From cdaeb4cb4fec599b31c5d85ce51966bafd76a82f Mon Sep 17 00:00:00 2001 From: Yorick Kuijs Date: Tue, 11 Jan 2022 16:56:59 +0100 Subject: [PATCH 1/4] Fixed #1371 --- .github/CODEOWNERS | 5 ++ CHANGELOG.md | 7 +++ .../MSFT_SPTrustedRootAuthority.psm1 | 12 ++-- tests/RunUnitTestsForAllResources.ps1 | 57 +++++++++++++++++++ tests/RunUnitTestsForResource.ps1 | 34 +++++++++++ 5 files changed, 111 insertions(+), 4 deletions(-) create mode 100644 .github/CODEOWNERS create mode 100644 tests/RunUnitTestsForAllResources.ps1 create mode 100644 tests/RunUnitTestsForResource.ps1 diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 000000000..7f2b5792c --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,5 @@ +# These owners will be the default owners for everything in +# the repo. Unless a later match takes precedence, +# @global-owner1 and @global-owner2 will be requested for +# review when someone opens a pull request. +* @ykuijs diff --git a/CHANGELOG.md b/CHANGELOG.md index 7d44848e1..d09ca6bb6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,10 +5,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Changed + - SPFarm - Suppress a useless reboot that was triggered once a server joined the farm - Suppress a useless 5 minutes sleep triggered once a server joined the farm +### Fixed + +- SPTrustedRootAuthority + - Fixed issue where certificates not in the Personal store could not be used + ## [5.0.0] - 2021-12-17 ### Added diff --git a/SharePointDsc/DSCResources/MSFT_SPTrustedRootAuthority/MSFT_SPTrustedRootAuthority.psm1 b/SharePointDsc/DSCResources/MSFT_SPTrustedRootAuthority/MSFT_SPTrustedRootAuthority.psm1 index 1f437ff96..ce59ab767 100644 --- a/SharePointDsc/DSCResources/MSFT_SPTrustedRootAuthority/MSFT_SPTrustedRootAuthority.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPTrustedRootAuthority/MSFT_SPTrustedRootAuthority.psm1 @@ -182,8 +182,10 @@ function Set-TargetResource else { Write-Verbose -Message "Importing certificate from CertificateThumbprint" - $cert = Get-Item -Path "CERT:\LocalMachine\My\$($params.CertificateThumbprint)" ` - -ErrorAction SilentlyContinue + $cert = Get-ChildItem -Path "Cert:\LocalMachine\*$($params.CertificateThumbprint)" ` + -ErrorAction SilentlyContinue | ` + Sort-Object -Property PSParentPath -Descending | ` + Select-Object -First 1 if ($null -eq $cert) { @@ -262,8 +264,10 @@ function Set-TargetResource else { Write-Verbose -Message "Importing certificate from CertificateThumbprint" - $cert = Get-Item -Path "CERT:\LocalMachine\My\$($params.CertificateThumbprint)" ` - -ErrorAction SilentlyContinue + $cert = Get-ChildItem -Path "Cert:\LocalMachine\*$($params.CertificateThumbprint)" ` + -ErrorAction SilentlyContinue | ` + Sort-Object -Property PSParentPath -Descending | ` + Select-Object -First 1 if ($null -eq $cert) { diff --git a/tests/RunUnitTestsForAllResources.ps1 b/tests/RunUnitTestsForAllResources.ps1 new file mode 100644 index 000000000..655a57b6c --- /dev/null +++ b/tests/RunUnitTestsForAllResources.ps1 @@ -0,0 +1,57 @@ +#Requires -RunAsAdministrator + +[CmdletBinding()] +param ( + [Parameter(Mandatory = $true)] + [ValidateSet("2013", "2016", "2019", "Subscription")] + [System.String] + $SharePointVersion, + + [Parameter()] + [Switch] + $DoNotBuildModule +) + +$modulePath = Split-Path -Path $PSScriptRoot + +if ($DoNotBuildModule -eq $false) +{ + & $modulePath\build.ps1 -Tasks Build +} + +$testPath = Join-Path -Path $modulePath -ChildPath "\Tests\Unit\SharePointDsc" + +$params = @{ + Tasks = 'Test' +} + +switch ($SharePointVersion) +{ + "2013" + { + $stubPath = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\15.0.4805.1000\Microsoft.SharePoint.PowerShell.psm1' + } + "2016" + { + $stubPath = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.4456.1000\Microsoft.SharePoint.PowerShell.psm1' + } + "2019" + { + $stubPath = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.10337.12109\Microsoft.SharePoint.PowerShell.psm1' + } + "Subscription" + { + $stubPath = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.14326.20450/SharePointServer.psm1' + } +} + +$params.PesterScript = @( + @{ + Path = $testPath + Parameters = @{ + SharePointCmdletModule = $stubPath + } + } +) + +& $modulePath\build.ps1 @params diff --git a/tests/RunUnitTestsForResource.ps1 b/tests/RunUnitTestsForResource.ps1 new file mode 100644 index 000000000..6d8646030 --- /dev/null +++ b/tests/RunUnitTestsForResource.ps1 @@ -0,0 +1,34 @@ +#Requires -RunAsAdministrator + +[CmdletBinding()] +param ( + [Parameter(Mandatory = $true)] + [System.String] + $Resource, + + [Parameter()] + [Switch] + $DoNotBuildModule +) + +$modulePath = Split-Path -Path $PSScriptRoot + +if ($DoNotBuildModule -eq $false) +{ + & $modulePath\build.ps1 -Tasks Build +} + +$path15 = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\15.0.4805.1000\Microsoft.SharePoint.PowerShell.psm1' +$path16 = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.4456.1000\Microsoft.SharePoint.PowerShell.psm1' +$path19 = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.10337.12109\Microsoft.SharePoint.PowerShell.psm1' +$pathSE = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.14326.20450\SharePointServer.psm1' + +$testPath = Join-Path -Path $modulePath -ChildPath ".\Tests\Unit\SharePointDsc\SharePointDsc.$resource.Tests.ps1" +$compiledModulePath = Split-Path -Path (Get-Module SharePointDsc -ListAvailable).Path +$resourcePath = Join-Path -Path $compiledModulePath -ChildPath "\DSCResources\MSFT_$resource\MSFT_$resource.psm1" +Invoke-Pester -Script @( + @{ Path = $testPath; Parameters = @{SharePointCmdletModule = $path15 } }, + @{ Path = $testPath; Parameters = @{SharePointCmdletModule = $path16 } }, + @{ Path = $testPath; Parameters = @{SharePointCmdletModule = $path19 } }, + @{ Path = $testPath; Parameters = @{SharePointCmdletModule = $pathSE } } +) -CodeCoverage $resourcePath From 4c3b38fab6f31ff13b1cc20b5b58b95bf6a9301b Mon Sep 17 00:00:00 2001 From: Yorick Kuijs Date: Tue, 11 Jan 2022 16:56:59 +0100 Subject: [PATCH 2/4] Fixed #1371 --- .github/CODEOWNERS | 5 ++ CHANGELOG.md | 10 ++++ .../MSFT_SPTrustedRootAuthority.psm1 | 12 ++-- tests/RunUnitTestsForAllResources.ps1 | 57 +++++++++++++++++++ tests/RunUnitTestsForResource.ps1 | 34 +++++++++++ 5 files changed, 114 insertions(+), 4 deletions(-) create mode 100644 .github/CODEOWNERS create mode 100644 tests/RunUnitTestsForAllResources.ps1 create mode 100644 tests/RunUnitTestsForResource.ps1 diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 000000000..7f2b5792c --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,5 @@ +# These owners will be the default owners for everything in +# the repo. Unless a later match takes precedence, +# @global-owner1 and @global-owner2 will be requested for +# review when someone opens a pull request. +* @ykuijs diff --git a/CHANGELOG.md b/CHANGELOG.md index ba2c47488..ebacc4867 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,12 +5,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Added + - SPTrustedIdentityTokenIssuer - Added parameters to support OIDC authentication in SharePoint Server Subscription Edition + +### Changed + - SPFarm - Suppress a useless reboot that was triggered once a server joined the farm - Suppress a useless 5 minutes sleep triggered once a server joined the farm +### Fixed + +- SPTrustedRootAuthority + - Fixed issue where certificates not in the Personal store could not be used + ## [5.0.0] - 2021-12-17 ### Added diff --git a/SharePointDsc/DSCResources/MSFT_SPTrustedRootAuthority/MSFT_SPTrustedRootAuthority.psm1 b/SharePointDsc/DSCResources/MSFT_SPTrustedRootAuthority/MSFT_SPTrustedRootAuthority.psm1 index 1f437ff96..ce59ab767 100644 --- a/SharePointDsc/DSCResources/MSFT_SPTrustedRootAuthority/MSFT_SPTrustedRootAuthority.