstudio2017buildtools --package-parameters "--quiet --wait --norestart --locale en-US --allWorkloads --includeRecommended --includeOptional --add Microsoft.VisualStudio.Workload.VCTools --add Microsoft.VisualStudio.Component.VC.ATL --add Microsoft.VisualStudio.Component.VC.ATLMFC"
-visualstudio2017-workload-netcorebuildtools
-visualstudio2017-workload-vctools
-visualstudio2017-workload-webbuildtools
+visualstudio2019-workload-netcorebuildtools
+visualstudio2019-workload-vctools
+visualstudio2019-workload-webbuildtools
+visualstudio2019buildtools --execution-timeout 3500 --package-parameters "--quiet --wait --norestart --locale en-US --allWorkloads --includeRecommended --includeOptional --add Microsoft.VisualStudio.Workload.VCTools --add Microsoft.VisualStudio.Component.VC.ATL --add Microsoft.VisualStudio.Component.VC.ATLMFC"
 windows-sdk-10-version-1903-all
-vcredist2017
 wsl
+dotnet4.7.2
+dotnetcore-sdk
+sysinternals
+nodejs.install

packer-scripts/Compact.ps1

@@ -0,0 +1,25 @@
+
+Write-Host "---------------------------------------------------------------------------------------------"
+Write-Host $MyInvocation.MyCommand.Name
+Write-Host "---------------------------------------------------------------------------------------------"
+
+dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase
+#cleanmgr /sagerun:1
+
+$doExtraCompact = $null
+if(Test-Path env:doExtraCompact)
+{
+  $doExtraCompact = Get-Item env:doExtraCompact
+
+  if($doExtraCompact.Value -eq 'true')
+  {
+    Write-Host "Performing extra compacting with Udefrag and Sdelete"
+
+    choco install -y ultradefrag
+    choco install -y sdelete
+
+    udefrag --optimize --repeat C:
+    sdelete.exe -q -z C:
+  }
+}
+

packer-scripts/Disable-Disturbing-Functionality.ps1

@@ -0,0 +1,63 @@
+
+Write-Host "---------------------------------------------------------------------------------------------"
+Write-Host $MyInvocation.MyCommand.Name
+Write-Host "---------------------------------------------------------------------------------------------"
+
+$ErrorActionPreference = 'SilentlyContinue'
+
+Write-Host "Disable system protection, set pagefile to a fixed size"
+Disable-ComputerRestore -Drive "C:\"
+
+Write-Host "Set pagefile to fixed size so we're not extending the image file unnecessarily"
+$computersys = Get-WmiObject Win32_ComputerSystem -EnableAllPrivileges;
+$computersys.AutomaticManagedPagefile = $False;
+$computersys.Put();
+$pagefile = Get-WmiObject -Query "Select * From Win32_PageFileSetting Where Name like '%pagefile.sys'";
+$pagefile.InitialSize = 512;
+$pagefile.MaximumSize = 512;
+$pagefile.Put();
+
+
+Write-Host "Disable Defender"
+Set-MpPreference -DisableRealtimeMonitoring $true
+
+# --> stuff below causes access denied problems...
+# $DefenderPath = "HKLM:SOFTWARE\Policies\Microsoft\Windows Defender"
+# New-Item -Path $DefenderPath -Force
+# Set-ItemProperty -Path $DefenderPath -Type DWord -Name "DisableAntiSpyware" -Value 1 -Force
+
+# $DefenderRealTimePath = "HKLM:SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection"
+# New-Item -Path $DefenderRealTimePath -Force
+# Set-ItemProperty -Path $DefenderRealTimePath -Type DWord -Name "DisableBehaviorMonitoring" -Value 1 -Force
+# Set-ItemProperty -Path $DefenderRealTimePath -Type DWord -Name "DisableOnAccessProtection" -Value 1 -Force
+# Set-ItemProperty -Path $DefenderRealTimePath -Type DWord -Name "DisableScanOnRealtimeEnable" -Value 1 -Force
+
+Write-Host "Setting scheduling priority for programs"
+$Priority =  "HKLM:SYSTEM\CurrentControlSet\Control\PriorityControl"
+Set-ItemProperty -Path $Priority -Type DWord -Name Win32PrioritySeparation -Value 38 -Force 
+
+Write-Host "Disable auto updates (hopefully)"
+# see https://4sysops.com/archives/disable-windows-10-update-in-the-registry-and-with-powershell
+$WindowsUpdatePath = "HKLM:SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\"
+$AutoUpdatePath = "HKLM:SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU"
+
+New-Item -Path $WindowsUpdatePath -Force
+New-Item -Path $AutoUpdatePath -Force
+
+Set-ItemProperty -Path $AutoUpdatePath -Type DWord -Name NoAutoUpdate -Value 0 -Force
+Set-ItemProperty -Path $AutoUpdatePath -Type DWord -Name AUOptions -Value 2 -Force
+
+
+Write-Host "Disable install of apps like CandyCrush, ..."
+$CloudContentPath = "HKLM:SOFTWARE\Policies\Microsoft\Windows\CloudContent"
+New-Item -Path $CloudContentPath -Force
+Set-ItemProperty -Path $CloudContentPath -Type DWord -Name "DisableWindowsConsumerFeatures" -Value 1 -Force
+
+$ContentDeliveryManagerPath = "HKCU:Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager"
+New-Item -Path $ContentDeliveryManagerPath -Force
+Set-ItemProperty -Path $ContentDeliveryManagerPath -Type DWord -Name "SilentInstalledAppsEnabled" -Value 0 -Force
+
+Write-Host "Disable Win-Store app updates"
+$StorePath = "HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore"
+New-Item -Path $StorePath -Force
+Set-ItemProperty -Type DWord -Path $StorePath -Name "AutoDownload" -Value 2 -Force

packer-scripts/Install-EssentialApps.ps1

@@ -0,0 +1,34 @@
+
+Set-ExecutionPolicy Bypass -Scope Process -Force;
+
+# Chocolatey
+Write-Host "Chocolatey"
+$chocoExePath = 'C:\ProgramData\Chocolatey\bin'
+
+if ($($env:Path).ToLower().Contains($($chocoExePath).ToLower())) {
+  Write-Host "Chocolatey found in PATH, skipping install..."
+}
+else
+{
+  # Add to system PATH
+  $systemPath = [Environment]::GetEnvironmentVariable('Path',[System.EnvironmentVariableTarget]::Machine)
+  $systemPath += ';' + $chocoExePath
+  [Environment]::SetEnvironmentVariable("PATH", $systemPath, [System.EnvironmentVariableTarget]::Machine)
+
+  # Update local process' path
+  $userPath = [Environment]::GetEnvironmentVariable('Path',[System.EnvironmentVariableTarget]::User)
+  if($userPath) {
+    $env:Path = $systemPath + ";" + $userPath
+  } else {
+    $env:Path = $systemPath
+  }
+
+  # Run the installer
+  iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
+}
+
+# Nuget + PSWindowsUpdate
+Write-Host "Installing Nuget + PSWindowsUpdate"
+
+Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
+Install-Module -Name PSWindowsUpdate -Force