Added xSQLServerRole resource

[luigilink]

With the SQL Server Role DSCResource, we can manage the SQL Server Role
security.
Of course in matter of security, we need to use a sysadmin account to configure these roles

---

This change is

[msftclas]

Hi @luigilink, I'm your friendly neighborhood Microsoft Pull Request Bot (You can call me MSBOT). Thanks for your contribution!

In order for us to evaluate and accept your PR, we ask that you sign a contribution license agreement. It's all electronic and will take just minutes. I promise there's no faxing. https://cla.microsoft.com.

TTYL, MSBOT;

[luigilink]

Check with AppVeyor failed with other ressources not mine
Context Schema Validation of MSFT_xSQLServerRole
[+] should pass Test-xDscResource 357ms
[+] should pass Test-xDscSchema 77ms

[msftclas]

@luigilink, Thanks for signing the contribution license agreement so quickly! Actual humans will now validate the agreement and then evaluate the PR.

Thanks, MSBOT;

[johlju]

Awesome work! Love to see this resource merged. Nobody has started the review so I thought I start and give you some comments. :)

---

Reviewed 1 of 2 files at r1, 5 of 5 files at r2.
Review status: 6 of 7 files reviewed at latest revision, 25 unresolved discussions, some commit checks failed.

---

README.md, line 170 [r3] (raw file):

### xSQLServerRole
* **Name**: (Key) Name of the SQL Login to create
* **LoginCredential**: PowerShell Credential for the SQL Login to be created

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

---

README.md, line 171 [r3] (raw file):

* **Name**: (Key) Name of the SQL Login to create
* **LoginCredential**: PowerShell Credential for the SQL Login to be created
* **ServerRoles**: Type of SQL role to add.(bulkadmin, dbcreator, diskadmin, processadmin , public, securityadmin, serveradmin , setupadmin, sysadmin)

Could you change this to ServerRole (see other comments for changing this in code)?

---

DSCResources/MSFT_xSQLServerFirewall/MSFT_xSQLServerFirewall.schema.mof, line 15 [r3] (raw file):

    [Read, Description("Is the firewall rule for the Integration Services enabled?")] boolean IntegrationServicesFirewall;
 };

Did you add back the blank line to the end of this file? Just want to make sure.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 26 [r3] (raw file):

        [System.Management.Automation.PSCredential]
        $LoginCredential,

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 30 [r3] (raw file):

        [ValidateSet("bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin")]
        [System.String[]]
        $ServerRoles,

Could you change this to ServerRole (and change accordingly in the rest of the code as well)?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 47 [r3] (raw file):

    {
        Write-Verbose "Getting SQL Roles"
        $SQLRoles = $SQL.Roles

Could you change this to 'sqlRoles' (and the same for the rest of the code)? If possible you can use `sqlRole' instead

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 50 [r3] (raw file):

        if($SQLRoles)
        {
            ForEach ($ServerRole in $ServerRoles)

Could you change this to $serverRole (and the same for the rest of the code)

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 111 [r3] (raw file):

        [System.Management.Automation.PSCredential]
        $LoginCredential,

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 115 [r3] (raw file):

        [ValidateSet("bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin")]
        [System.String[]]
        $ServerRoles = "public",

Could you change this to ServerRole (and change accordingly in the rest of the code as well)?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 137 [r3] (raw file):

                try
                {
                    $SQLRoles = $SQL.Roles

Could you change this to 'sqlRoles' (and the same for the rest of the code)? If possible you can use `sqlRole' instead

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 138 [r3] (raw file):

                {
                    $SQLRoles = $SQL.Roles
                    ForEach ($ServerRole in $ServerRoles)

Could you change this to $serverRole (and the same for the rest of the code)

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 185 [r3] (raw file):

        [System.Management.Automation.PSCredential]
        $LoginCredential,

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 189 [r3] (raw file):

        [ValidateSet("bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin")]
        [System.String[]]
        $ServerRoles = "public",

Could you change this to ServerRole (and change accordingly in the rest of the code as well)?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 214 [r3] (raw file):

                    $numberSQLRolesPresent=0
                    $SQLRoles = $SQL.Roles
                    ForEach ($ServerRole in $ServerRoles)

Could you change this to $serverRole (and the same for the rest of the code)

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 241 [r3] (raw file):

                    Write-Verbose "getting SQL login $Name in role $ServerRole"
                    $numberSQLRolesAbsent = 0
                    $SQLRoles = $SQL.Roles

Could you change this to 'sqlRoles' (and the same for the rest of the code)? If possible you can use `sqlRole' instead

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 255 [r3] (raw file):

                        }
                    }
                    if($ServerRoles.Count -eq $numberSQLRolesAbsent){return $False}

Could you move these brackets to seperate rows, and change $False to $false.

