Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for DSC 2.0/Guest Configuration #1204

Open
calrepo opened this issue Feb 10, 2023 · 1 comment
Open

Support for DSC 2.0/Guest Configuration #1204

calrepo opened this issue Feb 10, 2023 · 1 comment

Comments

@calrepo
Copy link

calrepo commented Feb 10, 2023
edited
Loading

Is your feature request related to a problem? Please describe.
There is no .net core based equivalent for the Windows module ServerManager, which is used extensively with commands like Get-WindowsFeature. When running PowerStig in PS Core via DSC 2.0/Azure Policy Guest Configuration/Automanage, this will cause PowerStig to fail for those ServerManager module dependent commands.

Describe the solution you'd like
PS7 Core has backwards compatibility and can make use of the older .net resources, however, when running in Guest Configuration, it does not see the Windows modules because the PS module path in the system32 folder is not a part of the Guest Configurations module path.

I'd like to see a built-in check across the board for the Windows PS Module path when there is a dependency, and if it does not exist, add it.

Describe alternatives you've considered
I am making this work in Guest Configuration by creating a script object in DSC as the first in the MOF that adds the Windows module folder to the process path.

Here is my "set":

$oldPSModulePath = [Environment]::GetEnvironmentVariable('PSModulePath', 'Process');
if ($oldPSModulePath -notmatch 'windowspowershell\\v1.0\\Modules') {
   $newPSModulePath = $oldPSModulePath + ';c:\Windows\system32\windowspowershell\v1.0\Modules'; 
   [Environment]::SetEnvironmentVariable('PSModulePath', $newPSModulePath, 'Process')
   Write-Verbose "WindowsPowerShell Path is missing, updated session Environment Variable to include it in the PSModules path!"

I am sure this can be done much more elegantly, but this works for now.

Additional context
https://learn.microsoft.com/en-us/powershell/dsc/overview?view=dsc-2.0
https://www.powershellgallery.com/packages/GuestConfiguration/4.2.0
@camusicjunkie
Copy link
Contributor

Support for DSC 2.0 and Invoke-DscResource would be hugely beneficial. PowerSTIG, only using composite resources, doesn't allow for the use of Invoke-DscResource which makes PowerSTIG unusable with things like Ansible. Is there a way PowerSTIG could be extended to allow for the use of Invoke-DscResource?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@camusicjunkie @calrepo