diff --git a/Tasks/IISWebAppManagementOnMachineGroup/Strings/resources.resjson/en-US/resources.resjson b/Tasks/IISWebAppManagementOnMachineGroup/Strings/resources.resjson/en-US/resources.resjson
index d8cd52ceb24c..c4523ab82360 100644
--- a/Tasks/IISWebAppManagementOnMachineGroup/Strings/resources.resjson/en-US/resources.resjson
+++ b/Tasks/IISWebAppManagementOnMachineGroup/Strings/resources.resjson/en-US/resources.resjson
@@ -25,7 +25,7 @@
"loc.input.label.WebsiteAuthUserName": "Username",
"loc.input.help.WebsiteAuthUserName": "Provide the user name that will be used to access the website's physical path.",
"loc.input.label.WebsiteAuthUserPassword": "Password",
- "loc.input.help.WebsiteAuthUserPassword": "Provide the user's password that will be used to access the website's physical path.",
+ "loc.input.help.WebsiteAuthUserPassword": "Provide the user's password that will be used to access the website's physical path.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments",
"loc.input.label.AddBinding": "Add binding",
"loc.input.help.AddBinding": "Select the option to add port binding for the website.",
"loc.input.label.Protocol": "Protocol",
@@ -57,7 +57,7 @@
"loc.input.label.AppPoolUsernameForWebsite": "Username",
"loc.input.help.AppPoolUsernameForWebsite": "Provide the username of the custom account that you want to use.",
"loc.input.label.AppPoolPasswordForWebsite": "Password",
- "loc.input.help.AppPoolPasswordForWebsite": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'. ",
+ "loc.input.help.AppPoolPasswordForWebsite": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments",
"loc.input.label.ParentWebsiteNameForVD": "Parent website name",
"loc.input.help.ParentWebsiteNameForVD": "Provide the name of the parent Website of the virtual directory.",
"loc.input.label.VirtualPathForVD": "Virtual path",
@@ -69,7 +69,7 @@
"loc.input.label.VDAuthUserName": "Username",
"loc.input.help.VDAuthUserName": "Provide the user name that will be used to access the virtual directory's physical path.",
"loc.input.label.VDAuthUserPassword": "Password",
- "loc.input.help.VDAuthUserPassword": "Provide the user's password that will be used to access the virtual directory's physical path.",
+ "loc.input.help.VDAuthUserPassword": "Provide the user's password that will be used to access the virtual directory's physical path.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments",
"loc.input.label.ParentWebsiteNameForApplication": "Parent website name",
"loc.input.help.ParentWebsiteNameForApplication": "Provide the name of the parent Website under which the application will be created or updated.",
"loc.input.label.VirtualPathForApplication": "Virtual path",
@@ -81,7 +81,7 @@
"loc.input.label.ApplicationAuthUserName": "Username",
"loc.input.help.ApplicationAuthUserName": "Provide the user name that will be used to access the application's physical path.",
"loc.input.label.ApplicationAuthUserPassword": "Password",
- "loc.input.help.ApplicationAuthUserPassword": "Provide the user's password that will be used to access the application's physical path.",
+ "loc.input.help.ApplicationAuthUserPassword": "Provide the user's password that will be used to access the application's physical path.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments",
"loc.input.label.CreateOrUpdateAppPoolForApplication": "Create or update app pool",
"loc.input.help.CreateOrUpdateAppPoolForApplication": "Select the option to create or update an application pool. If checked, the application will be created in the specified app pool.",
"loc.input.label.AppPoolNameForApplication": "Name",
@@ -95,7 +95,7 @@
"loc.input.label.AppPoolUsernameForApplication": "Username",
"loc.input.help.AppPoolUsernameForApplication": "Provide the username of the custom account that you want to use.",
"loc.input.label.AppPoolPasswordForApplication": "Password",
- "loc.input.help.AppPoolPasswordForApplication": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.",
+ "loc.input.help.AppPoolPasswordForApplication": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments",
"loc.input.label.AppPoolName": "Name",
"loc.input.help.AppPoolName": "Provide the name of the IIS application pool to create or update.",
"loc.input.label.DotNetVersion": ".NET version",
@@ -107,7 +107,7 @@
"loc.input.label.AppPoolUsername": "Username",
"loc.input.help.AppPoolUsername": "Provide the username of the custom account that you want to use.",
"loc.input.label.AppPoolPassword": "Password",
- "loc.input.help.AppPoolPassword": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.",
+ "loc.input.help.AppPoolPassword": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments",
"loc.input.label.StartStopRecycleAppPoolName": "Application pool name",
"loc.input.help.StartStopRecycleAppPoolName": "Provide the name of the IIS application pool.",
"loc.input.label.AppCmdCommands": "Additional appcmd.exe commands",
@@ -116,5 +116,6 @@
"loc.messages.InvalidVirtualPath": "Virtual path should begin with a /",
"loc.messages.InvalidIISDeploymentType": "Invalid IIS Deployment Type : {0}",
"loc.messages.InvalidActionIISWebsite": "Invalid action '{0}' selected for the IIS Website.",
- "loc.messages.InvalidActionIISAppPool": "Invalid action '{0}' selected for the IIS Application Pool."
