Merge pull request #8 from PowerShell/dev

Release of version 0.2.0.0 of xAdcsDeployment

.gitignore

@@ -0,0 +1 @@
+DSCResource.Tests

DSCResources/MSFT_xAdcsCertificationAuthority/MSFT_xAdcsCertificationAuthority.psm1

@@ -1,6 +1,7 @@
 #region Get Resource
 Function Get-TargetResource
 {
+    [OutputType([System.Collections.Hashtable])]
     [CmdletBinding()]
     param(
     [ValidateSet('Present','Absent')]
@@ -101,6 +102,7 @@ Function Set-TargetResource
 #region Test Resource
 Function Test-TargetResource
 {
+    [OutputType([System.Boolean])]
     [CmdletBinding()]
     param(
     [ValidateSet('Present','Absent')]

DSCResources/MSFT_xAdcsOnlineResponder/MSFT_xAdcsOnlineResponder.psm1

@@ -0,0 +1,98 @@
+# This resource can be used to install an ADCS Online Responder after the feature has been installed on the server.
+# For more information on ADCS Online Responders, see https://technet.microsoft.com/en-us/library/cc725958.aspx
+
+#region Get Resource
+Function Get-TargetResource
+{
+    [OutputType([System.Collections.Hashtable])]
+    [CmdletBinding()]
+    param(
+        [parameter(Mandatory = $true)]
+        [ValidateSet('Yes')]
+        [String]
+        $IsSingleInstance, 
+
+        [Parameter(Mandatory)]
+        [ValidateSet('Present','Absent')]
+        [string]$Ensure = 'Present',
+
+        [Parameter(Mandatory)]
+        [pscredential]$Credential
+    )
+
+    $ADCSParams = @{
+        IsSingleInstance = $IsSingleInstance
+        Credential = $Credential
+        Ensure = $Ensure }
+
+    $ADCSParams += @{ StateOK = Test-TargetResource @ADCSParams }
+    Return $ADCSParams
+}
+#endregion
+
+#region Set Resource
+Function Set-TargetResource
+{
+    [CmdletBinding()]
+    param(
+        [parameter(Mandatory = $true)]
+        [ValidateSet('Yes')]
+        [String]
+        $IsSingleInstance, 
+
+        [Parameter(Mandatory)]
+        [ValidateSet('Present','Absent')]
+        [string]$Ensure = 'Present',
+
+        [Parameter(Mandatory)]
+        [pscredential]$Credential
+    )
+
+    $ADCSParams = @{ Credential = $Credential }
+
+    switch ($Ensure) {
+        'Present' {(Install-AdcsOnlineResponder @ADCSParams -Force).ErrorString}
+        'Absent' {(Uninstall-AdcsOnlineResponder -Force).ErrorString}
+        }
+}
+#endregion
+
+#region Test Resource
+Function Test-TargetResource
+{
+    [OutputType([System.Boolean])]
+    [CmdletBinding()]
+    param(
+        [parameter(Mandatory = $true)]
+        [ValidateSet('Yes')]
+        [String]
+        $IsSingleInstance, 
+
+        [Parameter(Mandatory)]
+        [ValidateSet('Present','Absent')]
+        [string]$Ensure = 'Present',
+
+        [Parameter(Mandatory)]
+        [pscredential]$Credential
+    )
+
+    $ADCSParams = @{ Credential = $Credential }
+
+    try{
+        $null = Install-AdcsOnlineResponder @ADCSParams -WhatIf
+        Switch ($Ensure) {
+            'Present' {return $false}
+            'Absent' {return $true}
+            }
+    }
+    catch{
+        Write-verbose $_
+        Switch ($Ensure) {
+            'Present' {return $true}
+            'Absent' {return $false}
+            }
+    }
+}
+#endregion
+
+Export-ModuleMember -Function *-TargetResource

DSCResources/MSFT_xAdcsOnlineResponder/MSFT_xAdcsOnlineResponder.schema.mof

@@ -0,0 +1,7 @@
+[ClassVersion("0.1.0.0"), FriendlyName("xAdcsOnlineResponder")]
+class MSFT_xAdcsOnlineResponder : OMI_BaseResource
+{
+    [Key, Description("Specifies the resource is a single instance, the value must be 'Yes'"), ValueMap{"Yes"}, Values{"Yes"}] String IsSingleInstance;
+    [Required, Description("If the Online Responder service is configured to use Standalone certification authority, then an account that is a member of the local Administrators on the CA is required. If the Online Responder service is configured to use an Enterprise CA, then an account that is a member of Domain Admins is required."), EmbeddedInstance("MSFT_Credential")] String Credential;
+    [Required, Description("Specifies whether the Online Responder feature should be installed or uninstalled."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;
+};

