diff --git a/.gitignore b/.gitignore index d59a4e5c5..00b8f1241 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,9 @@ # local preference scripts/utilities .local/ +# Required modules folder +RequiredModules/ + # Build output folder output/ diff --git a/Tests/Integration/DSCResources/Adobe.config.ps1 b/Tests/Integration/DSCResources/Adobe.config.ps1 index 9148e01f2..75979f422 100644 --- a/Tests/Integration/DSCResources/Adobe.config.ps1 +++ b/Tests/Integration/DSCResources/Adobe.config.ps1 @@ -42,6 +42,7 @@ configuration Adobe_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName GPRegistryPolicyDsc Node localhost { diff --git a/Tests/Integration/DSCResources/Chrome.config.ps1 b/Tests/Integration/DSCResources/Chrome.config.ps1 index d4303b9f7..4d9944533 100644 --- a/Tests/Integration/DSCResources/Chrome.config.ps1 +++ b/Tests/Integration/DSCResources/Chrome.config.ps1 @@ -42,6 +42,7 @@ configuration Chrome_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName GPRegistryPolicyDsc Node localhost { diff --git a/Tests/Integration/DSCResources/Common.integration.ps1 b/Tests/Integration/DSCResources/Common.integration.ps1 index 4191a5cc3..5db414d59 100644 --- a/Tests/Integration/DSCResources/Common.integration.ps1 +++ b/Tests/Integration/DSCResources/Common.integration.ps1 @@ -30,6 +30,10 @@ Describe ($title + " $($stig.StigVersion) mof output") { { & $technologyConfig @testParameterList } | Should -Not -Throw } + It 'Should compile a useable MOF' { + { Test-DscConfiguration -Path $testParameterList['OutputPath'] } | Should -Not -Throw + } + $ruleNames = (Get-Member -InputObject $powerstigXml | Where-Object -FilterScript { $_.Name -match '.*Rule' -and $_.Name -ne 'DocumentRule' -and $_.Name -ne 'ManualRule' }).Name diff --git a/Tests/Integration/DSCResources/Edge.config.ps1 b/Tests/Integration/DSCResources/Edge.config.ps1 index 2a5de5dd6..8ff5cbc7e 100644 --- a/Tests/Integration/DSCResources/Edge.config.ps1 +++ b/Tests/Integration/DSCResources/Edge.config.ps1 @@ -42,6 +42,7 @@ configuration Edge_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName GPRegistryPolicyDsc Node localhost { diff --git a/Tests/Integration/DSCResources/Firefox.config.ps1 b/Tests/Integration/DSCResources/Firefox.config.ps1 index 8f64be864..dee51c127 100644 --- a/Tests/Integration/DSCResources/Firefox.config.ps1 +++ b/Tests/Integration/DSCResources/Firefox.config.ps1 @@ -42,6 +42,7 @@ configuration Firefox_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName FileContentDsc Node localhost { diff --git a/Tests/Integration/DSCResources/Firefox.integration.tests.ps1 b/Tests/Integration/DSCResources/Firefox.integration.tests.ps1 index 7d0055f41..7d77d22bd 100644 --- a/Tests/Integration/DSCResources/Firefox.integration.tests.ps1 +++ b/Tests/Integration/DSCResources/Firefox.integration.tests.ps1 @@ -21,11 +21,11 @@ foreach ($stig in $stigList) { $ruleType = "RegistryRule" } - else + else { $ruleType = "FileContentRule" } - + $skipRule = Get-Random -InputObject $powerstigXml.$ruleType.Rule.id $skipRuleType = $null $expectedSkipRuleTypeCount = 0 + $blankSkipRuleId.Count diff --git a/Tests/Integration/DSCResources/IisServer.integration.tests.ps1 b/Tests/Integration/DSCResources/IisServer.integration.tests.ps1 index a89452132..7d4c38fc6 100644 --- a/Tests/Integration/DSCResources/IisServer.integration.tests.ps1 +++ b/Tests/Integration/DSCResources/IisServer.integration.tests.ps1 @@ -13,7 +13,7 @@ $resourceParameters = $resourceInformation.Properties.Name $additionalTestParameterList = @{ LogPath = $env:temp } -<# +<# foreach ($stig in $stigList) { $orgSettingsPath = $stig.Path.Replace('.xml', '.org.default.xml') @@ -50,4 +50,4 @@ foreach ($stig in $stigList) . "$PSScriptRoot\Common.integration.ps1" } -#> \ No newline at end of file +#> diff --git