Skip to content
This repository has been archived by the owner on Feb 24, 2021. It is now read-only.

Integration tests and examples should be able to compile using a (self-signed) certificate #240

Closed
johlju opened this issue Jun 25, 2018 · 3 comments
Closed

Integration tests and examples should be able to compile using a (self-signed) certificate #240

johlju opened this issue Jun 25, 2018 · 3 comments
Labels
enhancement The issue is an enhancement request.

Comments

@johlju
Copy link
Contributor

johlju commented Jun 25, 2018
edited
Loading

To be able to make the examples and integration tests secure by default, we need a certificate on the build worker to be able to compile the configurations. Preferably this should be a self-signed certificate that is created for each test run.

This should make sure to take issue #198 in account.
This would close PowerShell/DscResources#87 and help with PowerShell/DscResources#89 as well.
@johlju johlju added enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. labels Jun 25, 2018
@johlju
Copy link
Contributor Author

johlju commented Jun 25, 2018

@PlagueHO have written down steps in PowerShell/DscResources#89 (comment) that might be able to be reused, which seems to be the same as in https://docs.microsoft.com/en-us/powershell/dsc/securemof.

johlju added a commit to johlju/DscResource.Tests that referenced this issue Jun 26, 2018
@johlju
Changes to example and integration testing
3f62811 
- Added support for example and integration tests configuration can compile using
  a certificate, so that there are no more need for PSDscAllowPlainTextPassword
  in configurations (issue PowerShell#240).
johlju added a commit to johlju/DscResource.Tests that referenced this issue Jun 27, 2018
@johlju
Changes to example and integration testing
90e89b7 
- Added support for example and integration test configurations can compile using
  a certificate, so that there are no more need for PSDscAllowPlainTextPassword
  in configurations (issue PowerShell#240).
@johlju johlju mentioned this issue Jun 27, 2018
Merged
@johlju
Copy link
Contributor Author

johlju commented Jun 27, 2018
edited
Loading

The helper function New-DscSelfSignedCertificate would preferably use the PSPKI module on the PowerShell Gallery (https://github.com/Crypt32/PSPKI), but there is a bug using that, see issue PKISolutions/PSPKI#42. Also when running in the build worker it generates this error.

New-SelfSignedCertificateEx : Uninitialized object (Exception from HRESULT: 0x80040007 (OLE_E_BLANK))
At C:\projects\xpsdesiredstateconfiguration\DscResource.Tests\TestHelper.psm1:1812 char:28
+ ... rtificate = New-SelfSignedCertificateEx @newSelfSignedCertificateExPa ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (:) [New-SelfSignedCertificateEx], COMException
    + FullyQualifiedErrorId : System.Runtime.InteropServices.COMException,New-SelfSignedCertificateEx

https://ci.appveyor.com/project/johlju/xpsdesiredstateconfiguration/build/6.0.104.0

Using the script in the Script Gallery works.

@johlju johlju mentioned this issue Jun 27, 2018
Open
@johlju johlju added in progress The issue is being actively worked on by someone. and removed help wanted The issue is up for grabs for anyone in the community. labels Jun 27, 2018
@johlju
Copy link
Contributor Author

johlju commented Jun 27, 2018

PR #241 now uses the module PSPKI thanks to the author helping to explain what I did wrong!

johlju added a commit to johlju/DscResource.Tests that referenced this issue Jul 3, 2018
@johlju
Changes to example and integration testing
4826782 
- Added support for example and integration test configurations can compile using
  a certificate, so that there are no more need for PSDscAllowPlainTextPassword
  in configurations (issue PowerShell#240).
johlju added a commit to johlju/DscResource.Tests that referenced this issue Jul 7, 2018
@johlju
Changes to example and integration testing
d5f0e00 
- Added support for example and integration test configurations can compile using
  a certificate, so that there are no more need for PSDscAllowPlainTextPassword
  in configurations (issue PowerShell#240).
johlju added a commit that referenced this issue Jul 7, 2018
@johlju
Added support for example and integration tests configurations can co…
4d56f4f 
…mpile using a certificate (#241)

- Added support for example and integration test configurations can compile using
  a certificate, so that there are no more need for PSDscAllowPlainTextPassword
  in configurations (issue #240).
- Updated texts in README.md that was out-of-date.
- Formatted files so some white-space changes occurred.
- Moved the "DisableConsistency" piece of code out of the AppVeyor.psm1 into a helper function to
  support more settings, and test the code easier.
@johlju johlju removed the in progress The issue is being actively worked on by someone. label Jul 7, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement The issue is an enhancement request.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@johlju