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPTrustedRootAuthority/MSFT_SPTrustedRootAuthority.psm1 @@ -182,8 +182,10 @@ function Set-TargetResource else { Write-Verbose -Message "Importing certificate from CertificateThumbprint" - $cert = Get-Item -Path "CERT:\LocalMachine\My\$($params.CertificateThumbprint)" ` - -ErrorAction SilentlyContinue + $cert = Get-ChildItem -Path "Cert:\LocalMachine\*$($params.CertificateThumbprint)" ` + -ErrorAction SilentlyContinue | ` + Sort-Object -Property PSParentPath -Descending | ` + Select-Object -First 1 if ($null -eq $cert) { @@ -262,8 +264,10 @@ function Set-TargetResource else { Write-Verbose -Message "Importing certificate from CertificateThumbprint" - $cert = Get-Item -Path "CERT:\LocalMachine\My\$($params.CertificateThumbprint)" ` - -ErrorAction SilentlyContinue + $cert = Get-ChildItem -Path "Cert:\LocalMachine\*$($params.CertificateThumbprint)" ` + -ErrorAction SilentlyContinue | ` + Sort-Object -Property PSParentPath -Descending | ` + Select-Object -First 1 if ($null -eq $cert) { diff --git a/tests/RunUnitTestsForAllResources.ps1 b/tests/RunUnitTestsForAllResources.ps1 new file mode 100644 index 000000000..655a57b6c --- /dev/null +++ b/tests/RunUnitTestsForAllResources.ps1 @@ -0,0 +1,57 @@ +#Requires -RunAsAdministrator + +[CmdletBinding()] +param ( + [Parameter(Mandatory = $true)] + [ValidateSet("2013", "2016", "2019", "Subscription")] + [System.String] + $SharePointVersion, + + [Parameter()] + [Switch] + $DoNotBuildModule +) + +$modulePath = Split-Path -Path $PSScriptRoot + +if ($DoNotBuildModule -eq $false) +{ + & $modulePath\build.ps1 -Tasks Build +} + +$testPath = Join-Path -Path $modulePath -ChildPath "\Tests\Unit\SharePointDsc" + +$params = @{ + Tasks = 'Test' +} + +switch ($SharePointVersion) +{ + "2013" + { + $stubPath = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\15.0.4805.1000\Microsoft.SharePoint.PowerShell.psm1' + } + "2016" + { + $stubPath = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.4456.1000\Microsoft.SharePoint.PowerShell.psm1' + } + "2019" + { + $stubPath = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.10337.12109\Microsoft.SharePoint.PowerShell.psm1' + } + "Subscription" + { + $stubPath = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.14326.20450/SharePointServer.psm1' + } +} + +$params.PesterScript = @( + @{ + Path = $testPath + Parameters = @{ + SharePointCmdletModule = $stubPath + } + } +) + +& $modulePath\build.ps1 @params diff --git a/tests/RunUnitTestsForResource.ps1 b/tests/RunUnitTestsForResource.ps1 new file mode 100644 index 000000000..6d8646030 --- /dev/null +++ b/tests/RunUnitTestsForResource.ps1 @@ -0,0 +1,34 @@ +#Requires -RunAsAdministrator + +[CmdletBinding()] +param ( + [Parameter(Mandatory = $true)] + [System.String] + $Resource, + + [Parameter()] + [Switch] + $DoNotBuildModule +) + +$modulePath = Split-Path -Path $PSScriptRoot + +if ($DoNotBuildModule -eq $false) +{ + & $modulePath\build.ps1 -Tasks Build +} + +$path15 = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\15.0.4805.1000\Microsoft.SharePoint.PowerShell.psm1' +$path16 = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.4456.1000\Microsoft.SharePoint.PowerShell.psm1' +$path19 = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.10337.12109\Microsoft.SharePoint.PowerShell.psm1' +$pathSE = Join-Path -Path $modulePath -ChildPath '\Tests\Unit\Stubs\SharePoint\16.0.14326.20450\SharePointServer.psm1' + +$testPath = Join-Path -Path $modulePath -ChildPath ".\Tests\Unit\SharePointDsc\SharePointDsc.$resource.Tests.ps1" +$compiledModulePath = Split-Path -Path (Get-Module SharePointDsc -ListAvailable).Path +$resourcePath = Join-Path -Path $compiledModulePath -ChildPath "\DSCResources\MSFT_$resource\MSFT_$resource.psm1" +Invoke-Pester -Script @( + @{ Path = $testPath; Parameters = @{SharePointCmdletModule = $path15 } }, + @{ Path = $testPath; Parameters = @{SharePointCmdletModule = $path16 } }, + @{ Path = $testPath; Parameters = @{SharePointCmdletModule = $path19 } }, + @{ Path = $testPath; Parameters = @{SharePointCmdletModule = $pathSE } } +) -CodeCoverage $resourcePath From e2b8113c3f6c4a2d33d751cf7135c05f6ac54fec Mon Sep 17 00:00:00 