From 2d1e6597bbe932bdc35ad9629a3167ad5f331118 Mon Sep 17 00:00:00 2001
From: stack72 <public@paulstack.co.uk>
Date: Mon, 14 Apr 2014 11:05:14 +0100
Subject: [PATCH 1/4] Updating the powershell and the specs to use certificate
 thumbprint rather than certificate name

---
 manifests/manage_binding.pp         |  8 ++++----
 spec/defines/manage_binding_spec.rb | 12 ++++++------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/manifests/manage_binding.pp b/manifests/manage_binding.pp
index 9951520..24a1334 100644
--- a/manifests/manage_binding.pp
+++ b/manifests/manage_binding.pp
@@ -1,4 +1,4 @@
-define iis::manage_binding($site_name, $protocol, $port, $host_header = '', $ip_address = '*', $certificate_name = '', $ensure = 'present') {
+define iis::manage_binding($site_name, $protocol, $port, $host_header = '', $ip_address = '*', $certificate_thumbprint = '', $ensure = 'present') {
   include 'iis::param::powershell'
 
   if ! ($protocol in [ 'http', 'https', 'net.tcp', 'net.pipe', 'netmsmq', 'msmq.formatname' ]) {
@@ -23,15 +23,15 @@
     }
 
     if ($protocol == 'https') {
-      validate_re($certificate_name, ['^(.)+$'], 'certificate_name required for https bindings')
+      validate_re($certificate_thumbprint, ['^(.)+$'], 'certificate_thumbprint required for https bindings')
       if ($ip_address == '*' or $ip_address == '0.0.0.0') {
         fail('https bindings require a valid ip_address')
       }
 
       exec { "Attach-Certificate-${title}":
         path      => "${iis::param::powershell::path};${::path}",
-        command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"${certificate_name}\\\")} | Select-Object -First 1)\"",
-        onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"${certificate_name}\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
+        command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.Thumbprint.Equals(\\\"${certificate_thumbprint}\\\")} | Select-Object -First 1)\"",
+        onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.Thumbprint.Equals(\\\"${certificate_thumbprint}\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
         require   => Exec["CreateBinding-${title}"],
         logoutput => true,
       }
diff --git a/spec/defines/manage_binding_spec.rb b/spec/defines/manage_binding_spec.rb
index c06d5ea..5682e8c 100644
--- a/spec/defines/manage_binding_spec.rb
+++ b/spec/defines/manage_binding_spec.rb
@@ -82,14 +82,14 @@
         :ip_address => '127.0.0.1',
     } }
 
-    it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /certificate_name required for https bindings/) }
+    it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /certificate_thumbprint required for https bindings/) }
   end
 
   describe 'when protocol is https and ip address *' do
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
         :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
+        :certificate_thumbprint => 'myCertificate',
         :protocol         => 'https',
         :port             => '443',
         :ip_address       => '*',
@@ -102,7 +102,7 @@
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
         :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
+        :certificate_thumbprint => 'myCertificate',
         :protocol         => 'https',
         :port             => '443',
         :ip_address       => '0.0.0.0',
@@ -115,15 +115,15 @@
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
         :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
+        :certificate_thumbprint => 'myCertificate',
         :protocol         => 'https',
         :port             => '443',
         :ip_address       => '127.0.0.1',
     } }
 
     it { should contain_exec('Attach-Certificate-myWebSite-port-443').with({
-      'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\127.0.0.1!443\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"myCertificate\\\")} | Select-Object -First 1)\"",
-      'onlyif'  => "#{powershell} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"myCertificate\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\127.0.0.1!443\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
+      'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\127.0.0.1!443\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.Thumbprint.Equals(\\\"myCertificate\\\")} | Select-Object -First 1)\"",
+      'onlyif'  => "#{powershell} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.Thumbprint.Equals(\\\"myCertificate\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\127.0.0.1!443\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
     })}
   end
 

From 6b178a57f6ab740200f7367dbe73df4d561633b8 Mon Sep 17 00:00:00 2001
From: stack72 <public@paulstack.co.uk>
Date: Mon, 14 Apr 2014 17:30:39 +0100
Subject: [PATCH 2/4] Updating the Modulefile to 1.0.0 as this is a breaking
 change. We are now using certificate_thumbprint rather than certificate_name

---
 Modulefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Modulefile b/Modulefile
index de32a16..26ae738 100644
--- a/Modulefile
+++ b/Modulefile
@@ -1,5 +1,5 @@
 name 'opentable/iis'
-version '0.0.2'
+version '1.0.0'
 author 'opentable'
 license 'MIT'
 summary 'Module that will manage IIS for windows server 2008 and above. It will help maintain application pools, sites and virtual applications'

From 1e2d40d981e3d32864a5e143c52c81434d58f5eb Mon Sep 17 00:00:00 2001
From: stack72 <public@paulstack.co.uk>
Date: Wed, 16 Apr 2014 09:10:33 +0100
Subject: [PATCH 3/4] Fixing the linting error of the => lining up

---
 spec/defines/manage_binding_spec.rb | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/spec/defines/manage_binding_spec.rb b/spec/defines/manage_binding_spec.rb
index 5682e8c..6ba891b 100644
--- a/spec/defines/manage_binding_spec.rb
+++ b/spec/defines/manage_binding_spec.rb
@@ -88,11 +88,11 @@
   describe 'when protocol is https and ip address *' do
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
-        :site_name        => 'myWebSite',
+        :site_name              => 'myWebSite',
         :certificate_thumbprint => 'myCertificate',
-        :protocol         => 'https',
-        :port             => '443',
-        :ip_address       => '*',
+        :protocol               => 'https',
+        :port                   => '443',
+        :ip_address             => '*',
     } }
 
     it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /https bindings require a valid ip_address/) }
@@ -114,11 +114,11 @@
   describe 'when protocol is https and all required parameters exist' do
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
-        :site_name        => 'myWebSite',
+        :site_name              => 'myWebSite',
         :certificate_thumbprint => 'myCertificate',
-        :protocol         => 'https',
-        :port             => '443',
-        :ip_address       => '127.0.0.1',
+        :protocol               => 'https',
+        :port                   => '443',
+        :ip_address             => '127.0.0.1',
     } }
 
     it { should contain_exec('Attach-Certificate-myWebSite-port-443').with({

From 2b6c61ebc4a56b56c1e016199c7e14af1f152e53 Mon Sep 17 00:00:00 2001
From: stack72 <public@paulstack.co.uk>
Date: Wed, 16 Apr 2014 09:13:40 +0100
Subject: [PATCH 4/4] Drew found more linting errors - hes a stickler for the
 rules

---
 spec/defines/manage_binding_spec.rb | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/spec/defines/manage_binding_spec.rb b/spec/defines/manage_binding_spec.rb
index 6ba891b..45970ed 100644
--- a/spec/defines/manage_binding_spec.rb
+++ b/spec/defines/manage_binding_spec.rb
@@ -101,11 +101,11 @@
   describe 'when protocol is https and ip address 0.0.0.0' do
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
-        :site_name        => 'myWebSite',
+        :site_name              => 'myWebSite',
         :certificate_thumbprint => 'myCertificate',
-        :protocol         => 'https',
-        :port             => '443',
-        :ip_address       => '0.0.0.0',
+        :protocol               => 'https',
+        :port                   => '443',
+        :ip_address             => '0.0.0.0',
     } }
 
     it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /https bindings require a valid ip_address/) }