{
    return $false
}

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 256 [r3] (raw file):

                    }
                    if($ServerRoles.Count -eq $numberSQLRolesAbsent){return $False}
                    Else{return $True}

Same here as the row above. Change $True to $true

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 5 [r3] (raw file):

{
    [Write, Description("An enumerated value that describes if the login exists on the SQL instance.\nPresent {default}  \nAbsent   \n"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;
    [Key, Description("The name of the SQL login.  If LoginType='WindowsUser' or 'WindowsGroup', this is also the name of the user or group in format DOMAIN\name.")] String Name;

The description here doesn't seem to be correct? The "If LoginType..." portion.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 6 [r3] (raw file):

    [Write, Description("An enumerated value that describes if the login exists on the SQL instance.\nPresent {default}  \nAbsent   \n"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;
    [Key, Description("The name of the SQL login.  If LoginType='WindowsUser' or 'WindowsGroup', this is also the name of the user or group in format DOMAIN\name.")] String Name;
    [Write, EmbeddedInstance("MSFT_Credential"), Description("If LoginType='SqlLogin', a PSCredetial object for the SQL login to be created.")] String LoginCredential;

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 7 [r3] (raw file):

    [Key, Description("The name of the SQL login.  If LoginType='WindowsUser' or 'WindowsGroup', this is also the name of the user or group in format DOMAIN\name.")] String Name;
    [Write, EmbeddedInstance("MSFT_Credential"), Description("If LoginType='SqlLogin', a PSCredetial object for the SQL login to be created.")] String LoginCredential;
    [Write, Description("The SQL Server Role."), ValueMap{"bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin"}, Values{"bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin"}] String ServerRoles[];

Could you change this to ServerRole (and change accordingly in the rest of the code as well)?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 7 [r3] (raw file):

    [Key, Description("The name of the SQL login.  If LoginType='WindowsUser' or 'WindowsGroup', this is also the name of the user or group in format DOMAIN\name.")] String Name;
    [Write, EmbeddedInstance("MSFT_Credential"), Description("If LoginType='SqlLogin', a PSCredetial object for the SQL login to be created.")] String LoginCredential;
    [Write, Description("The SQL Server Role."), ValueMap{"bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin"}, Values{"bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin"}] String ServerRoles[];

Could you align the descriptions in the schema with those in the README.md?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 9 [r3] (raw file):

    [Write, Description("The SQL Server Role."), ValueMap{"bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin"}, Values{"bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin"}] String ServerRoles[];
    [Write, Description("The SQL Server for the login.")] String SQLServer;
    [Write, Description("The SQL instance for the login.")] String SQLInstanceName;

Could you change SQLInstanceName to be key as well? Then a user could add the same login to role(s) several instances on the same server.

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

# Uncomment the line below and change password in double quote
#$SecurePassword = ConvertTo-SecureString -String "Pass@word1" -AsPlainText -Force

Why did you add this? Just wondering if there is an issue having it uncommented?

---

Examples/SQL-Standalone.ps1, line 105 [r3] (raw file):

# Uncomment the line below and change password in double quote
#$SecurePassword = ConvertTo-SecureString -String "Pass@word1" -AsPlainText -Force

Why did you add this? Just wondering if there is an issue having it uncommented?

---

Examples/SQLServerNetwork.ps1, line 61 [r3] (raw file):

#http://blogs.msdn.com/b/powershell/archive/2014/01/31/want-to-secure-credentials-in-windows-powershell-desired-state-configuration.aspx
# Uncomment the line below and change password in double quote
#$SecurePassword = ConvertTo-SecureString -String "Pass@word1" -AsPlainText -Force

Why did you add this? Just wondering if there is an issue having it uncommented?

---

Comments from Reviewable

[TravisEz13]

Reviewed 1 of 5 files at r2.
Review status: 6 of 7 files reviewed at latest revision, 25 unresolved discussions, some commit checks failed.

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Why did you add this? Just wondering if there is an issue having it uncommented?