DSCResources/MSFT_xAdcsWebEnrollment/MSFT_xAdcsWebEnrollment.psm1

@@ -1,6 +1,7 @@
 #region Get Resource
 Function Get-TargetResource
 {
+    [OutputType([System.Collections.Hashtable])]
     [CmdletBinding()]
     param(
     [ValidateSet('Present','Absent')]
@@ -51,8 +52,9 @@ Function Set-TargetResource
 #region Test Resource
 Function Test-TargetResource
 {
-        [CmdletBinding()]
-        param(
+    [OutputType([System.Boolean])]
+    [CmdletBinding()]
+    param(
     [ValidateSet('Present','Absent')]
     [string]$Ensure = 'Present',
     [string]$CAConfig,

README.md

@@ -16,12 +16,13 @@ In a specific example, when building out a web server workload such as an intern
 
 * **xAdcsCertificationAuthority**
 * **xAdcsWebEnrollment**
+* **xAdcsOnlineResponder**
 
 ### xAdcsCertificationAuthority
 
 #### Properties
 
-```CAType = <String> { EnterpriseRootCA | EnterpriseSubordinateCA | StandaloneRootCA | StandaloneSubordinateCA }`
+`CAType = <String> { EnterpriseRootCA | EnterpriseSubordinateCA | StandaloneRootCA | StandaloneSubordinateCA }`
   Specifies the type of certification authority to install.
 
 | Required | Key?  | Default value |
@@ -210,9 +211,50 @@ In a specific example, when building out a web server workload such as an intern
 | -------- | ----- | ------------- |
 | True     | True  | none          |
 
+### xAdcsOnlineResponder
+
+This resource can be used to install an ADCS Online Responder after the feature has been installed on the server.
+
+For more information on ADCS Online Responders, see [this article on TechNet](https://technet.microsoft.com/en-us/library/cc725958.aspx).
+
+#### Properties
+
+`IsSingleInstance = <String>`
+  Specifies the resource is a single instance, the value must be 'Yes'
+
+| Required | Key?  | Default value |
+| -------- | ----- | ------------- |
+| True     | True  | none          |
+
+`Credential = <PSCredential>`
+  If the Online Responder service is configured to use Standalone certification authority, then an account that is a member of the local Administrators on the CA is required.
+  If the Online Responder service is configured to use an Enterprise CA, then an account that is a member of Domain Admins is required.
+
+| Required | Key?  | Default value |
+| -------- | ----- | ------------- |
+| True     | False | none          |
+
+`Ensure = <String> { Present | Absent }`
+  Specifies whether the Online Responder feature should be installed or uninstalled. 
+
+| Required | Key?  | Default value |
+| -------- | ----- | ------------- |
+| True     | False | Present       |
+
+
 ## Versions
 
-0.1.0.0
+### Unreleased
+
+### 0.2.0.0
+
+* Added the following resources:
+    * MSFT_xADCSOnlineResponder resource to install the Online Responder service.
+*   Correction to xAdcsCertificationAuthority property title in Readme.md.
+*   Addition of .gitignore to ensure DSCResource.Tests folder is commited.
+*   Updated AppVeyor.yml to use WMF 5 build environment.
+
+### 0.1.0.0
 
 *   Initial release with the following resources 
     *   <span style="font-family:Calibri; font-size:medium">xAdcsCertificationAuthority and xAdcsWebEnrollment.</span> 
@@ -269,7 +311,7 @@ Configuration RetireCertificateAuthority
             Ensure = 'Absent'
             Name = 'CertSrv'
         }
-	WindowsFeature ADCS-Web-Enrollment
+	    WindowsFeature ADCS-Web-Enrollment
         {
             Ensure = 'Absent'
             Name = 'ADCS-Web-Enrollment'
@@ -280,7 +322,7 @@ Configuration RetireCertificateAuthority
             Ensure = 'Absent'
             DependsOn = '[WindowsFeature]ADCS-Web-Enrollment'              
         }
-	WindowsFeature ADCS-Cert-Authority
+	    WindowsFeature ADCS-Cert-Authority
         {
             Ensure = 'Absent'
             Name = 'ADCS-Cert-Authority'

