[06_Migration_Secure_AI_Ready] Update Bootstrap and ClientVM deployment (#311)

* Add logging for invocation line and bound parameters

* Refactor Azure Bootstrap script for improved clarity

* Update commandToExecute for PowerShell script

Author: ASchwarz1984

03-Azure/01-03-Infrastructure/06_Migration_Secure_AI_Ready/resources/artifacts/Bootstrap.ps1

@@ -88,6 +88,28 @@ New-Item -Path $Env:MHBoxDemoPageDir -ItemType directory -Force
 
 Start-Transcript -Path $Env:MHBoxLogsDir\Bootstrap.log
 
+Write-Host "Invocation line:"
+Write-Host $MyInvocation.Line
+
+Write-Host "Bound parameters:"
+$PSBoundParameters.GetEnumerator() | Sort-Object Name | ForEach-Object {
+    Write-Host "$($_.Key) = $($_.Value)"
+}
+
+# Early Az init - before any module install/update in this session
+$ErrorActionPreference = 'Stop'
+
+Disable-AzContextAutosave -Scope Process | Out-Null
+
+Import-Module Az.Accounts -Force
+Import-Module Az.Resources -Force
+Import-Module Az.KeyVault -Force
+
+Connect-AzAccount -Identity -Tenant $tenantId -Subscription $subscriptionId | Out-Null
+Set-AzContext -Subscription $subscriptionId | Out-Null
+
+Write-Host "Az context initialized successfully"
+
 # Set SyncForegroundPolicy to 1 to ensure that the scheduled task runs after the client VM joins the domain
 Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" "SyncForegroundPolicy" 1
 
@@ -110,8 +132,6 @@ foreach ($module in $modules) {
 }
 
 # Add Key Vault Secrets
-Connect-AzAccount -Identity
-
 $DeploymentProgressString = "Started bootstrap-script..."
 
 $tags = Get-AzResourceGroup -Name $resourceGroup | Select-Object -ExpandProperty Tags
@@ -336,10 +356,10 @@ if ($flavor -eq "ITPro") {
     Register-ScheduledTask -TaskName "MHServersLogonScript" -User $adminUsername -Action $Action -RunLevel "Highest" -Force
 }
 
-    # Disabling Windows Server Manager Scheduled Task
-    Get-ScheduledTask -TaskName ServerManager | Disable-ScheduledTask
+# Disabling Windows Server Manager Scheduled Task
+Get-ScheduledTask -TaskName ServerManager | Disable-ScheduledTask
 
-    if ($flavor -eq "ITPro") {
+if ($flavor -eq "ITPro") {
 
     Write-Header "Installing Hyper-V"
 
@@ -349,14 +369,13 @@ if ($flavor -eq "ITPro") {
     Enable-WindowsOptionalFeature -Online -FeatureName VirtualMachinePlatform -NoRestart
     Install-WindowsFeature -Name Hyper-V -IncludeAllSubFeature -IncludeManagementTools -Restart
 
-    }
-
-    # Clean up Bootstrap.log
-    Write-Host "Clean up Bootstrap.log"
-    Stop-Transcript
-    $logSuppress = Get-Content $Env:MHBoxLogsDir\Bootstrap.log | Where-Object { $_ -notmatch "Host Application: $ScheduledTaskExecutable" }
-    $logSuppress | Set-Content $Env:MHBoxLogsDir\Bootstrap.log -Force
+}
 
+# Clean up Bootstrap.log
+Write-Host "Clean up Bootstrap.log"
+Stop-Transcript
+$logSuppress = Get-Content $Env:MHBoxLogsDir\Bootstrap.log | Where-Object { $_ -notmatch "Host Application: $ScheduledTaskExecutable" }
+$logSuppress | Set-Content $Env:MHBoxLogsDir\Bootstrap.log -Force
 
 # Restart computer
-Restart-Computer
+Restart-Computer

03-Azure/01-03-Infrastructure/06_Migration_Secure_AI_Ready/resources/bicep/clientVm/clientVm.bicep

@@ -225,8 +225,8 @@ resource vm 'Microsoft.Compute/virtualMachines@2024-07-01' = {
       fileUris: [
         uri(templateBaseUrl, 'artifacts/Bootstrap.ps1')
       ]
-      //commandToExecute: 'powershell.exe -ExecutionPolicy Bypass -File Bootstrap.ps1 -adminUsername ${windowsAdminUsername} -tenantId ${tenantId} -spnAuthority ${spnAuthority} -subscriptionId ${subscription().subscriptionId} -resourceGroup ${resourceGroup().name} -acceptEula ${acceptEula} -registryUsername ${registryUsername} -azureLocation ${location} -templateBaseUrl ${templateBaseUrl} -flavor ${flavor} -githubUser ${githubUser} -githubBranch ${githubBranch} -vmAutologon ${vmAutologon} -rdpPort ${rdpPort} -namingPrefix ${namingPrefix} -debugEnabled ${debugEnabled} -sqlServerEdition ${sqlServerEdition} -autoShutdownEnabled ${autoShutdownEnabled}'
-      commandToExecute: 'powershell.exe -ExecutionPolicy Bypass -File Bootstrap.ps1 -adminUsername ${windowsAdminUsername} -tenantId ${tenantId} -spnAuthority ${spnAuthority} -subscriptionId ${subscription().subscriptionId} -resourceGroup ${resourceGroup().name} -acceptEula ${acceptEula} -registryUsername ${registryUsername} -azureLocation ${location} -templateBaseUrl ${templateBaseUrl} -flavor ${flavor} -githubUser ${githubUser} -githubBranch ${githubBranch} -vmAutologon ${vmAutologon} -rdpPort ${rdpPort} -namingPrefix "MHBox" -debugEnabled ${debugEnabled} -sqlServerEdition ${sqlServerEdition} -autoShutdownEnabled ${autoShutdownEnabled}'
+      //commandToExecute: 'powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Bypass -File Bootstrap.ps1 -adminUsername ${windowsAdminUsername} -tenantId ${tenantId} -spnAuthority ${spnAuthority} -subscriptionId ${subscription().subscriptionId} -resourceGroup ${resourceGroup().name} -acceptEula ${acceptEula} -registryUsername ${registryUsername} -azureLocation ${location} -templateBaseUrl ${templateBaseUrl} -flavor ${flavor} -githubUser ${githubUser} -githubBranch ${githubBranch} -vmAutologon ${vmAutologon} -rdpPort ${rdpPort} -namingPrefix ${namingPrefix} -debugEnabled ${debugEnabled} -sqlServerEdition ${sqlServerEdition} -autoShutdownEnabled ${autoShutdownEnabled}'
+      commandToExecute: 'powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Bypass -File Bootstrap.ps1 -adminUsername ${windowsAdminUsername} -tenantId ${tenantId} -spnAuthority ${spnAuthority} -subscriptionId ${subscription().subscriptionId} -resourceGroup ${resourceGroup().name} -acceptEula ${acceptEula} -registryUsername ${registryUsername} -azureLocation ${location} -templateBaseUrl ${templateBaseUrl} -flavor ${flavor} -githubUser ${githubUser} -githubBranch ${githubBranch} -vmAutologon ${vmAutologon} -rdpPort ${rdpPort} -namingPrefix "MHBox" -debugEnabled ${debugEnabled} -sqlServerEdition ${sqlServerEdition} -autoShutdownEnabled ${autoShutdownEnabled}'
     }
   }
 }