Merge branch 'master' of git://github.com/opentable/puppet-iis

Conflicts: Modulefile manifests/manage_binding.pp
ninja-2 · Jul 15, 2014 · 9467612 · 9467612
2 parents f037d08 + 1404b80
commit 9467612
Show file tree

Hide file tree

Showing 22 changed files with 253 additions and 66 deletions.
diff --git a/.fixtures.yml b/.fixtures.yml
@@ -1,5 +1,5 @@
 fixtures:
   repositories:
-    stdlib: git://github.com/puppetlabs/puppetlabs-stdlib.git
+    stdlib: https://github.com/puppetlabs/puppetlabs-stdlib
   symlinks:
     iis: "#{source_dir}"
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,8 @@
+.*.sw?
+pkg
+spec/fixtures
+.rspec_system
+.vagrant
 *.iml
-Gemfile.lock
-/.idea/*
+.idea/
+.bundle/
diff --git a/.ruby-version b/.ruby-version
@@ -0,0 +1 @@
+ruby-2.0.0-p247
diff --git a/.travis.yml b/.travis.yml
@@ -1,8 +1,25 @@
----
 language: ruby
+bundler_args: --without development
+before_install: rm Gemfile.lock || true
 rvm:
-- 1.9.3
-script: bundle exec rake spec
+  - 1.8.7
+  - 1.9.3
+  - 2.0.0
+script: bundle exec rake test
 env:
-  matrix:
-  - PUPPET_VERSION=3.1.0
+  - PUPPET_VERSION="2.7.25"
+  - PUPPET_VERSION="3.3.0"
+  - PUPPET_VERSION="3.1.0"
+  - PUPPET_VERSION="3.2.1"
+  - PUPPET_VERSION="3.3.0"
+  - PUPPET_VERSION="3.4.0"
+  - PUPPET_VERSION="3.5.1"
+  - PUPPET_VERSION="3.6.0"
+matrix:
+  exclude:
+  - rvm: 2.0.0
+    env: PUPPET_VERSION="2.7.25"
+  - rvm: 2.0.0
+    env: PUPPET_VERSION="3.0.0"
+  - rvm: 2.0.0
+    env: PUPPET_VERSION="3.1.0"
diff --git a/Gemfile b/Gemfile
@@ -1,14 +1,21 @@
-# A sample Gemfile
 source "http://rubygems.org"
 
-gem 'puppet-lint'
-gem 'test-unit'
-gem 'rake'
-gem 'rspec', '2.13.0'
-gem 'rspec-core', '2.13.1'
-gem 'rspec-expectations', '2.13.0'
-gem 'rspec-mocks', '2.13.1'
-gem 'puppet', '3.2.1'
-gem 'rspec-puppet', '0.1.6'
-gem 'puppetlabs_spec_helper', '0.4.1'
+group :test do
+  gem "rake"
+  gem "puppet", ENV['PUPPET_VERSION'] || '~> 3.4.0'
+  gem "puppet-lint"
+  gem "rspec-puppet", :git => 'https://github.com/rodjek/rspec-puppet.git'
+  gem "puppet-syntax"
+  gem "puppetlabs_spec_helper", "0.4.1"
+  gem "rspec", "2.99.0"
+end
 