a/Tests/Integration/DSCResources/IisSite.config.ps1 b/Tests/Integration/DSCResources/IisSite.config.ps1 index ea88a61ec..b5711bbf9 100644 --- a/Tests/Integration/DSCResources/IisSite.config.ps1 +++ b/Tests/Integration/DSCResources/IisSite.config.ps1 @@ -52,6 +52,7 @@ configuration IisSite_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName PSDscResources Node localhost { diff --git a/Tests/Integration/DSCResources/InternetExplorer.config.ps1 b/Tests/Integration/DSCResources/InternetExplorer.config.ps1 index fa79dea81..2d35c8f64 100644 --- a/Tests/Integration/DSCResources/InternetExplorer.config.ps1 +++ b/Tests/Integration/DSCResources/InternetExplorer.config.ps1 @@ -42,6 +42,7 @@ configuration InternetExplorer_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName GPRegistryPolicyDsc Node localhost { diff --git a/Tests/Integration/DSCResources/McAfee.config.ps1 b/Tests/Integration/DSCResources/McAfee.config.ps1 index c9d376aaf..98a5c2415 100644 --- a/Tests/Integration/DSCResources/McAfee.config.ps1 +++ b/Tests/Integration/DSCResources/McAfee.config.ps1 @@ -43,6 +43,7 @@ configuration McAfee_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName PSDscResources Node localhost { diff --git a/Tests/Integration/DSCResources/Office.config.ps1 b/Tests/Integration/DSCResources/Office.config.ps1 index a43bf382e..8fa703f75 100644 --- a/Tests/Integration/DSCResources/Office.config.ps1 +++ b/Tests/Integration/DSCResources/Office.config.ps1 @@ -42,6 +42,7 @@ configuration Office_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName GPRegistryPolicyDsc Node localhost { diff --git a/Tests/Integration/DSCResources/OracleJRE.config.ps1 b/Tests/Integration/DSCResources/OracleJRE.config.ps1 index f2a6d3d9a..eb64b81a1 100644 --- a/Tests/Integration/DSCResources/OracleJRE.config.ps1 +++ b/Tests/Integration/DSCResources/OracleJRE.config.ps1 @@ -52,6 +52,7 @@ configuration OracleJRE_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName FileContentDsc Node localhost { diff --git a/Tests/Integration/DSCResources/SqlServer.config.ps1 b/Tests/Integration/DSCResources/SqlServer.config.ps1 index 2bab666b2..6b194365b 100644 --- a/Tests/Integration/DSCResources/SqlServer.config.ps1 +++ b/Tests/Integration/DSCResources/SqlServer.config.ps1 @@ -43,6 +43,7 @@ configuration SqlServer_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName SqlServerDsc Node localhost { diff --git a/Tests/Integration/DSCResources/Vsphere.config.ps1 b/Tests/Integration/DSCResources/Vsphere.config.ps1 index 3d7272dd6..47e0b6784 100644 --- a/Tests/Integration/DSCResources/Vsphere.config.ps1 +++ b/Tests/Integration/DSCResources/Vsphere.config.ps1 @@ -66,6 +66,7 @@ configuration Vsphere_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName VMware.vSphereDSC Node localhost { diff --git a/Tests/Integration/DSCResources/WindowsClient.config.ps1 b/Tests/Integration/DSCResources/WindowsClient.config.ps1 index 0bdb4c21a..9dd3f06f6 100644 --- a/Tests/Integration/DSCResources/WindowsClient.config.ps1 +++ b/Tests/Integration/DSCResources/WindowsClient.config.ps1 @@ -52,6 +52,7 @@ configuration WindowsClient_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName AccessControlDSC Node localhost { diff --git a/Tests/Integration/DSCResources/WindowsDefender.config.ps1 b/Tests/Integration/DSCResources/WindowsDefender.config.ps1 index f0e46093f..0fa41eebb 100644 --- a/Tests/Integration/DSCResources/WindowsDefender.config.ps1 +++ b/Tests/Integration/DSCResources/WindowsDefender.config.ps1 @@ -42,6 +42,7 @@ configuration WindowsDefender_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName GPRegistryPolicyDsc Node localhost { diff --git a/Tests/Integration/DSCResources/WindowsDnsServer.config.ps1 b/Tests/Integration/DSCResources/WindowsDnsServer.config.ps1 index 26a75b3ac..fde9ebfae 100644 --- a/Tests/Integration/DSCResources/WindowsDnsServer.config.ps1 +++ b/Tests/Integration/DSCResources/WindowsDnsServer.config.ps1 @@ -52,6 +52,7 @@ configuration WindowsDnsServer_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName AccessControlDSC Node localhost { diff --git a/Tests/Integration/DSCResources/WindowsFirewall.config.ps1 b/Tests/Integration/DSCResources/WindowsFirewall.config.ps1 index 4cf661d68..07b70d469 100644 --- a/Tests/Integration/DSCResources/WindowsFirewall.config.ps1 +++ b/Tests/Integration/DSCResources/WindowsFirewall.config.ps1 @@ -42,6 +42,7 @@ configuration WindowsFirewall_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName PSDscResources Node localhost { diff --git a/Tests/Integration/DSCResources/WindowsServer.config.ps1 b/Tests/Integration/DSCResources/WindowsServer.config.ps1 index 6abc69f03..bc78a7479 100644 --- a/Tests/Integration/DSCResources/WindowsServer.config.ps1 +++ b/Tests/Integration/DSCResources/WindowsServer.config.ps1 @@ -52,6 +52,7 @@ configuration WindowsServer_config ) Import-DscResource -ModuleName PowerStig + Import-DscResource -ModuleName AccessControlDSC Node localhost { diff --git a/azure-pipelines.yml b/azure-pipelines.yml index ab749a918..4d61362d1 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -15,147 +15,154 @@ stages: - stage: Build jobs: - job: Package_Module - displayName: 'Package Module' + displayName: Package Module pool: - vmImage: 'windows-2022' + vmImage: windows-2022 steps: - task: GitVersion@5 name: gitVersion - displayName: 'Evaluate Next Version' + displayName: Evaluate Next Version inputs: - runtime: 'full' - configFilePath: 'GitVersion.yml' + runtime: full + configFilePath: GitVersion.yml - task: PowerShell@2 name: package - displayName: 'Build & Package Module' + displayName: Build & Package Module inputs: - filePath: './build.ps1' - arguments: '-ResolveDependency -tasks pack' + filePath: ./build.ps1 + arguments: >- + -ResolveDependency + -Tasks pack pwsh: true env: ModuleVersion: $(gitVersion.NuGetVersionV2) - task: PublishBuildArtifacts@1 - displayName: 'Publish Build Artifact' + displayName: Publish Build Artifact inputs: - pathToPublish: 'output/' - artifactName: 'output' - publishLocation: 'Container' + pathToPublish: output/ + artifactName: output + publishLocation: Container - stage: Test dependsOn: Build jobs: - job: Test_HQRM - displayName: 'High Quality Resource Module' + displayName: High Quality Resource Module pool: - vmImage: 'windows-2022' + vmImage: windows-2022 timeoutInMinutes: 0 steps: - task: DownloadBuildArtifacts@0 - displayName: 'Download Build Artifact' + displayName: Download Build Artifact inputs: - buildType: 'current' - downloadType: 'single' - artifactName: 'output' - downloadPath: '$(Build.SourcesDirectory)' + buildType: current + downloadType: single + artifactName: output + downloadPath: $(Build.SourcesDirectory) + - task: PowerShell@2 name: test - displayName: 'Run HQRM Test' + displayName: Run HQRM Test inputs: - filePath: './build.ps1' - arguments: '-Tasks hqrmtest' + filePath: ./build.ps1 + arguments: >- + -Tasks hqrmtest pwsh: false + - task: PublishTestResults@2 - displayName: 'Publish Test Results' + displayName: Publish Test Results condition: succeededOrFailed() inputs: - testResultsFormat: 'NUnit' - testResultsFiles: 'output/testResults/NUnit*.xml' - testRunTitle: 'HQRM' + testResultsFormat: NUnit + testResultsFiles: output/testResults/NUnit*.xml + testRunTitle: HQRM - job: Test_Unit - displayName: 'Unit' + displayName: Unit pool: - vmImage: 'windows-2022' + vmImage: windows-2022 timeoutInMinutes: 0 steps: - task: DownloadBuildArtifacts@0 - displayName: 'Download Build Artifact' + displayName: Download Build Artifact inputs: - buildType: 'current' - downloadType: 'single' - artifactName: 'output' - downloadPath: '$(Build.SourcesDirectory)' + buildType: current + downloadType: single + artifactName: output + downloadPath: $(Build.SourcesDirectory) - task: PowerShell@2 name: test - displayName: 'Run Unit Test' + displayName: Run Unit Test inputs: - filePath: './build.ps1' - arguments: "-Tasks test -PesterScript 'tests/Unit'" + filePath: ./build.ps1 + arguments: >- + -Tasks test + -PesterScript tests/Unit pwsh: false - task: PublishTestResults@2 - displayName: 'Publish Test Results' + displayName: Publish Test Results condition: succeededOrFailed() inputs: - testResultsFormat: 'NUnit' - testResultsFiles: 'output/testResults/NUnit*.xml' - testRunTitle: 'Unit (Windows Server Core)' + testResultsFormat: NUnit + testResultsFiles: output/testResults/NUnit*.xml + testRunTitle: Unit (Windows Server Core) - task: PublishBuildArtifacts@1 - displayName: 'Publish Test Artifact' + displayName: Publish Test Artifact condition: succeededOrFailed() inputs: - pathToPublish: 'output/testResults/' - artifactName: 'testResults' - publishLocation: 'Container' + pathToPublish: output/testResults/ + artifactName: testResults + publishLocation: Container - job: Test_Integration - displayName: 'Integration' + displayName: Integration pool: - vmImage: 'windows-2022' + vmImage: windows-2022 timeoutInMinutes: 0 steps: - task: DownloadBuildArtifacts@0 - displayName: 'Download Build Artifact' + displayName: Download Build Artifact inputs: - buildType: 'current' - downloadType: 'single' - artifactName: 'output' - downloadPath: '$(Build.SourcesDirectory)' + buildType: current + downloadType: single + artifactName: output + downloadPath: $(Build.SourcesDirectory) - - task: PowerShell@2 - name: configureWinRM - displayName: 'Configure WinRM' - inputs: - targetType: 'inline' - script: 'winrm quickconfig -quiet' - pwsh: false + - powershell: | + winrm quickconfig -quiet + Set-WsManInstance -ResourceURI winrm/config -ValueSet @{ MaxEnvelopeSizekb = 8192 } + displayName: Configure WinRM - task: PowerShell@2 name: test - displayName: 'Run Integration Test' + displayName: Run Integration Test inputs: - filePath: './build.ps1' - arguments: "-Tasks test -PesterScript 'tests/Integration' -CodeCoverageThreshold 0" + filePath: ./build.ps1 + arguments: >- + -Tasks test + -PesterScript tests/Integration + -CodeCoverageThreshold 0 pwsh: false - task: PublishTestResults@2 - displayName: 'Publish Test Results' + displayName: Publish Test Results condition: succeededOrFailed() inputs: - testResultsFormat: 'NUnit' - testResultsFiles: 'output/testResults/NUnit*.xml' - testRunTitle: 'Integration (Windows Server Core)' + testResultsFormat: NUnit + testResultsFiles: output/testResults/NUnit*.xml + testRunTitle: Integration (Windows Server Core) - job: Code_Coverage - displayName: 'Publish Code Coverage' + displayName: Publish Code Coverage dependsOn: Test_Unit condition: succeededOrFailed() pool: - vmImage: 'ubuntu-latest' + vmImage: ubuntu-latest timeoutInMinutes: 0 steps: - pwsh: | @@ -163,22 +170,23 @@ stages: echo "##vso[task.setvariable variable=RepositoryOwner;isOutput=true]$repositoryOwner" echo "##vso[task.setvariable variable=RepositoryName;isOutput=true]$repositoryName" name: dscBuildVariable - displayName: 'Set Environment Variables' + displayName: Set Environment Variables + - task: DownloadBuildArtifacts@0 - displayName: 'Download Build Artifact' + displayName: Download Build Artifact inputs: - buildType: 'current' - downloadType: 'single' - artifactName: 'output' - downloadPath: '$(Build.SourcesDirectory)' + buildType: current + downloadType: single + artifactName: output + downloadPath: $(Build.SourcesDirectory) - task: DownloadBuildArtifacts@0 - displayName: 'Download Test Artifact' + displayName: Download Test Artifact inputs: - buildType: 'current' - downloadType: 'single' - artifactName: 