A tool for automating the installation of the Microsoft Windows operating system on various device platforms.
| Home |
|---|
| About |
| Setup Guide |
| Glazier Configurations |
| └─New Actions |
| └─Config Layout |
| YAML Files |
| └─YAML Specs |
| └─Chooser UI |
| └─YAML Tips |
| Python |
| └─Installer Actions |
| └─Policy Modules |
| └─Error Handling |
| └─Config Handlers |
| Mailing List 💌 |
| File A Bug 🐛 |
Hosted on GitHub Pages — Theme by orderedlist
Actions are classes which the configuration handler may call to perform a variety of tasks during imaging.
Each module should inherit from BaseAction and will receive a BuildInfo
instance (self._build_info).
Arguments are stored as a data structure in the self._args variable, commonly
as an ordered list or dictionary.
Each action class should override the Run function to execute its main behavior.
If an action fails, the module should raise ActionError with a message
explaining the cause of failure. This will abort the build.
Config validation can be accomplished by overriding the Validate() function.
Validate should test the inputs (_args) for correctness. If _args contains
any unexpected or inappropriate data, ValidationError should be raised.
Validate() will pass for any actions which have not overridden it with custom
rules.
Aborts the build with a custom error message.
Aliases: choice
Enable Bitlocker on the host system.
Available modes:
Write state from the BuildInfo class to disk for later processing by BuildInfoSave.
Load BuildInfo data from disk and store permanently to the registry.
Change the active Glazier config server at runtime.
ChangeServer is a unique action in the sense that it alters the behavior of the configuration builder in real time. This action must come (logically) last in the input config; once reached, the config builder effectively restarts immediately with the new server address and root. No subsequent tasks in the original location will be handled.
ChangeServer: ['https://new-server.example.com', '/new/config/path']
Copy directories from source to destination.
CopyDir: ['X:\Glazier', 'C:\Glazier\Old']
# Delete existing directory before copying
CopyDir: ['X:\Glazier', 'C:\Glazier\Old', true]
Copy files from source to destination.
Also available as MultiCopyFile for copying larger sets of files.
CopyFile: ['X:\glazier.log', 'C:\Windows\Logs\glazier.log']
MultiCopyFile:
- ['X:\glazier-applyimg.log', 'C:\Windows\Logs\glazier-applyimg.log']
- ['X:\glazier.log', 'C:\Windows\Logs\glazier.log']
Joins the host to the domain. (Requires installer to be running within the host OS.)
DomainJoin: ['interactive', 'domain.example.com']
DomainJoin: ['auto', 'domain.example.com', 'OU=Servers,DC=DOMAIN,DC=EXAMPLE,DC=COM']
Process drivers in WIM format. Downloads file, verifies hash, creates an empty directory, mounts wim file, applies drivers to the base image, and finally unmounts wim.
Driver: ['@/Driver/HP/z840/win10/20160909/z840.wim',
'C:\Glazier_Cache\z840.wim',
'cd8f4222a9ba4c4493d8df208fe38cdad969514512d6f5dfd0f7cc7e1ea2c782']
Run one or more commands on the system.
Supports multiple commands via nested list structure due to the frequency of program executions occurring as part of a typical imaging process.
Execute: [
# Using defaults.
['C:\Windows\System32\netsh.exe interface teredo set state disabled'],
# 0 or 1 are successful exit codes, 3010 will trigger a restart.
['C:\Windows\System32\msiexec.exe /i @Drivers/HP/zbook/HP_Hotkey_Support_6_2_20_8.msi /qn /norestart', [0,1], [3010]],
# 0 is a successful exit code, 2 will trigger a restart, and True will rerun the command after the restart.
['C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NoProfile -File #secureboot.ps1', [0], [2], True],
# 0 is a successful exit code, 2 will trigger a restart, and True will ONLY log output to console.
['C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NoProfile -File #secureboot.ps1', [0], [2], False. True],
]
Leave the WinPE environment en route to the local host configuration. Is normally followed by sysprep, then the relaunch of the autobuild tool running inside the new host image.
Performs multiple steps in one:
Without a separate command, some of these actions would remain in the task list after being carried over, and would be re-executed.
Aliases: pull
Downloads remote files to local disk. Get is an ordered, two dimensional list of source file names and destination file names. Source filenames are assumed to be relative to the location of the current yaml file.