PSScriptAnalyzer would complain, but it's ok to suppress it in an example. If you do, I would add a comment saying you should use a more secure way to get the password in production.

---

Comments from Reviewable

[johlju]

Reviewed 1 of 1 files at r3.
Review status: all files reviewed at latest revision, 25 unresolved discussions, some commit checks failed.

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

Previously, TravisEz13 (Travis Plunk) wrote…

PSScriptAnalyzer would complain, but it's ok to suppress it in an example. If you do, I would add a comment saying you should use a more secure way to get the password in production.

Okay, I see that this is already suppressed in the Dev-branch. @luigilink If you fix merge conflicts (rebase against dev) and then revert the changes you made to this file then the tests should run fine. But please add the comment per @TravisEz13 suggestion.

If you are unsure how to do the rebase, there is a guide how to do this (PR not yet merged into DSCResource), but you find it here in GettingStartedWithGitHub , look for 'Resolve merge conflicts'

---

Examples/SQL-Standalone.ps1, line 105 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Why did you add this? Just wondering if there is an issue having it uncommented?

Okay, I see that this is already suppressed in the Dev-branch. @luigilink If you fix merge conflicts (rebase against dev) and then revert the changes you made to this file then the tests should run fine. But please add the comment per @TravisEz13 suggestion.

---

Examples/SQLServerNetwork.ps1, line 61 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Why did you add this? Just wondering if there is an issue having it uncommented?

Okay, I see that this is already suppressed in the Dev-branch. @luigilink If you fix merge conflicts (rebase against dev) and then revert the changes you made to this file then the tests should run fine. But please add the comment per @TravisEz13 suggestion.

---

Comments from Reviewable

[luigilink]

Reviewed 1 of 2 files at r1, 5 of 5 files at r2.
Review status: 4 of 10 files reviewed at latest revision, 25 unresolved discussions, some commit checks failed.

---

README.md, line 170 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

Done.

---

README.md, line 171 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to ServerRole (see other comments for changing this in code)?

Done.

---

DSCResources/MSFT_xSQLServerFirewall/MSFT_xSQLServerFirewall.schema.mof, line 15 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Did you add back the blank line to the end of this file? Just want to make sure.

Yes the blank line is present

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 26 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

I deleted this parameter. Thanks.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 30 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to ServerRole (and change accordingly in the rest of the code as well)?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 47 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to 'sqlRoles' (and the same for the rest of the code)? If possible you can use `sqlRole' instead

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 50 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to $serverRole (and the same for the rest of the code)

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 111 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 115 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to ServerRole (and change accordingly in the rest of the code as well)?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 137 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to 'sqlRoles' (and the same for the rest of the code)? If possible you can use `sqlRole' instead

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 138 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to $serverRole (and the same for the rest of the code)

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 185 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 189 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to ServerRole (and change accordingly in the rest of the code as well)?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 214 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to $serverRole (and the same for the rest of the code)

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 241 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to 'sqlRoles' (and the same for the rest of the code)? If possible you can use `sqlRole' instead

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 255 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you move these brackets to seperate rows, and change $False to $false.

{
    return $false
}

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 256 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Same here as the row above. Change $True to $true

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 5 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

The description here doesn't seem to be correct? The "If LoginType..." portion.

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 6 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

I can't see that this parameter LoginCredential is used in the code. Is this necessary for your intended behavior?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 7 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change this to ServerRole (and change accordingly in the rest of the code as well)?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 7 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you align the descriptions in the schema with those in the README.md?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 9 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Could you change SQLInstanceName to be key as well? Then a user could add the same login to role(s) several instances on the same server.

Done.

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Okay, I see that this is already suppressed in the Dev-branch.
@luigilink If you fix merge conflicts (rebase against dev) and then revert the changes you made to this file then the tests should run fine. But please add the comment per @TravisEz13 suggestion.

If you are unsure how to do the rebase, there is a guide how to do this (PR not yet merged into DSCResource), but you find it here in GettingStartedWithGitHub , look for 'Resolve merge conflicts'

Done.

---

Examples/SQL-Standalone.ps1, line 105 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Okay, I see that this is already suppressed in the Dev-branch.
@luigilink If you fix merge conflicts (rebase against dev) and then revert the changes you made to this file then the tests should run fine. But please add the comment per @TravisEz13 suggestion.

Done.

