diff --git a/.fixtures.yml b/.fixtures.yml index 0a7b8c9..89bb423 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,5 +1,5 @@ fixtures: repositories: - stdlib: git://github.com/puppetlabs/puppetlabs-stdlib.git + stdlib: https://github.com/puppetlabs/puppetlabs-stdlib symlinks: iis: "#{source_dir}" diff --git a/.gitignore b/.gitignore index cee1221..6c3818b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,8 @@ +.*.sw? +pkg +spec/fixtures +.rspec_system +.vagrant *.iml -Gemfile.lock -/.idea/* +.idea/ +.bundle/ diff --git a/.ruby-version b/.ruby-version new file mode 100644 index 0000000..abf2cce --- /dev/null +++ b/.ruby-version @@ -0,0 +1 @@ +ruby-2.0.0-p247 diff --git a/.travis.yml b/.travis.yml index 61bca8a..66786a4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,8 +1,25 @@ ---- language: ruby +bundler_args: --without development +before_install: rm Gemfile.lock || true rvm: -- 1.9.3 -script: bundle exec rake spec + - 1.8.7 + - 1.9.3 + - 2.0.0 +script: bundle exec rake test env: - matrix: - - PUPPET_VERSION=3.1.0 + - PUPPET_VERSION="2.7.25" + - PUPPET_VERSION="3.3.0" + - PUPPET_VERSION="3.1.0" + - PUPPET_VERSION="3.2.1" + - PUPPET_VERSION="3.3.0" + - PUPPET_VERSION="3.4.0" + - PUPPET_VERSION="3.5.1" + - PUPPET_VERSION="3.6.0" +matrix: + exclude: + - rvm: 2.0.0 + env: PUPPET_VERSION="2.7.25" + - rvm: 2.0.0 + env: PUPPET_VERSION="3.0.0" + - rvm: 2.0.0 + env: PUPPET_VERSION="3.1.0" diff --git a/Gemfile b/Gemfile index 2d92eea..1bdd28b 100644 --- a/Gemfile +++ b/Gemfile @@ -1,14 +1,21 @@ -# A sample Gemfile source "http://rubygems.org" -gem 'puppet-lint' -gem 'test-unit' -gem 'rake' -gem 'rspec', '2.13.0' -gem 'rspec-core', '2.13.1' -gem 'rspec-expectations', '2.13.0' -gem 'rspec-mocks', '2.13.1' -gem 'puppet', '3.2.1' -gem 'rspec-puppet', '0.1.6' -gem 'puppetlabs_spec_helper', '0.4.1' +group :test do + gem "rake" + gem "puppet", ENV['PUPPET_VERSION'] || '~> 3.4.0' + gem "puppet-lint" + gem "rspec-puppet", :git => 'https://github.com/rodjek/rspec-puppet.git' + gem "puppet-syntax" + gem "puppetlabs_spec_helper", "0.4.1" + gem "rspec", "2.99.0" +end +group :development do + gem "travis" + gem "travis-lint" + gem "beaker" + gem "beaker-rspec" + gem "vagrant-wrapper" + gem "puppet-blacksmith" + gem "guard-rake" +end diff --git a/Modulefile b/Modulefile index de32a16..858efb6 100644 --- a/Modulefile +++ b/Modulefile @@ -1,7 +1,8 @@ name 'opentable/iis' -version '0.0.2' +version '1.1.1' author 'opentable' license 'MIT' summary 'Module that will manage IIS for windows server 2008 and above. It will help maintain application pools, sites and virtual applications' project_page 'https://github.com/opentable/puppet-iis' dependency 'puppetlabs/stdlib', '>=3.0.0' +dependency 'joshcooper/powershell', '>=0.0.6' diff --git a/Rakefile b/Rakefile index 19363d5..b67d40d 100644 --- a/Rakefile +++ b/Rakefile @@ -1,5 +1,42 @@ -require 'rubygems' require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint' +require 'puppet-lint/tasks/puppet-lint' +require 'puppet-syntax/tasks/puppet-syntax' + +# These two gems aren't always present, for instance +# on Travis with --without development +begin + require 'puppet_blacksmith/rake_tasks' +rescue LoadError +end + PuppetLint.configuration.send("disable_80chars") -PuppetLint.configuration.send("disable_documentation") +PuppetLint.configuration.log_format = "%{path}:%{linenumber}:%{check}:%{KIND}:%{message}" +PuppetLint.configuration.fail_on_warnings = true + +# Forsake support for Puppet 2.6.2 for the benefit of cleaner code. +# http://puppet-lint.com/checks/class_parameter_defaults/ +PuppetLint.configuration.send('disable_class_parameter_defaults') +# http://puppet-lint.com/checks/class_inherits_from_params_class/ +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +# http://puppet-lint.com/checks/quoted_booleans/ +PuppetLint.configuration.send('disable_quoted_booleans') + +exclude_paths = [ + "pkg/**/*", + "vendor/**/*", + "spec/**/*", +] +PuppetLint.configuration.ignore_paths = exclude_paths +PuppetSyntax.exclude_paths = exclude_paths + +desc "Run acceptance tests" +RSpec::Core::RakeTask.new(:acceptance) do |t| + t.pattern = 'spec/acceptance' +end + +desc "Run syntax, lint, and spec tests." +task :test => [ + :syntax, + :lint, + :spec, +] diff --git a/manifests/createpath.pp b/manifests/createpath.pp index 2e5f5c4..751f83e 100644 --- a/manifests/createpath.pp +++ b/manifests/createpath.pp @@ -1,3 +1,4 @@ +# define iis::createpath($site_path = undef) { include 'iis::param::powershell' diff --git a/manifests/init.pp b/manifests/init.pp index 0dd2d92..35547cc 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,3 +1,4 @@ +# class iis { iis::manage_app_pool {'www.internalapi.co.uk': enable_32_bit => true, diff --git a/manifests/manage_app_pool.pp b/manifests/manage_app_pool.pp index 3e7d9a3..c1fc89e 100644 --- a/manifests/manage_app_pool.pp +++ b/manifests/manage_app_pool.pp @@ -1,3 +1,4 @@ +# define iis::manage_app_pool($app_pool_name = $title, $enable_32_bit = false, $managed_runtime_version = 'v4.0', $managed_pipeline_mode = 'Integrated', $ensure = 'present') { validate_bool($enable_32_bit) diff --git a/manifests/manage_binding.pp b/manifests/manage_binding.pp index efcca28..f7aed1e 100644 --- a/manifests/manage_binding.pp +++ b/manifests/manage_binding.pp @@ -1,4 +1,5 @@ -define iis::manage_binding($site_name, $protocol, $port, $host_header = '', $ip_address = '*', $certificate_name = '', $ensure = 'present') { +# +define iis::manage_binding($site_name, $protocol, $port, $host_header = '', $ip_address = '*', $certificate_thumbprint = '', $ensure = 'present') { include 'iis::param::powershell' if ! ($protocol in [ 'http', 'https', 'net.tcp', 'net.pipe', 'netmsmq', 'msmq.formatname' ]) { @@ -23,16 +24,28 @@ } if ($protocol == 'https') { - validate_re($certificate_name, ['^(.)+$'], 'certificate_name required for https bindings') + validate_re($certificate_thumbprint, ['^(.)+$'], 'certificate_thumbprint required for https bindings') if ($ip_address == '0.0.0.0') { fail('https bindings require a valid ip_address') } + file { "inspect-${title}-certificate.ps1": + ensure => present, + path => "C:\\temp\\inspect-${name}.ps1", + content => template('iis/inspect-certificate-binding.ps1.erb'), + } + + file { "create-${title}-certificate.ps1": + ensure => present, + path => "C:\\temp\\create-${name}.ps1", + content => template('iis/create-certificate-binding.ps1.erb'), + } + exec { "Attach-Certificate-${title}": - path => "${iis::param::powershell::path};${::path}", - command => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"${certificate_name}\\\")} | Select-Object -First 1)\"", - onlyif => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"${certificate_name}\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\") -eq \$false)) { exit 0 } else { exit 1 }\"", - require => Exec["CreateBinding-${title}"], + command => "C:\\temp\\create-${name}.ps1", + onlyif => "C:\\temp\\inspect-${name}.ps1", + require => [File["inspect-${title}-certificate.ps1"], File["create-${title}-certificate.ps1"]], + provider => powershell, logoutput => true, } } diff --git a/manifests/manage_site.pp b/manifests/manage_site.pp index 0e436e7..f1ca29a 100644 --- a/manifests/manage_site.pp +++ b/manifests/manage_site.pp @@ -1,3 +1,4 @@ +# define iis::manage_site($site_path, $app_pool, $host_header = '', $site_name = $title, $port = '80', $ip_address = '*', $ensure = 'present', $ssl = 'false') { include 'iis::param::powershell' @@ -7,7 +8,10 @@ if ($ensure in ['present','installed']) { iis::createpath { "${site_name}-${site_path}": site_path => $site_path - } + } + + $cmdSiteExists = "Test-Path \\\"IIS:\\Sites\\${site_name}\\\"" + $createSwitches = ["-Name \\\"${site_name}\\\"", "-Port ${port} -IP ${ip_address}", "-HostHeader \\\"${host_header}\\\"", @@ -17,12 +21,28 @@ $switches = join($createSwitches,' ') exec { "CreateSite-${site_name}" : - command => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; New-WebSite ${switches} \"", + command => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; \$id = (Get-WebSite | foreach {\$_.id} | sort -Descending | select -first 1) + 1; New-WebSite ${switches} -ID \$id \"", path => "${iis::param::powershell::path};${::path}", - onlyif => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\${site_name}\\\")) { exit 1 } else { exit 0 }\"", + onlyif => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((${$cmdSiteExists})) { exit 1 } else { exit 0 }\"", logoutput => true, require => [ Iis::Createpath["${site_name}-${site_path}"], Iis::Manage_app_pool[$app_pool] ], } + + exec { "UpdateSite-PhysicalPath-${site_name}": + command => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\${site_name}\\\" -Name physicalPath -Value \\\"${site_path}\\\"\"", + onlyif => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((${$cmdSiteExists}) -eq \$false) { exit 1 } if ((Get-ItemProperty \\\"IIS:\\Sites\\${site_name}\\\" physicalPath) -eq \\\"${site_path}\\\") { exit 1 } else { exit 0 }\"", + path => "${iis::param::powershell::path};${::path}", + logoutput => true, + before => Exec["CreateSite-${site_name}"], + } + + exec { "UpdateSite-ApplicationPool-${site_name}": + command => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\${site_name}\\\" -Name applicationPool -Value \\\"${app_pool}\\\"\"", + onlyif => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((${$cmdSiteExists}) -eq \$false) { exit 1 } if((Get-ItemProperty \\\"IIS:\\Sites\\${site_name}\\\" applicationPool) -eq \\\"${app_pool}\\\") { exit 1 } else { exit 0 }\"", + path => "${iis::param::powershell::path};${::path}", + logoutput => true, + before => Exec["CreateSite-${site_name}"], + } } else { exec { "DeleteSite-${site_name}" : command => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; Remove-WebSite -Name \\\"${site_name}\\\"\"", diff --git a/manifests/manage_site_state.pp b/manifests/manage_site_state.pp index 8b13085..a4da2a0 100644 --- a/manifests/manage_site_state.pp +++ b/manifests/manage_site_state.pp @@ -1,3 +1,4 @@ +# define iis::manage_site_state($site_name, $ensure = 'running') { include 'iis::param::powershell' diff --git a/manifests/manage_virtual_application.pp b/manifests/manage_virtual_application.pp index 1f1ee6c..da7e50e 100644 --- a/manifests/manage_virtual_application.pp +++ b/manifests/manage_virtual_application.pp @@ -1,3 +1,4 @@ +# define iis::manage_virtual_application($site_name, $site_path, $app_pool, $virtual_application_name = $title, $ensure = 'present') { include 'iis::param::powershell' diff --git a/manifests/param/powershell.pp b/manifests/param/powershell.pp index 2950643..685c19f 100644 --- a/manifests/param/powershell.pp +++ b/manifests/param/powershell.pp @@ -1,3 +1,4 @@ +# class iis::param::powershell { $executable = 'powershell.exe' $exec_policy = '-ExecutionPolicy RemoteSigned' diff --git a/spec/defines/manage_app_pool_spec.rb b/spec/defines/manage_app_pool_spec.rb index 8bc6fb3..0f8432d 100644 --- a/spec/defines/manage_app_pool_spec.rb +++ b/spec/defines/manage_app_pool_spec.rb @@ -7,7 +7,7 @@ let(:title) { 'myAppPool.example.com' } let(:params) { { :enable_32_bit => true, :managed_runtime_version => 'v4.0' } } - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('Create-myAppPool.example.com').with( { :command => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\AppPools\\myAppPool.example.com\\\"\"", @@ -30,7 +30,7 @@ describe 'when managing the iis application pool without passing parameters' do let(:title) { 'myAppPool.example.com' } - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('Create-myAppPool.example.com').with( { :command => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\AppPools\\myAppPool.example.com\\\"\"", diff --git a/spec/defines/manage_binding_spec.rb b/spec/defines/manage_binding_spec.rb index a637f15..5c0340b 100644 --- a/spec/defines/manage_binding_spec.rb +++ b/spec/defines/manage_binding_spec.rb @@ -12,7 +12,7 @@ :port => '80', } } - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('CreateBinding-myWebSite-port-80').with({ 'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-WebBinding -Name \\\"myWebSite\\\" -Port 80 -Protocol \\\"http\\\" -HostHeader \\\"myHost.example.com\\\" -IPAddress \\\"*\\\"\"", @@ -82,17 +82,17 @@ :ip_address => '127.0.0.1', } } - it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /certificate_name required for https bindings/) } + it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /certificate_thumbprint required for https bindings/) } end describe 'when protocol is https and ip address *' do let(:title) { 'myWebSite-port-443' } let(:params) { { - :site_name => 'myWebSite', - :certificate_name => 'myCertificate', - :protocol => 'https', - :port => '443', - :ip_address => '*', + :site_name => 'myWebSite', + :certificate_thumbprint => 'myCertificate', + :protocol => 'https', + :port => '443', + :ip_address => '*', } } it { should contain_exec('Attach-Certificate-myWebSite-port-443')} @@ -101,11 +101,11 @@ describe 'when protocol is https and ip address 0.0.0.0' do let(:title) { 'myWebSite-port-443' } let(:params) { { - :site_name => 'myWebSite', - :certificate_name => 'myCertificate', - :protocol => 'https', - :port => '443', - :ip_address => '0.0.0.0', + :site_name => 'myWebSite', + :certificate_thumbprint => 'myCertificate', + :protocol => 'https', + :port => '443', + :ip_address => '0.0.0.0', } } it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /https bindings require a valid ip_address/) } @@ -114,17 +114,18 @@ describe 'when protocol is https and all required parameters exist' do let(:title) { 'myWebSite-port-443' } let(:params) { { - :site_name => 'myWebSite', - :certificate_name => 'myCertificate', - :protocol => 'https', - :port => '443', - :ip_address => '127.0.0.1', + :site_name => 'myWebSite', + :certificate_thumbprint => 'myCertificate', + :protocol => 'https', + :port => '443', + :ip_address => '127.0.0.1', } } it { should contain_exec('Attach-Certificate-myWebSite-port-443').with({ - 'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\127.0.0.1!443\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"myCertificate\\\")} | Select-Object -First 1)\"", - 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"myCertificate\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\127.0.0.1!443\\\") -eq \$false)) { exit 0 } else { exit 1 }\"", - })} + 'command' => "C:\\temp\\create-myWebSite-port-443.ps1", + 'onlyif' => "C:\\temp\\inspect-myWebSite-port-443.ps1", + 'provider' => "powershell" + })} end describe 'when managing an iis site binding and setting ensure to present' do diff --git a/spec/defines/manage_site_spec.rb b/spec/defines/manage_site_spec.rb index 2e876e6..1eb7168 100644 --- a/spec/defines/manage_site_spec.rb +++ b/spec/defines/manage_site_spec.rb @@ -11,12 +11,22 @@ :site_path => 'C:\inetpub\wwwroot\myWebSite', } } - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('CreateSite-myWebSite').with({ - 'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-WebSite -Name \\\"myWebSite\\\" -Port 80 -IP * -HostHeader \\\"myHost.example.com\\\" -PhysicalPath \\\"C:\\inetpub\\wwwroot\\myWebSite\\\" -ApplicationPool \\\"myAppPool.example.com\\\" -Ssl:$false \"", + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; $id = (Get-WebSite | foreach {$_.id} | sort -Descending | select -first 1) + 1; New-WebSite -Name \\\"myWebSite\\\" -Port 80 -IP * -HostHeader \\\"myHost.example.com\\\" -PhysicalPath \\\"C:\\inetpub\\wwwroot\\myWebSite\\\" -ApplicationPool \\\"myAppPool.example.com\\\" -Ssl:$false -ID $id \"", 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\")) { exit 1 } else { exit 0 }\"", })} + + it { should contain_exec('UpdateSite-PhysicalPath-myWebSite').with({ + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" -Name physicalPath -Value \\\"C:\\inetpub\\wwwroot\\myWebSite\\\"\"", + 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\") -eq \$false) { exit 1 } if ((Get-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" physicalPath) -eq \\\"C:\\inetpub\\wwwroot\\myWebSite\\\") { exit 1 } else { exit 0 }\"", + })} + + it { should contain_exec('UpdateSite-ApplicationPool-myWebSite').with({ + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" -Name applicationPool -Value \\\"myAppPool.example.com\\\"\"", + 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\") -eq \$false) { exit 1 } if((Get-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" applicationPool) -eq \\\"myAppPool.example.com\\\") { exit 1 } else { exit 0 }\"", + })} end describe 'when managing the iis site passing in all parameters' do @@ -30,12 +40,22 @@ :ensure => 'present', }} - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('CreateSite-myWebSite').with({ - 'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-WebSite -Name \\\"myWebSite\\\" -Port 1080 -IP 127.0.0.1 -HostHeader \\\"myHost.example.com\\\" -PhysicalPath \\\"C:\\inetpub\\wwwroot\\path\\\" -ApplicationPool \\\"myAppPool.example.com\\\" -Ssl:$false \"", + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; $id = (Get-WebSite | foreach {$_.id} | sort -Descending | select -first 1) + 1; New-WebSite -Name \\\"myWebSite\\\" -Port 1080 -IP 127.0.0.1 -HostHeader \\\"myHost.example.com\\\" -PhysicalPath \\\"C:\\inetpub\\wwwroot\\path\\\" -ApplicationPool \\\"myAppPool.example.com\\\" -Ssl:$false -ID $id \"", 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\")) { exit 1 } else { exit 0 }\"", })} + + it { should contain_exec('UpdateSite-PhysicalPath-myWebSite').with({ + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" -Name physicalPath -Value \\\"C:\\inetpub\\wwwroot\\path\\\"\"", + 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\") -eq \$false) { exit 1 } if ((Get-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" physicalPath) -eq \\\"C:\\inetpub\\wwwroot\\path\\\") { exit 1 } else { exit 0 }\"", + })} + + it { should contain_exec('UpdateSite-ApplicationPool-myWebSite').with({ + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" -Name applicationPool -Value \\\"myAppPool.example.com\\\"\"", + 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\") -eq \$false) { exit 1 } if((Get-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" applicationPool) -eq \\\"myAppPool.example.com\\\") { exit 1 } else { exit 0 }\"", + })} end describe 'when managing the iis site and setting ensure to present' do @@ -48,9 +68,19 @@ } } it { should contain_exec('CreateSite-myWebSite').with({ - 'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-WebSite -Name \\\"myWebSite\\\" -Port 80 -IP * -HostHeader \\\"myHost.example.com\\\" -PhysicalPath \\\"C:\\inetpub\\wwwroot\\myWebSite\\\" -ApplicationPool \\\"myAppPool.example.com\\\" -Ssl:$false \"", + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; $id = (Get-WebSite | foreach {$_.id} | sort -Descending | select -first 1) + 1; New-WebSite -Name \\\"myWebSite\\\" -Port 80 -IP * -HostHeader \\\"myHost.example.com\\\" -PhysicalPath \\\"C:\\inetpub\\wwwroot\\myWebSite\\\" -ApplicationPool \\\"myAppPool.example.com\\\" -Ssl:$false -ID $id \"", 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\")) { exit 1 } else { exit 0 }\"", })} + + it { should contain_exec('UpdateSite-PhysicalPath-myWebSite').with({ + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" -Name physicalPath -Value \\\"C:\\inetpub\\wwwroot\\myWebSite\\\"\"", + 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\") -eq \$false) { exit 1 } if ((Get-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" physicalPath) -eq \\\"C:\\inetpub\\wwwroot\\myWebSite\\\") { exit 1 } else { exit 0 }\"", + })} + + it { should contain_exec('UpdateSite-ApplicationPool-myWebSite').with({ + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" -Name applicationPool -Value \\\"myAppPool.example.com\\\"\"", + 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\") -eq \$false) { exit 1 } if((Get-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" applicationPool) -eq \\\"myAppPool.example.com\\\") { exit 1 } else { exit 0 }\"", + })} end describe 'when managing the iis site and setting ensure to installed' do @@ -63,9 +93,19 @@ } } it { should contain_exec('CreateSite-myWebSite').with({ - 'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-WebSite -Name \\\"myWebSite\\\" -Port 80 -IP * -HostHeader \\\"myHost.example.com\\\" -PhysicalPath \\\"C:\\inetpub\\wwwroot\\myWebSite\\\" -ApplicationPool \\\"myAppPool.example.com\\\" -Ssl:$false \"", + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; $id = (Get-WebSite | foreach {$_.id} | sort -Descending | select -first 1) + 1; New-WebSite -Name \\\"myWebSite\\\" -Port 80 -IP * -HostHeader \\\"myHost.example.com\\\" -PhysicalPath \\\"C:\\inetpub\\wwwroot\\myWebSite\\\" -ApplicationPool \\\"myAppPool.example.com\\\" -Ssl:$false -ID $id \"", 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\")) { exit 1 } else { exit 0 }\"", })} + + it { should contain_exec('UpdateSite-PhysicalPath-myWebSite').with({ + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" -Name physicalPath -Value \\\"C:\\inetpub\\wwwroot\\myWebSite\\\"\"", + 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\") -eq \$false) { exit 1 } if ((Get-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" physicalPath) -eq \\\"C:\\inetpub\\wwwroot\\myWebSite\\\") { exit 1 } else { exit 0 }\"", + })} + + it { should contain_exec('UpdateSite-ApplicationPool-myWebSite').with({ + 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Set-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" -Name applicationPool -Value \\\"myAppPool.example.com\\\"\"", + 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if((Test-Path \\\"IIS:\\Sites\\myWebSite\\\") -eq \$false) { exit 1 } if((Get-ItemProperty \\\"IIS:\\Sites\\myWebSite\\\" applicationPool) -eq \\\"myAppPool.example.com\\\") { exit 1 } else { exit 0 }\"", + })} end describe 'when managing the iis site and setting ensure to absent' do @@ -97,4 +137,4 @@ 'onlyif' => "#{powershell} -Command \"Import-Module WebAdministration; if(!(Test-Path \\\"IIS:\\Sites\\myWebSite\\\")) { exit 1 } else { exit 0 }\"", })} end -end \ No newline at end of file +end diff --git a/spec/defines/manage_site_state_spec.rb b/spec/defines/manage_site_state_spec.rb index c4070f1..01bc8ca 100644 --- a/spec/defines/manage_site_state_spec.rb +++ b/spec/defines/manage_site_state_spec.rb @@ -10,7 +10,7 @@ :ensure => 'running', } } - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('StartSite-DefaultWebsite').with({ 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Start-Website -Name \\\"DefaultWebsite\\\"\"", @@ -25,7 +25,7 @@ :ensure => 'true', } } - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('StartSite-DefaultWebsite').with({ 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Start-Website -Name \\\"DefaultWebsite\\\"\"", @@ -40,7 +40,7 @@ :ensure => 'stopped', } } - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('StopSite-DefaultWebsite').with({ 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Stop-Website -Name \\\"DefaultWebsite\\\"\"", @@ -55,7 +55,7 @@ :ensure => 'false', } } - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('StopSite-DefaultWebsite').with({ 'command' => "#{powershell} -Command \"Import-Module WebAdministration; Stop-Website -Name \\\"DefaultWebsite\\\"\"", diff --git a/spec/defines/manage_virtual_application_spec.rb b/spec/defines/manage_virtual_application_spec.rb index e8a8548..6fd3508 100644 --- a/spec/defines/manage_virtual_application_spec.rb +++ b/spec/defines/manage_virtual_application_spec.rb @@ -11,7 +11,7 @@ :app_pool => 'myAppPool.example.com', }} - it { should include_class('iis::param::powershell') } + it { should contain_class('iis::param::powershell') } it { should contain_exec('CreateVirtualApplication-myWebSite-mySite').with({ 'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-WebApplication -Name mySite -Site myWebSite -PhysicalPath C:\\inetpub\\wwwroot\\myHost -ApplicationPool myAppPool.example.com\"", diff --git a/templates/create-certificate-binding.ps1.erb b/templates/create-certificate-binding.ps1.erb new file mode 100644 index 0000000..551e177 --- /dev/null +++ b/templates/create-certificate-binding.ps1.erb @@ -0,0 +1,22 @@ +Import-Module WebAdministration + +$site = Get-Website | Where-Object { $_.Name -eq "<%= site_name %>" } +$certsAttachedToSite = Get-ChildItem IIS:\SSLBindings | ? { $site | Select-Object { $_ -contains $_.Sites.Value }} | % { $_.Thumbprint } +$certificate = Get-ChildItem CERT:\LocalMachine\My | ? { $certsAttachedToSite -contains $_.Thumbprint} | Where-Object { $_.Thumbprint -eq "<%= certificate_thumbprint %>" } + +if((Test-Path IIS:\SslBindings\<%= ip_address %>!<%= port %>) -eq $false) { + push-location IIS:\SslBindings + Get-Item Cert:\LocalMachine\My\<%= certificate_thumbprint %> | New-Item <%= ip_address %>!<%= port %> +} +elseif (((Test-Path IIS:\SslBindings\<%= ip_address %>!<%= port %>) -eq $true) -and (($certificate -ne $null) -or ($certificate.Thumbprint -ne "<%= certificate_thumbprint %>"))) { + push-location IIS:\SslBindings + Get-Item Cert:\LocalMachine\My\<%= certificate_thumbprint %> | Set-Item <%= ip_address %>!<%= port %> + foreach ($cert in $certificates) { + if(($cert -ne $null) -and ($cert.Thumbprint -ne "<%= certificate_thumbprint %>")) { + Get-Item Cert:\LocalMachine\My\$cert.Thumbprint | Remove-Item <%= ip_address %>!<%= port %> + } + } +} +else { + exit 0 +} \ No newline at end of file diff --git a/templates/inspect-certificate-binding.ps1.erb b/templates/inspect-certificate-binding.ps1.erb new file mode 100644 index 0000000..e7b1418 --- /dev/null +++ b/templates/inspect-certificate-binding.ps1.erb @@ -0,0 +1,17 @@ +Import-Module WebAdministration + +if((Test-Path IIS:\SslBindings\<%= ip_address %>!<%= port %>) -eq $false) { + $site = Get-Website | Where-Object { $_.Name -eq "<%= site_name %>" } + $certsAttachedToSite = Get-ChildItem IIS:\SSLBindings | ? { $site | Select-Object { $_ -contains $_.Sites.Value }} | % { $_.Thumbprint } + $certificate = Get-ChildItem CERT:\LocalMachine\My | ? { $certsAttachedToSite -contains $_.Thumbprint} | Where-Object { $_.Thumbprint -eq "<%= certificate_thumbprint %>" } + if ($certificate -ne $null ){ + exit 1 + } + else { + exit 0 + } +} +else { + exit 1 +} +