v1.94.11 — fix -Action Batch headless mode (Silent + JSON)

TheAbider · TheAbider · commit 354c6cf3b72c · 2026-04-16T22:30:47.000-07:00
- Fix: -Action Batch -Silent no longer cancels on the confirmation
  prompt. The confirmation is now skipped entirely in -Silent mode
  (caller already committed by invoking Batch with a config).
- Fix: -Action Batch -Silent no longer hangs on Read-Host when
  creating a local admin. Password now reads from (in priority):
  Config.LocalAdminPassword, env var named by Config.LocalAdminPasswordEnv,
  or $env:RACKSTACK_LOCAL_ADMIN_PWD. Missing -&gt; clean failure with
  diagnostic rather than blocking.
- Fix: -Action Batch -Silent no longer hangs on the post-failure
  undo prompt. Uses Confirm-UserAction so silent-mode returns the
  safe default (skip undo) instead of blocking on Read-Host.
- Fix: -Action Batch -OutputFormat JSON now emits a machine-readable
  summary on completion. Previously Batch silently produced no JSON
  even when JSON was requested.
diff --git a/Changelog.md b/Changelog.md
@@ -1,5 +1,13 @@
 ﻿# Changelog
 
+## v1.94.11
+
+- **Fix:** `-Action Batch -Silent` no longer cancels on the confirmation prompt. Previously `Confirm-UserAction` in silent mode returned the DefaultNo answer, so every headless batch run aborted before doing anything. The confirmation is now skipped entirely in `-Silent` mode (the caller already committed by invoking Batch with a config).
+- **Fix:** `-Action Batch -Silent` no longer hangs on `Read-Host` when creating a local admin account. In silent mode the password now comes from (in priority order): `Config.LocalAdminPassword` (inline), the env var named by `Config.LocalAdminPasswordEnv`, or `$env:RACKSTACK_LOCAL_ADMIN_PWD`. If none are set, the step fails cleanly with a diagnostic instead of blocking forever.
+- **Fix:** `-Action Batch -Silent` no longer hangs on the post-failure undo prompt. The prompt now goes through `Confirm-UserAction`, which in silent mode returns the safe default (skip undo) rather than blocking on `Read-Host`.
+- **Fix:** `-Action Batch -OutputFormat JSON` now emits a machine-readable summary on completion — `{Action, Timestamp, Hostname, ConfigType, DryRun, TotalSteps, ChangesApplied, Skipped, Errors, RebootNeeded, Success}`. Previously the Batch action silently produced no JSON even when JSON was requested.
+- 65 modules, 4535 tests, 167 CLI actions, 615 functions
+
 ## v1.94.10
 
 - **Fix:** Batch mode now returns a meaningful exit code — `Start-BatchMode` returns the failed-step count and both CLI callers (`-Action Batch` and the auto-run from `batch_config.json`) set the process exit code accordingly. Previously both paths unconditionally exited `0`, so CI/CD orchestration couldn't detect when batch steps failed.
diff --git a/Header.ps1 b/Header.ps1
@@ -30,7 +30,7 @@
     7h3 4b1d3r
 
 .VERSION
-    1.94.10
+    1.94.11
 
 .LAST UPDATED
     04/16/2026
diff --git a/Modules/00-Initialization.ps1 b/Modules/00-Initialization.ps1
@@ -164,7 +164,7 @@ if (-not $PSCommandPath -and $script:ScriptPath) {
 if (-not $script:ModuleRoot -and $script:ScriptPath) {
     $script:ModuleRoot = [System.IO.Path]::GetDirectoryName($script:ScriptPath)
 }
-$script:ScriptVersion = "1.94.10"
+$script:ScriptVersion = "1.94.11"
 $script:ScriptStartTime = Get-Date
 
 # CLI headless mode parameters (populated from param block in monolithic/exe)
diff --git a/Modules/50-EntryPoint.ps1 b/Modules/50-EntryPoint.ps1
@@ -11744,10 +11744,14 @@ function Start-BatchMode {
     Write-OutputColor "" -color "Info"
 
     if (-not $script:DryRunMode) {
-        if (-not (Confirm-UserAction -Message "Proceed with batch configuration?")) {
-            Write-OutputColor "  Batch mode cancelled by user." -color "Info"
-            Stop-ScriptTranscript
-            return 0  # user-cancelled → clean exit
+        # Headless mode (-Silent): caller already committed by invoking Batch with a config, so skip the confirmation prompt.
+        # Without this, -Silent would cause the default-No confirmation to auto-cancel the batch.
+        if (-not $script:CLISilent) {
+            if (-not (Confirm-UserAction -Message "Proceed with batch configuration?")) {
+                Write-OutputColor "  Batch mode cancelled by user." -color "Info"
+                Stop-ScriptTranscript
+                return 0  # user-cancelled → clean exit
+            }
         }
     }
 
