Sub-type aware preinstall, USB drivers/PPKGs, Lab OpenText

- PreInstall runner reads pc-subtype.txt and matches PCTypes against both base type (Standard) and composite key (Standard-Machine). - UDC scoped to Standard-Machine only. eDNC and MachineNumberACLs skip on Standard-Timeclock sub-type. - Lab added to OpenText PCTypes. - build-usb.sh copies enrollment/ (PPKGs) and drivers-staging/ (Dell driver packs) onto USB for self-contained deployment. - Playbook deploys PPKGs and drivers from USB to PXE server shares. - Gitignore enrollment/, drivers-staging/, *.ppkg (large binaries). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-13 15:00:23 -04:00
parent 855d501fc2
commit 855af7312b
7 changed files with 65 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -50,3 +50,6 @@ mok-keys/
 # Secrets
 secrets.md
 **/eMxInfo*.txt
+*.ppkg
+enrollment/
+drivers-staging/
--- a/build-usb.sh
+++ b/build-usb.sh
@@ -282,6 +282,18 @@ else
    echo "    No enrollment/ directory found (PPKGs can be uploaded via webapp later)"
 fi

+# Copy Dell driver packs if staged
+DRIVERS_DIR="$SCRIPT_DIR/drivers-staging"
+if [ -d "$DRIVERS_DIR" ] && [ "$(ls -A "$DRIVERS_DIR" 2>/dev/null)" ]; then
+    echo "    Copying Dell driver packs from drivers-staging/..."
+    mkdir -p "$MOUNT_POINT/drivers"
+    cp -r "$DRIVERS_DIR"/* "$MOUNT_POINT/drivers/" 2>/dev/null || true
+    DRIVERS_SIZE=$(du -sh "$MOUNT_POINT/drivers" | cut -f1)
+    echo "    Copied drivers/ ($DRIVERS_SIZE)"
+else
+    echo "    No drivers-staging/ found (drivers can be downloaded later)"
+fi
+
 # Optionally copy WinPE deployment images
 if [ -n "$WINPE_SOURCE" ] && [ -d "$WINPE_SOURCE" ]; then
    echo "    Copying WinPE deployment content from $WINPE_SOURCE..."
--- a/playbook/preinstall/preinstall.json
+++ b/playbook/preinstall/preinstall.json
@@ -131,7 +131,7 @@
      "Type": "EXE",
      "InstallArgs": "",
      "LogFile": "C:\\Logs\\PreInstall\\Setup-OpenText.log",
-      "PCTypes": ["Standard", "CMM", "Keyence", "Genspect", "WaxAndTrace"]
+      "PCTypes": ["Standard", "CMM", "Keyence", "Genspect", "WaxAndTrace", "Lab"]
    },
    {
      "_comment": "UDC_Setup.exe spawns a hidden WPF window (UDC.exe) after install and never exits, so the runner needs KillAfterDetection: true to terminate UDC_Setup.exe + UDC.exe once the registry detection passes. This is an OPT-IN flag - normal installers should NOT set it because killing msiexec mid-install leaves msiserver holding the install mutex and the next msiexec call returns 1618 (Oracle hit this exact bug).",
@@ -142,7 +142,7 @@
      "KillAfterDetection": true,
      "DetectionMethod": "Registry",
      "DetectionPath": "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\UDC",
-      "PCTypes": ["Standard"]
+      "PCTypes": ["Standard-Machine"]
    },
    {
      "_comment": "Display kiosk app (Lobby Display or Dashboard). Install-KioskApp.cmd wrapper reads C:\\Enrollment\\display-type.txt to determine which installer to run. Both GEAerospaceLobbyDisplaySetup.exe and GEAerospaceDashboardSetup.exe must be staged in the display\\ subtree alongside the wrapper. Inno Setup /VERYSILENT is idempotent so no detection needed.",
--- a/playbook/pxe_server_setup.yml
+++ b/playbook/pxe_server_setup.yml
@@ -319,6 +319,19 @@
        mode: '0644'
      ignore_errors: yes

+    - name: "Deploy Dell driver packs to shared Out-of-box Drivers"
+      shell: >
+        if [ -d "{{ usb_mount }}/drivers" ]; then
+          mkdir -p "/srv/samba/winpeapps/_shared/Out-of-box Drivers/Dell_11"
+          cp -r {{ usb_mount }}/drivers/* "/srv/samba/winpeapps/_shared/Out-of-box Drivers/Dell_11/"
+          echo "Deployed Dell drivers from USB"
+        else
+          echo "No drivers/ on USB - skipping"
+        fi
+      args:
+        warn: false
+      ignore_errors: yes
+
    - name: "Deploy shopfloor setup scripts to enrollment share"
      copy:
        src: "{{ usb_mount }}/shopfloor-setup/"
--- a/playbook/shopfloor-setup/Shopfloor/00-PreInstall-MachineApps.ps1
+++ b/playbook/shopfloor-setup/Shopfloor/00-PreInstall-MachineApps.ps1
@@ -86,7 +86,7 @@ if (-not (Test-Path $jsonPath)) {
    exit 0
 }