---

Examples/SQLServerNetwork.ps1, line 61 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Okay, I see that this is already suppressed in the Dev-branch.
@luigilink If you fix merge conflicts (rebase against dev) and then revert the changes you made to this file then the tests should run fine. But please add the comment per @TravisEz13 suggestion.

Done.

---

Comments from Reviewable

[luigilink]

Review status: 0 of 9 files reviewed at latest revision, 25 unresolved discussions.

---

README.md, line 170 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

README.md, line 171 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 26 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

I deleted this parameter. Thanks.

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 30 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 6 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

Examples/SQL-Standalone.ps1, line 105 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

Examples/SQLServerNetwork.ps1, line 61 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

DSCResources/MSFT_xSQLServerFirewall/MSFT_xSQLServerFirewall.schema.mof, line 15 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Yes the blank line is present

Done.

---

Comments from Reviewable

[luigilink]

Review status: 0 of 10 files reviewed at latest revision, 25 unresolved discussions.

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

Examples/SQL-Standalone.ps1, line 105 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

Examples/SQLServerNetwork.ps1, line 61 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

DSCResources/MSFT_xSQLServerFirewall/MSFT_xSQLServerFirewall.schema.mof, line 15 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

Comments from Reviewable

[luigilink]

Reviewed 10 of 10 files at r4.
Review status: all files reviewed at latest revision, 25 unresolved discussions.

---

Comments from Reviewable

[johlju]

Nice work with the changes! I have a little more comments. :)

It seems that you did a "git merge" or "git pull" (Merge branch 'dev' into SQL-Server-Role) instead of a "git rebase". I'm a right? If so, could you please do a git rebase towards dev?

---

Reviewed 10 of 10 files at r4.
Review status: all files reviewed at latest revision, 33 unresolved discussions.

---

DSCResource.Tests, line 1 [r4] (raw file):

Subproject commit 8a5c02d4c3a1c0de3562550043c065d599cafaf5

Could you please add this to a .gitignore file in your cloned repo. This folder is created when running tests, but should not be commited to the PR.

---

README.md, line 170 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

README.md, line 171 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 26 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 30 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 47 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Please change this to "$sqlRole" (and in the resto of the code). So it is using Camel Case according to the style guideline https://github.com/PowerShell/DscResources/blob/master/StyleGuidelines.md#variables

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 50 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Could you please change this to be more descriptive? Maybe `$serverRole` would be better in this case? https://github.com/PowerShell/DscResources/blob/master/StyleGuidelines.md#descriptive-names

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 111 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 115 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 137 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Same here, please use camelCase.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 138 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Same here, can you use descriptive name instead?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 185 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 189 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 214 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 241 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 255 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 256 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 29 [r4] (raw file):

        $ServerRole,

        [parameter(Mandatory = $true)]

Please change [parameter to [Parameter with capital 'P'. Please do this in all the code.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 38 [r4] (raw file):

    )

    if(!$SQL)

Can you change $SQL to $sql (here and the rest of the code) so it uses camelCase according to the style guideline. https://github.com/PowerShell/DscResources/blob/master/StyleGuidelines.md#variables

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 196 [r4] (raw file):

    Write-Verbose -Message "Testing SQL roles for login $Name"
    $CurrentValues = Get-TargetResource @PSBoundParameters

Could this be changed to $currentValues? So it uses camelCase

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 201 [r4] (raw file):

    $result

Could you remove blank line here?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 203 [r4] (raw file):

}

Could you remove extra blank line here?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 5 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 6 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 7 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 7 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 9 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResources/MSFT_xSQLServerRole/Readme.md, line 3 [r4] (raw file):

**Description**

This resource is used to configure the Server Roles of SQL Login (SqlLogin or Windows).

If you see fit, can you move this text to the README.md in the root folder instead. You could add this as the description of the resource instead of the current description, below is snippet from the README.md.

• xSQLServerRole resource to manage SQL server roles

When content is moved, this file should be removed. We don't have such files in the resource folder. If someone told you or you read differently somewhere, please correct me.