+ "loc.messages.InvalidActionIISAppPool": "Invalid action '{0}' selected for the IIS Application Pool.",
+ "loc.messages.SSLCertWarningInvalidCharacters": "SSL Certificate thumbprint contains non-hexadecimal characters. Trimming all non-hexadecimal characters."
}
\ No newline at end of file
diff --git a/Tasks/IISWebAppManagementOnMachineGroup/Tests/L0.ts b/Tasks/IISWebAppManagementOnMachineGroup/Tests/L0.ts
index 7f518868704e..4705f5732c07 100644
--- a/Tasks/IISWebAppManagementOnMachineGroup/Tests/L0.ts
+++ b/Tasks/IISWebAppManagementOnMachineGroup/Tests/L0.ts
@@ -36,11 +36,11 @@ describe('IISWebAppManagementOnMachineGroup Suite', function () {
psr.run(path.join(__dirname, 'L0AppcmdAddUpdateWebsite.ps1'), done);
})
- it('test website add binding', (done) => {
+ it('test add binding for website', (done) => {
psr.run(path.join(__dirname, 'L0AppcmdTestBinding.ps1'), done);
})
- it('test sni and sslcert addition', (done) => {
+ it('test sni and sslcert addition for https binding', (done) => {
psr.run(path.join(__dirname, 'L0AppcmdTestSSLandSNI.ps1'), done);
})
@@ -56,40 +56,40 @@ describe('IISWebAppManagementOnMachineGroup Suite', function () {
psr.run(path.join(__dirname, 'L0AppcmdTestApplicationExists.ps1'), done);
})
- it('test add and update application function', (done) => {
+ it('test add and update application', (done) => {
psr.run(path.join(__dirname, 'L0AppcmdAddUpdateApplication.ps1'), done);
})
- it('test virtual directory exists function', (done) => {
+ it('test virtual directory exists', (done) => {
psr.run(path.join(__dirname, 'L0AppcmdTestVirtualDirExists.ps1'), done);
})
- it('test add and update virtual directory function', (done) => {
+ it('test add and update virtual directory', (done) => {
psr.run(path.join(__dirname, 'L0AppcmdAddUpdateVDir.ps1'), done);
})
- it('test additional actions', (done) => {
+ it('test additional actions for website and application pool', (done) => {
psr.run(path.join(__dirname, 'L0AppcmdAdditionalActions.ps1'), done);
})
- it('test execute-main function', (done) => {
+ it('test execute main for appcmd', (done) => {
psr.run(path.join(__dirname, 'L0AppcmdExecuteMain.ps1'), done);
})
- it('test iis manage utility - manage virtual directory', (done) => {
- psr.run(path.join(__dirname, 'L0UtilityManageVDir.ps1'), done);
+ it('test iis manage utility - manage website', (done) => {
+ psr.run(path.join(__dirname, 'L0UtilityManageWebsite.ps1'), done);
})
-
+
it('test iis manage utility - manage application', (done) => {
psr.run(path.join(__dirname, 'L0UtilityManageApp.ps1'), done);
})
+ it('test iis manage utility - manage virtual directory', (done) => {
+ psr.run(path.join(__dirname, 'L0UtilityManageVDir.ps1'), done);
+ })
+
it('test iis manage utility - manage application pool', (done) => {
psr.run(path.join(__dirname, 'L0UtilityManageAppPool.ps1'), done);
})
-
- it('test iis manage utility - manage website', (done) => {
- psr.run(path.join(__dirname, 'L0UtilityManageWebsite.ps1'), done);
- })
}
});
\ No newline at end of file
diff --git a/Tasks/IISWebAppManagementOnMachineGroup/Utility.ps1 b/Tasks/IISWebAppManagementOnMachineGroup/Utility.ps1
index 05549752e4bd..a87ae4dc33b1 100644
--- a/Tasks/IISWebAppManagementOnMachineGroup/Utility.ps1
+++ b/Tasks/IISWebAppManagementOnMachineGroup/Utility.ps1
@@ -226,7 +226,17 @@ function Trim-Inputs([ref]$siteName, [ref]$physicalPath, [ref]$poolName, [ref]$v
}
if ($sslCertThumbPrint -ne $null)
{
- $sslCertThumbPrint.Value = $sslCertThumbPrint.Value.Trim()
+ # Trim all non-hexadecimal characters from the ssl cetificate thumbprint
+ if([regex]::IsMatch($sslCertThumbPrint.Value, "[^a-fA-F0-9]+"))
+ {
+ Write-Warning (Get-VstsLocString -Key "SSLCertWarningInvalidCharacters")
+ }
+
+ $sslCertThumbprint.Value = [Regex]::Replace($sslCertThumbprint.Value, "[^a-fA-F0-9]+" , "")
+
+ # Mark the SSL thumbprint value to be a secret value
+ $sslCertThumbprintValue = $sslCertThumbprint.Value
+ Write-Host "##vso[task.setvariable variable=f13679253bf44b74afbd244ae83ca735;isSecret=true]$sslCertThumbprintValue"
}
}
diff --git a/Tasks/IISWebAppManagementOnMachineGroup/task.json b/Tasks/IISWebAppManagementOnMachineGroup/task.json
index 04f9433e0347..acde0b405140 100644
--- a/Tasks/IISWebAppManagementOnMachineGroup/task.json
+++ b/Tasks/IISWebAppManagementOnMachineGroup/task.json
@@ -16,7 +16,7 @@
"version": {
"Major": 0,
"Minor": 2,
- "Patch": 0
+ "Patch": 1
},
"minimumAgentVersion": "2.111.0",
"instanceNameFormat": "Manage $(IISDeploymentType)",
@@ -153,7 +153,7 @@
"groupName": "Website",
"defaultValue": "",
"visibleRule": "WebsitePhysicalPathAuth = WebsiteWindowsAuth",
- "helpMarkDown": "Provide the user's password that will be used to access the website's physical path."