@@ -12276,7 +12280,30 @@ function Start-BatchMode {
             if ($existingUser) {
                 Write-OutputColor "           Account '$adminName' already exists." -color "Warning"
             } else {
-                $securePassword = Read-Host -Prompt "           Enter password for $adminName" -AsSecureString
+                if ($script:CLISilent) {
+                    # Headless mode: Read-Host would hang. Pull the password from
+                    # config (inline for convenience) or an env var (safer — avoids on-disk plaintext).
+                    # Precedence: Config.LocalAdminPassword  >  env var named by Config.LocalAdminPasswordEnv  >  RACKSTACK_LOCAL_ADMIN_PWD
+                    $pwdPlain = $null
+                    if ($Config.LocalAdminPassword) {
+                        $pwdPlain = [string]$Config.LocalAdminPassword
+                    } elseif ($Config.LocalAdminPasswordEnv) {
+                        $pwdPlain = [Environment]::GetEnvironmentVariable([string]$Config.LocalAdminPasswordEnv, 'Process')
+                    } elseif ($env:RACKSTACK_LOCAL_ADMIN_PWD) {
+                        $pwdPlain = $env:RACKSTACK_LOCAL_ADMIN_PWD
+                    }
+                    if ([string]::IsNullOrWhiteSpace($pwdPlain)) {
+                        throw "Headless batch: no LocalAdminPassword source configured (set Config.LocalAdminPassword, Config.LocalAdminPasswordEnv, or `$env:RACKSTACK_LOCAL_ADMIN_PWD)."
+                    }
+                    # Build SecureString via AppendChar — avoids the ConvertTo-SecureString -AsPlainText PSSA rule
+                    # and matches the pattern already used in test harnesses (see rackstack_powershell_gotchas.md).
+                    $securePassword = New-Object System.Security.SecureString
+                    foreach ($ch in $pwdPlain.ToCharArray()) { $securePassword.AppendChar($ch) }
+                    $securePassword.MakeReadOnly()
+                    $pwdPlain = $null  # release plaintext reference ASAP
+                } else {
+                    $securePassword = Read-Host -Prompt "           Enter password for $adminName" -AsSecureString
+                }
                 New-LocalUser -Name $adminName -Password $securePassword -FullName $adminName -Description "Local Admin" -PasswordNeverExpires -ErrorAction Stop | Out-Null
                 Add-LocalGroupMember -Group "Administrators" -Member $adminName -ErrorAction Stop
                 Write-OutputColor "           Local admin '$adminName' created and added to Administrators." -color "Success"
@@ -13094,15 +13121,13 @@ function Start-BatchMode {
         return $errors  # propagate dry-run error count
     }
 
-    # Undo prompt on errors
+    # Undo prompt on errors — uses Confirm-UserAction so -Silent mode returns the safe default (No, skip undo) instead of hanging on Read-Host.
     if ($errors -gt 0 -and $script:BatchUndoStack.Count -gt 0) {
         $reversible = @($script:BatchUndoStack | Where-Object { $_.Reversible })
         if ($reversible.Count -gt 0) {
             Write-OutputColor "" -color "Info"
             Write-OutputColor "  $errors step(s) failed. $($reversible.Count) previous step(s) can be undone." -color "Warning"
-            Write-OutputColor "  Undo all reversible changes? [y/N]: " -color "Warning"
-            $undoChoice = Read-Host
-            if ($undoChoice -eq 'y' -or $undoChoice -eq 'Y') {
+            if (Confirm-UserAction -Message "Undo all reversible changes?") {
                 Invoke-BatchUndo
             }
         }
@@ -13127,6 +13152,26 @@ function Start-BatchMode {
     Write-OutputColor ("=" * 65) -color "Info"
     Write-OutputColor "" -color "Info"
 
+    # Machine-readable summary for -OutputFormat JSON — orchestration can parse instead of scraping text
+    if ($script:CLIOutputFormat -eq 'JSON') {
+        $batchJson = @{
+            Tool          = $script:ToolFullName
+            Version       = $script:ScriptVersion
+            Action        = 'Batch'
+            Timestamp     = (Get-Date -Format "yyyy-MM-ddTHH:mm:ss")
+            Hostname      = $env:COMPUTERNAME
+            ConfigType    = $configType
+            DryRun        = [bool]$script:DryRunMode
+            TotalSteps    = $totalSteps
+            ChangesApplied = $changesApplied
+            Skipped       = $skipped
+            Errors        = $errors
+            RebootNeeded  = [bool]$global:RebootNeeded
+            Success       = ($errors -eq 0)
+        }
+        Write-Output ($batchJson | ConvertTo-Json -Depth 10 -Compress)
+    }
+
     # Auto-save drift baseline after batch mode (v1.7.1)
     if ($changesApplied -gt 0) {
         try {
diff --git a/RackStack.ps1 b/RackStack.ps1
@@ -13,7 +13,7 @@
     Environment-specific settings are configured via defaults.json.
 
 .VERSION
-    1.94.10
+    1.94.11
 
 .NOTES
     - Requires Windows Server 2012 R2 or later (or Windows 10/11 for testing)
diff --git a/Tests/Run-Tests.ps1 b/Tests/Run-Tests.ps1
@@ -1,6 +1,6 @@
 ﻿<#
 .SYNOPSIS
-    Automated Test Runner for RackStack v1.94.10
+    Automated Test Runner for RackStack v1.94.11
 
 .DESCRIPTION
     Comprehensive non-interactive test suite covering:

Original file line number	Diff line number	Diff line change
`@@ -164,7 +164,7 @@ if (-not $PSCommandPath -and $script:ScriptPath) {`
`164`	`164`	`if (-not $script:ModuleRoot -and $script:ScriptPath) {`
`165`	`165`	`$script:ModuleRoot = [System.IO.Path]::GetDirectoryName($script:ScriptPath)`
`166`	`166`	`}`
`167`		`-$script:ScriptVersion = "1.94.10"`
	`167`	`+$script:ScriptVersion = "1.94.11"`
`168`	`168`	`$script:ScriptStartTime = Get-Date`
`169`	`169`
`170`	`170`	`# CLI headless mode parameters (populated from param block in monolithic/exe)`