+group :development do
+  gem "travis"
+  gem "travis-lint"
+  gem "beaker"
+  gem "beaker-rspec"
+  gem "vagrant-wrapper"
+  gem "puppet-blacksmith"
+  gem "guard-rake"
+end
diff --git a/Modulefile b/Modulefile
@@ -1,7 +1,8 @@
 name 'opentable/iis'
-version '0.0.2'
+version '1.1.1'
 author 'opentable'
 license 'MIT'
 summary 'Module that will manage IIS for windows server 2008 and above. It will help maintain application pools, sites and virtual applications'
 project_page 'https://github.com/opentable/puppet-iis'
 dependency    'puppetlabs/stdlib', '>=3.0.0'
+dependency    'joshcooper/powershell', '>=0.0.6'
diff --git a/Rakefile b/Rakefile
@@ -1,5 +1,42 @@
-require 'rubygems'
 require 'puppetlabs_spec_helper/rake_tasks'
-require 'puppet-lint'
+require 'puppet-lint/tasks/puppet-lint'
+require 'puppet-syntax/tasks/puppet-syntax'
+
+# These two gems aren't always present, for instance
+# on Travis with --without development
+begin
+  require 'puppet_blacksmith/rake_tasks'
+rescue LoadError
+end
+
 PuppetLint.configuration.send("disable_80chars")
-PuppetLint.configuration.send("disable_documentation")
+PuppetLint.configuration.log_format = "%{path}:%{linenumber}:%{check}:%{KIND}:%{message}"
+PuppetLint.configuration.fail_on_warnings = true
+
+# Forsake support for Puppet 2.6.2 for the benefit of cleaner code.
+# http://puppet-lint.com/checks/class_parameter_defaults/
+PuppetLint.configuration.send('disable_class_parameter_defaults')
+# http://puppet-lint.com/checks/class_inherits_from_params_class/
+PuppetLint.configuration.send('disable_class_inherits_from_params_class')
+# http://puppet-lint.com/checks/quoted_booleans/
+PuppetLint.configuration.send('disable_quoted_booleans')
+
+exclude_paths = [
+  "pkg/**/*",
+  "vendor/**/*",
+  "spec/**/*",
+]
+PuppetLint.configuration.ignore_paths = exclude_paths
+PuppetSyntax.exclude_paths = exclude_paths
+
+desc "Run acceptance tests"
+RSpec::Core::RakeTask.new(:acceptance) do |t|
+  t.pattern = 'spec/acceptance'
+end
+
+desc "Run syntax, lint, and spec tests."
+task :test => [
+  :syntax,
+  :lint,
+  :spec,
+]
diff --git a/manifests/createpath.pp b/manifests/createpath.pp
@@ -1,3 +1,4 @@
+#
 define iis::createpath($site_path = undef) {
   include 'iis::param::powershell'
 

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -1,3 +1,4 @@
+#
 class iis {
   iis::manage_app_pool {'www.internalapi.co.uk':
     enable_32_bit           => true,

diff --git a/manifests/manage_app_pool.pp b/manifests/manage_app_pool.pp
@@ -1,3 +1,4 @@
+#
 define iis::manage_app_pool($app_pool_name = $title, $enable_32_bit = false, $managed_runtime_version = 'v4.0', $managed_pipeline_mode = 'Integrated', $ensure = 'present') {
 
   validate_bool($enable_32_bit)

diff --git a/manifests/manage_binding.pp b/manifests/manage_binding.pp
@@ -1,4 +1,5 @@
-define iis::manage_binding($site_name, $protocol, $port, $host_header = '', $ip_address = '*', $certificate_name = '', $ensure = 'present') {
+#
+define iis::manage_binding($site_name, $protocol, $port, $host_header = '', $ip_address = '*', $certificate_thumbprint = '', $ensure = 'present') {
   include 'iis::param::powershell'
 
   if ! ($protocol in [ 'http', 'https', 'net.tcp', 'net.pipe', 'netmsmq', 'msmq.formatname' ]) {
@@ -23,16 +24,28 @@
     }
 
     if ($protocol == 'https') {
-      validate_re($certificate_name, ['^(.)+$'], 'certificate_name required for https bindings')
+      validate_re($certificate_thumbprint, ['^(.)+$'], 'certificate_thumbprint required for https bindings')
       if ($ip_address == '0.0.0.0') {
         fail('https bindings require a valid ip_address')
       }
 