'testResults' - downloadPath: '$(Build.SourcesDirectory)/output' + buildType: current + downloadType: single + artifactName: testResults + downloadPath: $(Build.SourcesDirectory)/output - stage: Deploy dependsOn: Test @@ -192,22 +200,24 @@ stages: ) jobs: - job: Deploy_Module - displayName: 'Deploy Module' + displayName: Deploy Module pool: - vmImage: 'windows-2022' + vmImage: windows-2022 steps: - task: DownloadBuildArtifacts@0 - displayName: 'Download Build Artifact' + displayName: Download Build Artifact inputs: - buildType: 'current' - downloadType: 'single' - artifactName: 'output' - downloadPath: '$(Build.SourcesDirectory)' + buildType: current + downloadType: single + artifactName: output + downloadPath: $(Build.SourcesDirectory) + - task: PowerShell@2 name: publishRelease - displayName: 'Publish Release' + displayName: Publish Release inputs: - filePath: './build.ps1' - arguments: '-tasks publish' + filePath: ./build.ps1 + arguments: >- + -Tasks publish env: GalleryApiToken: $(GalleryApiToken) diff --git a/build.ps1 b/build.ps1 index 1f9156663..b84cfefee 100644 --- a/build.ps1 +++ b/build.ps1 @@ -8,7 +8,8 @@ param ( [Parameter(Position = 0)] - [string[]]$Tasks = '.', + [string[]] + $Tasks = '.', [Parameter()] [String] @@ -33,7 +34,7 @@ param # You can override the value for PSDepend in the Build.psd1 build manifest # This defaults to $OutputDirectory/modules (by default: ./output/modules) [Parameter()] - $RequiredModulesDirectory = $(Join-Path 'output' 'RequiredModules'), + $RequiredModulesDirectory = 'RequiredModules', [Parameter()] [object[]] @@ -228,28 +229,25 @@ Begin # Set up a mini virtual environment... PSDependOptions = @{ AddToPath = $true - Target = 'output\RequiredModules' - Parameters = @{ - - } + Target = 'RequiredModules' + Parameters = @{} } - InvokeBuild = 'latest' - PSScriptAnalyzer = 'latest' - Pester = '4.10.1' - Plaster = 'latest' - ModuleBuilder = '1.0.0' - ChangelogManagement = 'latest' - Sampler = '0.104.0' - xDSCResourceDesigner = 'latest' - PSPKI = 'latest' - MarkdownLinkCheck = 'latest' - 'DscResource.Test' = '0.13.1' - 'DscResource.AnalyzerRules' = 'latest' - 'powershell-yaml' = 'latest' - 'Vmware.VsphereDSC' = '2.1.0.58' + InvokeBuild = 'latest' + PSScriptAnalyzer = 'latest' + Pester = '4.10.1' + Plaster = 'latest' + ModuleBuilder = '1.0.0' + ChangelogManagement = 'latest' + Sampler = '0.104.0' + xDSCResourceDesigner = 'latest' + PSPKI = 'latest' + MarkdownLinkCheck = 'latest' + 'DscResource.Test' = '0.13.1' + 'DscResource.AnalyzerRules' = 'latest' + 'powershell-yaml' = 'latest' + 'Vmware.VsphereDSC' = '2.1.0.58' # The modules below are dynamically inserted from the Begin block of .\build.ps1 - '@ $stringBuilder = New-Object -TypeName System.Text.StringBuilder -ArgumentList $requiredModulesContent @@ -265,21 +263,27 @@ Begin Set-Content -Path (Join-Path -Path $PSScriptRoot -ChildPath 'RequiredModules.psd1') -Value $stringBuilder.ToString() -Encoding UTF8 # Find build config if not specified - if (-not $BuildConfig) { + if (-not $BuildConfig) + { $config = Get-ChildItem -Path "$PSScriptRoot\*" -Include 'build.y*ml', 'build.psd1', 'build.json*' -ErrorAction:Ignore - if (-not $config -or ($config -is [array] -and $config.Length -le 0)) { + if (-not $config -or ($config -is [array] -and $config.Length -le 0)) + { throw "No build configuration found. Specify path via -BuildConfig" } - elseif ($config -is [array]) { - if ($config.Length -gt 1) { + elseif ($config -is [array]) + { + if ($config.Length -gt 1) + { throw "More than one build configuration found. Specify which one to use via -BuildConfig" } $BuildConfig = $config[0] } - else { + else + { $BuildConfig = $config } } + # Bootstrapping the environment before using Invoke-Build as task runner if ($MyInvocation.ScriptName -notLike '*Invoke-Build.ps1')