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

You have a CONFLICT in this file that are still not resolved. Please resolve. See code between`<<<<<<< HEAD` <-> `>>>>>>> dev`

---

Examples/SQL-Standalone.ps1, line 105 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

You have a CONFLICT in this file that are still not resolved. Please resolve. See code between `<<<<<<< HEAD` <-> `>>>>>>> dev`

---

Examples/SQLServerNetwork.ps1, line 61 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

You have a CONFLICT in this file that are still not resolved. Please resolve. See code between `<<<<<<< HEAD` <-> `>>>>>>> dev`

---

Examples/Resources/xSQLServerRole/1-AddServerRole.ps1, line 14 [r4] (raw file):

            $SysadminAccount
        )
        Import-DscResource -ModuleName xSqlServer

Add a blank line before this row

---

Examples/Resources/xSQLServerRole/2-RemoveServerRole.ps1, line 14 [r4] (raw file):

            $SysadminAccount
        )
        Import-DscResource -ModuleName xSqlServer

Add a blank line before this row

---

DSCResources/MSFT_xSQLServerFirewall/MSFT_xSQLServerFirewall.schema.mof, line 15 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

I was hoping this file was gonna be removed when you did a `git rebase`.

---

Comments from Reviewable

[johlju]

Reviewed 1 of 1 files at r5.
Review status: all files reviewed at latest revision, 35 unresolved discussions.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 92 [r4] (raw file):

}

Could you please remove the extra blank line here?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 166 [r4] (raw file):

}

Could you please remove the extra blank line here?

---

Comments from Reviewable

[luigilink]

Review status: all files reviewed at latest revision, 4 unresolved discussions.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 38 [r7] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

.gitignore, line 1 [r6] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

DSCResource.Tests, line 1 [r4] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

Done.

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

LGTM

Done.

---

Comments from Reviewable

[johlju]

I don't think the PowerShell Team is enforcing that these existing resources need to have a unit test when doing code changes (they do on new resources).
But it would be awesome if you could write one for this resource. I think you have a good example here.
Do you think that is something you would feel up to?

---

Reviewed 2 of 3 files at r8.
Review status: all files reviewed at latest revision, 4 unresolved discussions.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 38 [r7] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

.gitignore, line 1 [r6] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

DSCResource.Tests, line 1 [r4] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

Examples/SQL-ClusterDB.ps1, line 156 [r3] (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

Done.

LGTM

---

Comments from Reviewable

[johlju]

My bad, this is a new resource so I think they are gonna enforce that this one has a unit test before merging. Let me know if you need assistance in creating one. :)

---

Review status: all files reviewed at latest revision, 4 unresolved discussions.

---

Comments from Reviewable

[mbreakey3]

Yes, all PRs with fairly substantial changes need to have (at least) unit tests for those changes.

[luigilink]

Unit Test added for this resource, could you give me feedback.

[mbreakey3]

Unit test looks good. @johlju - could you glance over this once more and give your ok?

[johlju]

Yes, I will look at it. I think I saw an issue with the wrapper. Comment on it shortly.

[johlju]

@luigilink great work! All logic looks good to me! Just a few style changes.
Regarding the test, it's perfect.

Below text is not part of the review, just something you might consider next time you make a test. Also, make a big note that I am far from good at this myself. So let me know if I'm wrong! 😄

Consider that with a little more tweaks I think it would have been possible to get more code coverage. Like mocking the EnumMemberNames() method in the (now) Confirm-SqlServerRole. That I think would have allowed much of the code in the Confirm-SqlServerRole out of the wrapper and instead kept in the main code, which would have increased test code coverage (mocking a function excludes it from 'code coverage'). A wrapper should be as lightweight it can be.
You can see an example here that I made which mocking a class method (see testing of the Set-method)
https://github.com/johlju/xSQLServer/blob/95e24ef5dfca3373205d95d7a173cf0b8847cc1e/DSCResources/MSFT_xSQLServerDatabaseRole/MSFT_xSQLServerDatabaseRole.psm1

---

Reviewed 1 of 4 files at r9.
Review status: 5 of 8 files reviewed at latest revision, 10 unresolved discussions.

---

xSQLServerHelper.psm1, line 458 [r9] (raw file):

        try
        {
            ForEach ($currentServerRole in $ServerRole)

Ca you make foreach lowercase?

---

xSQLServerHelper.psm1, line 469 [r9] (raw file):

        }
    }
    Else

Can you make else in lower case?

---

xSQLServerHelper.psm1, line 499 [r9] (raw file):

        try
        {
            ForEach ($currentServerRole in $ServerRole)

Can you make foreach lowercase?

---

xSQLServerHelper.psm1, line 510 [r9] (raw file):

        }
    }
    Else

can you make lese lowercase?