+      file { "inspect-${title}-certificate.ps1":
+        ensure  => present,
+        path    => "C:\\temp\\inspect-${name}.ps1",
+        content => template('iis/inspect-certificate-binding.ps1.erb'),
+      }
+
+      file { "create-${title}-certificate.ps1":
+        ensure  => present,
+        path    => "C:\\temp\\create-${name}.ps1",
+        content => template('iis/create-certificate-binding.ps1.erb'),
+      }
+
       exec { "Attach-Certificate-${title}":
-        path      => "${iis::param::powershell::path};${::path}",
-        command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"${certificate_name}\\\")} | Select-Object -First 1)\"",
-        onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"${certificate_name}\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
-        require   => Exec["CreateBinding-${title}"],
+        command   => "C:\\temp\\create-${name}.ps1",
+        onlyif    => "C:\\temp\\inspect-${name}.ps1",
+        require   => [File["inspect-${title}-certificate.ps1"], File["create-${title}-certificate.ps1"]],
+        provider  => powershell,
         logoutput => true,
       }
     }

diff --git a/manifests/manage_site.pp b/manifests/manage_site.pp
@@ -1,3 +1,4 @@
+#
 define iis::manage_site($site_path, $app_pool, $host_header = '', $site_name = $title, $port = '80', $ip_address = '*', $ensure = 'present', $ssl = 'false') {
   include 'iis::param::powershell'
 
@@ -7,7 +8,10 @@
   if ($ensure in ['present','installed']) {
     iis::createpath { "${site_name}-${site_path}":
       site_path => $site_path
-  }
+    }
+
+    $cmdSiteExists = "Test-Path \\\"IIS:\\Sites\\${site_name}\\\""
+
     $createSwitches = ["-Name \\\"${site_name}\\\"",
           "-Port ${port} -IP ${ip_address}",
           "-HostHeader \\\"${host_header}\\\"",
@@ -17,12 +21,28 @@
 
     $switches = join($createSwitches,' ')
     exec { "CreateSite-${site_name}" :
-      command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; New-WebSite ${switches} \"",
+      command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; \$id = (Get-WebSite | foreach {\$_.id} | sort -Descending | select -first 1) + 1; New-WebSite ${switches} -ID \$id \"",
       path      => "${iis::param::powershell::path};${::path}",
-      onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\${site_name}\\\")) { exit 1 } else { exit 0 }\"",
+      onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((${$cmdSiteExists})) { exit 1 } else { exit 0 }\"",
       logoutput => true,
       require   => [ Iis::Createpath["${site_name}-${site_path}"], Iis::Manage_app_pool[$app_pool] ],
     }
+
+    exec { "UpdateSite-PhysicalPath-${site_name}":
+      command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\${site_name}\\\" -Name physicalPath -Value \\\"${site_path}\\\"\"",
+      onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((${$cmdSiteExists}) -eq \$false) { exit 1 } if ((Get-ItemProperty \\\"IIS:\\Sites\\${site_name}\\\" physicalPath) -eq \\\"${site_path}\\\") { exit 1 } else { exit 0 }\"",
+      path      => "${iis::param::powershell::path};${::path}",
+      logoutput => true,
+      before    => Exec["CreateSite-${site_name}"],
+    }
+
+    exec { "UpdateSite-ApplicationPool-${site_name}":
+      command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\${site_name}\\\" -Name applicationPool -Value \\\"${app_pool}\\\"\"",
+      onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((${$cmdSiteExists}) -eq \$false) { exit 1 } if((Get-ItemProperty \\\"IIS:\\Sites\\${site_name}\\\" applicationPool) -eq \\\"${app_pool}\\\") { exit 1 } else { exit 0 }\"",
+      path      => "${iis::param::powershell::path};${::path}",
+      logoutput => true,
+      before    => Exec["CreateSite-${site_name}"],
+    }
   } else {
     exec { "DeleteSite-${site_name}" :
       command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; Remove-WebSite -Name \\\"${site_name}\\\"\"",

diff --git a/manifests/manage_site_state.pp b/manifests/manage_site_state.pp
@@ -1,3 +1,4 @@
+#
 define iis::manage_site_state($site_name, $ensure = 'running') {
   include 'iis::param::powershell'
 

diff --git a/manifests/manage_virtual_application.pp b/manifests/manage_virtual_application.pp
@@ -1,3 +1,4 @@
+#
 define iis::manage_virtual_application($site_name, $site_path, $app_pool, $virtual_application_name = $title, $ensure = 'present') {
   include 'iis::param::powershell'
 

