Improve package guard system to handle hotfixes

[Annih]

Most hotfixes requires a WMI query to detect whether they are installed
or not. Hotfixes maybe superseded by others and can't be installed when
a superseding package is already present.

To handle these case, update the semantic of the not_if field of the
packages definition:

• A String not_if value is a command to execute.
• A Array not_if value is a list of hotfixes to check using wmi.

Wmi-lite is used to perform a single query for all hotfixes. If any
of the defined hotfixes is present, the package won't be installed.
This should fix #45 & #54.

Tests and README.md have been updated accordingly.

Cc. @aboten

[Annih]

@olivierlemasle & @meknipp have you been able to test this?

[olivierlemasle]

Yes, I've tested it and the installation of .Net 4.6 fails with my box on this branch. I'd like to test again with a minimal test case to reproduce the issue.

[Annih]

Hum that's sad. Let me know if I can help. I'll provide a cleaner patch, rebased on master very soon.

[olivierlemasle]

Hi @Annih,

Sorry for the delay; I ran a lot of tests in order to undestand the issue I had on this branch.
It appears that my issue on branch better_qfe_check was not specific to this branch, but was due to commit f585848 and the installation of patch KB3083186.

I tested the installation of .Net 4.6 on my Windows 2012 R2 box with no update. More specifically, I used the box "virtualbox/eval-win2012r2-standard" created with https://github.com/boxcutter/windows (with boxcutter/windows#91 merged).

I used Kitchen to test the installation (but I tested only dotnet4-windows-2012r2). For my tests, I just modified .kitchen.yml to:

• Add attributes:

attributes:
   ms_dotnet:
    v4:
      version: "4.6"           # I wanted to test .Net 4.6
      perform_reboot: true     # On a box with no update installed, you have to
                               # reboot between some installation steps

• specify chef version (12.19.33)
• increase max_retries to 5 (because several reboots are needed)
• and add a wait_for_retry: 300

On both branches master and better_qfe_check, after reverting commit f585848, Kitchen tests run perfectly:

• installation of KB2919442
• Installation of KB2919355
• Reboot
• Installation of KB3173424
• Installation of .Net 4.6 (NDP46-KB3045557-x86-x64-AllOS-ENU.exe)
• Reboot

However, it does not install patch KB3083186 as after the last reboot, .Net 4.6 is considered already installed.

If I keep commit f585848, the installation tries to continue to install patches (I read your comment #55 (comment), so I understand it was the goal). However, the installation of patch ndp46-kb3083186-x64.exe fails:

[2017-04-30T09:06:30-07:00] FATAL: Mixlib::ShellOut::ShellCommandFailed: ms_dotnet_framework[4.6] (ms_dotnet::ms_dotnet4 line 24) had an error: Mixlib::ShellOut::ShellCommandFailed: windows_package[Update for Microsoft .NET Framework 4.6 (KB3083186)] (C:/Users/vagrant/AppData/Local/Temp/kitchen/cache/cookbooks/ms_dotnet/resources/framework.rb line 77) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0, 3010], but received '1642'
---- Begin output of start "" /wait "c:\users\vagrant\appdata\local\temp\kitchen\cache\package\ndp46-kb3083186-x64.exe"   /q /norestart & exit %%%%ERRORLEVEL%%%% ----
STDOUT: 
STDERR: 
---- End output of start "" /wait "c:\users\vagrant\appdata\local\temp\kitchen\cache\package\ndp46-kb3083186-x64.exe"   /q /norestart & exit %%%%ERRORLEVEL%%%% ----
Ran start "" /wait "c:\users\vagrant\appdata\local\temp\kitchen\cache\package\ndp46-kb3083186-x64.exe"   /q /norestart & exit %%%%ERRORLEVEL%%%% returned 1642

Reading https://www.microsoft.com/en-US/download/details.aspx?id=48450, I think it's just because this patch does not apply for Windows 2012 R2. I tried to install this patch manually and I had the following error:

Software Update KB3083186 Installation Wizard does not apply, or is blocked by another condition on your computer.

So it seems there's indeed a bug regarding patches, but totally unrelated to this pull request.

Therefore, regarding this pull request, 👍 for me, thanks!

[Annih]

Wow that's a very detailed answer @olivierlemasle.
Thank you for taking the time to perform all these tests and writing this answer!

You have discovered yet another bug here. KB3083186 is not applicable on recent Windows version.
According to https://support.microsoft.com/help/3086251, we should use KB3083184 & KB3083185 for 2012 and 2012R2.

I'll fix travis issues for this PR, and create another one for the faulty patch :)

[Annih]

@jmauro this patch has been rebased :)

[jmauro]

This is definition is not used anymore?

[Annih]

@jmauro comment taken into account :)

[jmauro]

Test are failing... Rubucop rule:
resources/framework.rb:58:1: C: Block has too many lines. [91/90]

[jmauro]

Still not rubocop compliant :D

[Annih]

Now it is