To use checksum verification, add the computed SHA256 hash as a third argument to the list. This argument is optional, and being absent or null bypasses verification.
Get:
- ['windows10.wim', 'c:\base.wim', '4b5b6bf0e59dadb4663ad9b4110bf0794ba24c344291f30d47467d177feb4776']
Get:
- ['win2008-x64-se.wim', 'c:\base.wim']
- ['win2008-x64-se.wim.sha256', 'c:\base.wim.sha256']
Installs one or more GooGet packages with optional arguments.
Supports multiple packages via nested list structure.
-root flag when launching GooGet. GooGetInstall: [
# Specify only GooGet package name
['test_package_v1'],
# Package name with additional GooGet arguments
['test_package_v1', ['http://example.com/team-unstable, http://example.co.uk/secure-unstable, https://example.jp/unstable/ -reinstall whatever']],
# Package name, no GooGet arguments, but with custom path to googet.exe
['test_package_v1', [], 'C:\ProgramData\GooGet\googet.exe'],
# Package name, custom GooGet arguments, and custom path to googet.exe
['test_package_v1', ['http://example.com/team-unstable, http://example.co.uk/secure-unstable, https://example.jp/unstable/ -reinstall whatever'], 'C:\ProgramData\GooGet\googet.exe'],
# Package name with custom retry count of 3 and sleep interval of 60 seconds
['test_package_v1', [], 'C:\ProgramData\GooGet\googet.exe', 3, 60],
# Replaces '%' in custom GooGet arguments with the current build branch
['test_package_v1', ['http://example.com/team-%, http://example.co.uk/secure-%, https://example.jp/%/ -reinstall whatever'], 'C:\ProgramData\GooGet\googet.exe'],
# Remove a Googet Package with custom retry count of 3 and sleep interval of 60 seconds
['test_package_v1', [], 'C:\ProgramData\GooGet\googet.exe', 3, 60, true],
]
Attempts to copy a log file to a new destination for collection.
Destinations include Event Log and CIFS. Copy failures only produce warnings rather than hard failures.
Logs will always be copied to the local Application log. Specifying the second logs share parameter will also attempt to copy the log to the specified file share.
LogCopy: ['C:\Windows\Logs\glazier.log', '\\shares.example.com\logs-share']
Make a directory.
MkDir: ['C:\Glazier_Cache']
Print text from a file.
PrintFromFile: ['c:\windows\temp\logo.txt']
# Continue even when the file doesn't exist (ignore errors)
PrintFromFile: ['c:\windows\temp\logo.txt', True]
Run a PowerShell command.
# Specify only the PowerShell script.
PSCommand: ['Write-Verbose Foo -Verbose']
# 0 or 1 as successful exit codes.
PSCommand: ['Write-Verbose Foo -Verbose', [0, 1]]
# 1337 will trigger a restart.
PSCommand: ['Write-Verbose Foo -Verbose', [0, 1], [1337]]
# True will rerun the command after restart.
PSCommand: ['Write-Verbose Foo -Verbose', [0, 1], [1337], True]
# True will ONLY log PowerShell output to console.
PSCommand: ['Write-Verbose Foo -Verbose', [0, 1], [1337], True, True]
# Will not any log PowerShell output.
PSCommand: ['Write-Verbose Foo -Verbose', [0, 1], [1337], True, False, False]
MultiPSCommand:
- ['Write-Information "Setting Execution Policy"']
- ['Set-ExecutionPolicy -ExecutionPolicy RemoteSigned', [0], [1337]]
Run a PowerShell script file using the local PowerShell interpreter.
