release: v4.1.0 — restructure entry points, add CIS baselines, reporting tools and fzf hints
- Restructure launchers: Start-IntuneToolkit.ps1 moves to repo root; Start-HeadlessIntune.ps1 moves to Scripts/; TUI helper moves to Scripts/Private/ - Add AGENTS.md with project architecture, entry points, and security notes - Add CIS M365 baseline assets (CISM365-v7, M365-CIS-Rapid) and reporting scripts - Add Python reporting utilities (Export-SettingsReport, Export-AssignmentReport, Export-ObjectInventoryReport) and CA wizard helpers - Update Deploy-IntuneBaseline.ps1 with Merge conflict resolution, ReportPath, and optimized group loading - Update Initialize-IntuneAuth.ps1 with -RotateSecret and configurable secret expiry - Update Extensions for Settings Catalog definition auto-export - Update README with v4.1.0, new entry points and script catalog - Bump VERSION to 4.1.0 - Harden .gitignore against .DS_Store, __pycache__, .venv-pdf/, local exports, Settings.json and IntuneManagement.log
This commit is contained in:
@@ -0,0 +1,99 @@
|
||||
#requires -Version 7.0
|
||||
<#
|
||||
.SYNOPSIS
|
||||
Launches the interactive Conditional Access Policy Wizard (TUI).
|
||||
|
||||
.DESCRIPTION
|
||||
Starts the Python-based TUI wizard that guides you through tenant,
|
||||
user, admin, guest, and application policy choices. The wizard
|
||||
generates a deployment-ready YAML baseline using the structured
|
||||
naming convention.
|
||||
|
||||
Automatically locates the project venv or system Python with the
|
||||
required packages (rich, pyyaml).
|
||||
|
||||
.EXAMPLE
|
||||
./Scripts/Start-CAWizard.ps1
|
||||
#>
|
||||
[CmdletBinding()]
|
||||
param()
|
||||
|
||||
$ErrorActionPreference = 'Stop'
|
||||
|
||||
$wizardPath = Join-Path $PSScriptRoot 'ca-wizard.py'
|
||||
if (-not (Test-Path $wizardPath)) {
|
||||
throw "Wizard script not found: $wizardPath"
|
||||
}
|
||||
|
||||
# =====================================================================
|
||||
# Resolve Python interpreter
|
||||
# =====================================================================
|
||||
|
||||
function Test-PythonPackages {
|
||||
param([string]$PyExe)
|
||||
if (-not $PyExe) { return $false }
|
||||
try {
|
||||
$result = & $PyExe -c "import rich, yaml" 2>&1
|
||||
return ($LASTEXITCODE -eq 0)
|
||||
} catch {
|
||||
return $false
|
||||
}
|
||||
}
|
||||
|
||||
$candidates = [System.Collections.Generic.List[string]]::new()
|
||||
|
||||
# 1. Project venv (Linux/macOS)
|
||||
$venvPy = Join-Path (Split-Path $PSScriptRoot -Parent) '.venv-pdf/bin/python3'
|
||||
if (Test-Path $venvPy) { $candidates.Add($venvPy) }
|
||||
|
||||
# 2. Project venv (Windows)
|
||||
$venvPyWin = Join-Path (Split-Path $PSScriptRoot -Parent) '.venv-pdf/Scripts/python.exe'
|
||||
if (Test-Path $venvPyWin) { $candidates.Add($venvPyWin) }
|
||||
|
||||
# 3. Common system commands
|
||||
foreach ($cmd in @('python3', 'python')) {
|
||||
$found = Get-Command $cmd -ErrorAction SilentlyContinue
|
||||
if ($found) { $candidates.Add($found.Source) }
|
||||
}
|
||||
|
||||
$pythonPath = $null
|
||||
foreach ($c in $candidates) {
|
||||
if (Test-PythonPackages -PyExe $c) {
|
||||
$pythonPath = $c
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
# If nothing has the packages, try installing into the venv
|
||||
if (-not $pythonPath) {
|
||||
$venvPy = $candidates | Where-Object { $_ -match '\.venv' } | Select-Object -First 1
|
||||
if ($venvPy -and (Test-Path $venvPy)) {
|
||||
Write-Host "Installing required packages into venv..." -ForegroundColor Yellow
|
||||
$pip = Join-Path (Split-Path $venvPy -Parent) 'pip'
|
||||
if (-not (Test-Path $pip)) { $pip = Join-Path (Split-Path $venvPy -Parent) 'pip3' }
|
||||
& $pip install rich pyyaml 2>&1 | ForEach-Object { Write-Host " $_" -ForegroundColor DarkGray }
|
||||
if (Test-PythonPackages -PyExe $venvPy) {
|
||||
$pythonPath = $venvPy
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (-not $pythonPath) {
|
||||
throw @"
|
||||
Could not find a Python interpreter with 'rich' and 'pyyaml' installed.
|
||||
|
||||
Please install the requirements:
|
||||
python3 -m pip install rich pyyaml
|
||||
|
||||
Or activate the project venv manually:
|
||||
source .venv-pdf/bin/activate
|
||||
python3 Scripts/ca-wizard.py
|
||||
"@
|
||||
}
|
||||
|
||||
Write-Host "Using Python: $pythonPath" -ForegroundColor DarkGray
|
||||
|
||||
# =====================================================================
|
||||
# Run wizard
|
||||
# =====================================================================
|
||||
& $pythonPath $wizardPath
|
||||
Reference in New Issue
Block a user