search

rgl / packer-plugin-windows-update

Packer plugin for installing Windows updates
Mozilla Public License 2.0
299 stars 71 forks source link

Delete scheduled tasks after execution #126

Closed PfurtschellerP closed 1 year ago

PfurtschellerP commented 1 year ago

Problem

The plugin leaves two scheduled tasks behin starting with packer-windows-update that might pose a security risk. This was also mentioned in issue https://github.com/rgl/packer-plugin-windows-update/issues/106.

Question

Could this be a suitable fix? Is does not look like the tasks are re-used anywhere so why not delete them as part of the execution. Unfortunately, I don't have a development environment set up for plugin development to test it myself nor do I know Go. @rgl could you maybe have a quick look at this? Thank you in advance.

rgl commented 1 year ago

I've tested it, and it works as expected. You can mark this MR ready for review.

Be aware this also leaves the logs in c:\windows\temp, so you probably also need to add an external provisioning step (outside this plugin) to remove the log files.

PfurtschellerP commented 1 year ago

@rgl Thank you for your quick response. Just one last question. Would it be possible to create a new release for this?

rgl commented 1 year ago

@PfurtschellerP, its now released at https://github.com/rgl/packer-plugin-windows-update/releases/tag/v0.14.3. Thank you!