# Specify only the PowerShell script.
PSScript: ['#Sample-Script.ps1']
# Additional parameters.
PSScript: ['#Sample-Script.ps1', ['-Verbose', '-InformationAction', 'Continue']]
# 0 or 1 as successful exit codes.
PSScript: ['#Sample-Script.ps1', ['-Verbose', '-InformationAction', 'Continue'], [0,1]]
# 1337 will trigger a restart.
PSScript: ['#Sample-Script.ps1', ['-Verbose', '-InformationAction', 'Continue'], [0,1], [1337]]
# True will rerun the command after restart.
PSScript: ['#Sample-Script.ps1', ['-Verbose', '-InformationAction', 'Continue'], [0,1], [1337], True]
# True will ONLY log PowerShell output to console.
PSScript: ['#Sample-Script.ps1', ['-Verbose', '-InformationAction', 'Continue'], [0,1], [1337], True, True]
# Will not any log PowerShell output.
PSScript: ['#Sample-Script.ps1', ['-Verbose', '-InformationAction', 'Continue'], [0,1], [1337], True, False, False]
MultiPSScript:
- ['#Sample-Script.ps1']
- ['#Sample-Script.ps1', ['-Verbose', '-InformationAction', 'Continue'], [0,1], [1337], True, False, False]
Create/modify a registry key.
Also available as MultiRegAdd for creating larger sets of registry keys.
RegAdd: ['HKLM', 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform', 'KeyManagementServiceName', 'kms.example.com', 'REG_SZ']
MultiRegAdd:
- ['HKLM', 'SOFTWARE\Policies\Microsoft\WindowsStore', 'RemoveWindowsStore', 1, 'REG_DWORD']
- ['HKLM', 'SOFTWARE\Policies\Microsoft\Windows\Windows Search', 'AllowCortana', 0, 'REG_DWORD']
Delete a registry key.
RegDel: ['HKLM', 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform', 'KeyManagementServiceName']
MultiRegDel:
- ['HKLM', 'SOFTWARE\Policies\Microsoft\WindowsStore', 'RemoveWindowsStore']
- ['HKLM', 'SOFTWARE\Policies\Microsoft\Windows\Windows Search', 'AllowCortana']
Restart the host machine.
Reboot: [30]
Reboot: [10, "Restarting to finish installing drivers."]
Reboot: [10, "Restarting to finish installing drivers.", True]
Perform a one-shot rebuild of the Glazier task list. Note that a Registry key
created in REG_ROOT\tasklist_regen prevents this action from being run more
than once.
Remove one or more directories.
RmDir: ['C:\Glazier_Cache', 'D:\Glazier_Cache']
Attempts to detect the timezone via DHCP and configures any <TimeZone> fields in unattend.xml with the resulting values.
Creates the imaging cache directory with the path stored in BuildInfo.
SetupCache: []
Add an imaging timer.
SetTimer: ['TimerName']
Show the Chooser UI to display all accumulated options to the user. All results are returned to BuildInfo and the pending options list is cleared.
Shutdown the host machine.
Shutdown: [30]
# Display reason message
Shutdown: [10, "Shutting down to save power."]
# Display reason message and remove the next item in the task list
Shutdown: [10, "Shutting down to save power.", True]
Pause the installer.
Sleep: [30]
# Display reason message
Sleep: [300, "Waiting for Group Policy to apply..."]
Leverage Splice to join a Microsoft Active Directory domain without direct line of sight to a domain controller.
# Using defaults.
SpliceDomainJoin: []
# Attempt unattend, without fallback, and 3 retry attempts.
SpliceDomainJoin: [3, True, False]
# Don't attempt unattend with 5 retry attemps.
SpliceDomainJoin: [5, False]
# Attempt unattend, without fallback, using the Prefix name generator.
# Encryption using a host certificate with identity container "my-container" and issuer "my-issuer".
SpliceDomainJoin: [2, True, False, 'Prefix', ['my-container', 'my-issuer']]
Start a new stage of the imaging process.
Stages are used for tracking (internally and externally) and reporting progress through the imaging process.
StartStage: [1]
Unzip a zip file to the local filesystem.
Format: List
Unzip: ['C:\some_archive.zip', 'C:\Some\Destination\Path']
Process updates in MSU format. Downloads file, verifies hash, creates a SYS_CACHE\Updates folder that is used as a temp location to extract the msu file, and applies the update to the base image.
Update: ['@/Driver/HP/z840/win7/20160909/kb290292.msu',
'C:\Glazier_Cache\kb290292.msu',
'cd8f4222a9ba4c4493d8df208fe38cdad969514512d6f5dfd0f7cc7e1ea2c782']
Issue a warning that can be bypassed by the user.
Warn: ["You probably don't want to do this, or bad things will happen."]
Writes the current total, used, and free disk space to registry (in bytes).
WriteDiskSpace: []