Additional Security Configuration Tests

[haberstrohr]

Fixing some old tests that I missed on the format change and adding new tests to the fold.

[brianbunke]

Requesting review on both VDS test $Fix blocks

[brianbunke]

This only works for me if I do (Get-View -VIObject $Object).Name. Do you mind confirming?

[haberstrohr]

Wrapping it in a parathensis returns just the object name, which is not the intended result.

C:\> (get-view -VIObject $object).name
Test-vDSwitch

I wanted to return the actual object, though I don't recall why I added the .name at the end of the $object variable, as simply leaving it as Get-View -VIObject $object returns the same desired results. If that works I can update the two VDS tests.

[brianbunke]

Oh, right, I'm talking crazy. Either way works for me, I'll approve now and let you decide. Thanks for setting me straight.

[brianbunke]

Man. So many hardening guide tests have no default value, and are tough to validate from my layman's perspective. 😕

I trust you, though. 😉

I was going to comment on your use of [0] vs. [1] in the $Actual block of the VDS tests, and then I went to verify for myself. SPOILER ALERT: If you continue reading, you're about to burn some brain cells.

C:\> (Get-VDSwitch)[0].ExtensionData.Config.HealthCheckConfig | fl *

Enable   : False
Interval : 0

Enable   : False
Interval : 0

You mentioned changing a test type in #103. I'm holding off for a bit in case you want to test that out, but let me know if you just want me to rubber stamp this.

[haberstrohr]

I will definitely test some more. I ran into an error when I tried using bool[] as a type, but don't recall what it was. I ultimately felt splitting the test / fix actions for the specific HealthCheck settings was the right call for long term use.

For my sanity, I'm logging this to the Internet, but why would you have two values under a single setting? Especially since the settings are technically under different type names.

PowerCLI C:\> $object.ExtensionData.Config.HealthCheckConfig | gm


   TypeName: VMware.Vim.VMwareDVSVlanMtuHealthCheckConfig

Name        MemberType Definition
----        ---------- ----------
Equals      Method     bool Equals(System.Object obj)
GetHashCode Method     int GetHashCode()
GetType     Method     type GetType()
ToString    Method     string ToString()
Enable      Property   System.Nullable[bool] Enable {get;set;}
Interval    Property   System.Nullable[int] Interval {get;set;}


   TypeName: VMware.Vim.VMwareDVSTeamingHealthCheckConfig

Name        MemberType Definition
----        ---------- ----------
Equals      Method     bool Equals(System.Object obj)
GetHashCode Method     int GetHashCode()
GetType     Method     type GetType()
ToString    Method     string ToString()
Enable      Property   System.Nullable[bool] Enable {get;set;}
Interval    Property   System.Nullable[int] Interval {get;set;}

[haberstrohr]

Ugh of course now bool[] works... I'm testing in a different environment but wouldn't think that would cause any difference in results. I'm guessing that I was just trying things and had a typo that led me to believe that type wasn't allowed. Good to know for future instances.

[brianbunke]

I want to like that Get-Member five times. Let me know if you want to make any changes, or if you're ready for me to merge this in.

[haberstrohr]

I'm good with how the tests are. We can revisit if others have concerns. Get-Member is my best friend in trying to understand what I'm doing wrong which of course means I use it a lot. 😄

[brianbunke]