From f90b2574e65fb49738d324574438bad848cf45eb Mon Sep 17 00:00:00 2001 From: "Steve Lee (POWERSHELL HE/HIM) (from Dev Box)" Date: Sat, 14 Sep 2024 15:28:51 -0700 Subject: [PATCH 1/4] Update WMI adapter to perform query based on provided properties --- dsc/examples/wmi.dsc.yaml | 10 ----- dsc/examples/wmi_inventory.dsc.yaml | 41 +++++++++++++++++ wmi-adapter/Tests/test_wmi_config.dsc.yaml | 4 ++ wmi-adapter/Tests/wmi.tests.ps1 | 15 ++++--- wmi-adapter/wmi.resource.ps1 | 51 ++++++++++++++++++---- 5 files changed, 96 insertions(+), 25 deletions(-) delete mode 100644 dsc/examples/wmi.dsc.yaml create mode 100644 dsc/examples/wmi_inventory.dsc.yaml diff --git a/dsc/examples/wmi.dsc.yaml b/dsc/examples/wmi.dsc.yaml deleted file mode 100644 index c4907988..00000000 --- a/dsc/examples/wmi.dsc.yaml +++ /dev/null @@ -1,10 +0,0 @@ -$schema: https://raw.githubusercontent.com/PowerShell/DSC/main/schemas/2024/04/config/document.json -resources: -- name: WMI - type: Microsoft.Windows/WMI - properties: - resources: - - name: computer system - type: root.cimv2/Win32_ComputerSystem - - name: network adapter - type: root.cimv2/Win32_NetworkAdapter diff --git a/dsc/examples/wmi_inventory.dsc.yaml b/dsc/examples/wmi_inventory.dsc.yaml new file mode 100644 index 00000000..300fc85d --- /dev/null +++ b/dsc/examples/wmi_inventory.dsc.yaml @@ -0,0 +1,41 @@ +$schema: https://raw.githubusercontent.com/PowerShell/DSC/main/schemas/2024/04/config/document.json +resources: +- name: WMI + type: Microsoft.Windows/WMI + properties: + resources: + - name: computer system + type: root.cimv2/Win32_ComputerSystem + properties: + name: + domain: + totalphysicalmemory: + model: + manufacturer: + - name: operating system + type: root.cimv2/Win32_OperatingSystem + properties: + caption: + version: + osarchitecture: + oslanguage: + - name: system enclosure + type: root.cimv2/Win32_SystemEnclosure + properties: + manufacturer: + model: + serialnumber: + - name: bios + type: root.cimv2/Win32_BIOS + properties: + manufacturer: + version: + serialnumber: + - name: network adapter + type: root.cimv2/Win32_NetworkAdapter + properties: + name: + macaddress: + adaptertype: + netconnectionid: + serviceName: diff --git a/wmi-adapter/Tests/test_wmi_config.dsc.yaml b/wmi-adapter/Tests/test_wmi_config.dsc.yaml index 225c87f6..7a18deae 100644 --- a/wmi-adapter/Tests/test_wmi_config.dsc.yaml +++ b/wmi-adapter/Tests/test_wmi_config.dsc.yaml @@ -7,6 +7,10 @@ resources: resources: - name: Get OS Info type: root.cimv2/Win32_OperatingSystem + properties: + caption: + version: + osarchitecture: - name: Get BIOS Info type: root.cimv2/Win32_BIOS - name: Get Processor Info diff --git a/wmi-adapter/Tests/wmi.tests.ps1 b/wmi-adapter/Tests/wmi.tests.ps1 index e5d2115c..6fd033e3 100644 --- a/wmi-adapter/Tests/wmi.tests.ps1 +++ b/wmi-adapter/Tests/wmi.tests.ps1 @@ -40,18 +40,21 @@ Describe 'WMI adapter resource tests' { $r = Get-Content -Raw $configPath | dsc config get $LASTEXITCODE | Should -Be 0 $res = $r | ConvertFrom-Json - $res.results[0].result.actualState[0].LastBootUpTime | Should -Not -BeNull - $res.results[0].result.actualState[1].BiosCharacteristics | Should -Not -BeNull - $res.results[0].result.actualState[2].NumberOfLogicalProcessors | Should -Not -BeNull + $res.results[0].result.actualState[0].LastBootUpTime | Should -BeNullOrEmpty + $res.results[0].result.actualState[0].Caption | Should -Not -BeNullOrEmpty + $res.results[0].result.actualState[0].Version | Should -Not -BeNullOrEmpty + $res.results[0].result.actualState[0].OSArchitecture | Should -Not -BeNullOrEmpty } It 'Example config works' -Skip:(!$IsWindows) { - $configPath = Join-Path $PSScriptRoot '..\..\dsc\examples\wmi.dsc.yaml' + $configPath = Join-Path $PSScriptRoot '..\..