2001 From: Yorick Kuijs Date: Mon, 17 Jan 2022 22:01:09 +0100 Subject: [PATCH 3/4] Updated changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ebacc4867..e7d63cde8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added +- SharePointDsc + - Added generic unit tests files to quickly run all or a specific unit test - SPTrustedIdentityTokenIssuer - Added parameters to support OIDC authentication in SharePoint Server Subscription Edition From 8acb583200882206819eda1e3b05ec28c2e8698a Mon Sep 17 00:00:00 2001 From: Yorick Kuijs Date: Tue, 18 Jan 2022 10:40:13 +0100 Subject: [PATCH 4/4] Fixed unit tests --- ...ePointDsc.SPTrustedRootAuthority.Tests.ps1 | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPTrustedRootAuthority.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPTrustedRootAuthority.Tests.ps1 index 10241aa9a..7a302fe5c 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPTrustedRootAuthority.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPTrustedRootAuthority.Tests.ps1 @@ -49,7 +49,7 @@ try InModuleScope -ModuleName $script:DSCResourceFullName -ScriptBlock { Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { BeforeAll { - Invoke-Command -ScriptBlock $Global:SPDscHelper.InitializeScript -NoNewScope + Invoke-Command -Scriptblock $Global:SPDscHelper.InitializeScript -NoNewScope Mock -CommandName Remove-SPTrustedRootAuthority -MockWith { } Mock -CommandName Set-SPTrustedRootAuthority -MockWith { } @@ -166,7 +166,7 @@ try Ensure = "Present" } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertName" Thumbprint = $testParams.CertificateThumbprint @@ -208,7 +208,7 @@ try Ensure = "Present" } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertName" Thumbprint = $testParams.CertificateThumbprint @@ -250,7 +250,7 @@ try Ensure = "Present" } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertName" Thumbprint = $testParams.CertificateThumbprint @@ -396,7 +396,7 @@ try } } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertName" Thumbprint = $testParams.CertificateThumbprint @@ -440,7 +440,7 @@ try return $true } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertName" Thumbprint = $testParams.CertificateThumbprint @@ -540,7 +540,7 @@ try } } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return $null } } @@ -570,7 +570,7 @@ try return $null } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return $null } } @@ -596,7 +596,7 @@ try Ensure = "Present" } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertIdentifier" Thumbprint = $testParams.CertificateThumbprint @@ -618,7 +618,7 @@ try It "Should create a new trusted root authority in the set method" { Set-TargetResource @testParams - Assert-MockCalled Get-Item -Times 1 + Assert-MockCalled Get-ChildItem -Times 1 Assert-MockCalled New-SPTrustedRootAuthority -Times 1 } } @@ -635,7 +635,7 @@ try return $true } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertName" Thumbprint = $testParams.CertificateThumbprint @@ -685,7 +685,7 @@ try return $true } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertName" Thumbprint = $testParams.CertificateThumbprint @@ -731,7 +731,7 @@ try Ensure = "Present" } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { $retVal = [pscustomobject]@{ Subject = "CN=CertIdentifier" Thumbprint = $testParams.CertificateThumbprint @@ -780,7 +780,7 @@ try It "Should create a new Trusted Root Authority in the set method" { Set-TargetResource @testParams - Assert-MockCalled Get-Item -Times 1 + Assert-MockCalled Get-ChildItem -Times 1 Assert-MockCalled Set-SPTrustedRootAuthority -Times 1 Assert-MockCalled New-Object -Times 1 } @@ -794,7 +794,7 @@ try Ensure = "Absent" } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertIdentifier" Thumbprint = $testParams.CertificateThumbprint @@ -833,7 +833,7 @@ try Ensure = "Absent" } - Mock -CommandName Get-Item -MockWith { + Mock -CommandName Get-ChildItem -MockWith { return @{ Subject = "CN=CertIdentifier" Thumbprint = $testParams.CertificateThumbprint