synedgy / sampler.dscpipeline Goto Github PK

View Code? Open in Web Editor NEW

9.0 4.0 9.0 99 KB

DSC Pipeline Helpers and tasks for use with Datum

License: MIT License

PowerShell 100.00%

dsc pipeline powershell

sampler.dscpipeline's Introduction

Sampler.DscPipeline

This module contains DSC resources for the management and configuration of PRODUCT.

Code of Conduct

This project has adopted this Code of Conduct.

Releases

For each merge to the branch main a preview release will be deployed to PowerShell Gallery. Periodically a release version tag will be pushed which will deploy a full release to PowerShell Gallery.

Contributing

Please check out common DSC Community contributing guidelines.

Change log

A full list of changes in each version can be found in the change log.

Documentation

The documentation can be found in the Sampler.DscPipeline Wiki. The DSC resources schema files is used to automatically update the documentation on each PR merge.

Examples

You can review the DSC Pipeline project directory in the Sampler.DscPipeline module for some general use scenarios for all of the resources that are in the module.

The resource examples are also available in the Sampler.DscPipeline Wiki.

sampler.dscpipeline's People

Contributors

Stargazers

Watchers

Forkers

nicolasbn nyanhp stehlih johlju psdgal dolearnwhilealive raandree psd3vops rcfmartin

sampler.dscpipeline's Issues

Documentation?

README.md references the Github wiki when the project was hosted by dsccommunity:

Sampler.DscPipeline/README.md

Line 36 in 428131a

    
           The documentation can be found in the [Sampler.DscPipeline Wiki](https://github.com/dsccommunity/Sampler.DscPipeline/wiki).

I found this among the files, was it really only this even at dsccommunity?
https://github.com/SynEdgy/Sampler.DscPipeline/blob/main/source/WikiSource/Home.md

In any case, maybe the README could be updated.

Regex for `--Added new node` broken in LoadDatumConfigData

Builds with commit message --Added new node are not filtered to the new node.

Fix Folder Name for crossplatform use

Problem description

I'm repurposing the dscworkshop project to create linux configuration files as well. Since I'm running the build on a linux computer, the path is case sensitive. The Sampler.DscPipline.psd1 won't import due to tasks\* , being lowercase.

Verbose logs

Importing tasks from module Sampler.DscPipeline
Get-ChildItem: Cannot find path '/home/ricky/git/NixConfigs/output/RequiredModules/Sampler.DscPipeline/0.2.0/tasks' because it
does not exist.
Adding Workflow from configuration:
  +-> pack
  +-> build
  +-> rsop
  +-> .
[build] Executing requested workflow: .
ERROR: Task 'build': Missing task 'LoadDatumConfigData'.
At /home/ricky/git/NixConfigs/build.ps1:331 char:13
+             task $workflow $workflowItem
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Build ABORTED /home/ricky/git/NixConfigs/build.ps1. 0 tasks, 1 errors, 0 warnings 00:00:00.4484694
Invoke-Build.ps1: /home/ricky/git/NixConfigs/build.ps1:511:9
Line |
 511 |          Invoke-Build @PSBoundParameters -Task $Tasks -File $MyInvocat …
     |          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | Task 'build': Missing task 'LoadDatumConfigData'. At /home/ricky/git/NixConfigs/build.ps1:331 char:13 +    
     | task $workflow $workflowItem +             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

DSC configuration

N/A

Current Configuration

Get-ChildItem -Path (Join-Path -Path $PSScriptRoot -ChildPath 'tasks\*') -Include '*.build.*' |
    ForEach-Object -Process {
        $ModuleName = ([System.IO.FileInfo] $MyInvocation.MyCommand.Name).BaseName
        $taskFileAliasName = "$($_.BaseName).$ModuleName.ib.tasks"

        Set-Alias -Name $taskFileAliasName -Value $_.FullName

        Export-ModuleMember -Alias $taskFileAliasName
    }

Suggested Fix

Line 2 of the Suffix.ps1 file

I'm setting the tasks childpath to Tasks so it matches the folder name. After the change, the build completes as normal.

Get-ChildItem -Path (Join-Path -Path $PSScriptRoot -ChildPath 'Tasks\*') -Include '*.build.*' |
    ForEach-Object -Process {
        $ModuleName = ([System.IO.FileInfo] $MyInvocation.MyCommand.Name).BaseName
        $taskFileAliasName = "$($_.BaseName).$ModuleName.ib.tasks"

        Set-Alias -Name $taskFileAliasName -Value $_.FullName

        Export-ModuleMember -Alias $taskFileAliasName
    }

Operating system the target node is running

NAME="Pop!_OS"
VERSION="22.04 LTS"
ID=pop
ID_LIKE="ubuntu debian"
PRETTY_NAME="Pop!_OS 22.04 LTS"
VERSION_ID="22.04"
HOME_URL="https://pop.system76.com"
SUPPORT_URL="https://support.system76.com"
BUG_REPORT_URL="https://github.com/pop-os/pop/issues"
PRIVACY_POLICY_URL="https://system76.com/privacy"
VERSION_CODENAME=jammy
UBUNTU_CODENAME=jammy
LOGO=distributor-logo-pop-os

PowerShell version and build the target node is running

Name                           Value
----                           -----
PSVersion                      7.4.1
PSEdition                      Core
GitCommitId                    7.4.1
OS                             Pop!_OS 22.04 LTS
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Sampler.DscPipeline version

Name                Version Path
----                ------- ----
Sampler.DscPipeline 0.2.0   /home/ricky/git/NixConfigs/output/RequiredModules/Sampler.DscPipeline/0.2.0/Sampler.DscPipeline.psd1

The publish task `Publish_GitHub_Wiki_Content` failes due to missing wiki page

Problem description

The publish task Publish_GitHub_Wiki_Content failes due to missing wiki page.