\dsc\examples\wmi_inventory.dsc.yaml' $r = dsc config get -p $configPath $LASTEXITCODE | Should -Be 0 $r | Should -Not -BeNullOrEmpty $res = $r | ConvertFrom-Json - $res.results[0].result.actualState[0].Model | Should -Not -BeNullOrEmpty - $res.results[0].result.actualState[1].Description | Should -Not -BeNullOrEmpty + $res.results[0].result.actualState[0].Name | Should -Not -BeNullOrEmpty + $res.results[0].result.actualState[0].BootupState | Should -BeNullOrEmpty + $res.results[0].result.actualState[1].Caption | Should -Not -BeNullOrEmpty + $res.results[0].result.actualState[1].BuildNumber | Should -BeNullOrEmpty } } diff --git a/wmi-adapter/wmi.resource.ps1 b/wmi-adapter/wmi.resource.ps1 index 6eb2f88d..34d20354 100644 --- a/wmi-adapter/wmi.resource.ps1 +++ b/wmi-adapter/wmi.resource.ps1 @@ -13,6 +13,19 @@ $ProgressPreference = 'Ignore' $WarningPreference = 'Ignore' $VerbosePreference = 'Ignore' +function Write-Trace { + param( + [string]$message, + [string]$level = 'Error' + ) + + $trace = [pscustomobject]@{ + $level = $message + } | ConvertTo-Json -Compress + + $host.ui.WriteErrorLine($trace) +} + function IsConfiguration($obj) { if ($null -ne $obj.metadata -and $null -ne $obj.metadata.'Microsoft.DSC' -and $obj.metadata.'Microsoft.DSC'.context -eq 'Configuration') { return $true @@ -29,7 +42,6 @@ if ($Operation -eq 'List') { $version_string = ""; $author_string = ""; - $moduleName = ""; $propertyList = @() foreach ($p in $r.CimClassProperties) @@ -79,17 +91,37 @@ elseif ($Operation -eq 'Get') $wmi_namespace = $type_fields[0].Replace('.','\') $wmi_classname = $type_fields[1] - #TODO: add filtering based on supplied properties of $r - $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -ClassName $wmi_classname + #TODO: identify key properties and add WHERE clause to the query + if ($r.properties) + { + $query = "SELECT $($r.properties.psobject.properties.name -join ',') FROM $wmi_classname" + Write-Trace -Level Trace -message "Query: $query" + $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -Query $query + } + else + { + $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -ClassName $wmi_classname + } if ($wmi_instances) { $instance_result = @{} + # TODO: for a `Get`, they key property must be provided so a specific instance is returned rather than just the first $wmi_instance = $wmi_instances[0] # for 'Get' we return just first matching instance; for 'export' we return all instances $wmi_instance.psobject.properties | %{ if (($_.Name -ne "type") -and (-not $_.Name.StartsWith("Cim"))) { - $instance_result[$_.Name] = $_.Value + if ($r.properties) + { + if ($r.properties.psobject.properties.name -contains $_.Name) + { + $instance_result[$_.Name] = $_.Value + } + } + else + { + $instance_result[$_.Name] = $_.Value + } } } @@ -98,7 +130,7 @@ elseif ($Operation -eq 'Get') else { $errmsg = "Can not find type " + $r.type + "; please ensure that Get-CimInstance returns this resource type" - Write-Error $errmsg + Write-Trace $errmsg exit 1 } } @@ -114,7 +146,8 @@ elseif ($Operation -eq 'Get') if ($wmi_instances) { - $wmi_instance = $wmi_instances[0] # for 'Get' we return just first matching instance; for 'export' we return all instances + # TODO: there's duplicate code here between configuration and non-configuration execution and should be refactored into a helper + $wmi_instance = $wmi_instances[0] $result = @{} $wmi_instance.psobject.properties | %{ if (($_.Name -ne "type") -and (-not $_.Name.StartsWith("Cim"))) @@ -126,7 +159,7 @@ elseif ($Operation -eq 'Get') else { $errmsg = "Can not find type " + $inputobj_pscustomobj.type + "; please ensure that Get-CimInstance returns this resource type" - Write-Error $errmsg + Write-Trace $errmsg exit 1 } } @@ -140,5 +173,5 @@ elseif ($Operation -eq 'Validate') } else { - Write-Error "ERROR: Unsupported operation requested from wmigroup.resource.ps1" -} \ No newline at end of file + Write-Trace "ERROR: Unsupported operation requested from wmigroup.resource.ps1" +} From 1ec50fc0d66a6903b59543cad5377745f0a83f01 Mon Sep 17 00:00:00 2001 From: "Steve Lee (POWERSHELL HE/HIM) (from Dev Box)" Date: Sat, 14 Sep 2024 19:50:10 -0700 Subject: [PATCH 2/4] add filtering based on property values --- dsc/examples/wmi_inventory.dsc.yaml | 1 + wmi-adapter/Tests/wmi.tests.ps1 | 1 + wmi-adapter/wmi.resource.ps1 | 42 ++++++++++++++++++++++++++--- 3 files changed, 41 insertions(+), 3 deletions(-) diff --git a/dsc/examples/wmi_inventory.dsc.yaml b/dsc/examples/wmi_inventory.dsc.yaml index 300fc85d..9f004d1c 100644 --- a/dsc/examples/wmi_inventory.dsc.yaml +++ b/dsc/examples/wmi_inventory.dsc.yaml @@ -39,3 +39,4 @@ resources: adaptertype: netconnectionid: serviceName: + netconnectionstatus: 2 diff --git a/wmi-adapter/Tests/wmi.tests.ps1 b/wmi-adapter/Tests/wmi.tests.ps1 index 6fd033e3..2d2dd613 100644 --- a/wmi-adapter/Tests/wmi.tests.ps1 +++ b/wmi-adapter/Tests/wmi.tests.ps1 @@ -56,5 +56,6 @@ Describe 'WMI adapter resource tests' { $res.results[0].result.actualState[0].BootupState | Should -BeNullOrEmpty $res.results[0].result.actualState[1].Caption | Should -Not -BeNullOrEmpty $res.results[0].result.actualState[1].BuildNumber | Should -BeNullOrEmpty + $res.results[0].result.actualState[4].AdapterType | Should -BeLike "Ethernet*" } } diff --git a/wmi-adapter/wmi.resource.ps1 b/wmi-adapter/wmi.resource.ps1 index 34d20354..24e7bbcf 100644 --- a/wmi-adapter/wmi.resource.ps1 +++ b/wmi-adapter/wmi.resource.ps1 @@ -9,6 +9,11 @@ param( $stdinput ) +trap { + Write-Trace -Level Error -message $_.Exception.Message + exit 1 +} + $ProgressPreference = 'Ignore' $WarningPreference = 'Ignore' $VerbosePreference = 'Ignore' @@ -95,12 +100,43 @@ elseif ($Operation -eq 'Get') if ($r.properties) { $query = "SELECT $($r.properties.psobject.properties.name -join ',') FROM $wmi_classname" + $where = " WHERE " + $useWhere = $false + $first = $true + foreach ($property in $r.properties.psobject.properties) + { + if ($null -ne $property.value) + { + $useWhere = $true + if ($first) + { + $first = $false + } + else + { + $where += " AND " + } + + if ($property.TypeNameOfValue -eq "System.String") + { + $where += "$($property.Name) = '$($property.Value)'" + } + else + { + $where += "$($property.Name) = $($property.Value)" + } + } + } + if ($useWhere) + { + $query += $where + } Write-Trace -Level Trace -message "Query: $query" - $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -Query $query + $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -Query $query -ErrorAction Stop } else { - $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -ClassName $wmi_classname + $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -ClassName $wmi_classname -ErrorAction Stop } if ($wmi_instances) @@ -142,7 +178,7 @@ elseif ($Operation -eq 'Get') $wmi_classname = $type_fields[1] #TODO: add filtering based on supplied properties of $inputobj_pscustomobj - $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -ClassName $wmi_classname + $wmi_instances = Get-CimInstance -Namespace $wmi_namespace -ClassName $wmi_classname -ErrorAction Stop if ($wmi_instances) { From 4721a10830c922a3fe11ed93c87564e50f7d83ee Mon Sep 17 00:00:00 2001 From: "Steve Lee (POWERSHELL HE/HIM) (from Dev Box)" Date: Sun, 15 Sep 2024 07:38:48 -0700 Subject: [PATCH 3/4] add TODO note on validating properties --- wmi-adapter/wmi.resource.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/wmi-adapter/wmi.resource.ps1 b/wmi-adapter/wmi.resource.ps1 index 24e7bbcf..1bedc227 100644 --- a/wmi-adapter/wmi.resource.ps1 +++ b/wmi-adapter/wmi.resource.ps1 @@ -96,7 +96,7 @@ elseif ($Operation -eq 'Get') $wmi_namespace = $type_fields[0].Replace('.','\') $wmi_classname = $type_fields[1] - #TODO: identify key properties and add WHERE clause to the query + # TODO: identify key properties and add WHERE clause to the query if ($r.properties) { $query = "SELECT $($r.properties.psobject.properties.name -join ',') FROM $wmi_classname" @@ -105,6 +105,7 @@ elseif ($Operation -eq 'Get') $first = $true foreach ($property in $r.properties.psobject.properties) { + # TODO: validate property against the CIM class to give better error message if ($null -ne $property.value) { $useWhere = $true From f2da90972f73404627d29ae3e419af9caffd0a0c Mon Sep 17 00:00:00 2001 From: "Steve Lee (POWERSHELL HE/HIM) (from Dev Box)" Date: Tue, 17 Sep 2024 13:10:44 -0700 Subject: [PATCH 4/4] add comment on trap --- wmi-adapter/wmi.resource.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/wmi-adapter/wmi.resource.ps1 b/wmi-adapter/wmi.resource.ps1 index 1bedc227..908e987c 100644 --- a/wmi-adapter/wmi.resource.ps1 +++ b/wmi-adapter/wmi.resource.ps1 @@ -9,6 +9,7 @@ param( $stdinput ) +# catch any un-caught exception and write it to the error stream trap { Write-Trace -Level Error -message $_.Exception.Message exit 1