. $PSScriptRoot\..\..\Load-PesterModules.ps1 $here = Split-Path -Parent $MyInvocation.MyCommand.Path $sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.' $functionPath = Join-Path -Path $here -ChildPath $sut Write-Host "Overriding SUT: $functionPath" Import-Module $functionPath -Force $moduleForMock = "" Describe "Export-ACMCertificatesByName" { Mock -CommandName Get-AWSRegion -ModuleName $moduleForMock -MockWith { return @( @{ 'Region' = 'us-east-1' } ) } Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'Export-ACMCertificatesByName.tests' } Mock -CommandName Write-Warning -ModuleName $moduleForMock -MockWith {} Mock -CommandName Write-Error -ModuleName $moduleForMock -MockWith {} Mock -CommandName Join-Path -ModuleName $moduleForMock -MockWith { return "C:\Test" } Mock -CommandName New-Item -ModuleName $moduleForMock -MockWith {} Mock -CommandName Set-Content -ModuleName $moduleForMock -MockWith {} Mock -CommandName Get-ACMCertificateDetailsListByName -ModuleName $moduleForMock -MockWith {return @(@{CertificateArn = 'TestArn'; Serial = 'TestSerial'})} Mock -CommandName New-SecurePassword -ModuleName $moduleForMock -MockWith { return "GeneratedPW" } Mock -CommandName Start-Process -ModuleName $moduleForMock -MockWith {} Context "Logic" { It "Writes Warning If AWS ACM Certificate Export Throws" { Mock -CommandName Export-ACMCertificate -ModuleName $moduleForMock -MockWith { throw "Test1" } Export-ACMCertificatesByName -DomainName "Test" -Passphrase "TestPW" -ProfileName 'test' -Region 'us-east-1' | Out-Null Assert-MockCalled -CommandName Write-Warning ` -ParameterFilter { $Message -match "Unable to export ACM certificate ARN \[TestArn\] : Test1" } -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Export-ACMCertificate -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Get-ACMCertificateDetailsListByName -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName New-Item -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Set-Content -Times 0 -Exactly -Scope It } It "Generates Three Files On Success Without PFX Flag" { Mock -CommandName Export-ACMCertificate -ModuleName $moduleForMock -MockWith { return @{ Certificate = "TestCert"; CertificateChain = "TestChain"; PrivateKey = "TestKey"} } Export-ACMCertificatesByName -DomainName "Test" -Passphrase "TestPW" -ProfileName 'test' -Region 'us-east-1' | Out-Null Assert-MockCalled -CommandName Write-Warning -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Get-ACMCertificateDetailsListByName -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Export-ACMCertificate -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName New-Item -Times 2 -Exactly -Scope It Assert-MockCalled -CommandName Set-Content -Times 3 -Exactly -Scope It } It "Writes Error and Aborts If PFX Flag is Present But OpenSSL Is Not Detected" { Mock -CommandName Export-ACMCertificate -ModuleName $moduleForMock -MockWith { throw "Test1" } Mock -CommandName Get-Command -ModuleName $moduleForMock -MockWith { return $null } Export-ACMCertificatesByName -DomainName "Test" -Passphrase "TestPW" -ProfileName 'test' -Region 'us-east-1' -GeneratePfx | Out-Null Assert-MockCalled -CommandName Write-Error ` -ParameterFilter { $Message -match "GeneratePfx flag was provided but OpenSSL command was not found on your system" } -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Get-Command -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Export-ACMCertificate -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Get-ACMCertificateDetailsListByName -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName New-Item -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Set-Content -Times 0 -Exactly -Scope It } It "Generates PFX File On Success If PFX Flag is Present and OpenSSL Is Detected" { Mock -CommandName Export-ACMCertificate -ModuleName $moduleForMock -MockWith { return @{ Certificate = "TestCert"; CertificateChain = "TestChain"; PrivateKey = "TestKey" } } Mock -CommandName Get-Command -ModuleName $moduleForMock -MockWith { return @{ Source = "C:\OpenSSL.exe" } } Export-ACMCertificatesByName -DomainName "Test" -Passphrase "TestPW" -ProfileName 'test' -Region 'us-east-1' -GeneratePfx | Out-Null Assert-MockCalled -CommandName Write-Error -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Write-Warning -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Get-Command -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Get-ACMCertificateDetailsListByName -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Export-ACMCertificate -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName New-Item -Times 2 -Exactly -Scope It Assert-MockCalled -CommandName Set-Content -Times 3 -Exactly -Scope It Assert-MockCalled -CommandName Start-Process ` -ParameterFilter { $FilePath -eq "C:\OpenSSL.exe" } -Times 1 -Exactly -Scope It } It "Sanitizes Domain Name for PFX File" { $testDomain = "*.test.com" $sanitizedDomain = "_.test.com" Mock -CommandName Export-ACMCertificate -ModuleName $moduleForMock -MockWith { return @{ Certificate = "TestCert"; CertificateChain = "TestChain"; PrivateKey = "TestKey" } } Mock -CommandName Get-Command -ModuleName $moduleForMock -MockWith { return @{ Source = "C:\OpenSSL.exe" } } Export-ACMCertificatesByName -DomainName $testDomain -Passphrase "TestPW" -ProfileName 'test' -Region 'us-east-1' -GeneratePfx | Out-Null Assert-MockCalled -CommandName Write-Error -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Write-Warning -Times 0 -Exactly -Scope It Assert-MockCalled -CommandName Get-Command -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Get-ACMCertificateDetailsListByName -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Export-ACMCertificate -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName New-Item -Times 2 -Exactly -Scope It Assert-MockCalled -CommandName Set-Content -Times 3 -Exactly -Scope It Assert-MockCalled -CommandName Start-Process -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName Join-Path ` -ParameterFilter { $ChildPath -eq "$sanitizedDomain.pfx" } -Times 1 -Exactly -Scope It } } Context "Inputs" { Mock -CommandName Export-ACMCertificate -ModuleName $moduleForMock -MockWith { return @{ Certificate = "TestCert"; CertificateChain = "TestChain"; PrivateKey = "TestKey"} } It "Uses Passphrase if Provided" { Export-ACMCertificatesByName -DomainName "Test" -Passphrase "TestPW" -ProfileName 'test' -Region 'us-east-1' Assert-MockCalled -CommandName Export-ACMCertificate ` -ParameterFilter { [System.Text.Encoding]::ASCII.GetString($Passphrase) -match 'TestPW' } -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName New-SecurePassword -Times 0 -Exactly -Scope It } It "Uses Generated Passphrase if Not Provided" { Export-ACMCertificatesByName -DomainName "Test" -ProfileName 'test' -Region 'us-east-1' Assert-MockCalled -CommandName Export-ACMCertificate ` -ParameterFilter { [System.Text.Encoding]::ASCII.GetString($Passphrase) -match 'GeneratedPW' } -Times 1 -Exactly -Scope It Assert-MockCalled -CommandName New-SecurePassword -Times 1 -Exactly -Scope It } } }