search

WahlNetwork / vester

Easily validate and remediate your vSphere configuration
https://wahlnetwork.com
Apache License 2.0
146 stars 45 forks source link

Additional Security Configuration Tests #100

Closed haberstrohr closed 7 years ago

haberstrohr commented 7 years ago

Fixing some old tests that I missed on the format change and adding new tests to the fold.

brianbunke commented 7 years ago

Man. So many hardening guide tests have no default value, and are tough to validate from my layman's perspective. 😕

I trust you, though. 😉

I was going to comment on your use of [0] vs. [1] in the $Actual block of the VDS tests, and then I went to verify for myself. SPOILER ALERT: If you continue reading, you're about to burn some brain cells.

C:\> (Get-VDSwitch)[0].ExtensionData.Config.HealthCheckConfig | fl *

Enable   : False
Interval : 0

Enable   : False
Interval : 0

You mentioned changing a test type in #103. I'm holding off for a bit in case you want to test that out, but let me know if you just want me to rubber stamp this.

haberstrohr commented 7 years ago

I will definitely test some more. I ran into an error when I tried using bool[] as a type, but don't recall what it was. I ultimately felt splitting the test / fix actions for the specific HealthCheck settings was the right call for long term use.

For my sanity, I'm logging this to the Internet, but why would you have two values under a single setting? Especially since the settings are technically under different type names. 

PowerCLI C:\> $object.ExtensionData.Config.HealthCheckConfig | gm

   TypeName: VMware.Vim.VMwareDVSVlanMtuHealthCheckConfig

Name        MemberType Definition
----        ---------- ----------
Equals      Method     bool Equals(System.Object obj)
GetHashCode Method     int GetHashCode()
GetType     Method     type GetType()
ToString    Method     string ToString()
Enable      Property   System.Nullable[bool] Enable {get;set;}
Interval    Property   System.Nullable[int] Interval {get;set;}

   TypeName: VMware.Vim.VMwareDVSTeamingHealthCheckConfig

Name        MemberType Definition
----        ---------- ----------
Equals      Method     bool Equals(System.Object obj)
GetHashCode Method     int GetHashCode()
GetType     Method     type GetType()
ToString    Method     string ToString()
Enable      Property   System.Nullable[bool] Enable {get;set;}
Interval    Property   System.Nullable[int] Interval {get;set;}
haberstrohr commented 7 years ago

Ugh of course now bool[] works... I'm testing in a different environment but wouldn't think that would cause any difference in results. I'm guessing that I was just trying things and had a typo that led me to believe that type wasn't allowed. Good to know for future instances.

brianbunke commented 7 years ago

I want to like that Get-Member five times. Let me know if you want to make any changes, or if you're ready for me to merge this in.

haberstrohr commented 7 years ago

I'm good with how the tests are. We can revisit if others have concerns. Get-Member is my best friend in trying to understand what I'm doing wrong which of course means I use it a lot. 😄

brianbunke commented 7 years ago

:shipit: