Signing (pester#1156)

Add signing code and Bump to 4.4.3-beta1

CHANGELOG.md

@@ -1,3 +1,10 @@
+## 4.4.3-beta1 (November 27, 2018)
+ - Fix InModuleScope when using unbound scriptBlock [GH-1146]
+ - Allow multiple aliases for an assertion [GH-1122]
+ - Update Invoke-Pester docs to favor -Show None over -Quiet [GH-1125]
+ - Fix taking multiple instances of id or uname [GH-1126]
+ - Sign the module
+
 ## 4.4.2 (October 3, 2018)
  - Remove single quotes when expanding strings in test name [GH-1090]
  - Get environment info on non-windows platforms [GH-1105]

Pester.Tests.ps1

@@ -356,7 +356,7 @@ Describe 'Assertion operators' {
     It 'Allows an operator to be registered with multiple aliases' {
         function MultipleAlias {$true}
         Add-AssertionOperator -Name MultipleAlias -Test $Function:MultipleAlias -Alias mult, multiple
-        
+
         {Add-AssertionOperator -Name MultipleAlias -Test $Function:MultipleAlias -Alias mult, multiple} | Should -Not -Throw
     }
     It 'Does not allow an operator with a different test to be registered using an existing name' {

Pester.psd1

@@ -4,7 +4,7 @@
 ModuleToProcess = 'Pester.psm1'
 
 # Version number of this module.
-ModuleVersion = '4.4.2'
+ModuleVersion = '4.4.3'
 
 # ID used to uniquely identify this module
 GUID = 'a699dea5-2c73-4616-a270-1f7abb777e71'
@@ -122,10 +122,10 @@ PrivateData = @{
         LicenseUri = "https://www.apache.org/licenses/LICENSE-2.0.html"
 
         # Release notes for this particular version of the module
-        ReleaseNotes = 'https://github.com/pester/Pester/releases/tag/4.4.2'
+        ReleaseNotes = 'https://github.com/pester/Pester/releases/tag/4.4.3-beta1'
 
         # Prerelease string of this module
-        Prerelease = ''
+        Prerelease = 'beta1'
     }
 }
 

buildNugetPackage.ps1

@@ -14,14 +14,6 @@ try
     $version = git.exe describe --abbrev=0 --tags
     Write-Verbose "Version $version"
 
-    if (Test-Path $buildDir) {
-        Write-Verbose "Removing build dir"
-        Remove-Item $buildDir -Recurse -Force -Confirm:$false -Verbose
-    }
-
-    Write-Verbose "Removing all Test Files"
-    Get-ChildItem $baseDir -Recurse -Filter *.Tests.ps1 | Remove-Item -Force -Verbose
-
     Write-Verbose "Creating $buildDir"
     mkdir $buildDir
     Write-Verbose "Building package"

buildPSGalleryPackage.ps1

@@ -5,23 +5,18 @@ $baseDir = $PSScriptRoot
 try
 {
     $buildDir = "$baseDir\build\psgallery\Pester"
-    if (Test-Path $buildDir) {
-        Write-Verbose 'Removing build folder'
-        Remove-Item -LiteralPath $buildDir -Recurse -Force -Confirm:$false -Verbose
-    }
-
     $null = New-Item -Path $buildDir -ItemType Directory -Verbose
 
     Write-Verbose "Copying release files to build folder '$buildDir'"
     Copy-Item $baseDir\Pester.ps?1          $buildDir\
     Copy-Item $baseDir\LICENSE              $buildDir\
     Copy-Item $baseDir\nunit_schema_2.5.xsd $buildDir\
-    Copy-Item $baseDir\bin                  $buildDir\ -Recurse -Exclude *.tests.ps1
-    Copy-Item $baseDir\Functions            $buildDir\ -Recurse -Exclude *.tests.ps1
-    Copy-Item $baseDir\Dependencies         $buildDir\ -Recurse -Exclude *.tests.ps1
-    Copy-Item $baseDir\Snippets             $buildDir\ -Recurse -Exclude *.tests.ps1
-    Copy-Item $baseDir\en-US                $buildDir\ -Recurse -Exclude *.tests.ps1
-    Copy-Item $baseDir\lib                  $buildDir\ -Recurse -Exclude *.tests.ps1
+    Copy-Item $baseDir\bin                  $buildDir\ -Recurse
+    Copy-Item $baseDir\Functions            $buildDir\ -Recurse
+    Copy-Item $baseDir\Dependencies         $buildDir\ -Recurse
+    Copy-Item $baseDir\Snippets             $buildDir\ -Recurse
+    Copy-Item $baseDir\en-US                $buildDir\ -Recurse
+    Copy-Item $baseDir\lib                  $buildDir\ -Recurse
 
     Write-Verbose 'Copy complete. Contents:'
     Get-ChildItem $buildDir -Recurse | Out-Host

cleanUpBeforeBuild.ps1

@@ -0,0 +1,27 @@
+# cleaning up remains of previous builds
+# examples and all test files
+# in the next step we sign all scripts so
+# we want to reduce how many files will be signed
+#
+# this clean up is not removing all unneeded files,
+# it only removes the main parts
+# each package then decides what will be part of it
+
+$buildDir = "$PSScriptRoot\build"
+if (Test-Path $buildDir) {
+    Write-Verbose "Removing build dir"
+    Remove-Item $buildDir -Recurse -Force -Confirm:$false -Verbose
+}
+
+if (Test-Path "$PSScriptRoot\Examples") {
+    Write-Verbose "Removing all examples"
+    Remove-Item "$PSScriptRoot\Examples" -Recurse -Force -Confirm:$false -Verbose
+}
+
+if (Test-Path "$PSScriptRoot\doc") {
+    Write-Verbose "Removing docs"
+    Remove-Item "$PSScriptRoot\doc" -Recurse -Force -Confirm:$false -Verbose
+}
+
+Write-Verbose "Removing all Test Files"
+Get-ChildItem $PSScriptRoot -Recurse -Filter *.Tests.ps1 | Remove-Item -Force -Verbose

signModule.ps1

@@ -0,0 +1,40 @@
+$ErrorActionPreference = 'Stop'
+$cert = Get-ChildItem Cert:\CurrentUser\My | 
+    Where Thumbprint -eq "CC1168BAFCDA3B1A5E532DA87E80A4DD69BCAEB1"
+
+if ($null -eq $cert) {
+    throw "No certificate was found."
+}
+
+if ($cert.Lenght -gt 1) {
+    throw "More than one cerfificate with the given thumbprint was found."
+}
+
+"Signing Files"
+$files = Get-ChildItem -Recurse -ErrorAction SilentlyContinue |
+    Where-Object { $_.Extension -in ".ps1", ".psm1", ".psd1", ".dll" } |
+    Select-Object -ExpandProperty FullName
+
+$incorrectSignatures =  Get-AuthenticodeSignature -FilePath $files | Where-Object { "Valid","NotSigned" -notcontains $_.Status }
+if ($incorrectSignatures) {
+    throw "There are items in the repository that are signed but their signature is invalid, review:`n$($incorrectSignatures | Out-String)`n"
+}
+
+$filesToSign = $files | Where-Object { "NotSigned" -eq  (Get-AuthenticodeSignature -FilePath $_ ).Status }
+
+if (-not @($filesToSign)) {
+    return "There are no files to sign, all the files in the repository are already signed."
+}
+
+$results =  $filesToSign |
+    ForEach-Object {
+        $r = Set-AuthenticodeSignature $_ -Certificate $cert -TimestampServer 'http://timestamp.digicert.com' -ErrorAction Stop
+        $r | Out-String | Write-Host
+        $r
+    }
+
+$failed = $results | Where-Object { $_.Status -ne "Valid" }
+
+if ($failed) {
+    throw "Failed signing $($failed.Path -join "`n")"
+}