---

xSQLServerHelper.psm1, line 538 [r9] (raw file):

    if ($sqlRole)
    {
        ForEach ($currentServerRole in $ServerRole)

Can you make foreach lowercase?

---

xSQLServerHelper.psm1, line 567 [r9] (raw file):

    }

    Return $confirmServerRole

can you make return lowercase?

---

Comments from Reviewable

[luigilink]

Reviewed 3 of 4 files at r9, 1 of 1 files at r10.
Review status: all files reviewed at latest revision, 7 unresolved discussions.

---

xSQLServerHelper.psm1, line 458 [r9] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Ca you make foreach lowercase?

Done.

---

xSQLServerHelper.psm1, line 469 [r9] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Can you make else in lower case?

Done.

---

xSQLServerHelper.psm1, line 499 [r9] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Can you make foreach lowercase?

Done.

---

xSQLServerHelper.psm1, line 510 [r9] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

can you make lese lowercase?

Done.

---

xSQLServerHelper.psm1, line 538 [r9] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

Can you make foreach lowercase?

Done.

---

xSQLServerHelper.psm1, line 567 [r9] (raw file):

Previously, johlju (Johan Ljunggren) wrote…

can you make return lowercase?

Done.

---

Comments from Reviewable

[luigilink]

@johlju Thanks you for the advice, I'll look on your test unit.
And thanks for all your comments.

[johlju]

---

Reviewed 3 of 4 files at r9, 1 of 1 files at r10.
Review status: all files reviewed at latest revision, 7 unresolved discussions.

---

Comments from Reviewable

[mbreakey3]

Reviewed 1 of 7 files at r6, 1 of 6 files at r7, 1 of 3 files at r8, 1 of 4 files at r9.
Review status: all files reviewed at latest revision, 18 unresolved discussions, some commit checks failed.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 25 at r10 (raw file):

        [Parameter(Mandatory = $true)]
        [ValidateSet("bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin")]

Can we change the case for the values in this set? It's kind of hard to read

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 38 at r10 (raw file):

    )

    if (!$sql)

I think you can get rid of this if check - just assign the $sql variable

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 149 at r10 (raw file):

    $currentValues = Get-TargetResource @PSBoundParameters

    $result = ($currentValues.Ensure -eq $Ensure) -and ($currentValues.ServerRole -eq $ServerRole)

What about testing the rest of the values?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 6 at r10 (raw file):

{
    [Key, Description("The name of the SQL login.  If LoginType='WindowsUser' or 'WindowsGroup', this is also the name of the user or group in format DOMAIN\name.")] String Name;
    [Write, Description("An enumerated value that describes if the login exists on the SQL instance.\nPresent {default}  \nAbsent   \n"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;

Are the '\n's here for a reason? As in '...\nPresent {default} \nAbsent \n...'

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 7 at r10 (raw file):

    [Key, Description("The name of the SQL login.  If LoginType='WindowsUser' or 'WindowsGroup', this is also the name of the user or group in format DOMAIN\name.")] String Name;
    [Write, Description("An enumerated value that describes if the login exists on the SQL instance.\nPresent {default}  \nAbsent   \n"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;
    [Required, Description("Type of SQL role to add"), ValueMap{"bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin"}, Values{"bulkadmin","dbcreator","diskadmin","processadmin","public","securityadmin","serveradmin","setupadmin","sysadmin"}] String ServerRole[];

Can we change these values to be CamelCase? i.e. : BulkAdmin, DBCreator, DiskAdmin, etc. Or are they all lowercase for a reason?

---

Examples/Resources/xSQLServerRole/1-AddServerRole.ps1, line 12 at r10 (raw file):

            [Parameter(Mandatory = $true)]
            [PSCredential]
            $SysadminAccount

change to $SysAdminAccount

---

Examples/Resources/xSQLServerRole/2-RemoveServerRole.ps1, line 4 at r10 (raw file):

.EXAMPLE
    This example shows how to ensure that the user account CONTOSO\SQLUser
    has not "setupadmin" SQL server role. 

'...CONTOSO\SQLUser does not have...'

---

Examples/Resources/xSQLServerRole/2-RemoveServerRole.ps1, line 12 at r10 (raw file):

            [Parameter(Mandatory = $true)]
            [PSCredential]
            $SysadminAccount

$SysAdminAccount

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 89 at r10 (raw file):

            $result = Get-TargetResource @testParameters

            It 'Should not return the state as present' {

'Should return the state as present'? instead of 'Should not..'