Tests/Unit/MSFT_xAdcsOnlineResponder.Tests.ps1

@@ -0,0 +1,152 @@
+$Global:DSCModuleName   = 'xAdcsDeployment'
+$Global:DSCResourceName = 'MSFT_xAdcsOnlineResponder'
+
+#region HEADER
+if ( (-not (Test-Path -Path '.\DSCResource.Tests\')) -or `
+     (-not (Test-Path -Path '.\DSCResource.Tests\TestHelper.psm1')) )
+{
+    & git @('clone','https://github.com/PowerShell/DscResource.Tests.git')
+}
+else
+{
+    & git @('-C',(Join-Path -Path (Get-Location) -ChildPath '\DSCResource.Tests\'),'pull')
+}
+Import-Module .\DSCResource.Tests\TestHelper.psm1 -Force
+$TestEnvironment = Initialize-TestEnvironment `
+    -DSCModuleName $Global:DSCModuleName `
+    -DSCResourceName $Global:DSCResourceName `
+    -TestType Unit 
+
+# Install Test pre-requisites, automatically on appveyor
+# by prompt locally
+# to bypass prompts locally, set $ConfirmPreference = 'None'
+function Install-TestPrerequisite
+{
+    [CmdletBinding( ConfirmImpact = 'high',  SupportsShouldProcess=$true)]
+    param()
+    # should check for the server OS
+    if ($env:APPVEYOR_BUILD_VERSION -or $PSCmdlet.ShouldProcess(' Adcs-Cert-Authority','Install  Adcs-Cert-Authority WindowsFeature'))
+    {
+        Add-WindowsFeature Adcs-Cert-Authority -verbose
+    }
+}
+
+Install-TestPrerequisite
+#endregion
+
+# Begin Testing
+try
+{
+    #region Pester Tests
+    InModuleScope MSFT_xAdcsOnlineResponder {
+
+        Describe 'Get-TargetResource' {
+
+            #region Mocks
+            Mock Install-AdcsOnlineResponder 
+            Mock Uninstall-AdcsOnlineResponder
+            #endregion
+
+            Context 'comparing Ensure' {
+                $Splat = @{
+                    IsSingleInstance = 'Yes'
+                    Ensure = 'Present'
+                    Credential = New-Object System.Management.Automation.PSCredential ("Administrator", (ConvertTo-SecureString 'NotReal' -AsPlainText -Force))
+                }
+                $Result = Get-TargetResource @Splat
+
+                It 'should return StateOK false' {
+                    $Result.Ensure | Should Be $Splat.Ensure
+                    $Result.StateOK | Should Be $False
+                }
+
+                It 'should call all mocks' {
+                    Assert-MockCalled -ModuleName MSFT_xAdcsOnlineResponder -commandName Install-AdcsOnlineResponder -Exactly 1
+                }
+            }
+        }
+
+        Describe 'Set-TargetResource' {
+
+            #region Mocks
+            Mock Install-AdcsOnlineResponder
+            Mock Uninstall-AdcsOnlineResponder
+            #endregion
+
+            Context 'testing Ensure Present' {
+                $Splat = @{
+                    IsSingleInstance = 'Yes'
+                    Ensure = 'Present'
+                    Credential = New-Object System.Management.Automation.PSCredential ("Administrator", (ConvertTo-SecureString 'NotReal' -AsPlainText -Force))
+                }
+                Set-TargetResource @Splat
+
+                It 'should call install mock only' {
+                    Assert-MockCalled -ModuleName MSFT_xAdcsOnlineResponder -commandName Install-AdcsOnlineResponder -Exactly 1
+                    Assert-MockCalled -ModuleName MSFT_xAdcsOnlineResponder -commandName Uninstall-AdcsOnlineResponder -Exactly 0
+                }
+            }
+
+            Context 'testing Ensure Absent' {
+                $Splat = @{
+                    IsSingleInstance = 'Yes'
+                    Ensure = 'Absent'
+                    Credential = New-Object System.Management.Automation.PSCredential ("Administrator", (ConvertTo-SecureString 'NotReal' -AsPlainText -Force))
+                }
+                Set-TargetResource @Splat
+
+                It 'should call uninstall mock only' {
+                    Assert-MockCalled -ModuleName MSFT_xAdcsOnlineResponder -commandName Install-AdcsOnlineResponder -Exactly 0
+                    Assert-MockCalled -ModuleName MSFT_xAdcsOnlineResponder -commandName Uninstall-AdcsOnlineResponder -Exactly 1
+                }
+            }
+        }
+
+        Describe 'Test-TargetResource' {
+
+            #region Mocks
+            Mock Install-AdcsOnlineResponder
+            Mock Uninstall-AdcsOnlineResponder
+            #endregion
+
+            Context 'testing ensure present' {
+                $Splat = @{
+                    IsSingleInstance = 'Yes'
+                    Ensure = 'Present'
+                    Credential = New-Object System.Management.Automation.PSCredential ("Administrator", (ConvertTo-SecureString 'NotReal' -AsPlainText -Force))
+                }
+                $Result = Test-TargetResource @Splat
+
+                It 'should return false' {
+                    $Result | Should be $False
+                }
+                It 'should call install mock only' {
+                    Assert-MockCalled -ModuleName MSFT_xAdcsOnlineResponder -commandName Install-AdcsOnlineResponder -Exactly 1
+                }
+            }
+
+            Context 'testing ensure absent' {
+                $Splat = @{
+                    IsSingleInstance = 'Yes'
+                    Ensure = 'Absent'
+                    Credential = New-Object System.Management.Automation.PSCredential ("Administrator", (ConvertTo-SecureString 'NotReal' -AsPlainText -Force))
+                }
+                $Result = Test-TargetResource @Splat
+
+                It 'should return true' {
+                    $Result | Should be $True
+                }
+                It 'should call install mock only' {
+                    Assert-MockCalled -ModuleName MSFT_xAdcsOnlineResponder -commandName Install-AdcsOnlineResponder -Exactly 1
+                }
+            }
+        }
+    }
+    #endregion
+}
+finally
+{
+    #region FOOTER
+    Restore-TestEnvironment -TestEnvironment $TestEnvironment
+    #endregion
+}