-# --- Read PCTYPE from C:\Enrollment\pc-type.txt (set by startnet.cmd) ---
+# --- Read PCTYPE and optional PCSUBTYPE from C:\Enrollment\ ---
 $pcTypeFile = "C:\Enrollment\pc-type.txt"
 if (-not (Test-Path $pcTypeFile)) {
    Write-PreInstallLog "No pc-type.txt at $pcTypeFile - skipping" "WARN"
@@ -97,7 +97,14 @@ if (-not $pcType) {
    Write-PreInstallLog "pc-type.txt is empty - skipping" "WARN"
    exit 0
 }
-Write-PreInstallLog "PC type: $pcType"
+
+$pcSubtype = ''
+$subtypeFile = "C:\Enrollment\pc-subtype.txt"
+if (Test-Path $subtypeFile) {
+    $pcSubtype = (Get-Content $subtypeFile -First 1 -ErrorAction SilentlyContinue).Trim()
+}
+$pcProfileKey = if ($pcSubtype) { "$pcType-$pcSubtype" } else { $pcType }
+Write-PreInstallLog "PC type: $pcType$(if ($pcSubtype) { " (subtype: $pcSubtype, profile: $pcProfileKey)" })"

 # --- Parse JSON ---
 try {
@@ -201,11 +208,11 @@ foreach ($app in $config.Applications) {

    Write-PreInstallLog "==> $($app.Name)"

-    # Filter by PCTypes
+    # Filter by PCTypes - matches on wildcard, base type, or composite type-subtype key
    $allowedTypes = @($app.PCTypes)
-    $matchesType  = ($allowedTypes -contains "*") -or ($allowedTypes -contains $pcType)
+    $matchesType  = ($allowedTypes -contains "*") -or ($allowedTypes -contains $pcType) -or ($pcProfileKey -ne $pcType -and $allowedTypes -contains $pcProfileKey)
    if (-not $matchesType) {
-        Write-PreInstallLog "  PCTypes filter excludes '$pcType' (allowed: $($allowedTypes -join ', ')) - skipping"
+        Write-PreInstallLog "  PCTypes filter excludes '$pcProfileKey' (allowed: $($allowedTypes -join ', ')) - skipping"
        $skipped++
        continue
    }
--- a/playbook/shopfloor-setup/Standard/01-eDNC.ps1
+++ b/playbook/shopfloor-setup/Standard/01-eDNC.ps1
@@ -1,10 +1,21 @@
-# 01-eDNC.ps1 - Install eDNC and deploy custom eMxInfo.txt (Standard)
+# 01-eDNC.ps1 - Install eDNC and deploy custom eMxInfo.txt (Standard-Machine only)

 # --- Transcript ---
 $logDir = 'C:\Logs\SFLD'
 if (-not (Test-Path $logDir)) { try { New-Item -ItemType Directory -Path $logDir -Force | Out-Null } catch {} }
 try { Start-Transcript -Path (Join-Path $logDir '01-eDNC.log') -Append -Force | Out-Null } catch {}

+# --- Skip on Timeclock sub-type ---
+$subtypeFile = 'C:\Enrollment\pc-subtype.txt'
+if (Test-Path $subtypeFile) {
+    $subtype = (Get-Content $subtypeFile -First 1 -ErrorAction SilentlyContinue).Trim()
+    if ($subtype -eq 'Timeclock') {
+        Write-Host "=== eDNC Setup: skipped (Standard-Timeclock) ==="
+        try { Stop-Transcript | Out-Null } catch {}
+        return
+    }
+}
+
 Write-Host "=== eDNC Setup ==="

 function Get-SiteConfig {
--- a/playbook/shopfloor-setup/Standard/02-MachineNumberACLs.ps1
+++ b/playbook/shopfloor-setup/Standard/02-MachineNumberACLs.ps1
@@ -16,6 +16,17 @@ $logDir = 'C:\Logs\SFLD'
 if (-not (Test-Path $logDir)) { try { New-Item -ItemType Directory -Path $logDir -Force | Out-Null } catch {} }
 try { Start-Transcript -Path (Join-Path $logDir '02-MachineNumberACLs.log') -Append -Force | Out-Null } catch {}

+# --- Skip on Timeclock sub-type (no UDC/eDNC to grant ACLs for) ---
+$subtypeFile = 'C:\Enrollment\pc-subtype.txt'
+if (Test-Path $subtypeFile) {
+    $subtype = (Get-Content $subtypeFile -First 1 -ErrorAction SilentlyContinue).Trim()
+    if ($subtype -eq 'Timeclock') {
+        Write-Host "02-MachineNumberACLs: skipped (Standard-Timeclock)"
+        try { Stop-Transcript | Out-Null } catch {}
+        return
+    }
+}
+
 Write-Host "02-MachineNumberACLs.ps1 starting $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')"
 Write-Host "Running as: $([System.Security.Principal.WindowsIdentity]::GetCurrent().Name)"
 Write-Host ""