lsi-puppet
diff --git a/‎.fixtures.yml‎
Lines changed: 4 additions & 0 deletions b/‎.fixtures.yml‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎.sync.yml‎
Lines changed: 2 additions & 17 deletions b/‎.sync.yml‎
Lines changed: 2 additions & 17 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 15 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎Gemfile‎
Lines changed: 3 additions & 2 deletions b/‎Gemfile‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 25 additions & 22 deletions b/‎README.md‎
Lines changed: 25 additions & 22 deletions
diff --git a/‎appveyor.yml‎
Lines changed: 1 addition & 1 deletion b/‎appveyor.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/puppet/provider/exec/powershell.rb‎
Lines changed: 60 additions & 11 deletions b/‎lib/puppet/provider/exec/powershell.rb‎
Lines changed: 60 additions & 11 deletions
@@ -0,0 +1,4 @@
+fixtures:
+  forge_modules:
+  symlinks:
+    "powershell": "#{source_dir}"
@@ -6,21 +6,6 @@
     env: PUPPET_GEM_VERSION="3.0.0"
 Gemfile:
   supports_windows: true
-  required:
-    ':development':
-      - gem: rake
-      - gem: rspec
-        version: '~>3.0.0'
-      - gem: puppet-lint
-      - gem: puppetlabs_spec_helper
-        version: '~>0.10.3'
-      - gem: puppet_facts
-      - gem: mocha
-        version: '~>0.10.5'
-    ':system_tests':
-      - gem: beaker
-      - gem: beaker-rspec
-      - gem: beaker-puppet_install_helper
 Rakefile:
   unmanaged: true
 spec/spec_helper.rb:
@@ -30,7 +15,7 @@ appveyor.yml:
     - PUPPET_GEM_VERSION: 3.0.0
       RUBY_VER: 193
   test_script:
-    - 'bundle exec rspec spec/unit -fd -b'
+    - 'bundle exec rspec spec/unit spec/integration -fd -b'
 MAINTAINERS.md:
   maintainers:
     - "Puppet Windows Team `windows |at| puppet |dot| com`"
@@ -40,4 +25,4 @@ NOTICE:
       begin: 2013
     - name: 'Puppet, Inc.'
       begin: 2013
-      end: 'latest'
+      end: 'latest'
@@ -1,3 +1,18 @@
+##2015-05-17 - Supported Release 2.0.0
+###Summary
+
+Major release with performance improvements
+
+Removed support for Windows Server 2003
+
+###Features
+- Major performance improvement by sharing a single powershell session instead of creating a new powershell session per command
+- Security improvement as scripts are not stored on the filesystem temporarily
+
+###Bug Fixes
+- Updated test suites with later versions
+- Documentation cleanup
+
 ##2015-12-08 - Supported Release 1.0.6
 ###Summary
 
 
@@ -37,16 +37,17 @@ end
 
 group :development do
   gem 'rake',                                :require => false
-  gem 'rspec', '~>3.0.0',                    :require => false
+  gem 'rspec', '~>3.0',                      :require => false
   gem 'puppet-lint',                         :require => false
   gem 'puppetlabs_spec_helper', '~>0.10.3',  :require => false
   gem 'puppet_facts',                        :require => false
   gem 'mocha', '~>0.10.5',                   :require => false
+  gem 'pry',                                 :require => false
 end
 
 group :system_tests do
-  gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '~> 2.20')
   gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '~> 5.1')
+  gem 'beaker', *location_for(ENV['BEAKER_VERSION'] || '~> 2.20')
   gem 'beaker-puppet_install_helper',  :require => false
 end
 
 
@@ -14,7 +14,7 @@
 
 ##Overview
 
-This module adds a new exec provider capable of executing PowerShell commands. 
+This module adds a new exec provider capable of executing PowerShell commands.
 
 ##Module Description
 
@@ -29,50 +29,53 @@ This module requires PowerShell to be installed and the `powershell.exe` to be a
 
 The powershell module adapts the Puppet [exec](http://docs.puppet.com/references/stable/type.html#exec) resource to run PowerShell commands. To get started, simply install the module and declare 'powershell' in `provider` with the applicable command.
 
