(maint) Do not error when Execution Policy cannot be determined

donoghuc · donoghuc · commit fbb2c52b9ac1 · 2024-04-03T09:38:50.000-07:00
We attempt to compute Execution Policy in order to provide a nice error message for some cases. We are seeing failures in some cases to compute this value. In the case the execution policy cannot be determined we still want to be able to attempt to run the action. This commit handles errors when execution policy cannot be determined.
diff --git a/lib/bolt/shell/powershell/snippets.rb b/lib/bolt/shell/powershell/snippets.rb
@@ -55,21 +55,25 @@ def run_script(arguments, script_path)
             }
             #{build_arg_list}
 
-            switch -regex ( Get-ExecutionPolicy )
+            try
             {
-              '^AllSigned'
+              switch -regex ( Get-ExecutionPolicy )
               {
-                if ((Get-AuthenticodeSignature -File "#{script_path}").Status -ne 'Valid') {
-                  $Host.UI.WriteErrorLine("Error: Target host Powershell ExecutionPolicy is set to ${_} and script '#{script_path}' does not contain a valid signature.")
+                '^AllSigned'
+                {
+                  if ((Get-AuthenticodeSignature -File "#{script_path}").Status -ne 'Valid') {
+                    $Host.UI.WriteErrorLine("Error: Target host Powershell ExecutionPolicy is set to ${_} and script '#{script_path}' does not contain a valid signature.")
+                    exit 1;
+                  }
+                }
+                '^Restricted'
+                {
+                  $Host.UI.WriteErrorLine("Error: Target host Powershell ExecutionPolicy is set to ${_} which denies running any scripts on the target.")
                   exit 1;
                 }
               }
-              '^Restricted'
-              {
-                $Host.UI.WriteErrorLine("Error: Target host Powershell ExecutionPolicy is set to ${_} which denies running any scripts on the target.")
-                exit 1;
-              }
             }
+            catch {}
 
             if([string]::IsNullOrEmpty($invokeArgs.ScriptBlock)){
               $Host.UI.WriteErrorLine("Error: Failed to obtain scriptblock from '#{script_path}'. Running scripts might be disabled on this system. For more information, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170");

Original file line number	Diff line number	Diff line change
`@@ -55,21 +55,25 @@ def run_script(arguments, script_path)`
`55`	`55`	`}`
`56`	`56`	`#{build_arg_list}`
`57`	`57`
`58`		`- switch -regex ( Get-ExecutionPolicy )`
	`58`	`+ try`
`59`	`59`	`{`
`60`		`- '^AllSigned'`
	`60`	`+ switch -regex ( Get-ExecutionPolicy )`
`61`	`61`	`{`
`62`		`- if ((Get-AuthenticodeSignature -File "#{script_path}").Status -ne 'Valid') {`
`63`		`- $Host.UI.WriteErrorLine("Error: Target host Powershell ExecutionPolicy is set to ${_} and script '#{script_path}' does not contain a valid signature.")`
	`62`	`+ '^AllSigned'`
	`63`	`+ {`
	`64`	`+ if ((Get-AuthenticodeSignature -File "#{script_path}").Status -ne 'Valid') {`
	`65`	`+ $Host.UI.WriteErrorLine("Error: Target host Powershell ExecutionPolicy is set to ${_} and script '#{script_path}' does not contain a valid signature.")`
	`66`	`+ exit 1;`
	`67`	`+ }`
	`68`	`+ }`
	`69`	`+ '^Restricted'`
	`70`	`+ {`
	`71`	`+ $Host.UI.WriteErrorLine("Error: Target host Powershell ExecutionPolicy is set to ${_} which denies running any scripts on the target.")`
`64`	`72`	`exit 1;`
`65`	`73`	`}`
`66`	`74`	`}`
`67`		`- '^Restricted'`
`68`		`- {`
`69`		`- $Host.UI.WriteErrorLine("Error: Target host Powershell ExecutionPolicy is set to ${_} which denies running any scripts on the target.")`
`70`		`- exit 1;`
`71`		`- }`
`72`	`75`	`}`
	`76`	`+ catch {}`
`73`	`77`
`74`	`78`	`if([string]::IsNullOrEmpty($invokeArgs.ScriptBlock)){`
`75`	`79`	`$Host.UI.WriteErrorLine("Error: Failed to obtain scriptblock from '#{script_path}'. Running scripts might be disabled on this system. For more information, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170");`