diff --git a/manifests/param/powershell.pp b/manifests/param/powershell.pp
@@ -1,3 +1,4 @@
+#
 class iis::param::powershell {
   $executable = 'powershell.exe'
   $exec_policy = '-ExecutionPolicy RemoteSigned'

diff --git a/spec/defines/manage_app_pool_spec.rb b/spec/defines/manage_app_pool_spec.rb
@@ -7,7 +7,7 @@
     let(:title) { 'myAppPool.example.com' }
     let(:params) { { :enable_32_bit => true, :managed_runtime_version => 'v4.0' } }
 
-    it { should include_class('iis::param::powershell') }
+    it { should contain_class('iis::param::powershell') }
 
     it { should contain_exec('Create-myAppPool.example.com').with( {
         :command => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\AppPools\\myAppPool.example.com\\\"\"",
@@ -30,7 +30,7 @@
   describe 'when managing the iis application pool without passing parameters' do
     let(:title) { 'myAppPool.example.com' }
 
-    it { should include_class('iis::param::powershell') }
+    it { should contain_class('iis::param::powershell') }
 
     it { should contain_exec('Create-myAppPool.example.com').with( {
       :command => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\AppPools\\myAppPool.example.com\\\"\"",

diff --git a/spec/defines/manage_binding_spec.rb b/spec/defines/manage_binding_spec.rb
@@ -12,7 +12,7 @@
         :port        => '80',
     } }
 
-    it { should include_class('iis::param::powershell') }
+    it { should contain_class('iis::param::powershell') }
 
     it { should contain_exec('CreateBinding-myWebSite-port-80').with({
       'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-WebBinding -Name \\\"myWebSite\\\" -Port 80 -Protocol \\\"http\\\" -HostHeader \\\"myHost.example.com\\\" -IPAddress \\\"*\\\"\"",
@@ -82,17 +82,17 @@
         :ip_address => '127.0.0.1',
     } }
 
-    it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /certificate_name required for https bindings/) }
+    it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /certificate_thumbprint required for https bindings/) }
   end
 
   describe 'when protocol is https and ip address *' do
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
-        :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
-        :protocol         => 'https',
-        :port             => '443',
-        :ip_address       => '*',
+        :site_name              => 'myWebSite',
+        :certificate_thumbprint => 'myCertificate',
+        :protocol               => 'https',
+        :port                   => '443',
+        :ip_address             => '*',
     } }
 
     it { should contain_exec('Attach-Certificate-myWebSite-port-443')}
@@ -101,11 +101,11 @@
   describe 'when protocol is https and ip address 0.0.0.0' do
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
-        :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
-        :protocol         => 'https',
-        :port             => '443',
-        :ip_address       => '0.0.0.0',
+        :site_name              => 'myWebSite',
+        :certificate_thumbprint => 'myCertificate',
+        :protocol               => 'https',
+        :port                   => '443',
+        :ip_address             => '0.0.0.0',
     } }
 
     it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /https bindings require a valid ip_address/) }
@@ -114,17 +114,18 @@
   describe 'when protocol is https and all required parameters exist' do
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
-        :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
-        :protocol         => 'https',
-        :port             => '443',
-        :ip_address       => '127.0.0.1',
+        :site_name              => 'myWebSite',
+        :certificate_thumbprint => 'myCertificate',
+        :protocol               => 'https',
+        :port                   => '443',
+        :ip_address             => '127.0.0.1',
     } }
 
     it { should contain_exec('Attach-Certificate-myWebSite-port-443').with({
-      'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\127.0.0.1!443\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"myCertificate\\\")} | Select-Object -First 1)\"",
-      'onlyif'  => "#{powershell} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"myCertificate\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\127.0.0.1!443\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
-    })}
+      'command'  => "C:\\temp\\create-myWebSite-port-443.ps1",
+      'onlyif'   => "C:\\temp\\inspect-myWebSite-port-443.ps1",
+      'provider' => "powershell"
+     })}
   end
 
   describe 'when managing an iis site binding and setting ensure to present' do