-~~~
-    exec { 'RESOURCENAME':
-      command   => '$(SOMECOMMAND)',
-      provider  => powershell,
-    }
+~~~ puppet
+exec { 'RESOURCENAME':
+  command   => '$(SOMECOMMAND)',
+  provider  => powershell,
+}
 ~~~
 
 ##Usage
 
-When using `exec` resources with the `powershell` provider, the `command` parameter must be single-quoted to prevent Puppet from interpolating `$(..)`. 
+When using `exec` resources with the `powershell` provider, the `command` parameter must be single-quoted to prevent Puppet from interpolating `$(..)`.
 
 For instance, if you wanted to rename the Guest account:
 
-~~~
-    exec { 'rename-guest':
-      command   => '$(Get-WMIObject Win32_UserAccount -Filter "Name=\'guest\'").Rename("new-guest")',
-      unless    => 'if (Get-WmiObject Win32_UserAccount -Filter "Name=\'guest\'") { exit 1 }',
-      provider  => powershell,
-    }
+~~~ puppet
+exec { 'rename-guest':
+  command   => '$(Get-WMIObject Win32_UserAccount -Filter "Name=\'guest\'").Rename("new-guest")',
+  unless    => 'if (Get-WmiObject Win32_UserAccount -Filter "Name=\'guest\'") { exit 1 }',
+  provider  => powershell,
+}
 ~~~
 
 Note that the example uses the `unless` parameter to make the resource idempotent. The `command` is only executed if the Guest account does not exist, as indicated by `unless` returning 0.
 
 **Note:** PowerShell variables (e.g. `$_`), must be escaped in Puppet manifests either using backslashes or single quotes.
 
-Alternatively, you can put the PowerShell code for the `command`, `onlyif`, and `unless` parameters into separate templates and then invoke the template function in the resource.
+Alternatively, you can put the PowerShell code for the `command`, `onlyif`, and `unless` parameters into separate files and then invoke the file function in the resource. Templates and the `template()` function could also be used here if the PowerShell scripts need to have access to variables from Puppet.
 
-~~~
+~~~ puppet
 exec { 'rename-guest':
-  command   => template('guest/rename-guest.ps1'),
-  onlyif    => template('guest/guest-exists.ps1'),
+  command   => file('guest/rename-guest.ps1'),
+  onlyif    => file('guest/guest-exists.ps1'),
   provider  => powershell,
   logoutput => true,
 }
 ~~~
 
-Each template is a PowerShell script.
+Each file is a PowerShell script that should be in the module's `files/` folder.
 
-~~~
+For example, here is the script at: `guest/files/rename-guest.ps1`
+
+~~~ powershell
 $obj = $(Get-WMIObject Win32_UserAccount -Filter "Name='Guest'")
 $obj.Rename("OtherGuest")
 ~~~
 
-This has the added benefit of not requiring escaping '$' in the PowerShell code.
+This has the added benefit of not requiring escaping '$' in the PowerShell code. Note that the files need to have DOS linefeeds or they will not work as expected. One tool for converting UNIX linefeeds to DOS linefeeds is [unix2dos](http://freecode.com/projects/dos2unix).
+
 
 ##Reference
 
@@ -101,7 +104,7 @@ Defines whether to log command output in addition to logging the exit code. If y
 Runs the exec only if the command returns 0. Valid options: String. Default: Undefined.
 
 #####`path`
-Specifies the search path used for command execution. Valid options: String of the path, an array, or a semicolon-separated list. Default: Undefined. 
+Specifies the search path used for command execution. Valid options: String of the path, an array, or a semicolon-separated list. Default: Undefined.
 
 #####`refresh`
 Refreshes the command. Valid options: String. Default: Undefined.
@@ -117,7 +120,7 @@ Sets the maximum time in seconds that the command should take. Valid options: Nu
 
 #####`tries`
 Determines the number of times execution of the command should be attempted. Valid options: Number or a string representation of a number. Default: '1'.
- 
+
 #####`try_sleep`
 Specifies the time to sleep in seconds between `tries`. Valid options: Number or a string representation of a number. Default: Undefined.
 