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 119 at r10 (raw file):

        Context 'When the system is not in the desired state' {            
            It 'Should return the state as absent when desired loginName does not exist' {

All of these tests are just checking to see what boolean value that Test-Target resource returns - not the actual state - can you change the It statements here to reflect that?

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 214 at r10 (raw file):

                Mock -CommandName Add-SqlServerRole -MockWith { } -ModuleName $script:DSCResourceName -Verifiable

                { Set-TargetResource @testParameters } | Should Be $true

Set-TargetResource doesn't return anything - so just check that the correct mocks are called. Change the It statements here to reflect that too, since this function isn't returning a state.

---

Comments from Reviewable

[mbreakey3]

Also, now that there's been another PR merged the conflicts are going to need to be resolved again. Thanks for your patience!

[johlju]

I totally missed all the { Set-TargetResource @testParameters } | Should Be $true in my review. Lucky we have second pair of eyes reviewing 😄

[luigilink]

Reviewed 6 of 8 files at r11, 2 of 2 files at r12.
Review status: all files reviewed at latest revision, 12 unresolved discussions.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 25 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

Can we change the case for the values in this set? It's kind of hard to read

How can I do that ?

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 38 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

I think you can get rid of this if check - just assign the $sql variable

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 149 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

What about testing the rest of the values?

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 6 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

Are the '\n's here for a reason? As in '...\nPresent {default} \nAbsent \n...'

Done.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.schema.mof, line 7 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

Can we change these values to be CamelCase? i.e. : BulkAdmin, DBCreator, DiskAdmin, etc. Or are they all lowercase for a reason?

The values are in lowercase from SQL object, so the Test wil be failed if we try with CamelCase

---

Examples/Resources/xSQLServerRole/1-AddServerRole.ps1, line 12 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

change to $SysAdminAccount

Done.

---

Examples/Resources/xSQLServerRole/2-RemoveServerRole.ps1, line 4 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

'...CONTOSO\SQLUser does not have...'

Done.

---

Examples/Resources/xSQLServerRole/2-RemoveServerRole.ps1, line 12 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

$SysAdminAccount

Done.

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 89 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

'Should return the state as present'? instead of 'Should not..'

Done.

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 119 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

All of these tests are just checking to see what boolean value that Test-Target resource returns - not the actual state - can you change the It statements here to reflect that?

Done.

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 214 at r10 (raw file):

Previously, mbreakey3 (Mariah) wrote…

Set-TargetResource doesn't return anything - so just check that the correct mocks are called. Change the It statements here to reflect that too, since this function isn't returning a state.

Done.

---

Comments from Reviewable

[mbreakey3]

Reviewed 6 of 8 files at r11, 2 of 2 files at r12.
Review status: all files reviewed at latest revision, 14 unresolved discussions.

---

DSCResources/MSFT_xSQLServerRole/MSFT_xSQLServerRole.psm1, line 25 at r10 (raw file):

Previously, luigilink (Jean-Cyril Drouhin) wrote…

How can I do that ?

OK - Nevermind, it can stay in since it's part of the sql functionality

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 136 at r12 (raw file):

            }

            It 'Should return the state as present when non-desired loginName exist' {

This says it should return present, but it's returning false

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 172 at r12 (raw file):

            }

            It 'Should return the state as absent when non-desired loginName does not exist' {

This one is returning true but it says the state should return absent

---

Comments from Reviewable

[luigilink]

Reviewed 3 of 3 files at r13.
Review status: all files reviewed at latest revision, 3 unresolved discussions.

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 136 at r12 (raw file):

Previously, mbreakey3 (Mariah) wrote…

This says it should return present, but it's returning false

Done. I changed state to test, it's more clear with the pester objective

---

Tests/Unit/xSQLServerRole.Tests.ps1, line 172 at r12 (raw file):

Previously, mbreakey3 (Mariah) wrote…

This one is returning true but it says the state should return absent

Done. I changed state to test, it's more clear with the pester objective

---

Comments from Reviewable

[mbreakey3]

Reviewed 1 of 3 files at r13.
Review status: all files reviewed at latest revision, 1 unresolved discussion.

---

Comments from Reviewable

[mbreakey3]

---

Reviewed 2 of 3 files at r13.
Review status: all files reviewed at latest revision, 1 unresolved discussion.

---

Comments from Reviewable