@gaelcolas, can you create just a dummy first wiki page to create the wiki repository?

Verbose logs

Set GitHubConfigUserName to dscbot
Set GitHubConfigUserEmail to [email protected]
	Wiki Output Path              = /home/vsts/work/1/s/output/WikiContent
Publishing Wiki content.
ERROR: Command: git commit --message "Updating Wiki with the content for module version '0.2.0-preview0013'."
git exit code: '1'
git standard output: 'On branch master
Your branch is up to date with 'origin/master'.

nothing to commit, working tree clean
'
git standard error: ''

At /home/vsts/work/1/s/output/RequiredModules/DscResource.DocGenerator/0.11.2/DscResource.DocGenerator.psm1:2813 char:13
+             throw $throwMessage
+             ~~~~~~~~~~~~~~~~~~~
At /home/vsts/work/1/s/output/RequiredModules/DscResource.DocGenerator/0.11.2/tasks/Publish_GitHub_Wiki_Content.build.ps1:99 char:1
+ task Publish_GitHub_Wiki_Content {
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Build FAILED. 4 tasks, 1 errors, 0 warnings 00:00:32.1189114
Exception: Command: git commit --message "Updating Wiki with the content for module
version '0.2.0-preview0013'." git exit code: '1' git standard output: 'On
branch master Your branch is up to date with 'origin/master'.  nothing to
commit, working tree clean ' git standard error: ''

##[error]PowerShell exited with code '1'.
Finishing: Publish Release



### DSC configuration

```powershell
NA

Operating system the target node is running

NA

PowerShell version and build the target node is running

NA

Sampler.DscPipeline version

NA

Datum.ProtectedData::ProtectedDatum:Certificate with PFX File and Password as Parameter

I'm building my config on an Azure DevOps 2020 onPrem Worker.
I've encrypted the credentials with a Document Encryption Certificate and set the Certificate Thumbprint at the Datum.yml with

DatumHandlers:
  Datum.ProtectedData::ProtectedDatum:
    CommandOptions:
      Certificate: 'Cert:\CurrentUser\My\<Thumbprint>'

Before the build.ps1 is called my pipeline adds the certificate to the CurrentUser certificate store and after that it gets removed.

While the build is running another build process on a different worker agent on the same server with the same user context could access my private key.

The ProtectedData Module supports the use of an unlocked x509 object Protect Data and Unprotect Data (the basics)

# Note:  passwords may also be passed to the X509Certificate2 constructor as SecureString objects.
$cert = New-Object System.Security.Cryptography.X509Certificate2('C:\MyCertificate.pfx', 'MyPassword')

$decryptedString = $protectedData | Unprotect-Data -Certificate $cert

Would it be possible to add a parameter to the build process which either accepts an unlocked x509 object or the the path to the pfx file and a password?
In both scenarios i'd be able to use my pfx file as a secure file and the password as a protected variable
Something like

- task: DownloadSecureFile@1
  name: DatumCertificate
  displayName: Download Datum Document Encryption Certificate
  inputs:
    secureFile: '$(documentEncryptionCert.secureFileName)'
- task: PowerShell@2
  name: build
  displayName: 'Build DSC Artifacts'
  inputs:
    targetType: 'inline'
    script: |
      $cert = New-Object System.Security.Cryptography.X509Certificate2('$(DatumCertificate.secureFilePath)', '$(documentEncryptionCert.password)')
      './build.ps1' -tasks build -ProtectedDatumCertificate $cert

- task: DownloadSecureFile@1
  name: DatumCertificate
  displayName: Download Datum Document Encryption Certificate
  inputs:
    secureFile: '$(documentEncryptionCert.secureFileName)'
- task: PowerShell@2
  name: build
  displayName: 'Build DSC Artifacts'
  inputs:
    filePath: './build.ps1'
    arguments: '-tasks build -ProtectedDatumCertificatePath $(DatumCertificate.secureFilePath) -ProtectedDatumCertificate $(documentEncryptionCert.password)'

synedgy / sampler.dscpipeline Goto Github PK

sampler.dscpipeline's Introduction

Sampler.DscPipeline

Code of Conduct

Releases

Contributing

Change log

Documentation

Examples

sampler.dscpipeline's People

Contributors

Stargazers

Watchers

Forkers

sampler.dscpipeline's Issues

Problem description

Verbose logs

DSC configuration

Suggested solution

Current Configuration

Suggested Fix

Operating system the target node is running

PowerShell version and build the target node is running

Sampler.DscPipeline version

Problem description

Verbose logs

Suggested solution

Operating system the target node is running

PowerShell version and build the target node is running

Sampler.DscPipeline version

Recommend Projects

Recommend Topics

Recommend Org