+ "helpMarkDown": "Provide the user's password that will be used to access the website's physical path.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments"
},
{
"name": "AddBinding",
@@ -326,7 +326,7 @@
"defaultValue": "",
"required": false,
"groupName": "ApplicationPoolForWebsite",
- "helpMarkDown": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'. ",
+ "helpMarkDown": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments",
"visibleRule": "AppPoolIdentityForWebsite = SpecificUser"
},
{
@@ -385,7 +385,7 @@
"required": false,
"defaultValue": "",
"visibleRule": "VDPhysicalPathAuth = VDWindowsAuth",
- "helpMarkDown": "Provide the user's password that will be used to access the virtual directory's physical path."
+ "helpMarkDown": "Provide the user's password that will be used to access the virtual directory's physical path.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments"
},
{
"name": "ParentWebsiteNameForApplication",
@@ -443,7 +443,7 @@
"required": false,
"defaultValue": "",
"visibleRule": "ApplicationPhysicalPathAuth = ApplicationWindowsAuth",
- "helpMarkDown": "Provide the user's password that will be used to access the application's physical path."
+ "helpMarkDown": "Provide the user's password that will be used to access the application's physical path.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments"
},
{
"name": "CreateOrUpdateAppPoolForApplication",
@@ -524,7 +524,7 @@
"required": false,
"groupName": "ApplicationPoolForApplication",
"visibleRule": "AppPoolIdentityForApplication = SpecificUser",
- "helpMarkDown": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'."
+ "helpMarkDown": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments"
},
{
"name": "AppPoolName",
@@ -596,7 +596,7 @@
"required": false,
"groupName": "ApplicationPool",
"visibleRule": "AppPoolIdentity = SpecificUser",
- "helpMarkDown": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'."
+ "helpMarkDown": "Provide the password for custom account.
The best practice is to create a variable in the Build or Release definition, and mark it as 'Secret' to secure it, and then use it here, like '$(userCredentials)'.
Note: Special characters in password are interpreted as per command-line arguments"
},
{
"name": "StartStopRecycleAppPoolName",
@@ -627,7 +627,8 @@
"InvalidVirtualPath": "Virtual path should begin with a /",
"InvalidIISDeploymentType": "Invalid IIS Deployment Type : {0}",
"InvalidActionIISWebsite": "Invalid action '{0}' selected for the IIS Website.",
- "InvalidActionIISAppPool": "Invalid action '{0}' selected for the IIS Application Pool."
+ "InvalidActionIISAppPool": "Invalid action '{0}' selected for the IIS Application Pool.",
+ "SSLCertWarningInvalidCharacters": "SSL Certificate thumbprint contains non-hexadecimal characters. Trimming all non-hexadecimal characters."
}
}
\ No newline at end of file
diff --git a/Tasks/IISWebAppManagementOnMachineGroup/task.loc.json b/Tasks/IISWebAppManagementOnMachineGroup/task.loc.json
index 3a0a8cfc464f..053b8eb8face 100644
--- a/Tasks/IISWebAppManagementOnMachineGroup/task.loc.json
+++ b/Tasks/IISWebAppManagementOnMachineGroup/task.loc.json
@@ -16,7 +16,7 @@
"version": {
"Major": 0,
"Minor": 2,
- "Patch": 0
+ "Patch": 1
},
"minimumAgentVersion": "2.111.0",
"instanceNameFormat": "ms-resource:loc.instanceNameFormat",
@@ -627,6 +627,7 @@
"InvalidVirtualPath": "ms-resource:loc.messages.InvalidVirtualPath",
"InvalidIISDeploymentType": "ms-resource:loc.messages.InvalidIISDeploymentType",
"InvalidActionIISWebsite": "ms-resource:loc.messages.InvalidActionIISWebsite",
- "InvalidActionIISAppPool": "ms-resource:loc.messages.InvalidActionIISAppPool"
+ "InvalidActionIISAppPool": "ms-resource:loc.messages.InvalidActionIISAppPool",
+ "SSLCertWarningInvalidCharacters": "ms-resource:loc.messages.SSLCertWarningInvalidCharacters"
}
}
\ No newline at end of file