 
@@ -30,7 +30,7 @@ build: off
 test_script:
 - bundle exec puppet -V
 - ruby -v
-- bundle exec rspec spec/unit -fd -b
+- bundle exec rspec spec/unit spec/integration -fd -b
 notifications:
 - provider: Email
   to:
 
@@ -1,4 +1,5 @@
 require 'puppet/provider/exec'
+require_relative '../../../puppet_x/puppetlabs/powershell_manager'
 
 Puppet::Type.type(:exec).provide :powershell, :parent => Puppet::Provider::Exec do
   confine :operatingsystem => :windows
@@ -25,17 +26,65 @@
         }
   EOT
 
+  POWERSHELL_UPGRADE_MSG = <<-UPGRADE
+  The current Puppet version is outdated and uses a library that was
+  previously necessary on the current Ruby verison to support a colored console.
+
+  Unfortunately this library prevents the PowerShell module from using a shared
+  PowerShell process to dramatically improve the performance of resource
+  application.
+
+  To enable these improvements, it is suggested to upgrade to any x64 version of
+  Puppet (including 3.x), or to a Puppet version newer than 3.x.
+  UPGRADE
+
+  def self.upgrade_message
+    Puppet.warning POWERSHELL_UPGRADE_MSG if !@upgrade_warning_issued
+    @upgrade_warning_issued = true
+  end
+
+  def self.powershell_args
+    ps_args = ['-NoProfile', '-NonInteractive', '-NoLogo', '-ExecutionPolicy', 'Bypass', '-Command']
+    ps_args << '-' if PuppetX::PowerShell::PowerShellManager.supported?
+    ps_args
+  end
+
+  def ps_manager
+    PuppetX::PowerShell::PowerShellManager.instance("#{command(:powershell)} #{self.class.powershell_args.join(' ')}")
+  end
+
   def run(command, check = false)
-    write_script(command) do |native_path|
-      # Ideally, we could keep a handle open on the temp file in this
-      # process (to prevent TOCTOU attacks), and execute powershell
-      # with -File <path>. But powershell complains that it can't open
-      # the file for exclusive access. If we close the handle, then an
-      # attacker could modify the file before we invoke powershell. So
-      # we redirect powershell's stdin to read from the file. Current
-      # versions of Windows use per-user temp directories with strong
-      # permissions, but I'd rather not make (poor) assumptions.
-      return super("cmd.exe /c \"\"#{native_path(command(:powershell))}\" #{args} -Command - < \"#{native_path}\"\"", check)
+    if !PuppetX::PowerShell::PowerShellManager.supported?
+      self.class.upgrade_message
+      write_script(command) do |native_path|
+        # Ideally, we could keep a handle open on the temp file in this
+        # process (to prevent TOCTOU attacks), and execute powershell
+        # with -File <path>. But powershell complains that it can't open
+        # the file for exclusive access. If we close the handle, then an
+        # attacker could modify the file before we invoke powershell. So
+        # we redirect powershell's stdin to read from the file. Current
+        # versions of Windows use per-user temp directories with strong
+        # permissions, but I'd rather not make (poor) assumptions.
+        return super("cmd.exe /c \"\"#{native_path(command(:powershell))}\" #{legacy_args} -Command - < \"#{native_path}\"\"", check)
+      end
+    else
+      result = ps_manager.execute(command)
+
+      stdout      = result[:stdout]
+      stderr      = result[:stderr]
+      exit_code   = result[:exitcode]
+
+      unless stderr.nil?
+        stderr.each do |er|
+          er.each { |e| Puppet.debug "STDERR: #{e.chop}" } unless er.empty?
+        end
+      end
+
+      Puppet.debug "STDERR: #{result[:errormessage]}" unless result[:errormessage].nil?
+
+      output = Puppet::Util::Execution::ProcessOutput.new(stdout.to_s || '', exit_code)
+
+      return output, output
     end
   end
 
@@ -63,7 +112,7 @@ def native_path(path)
     end
   end
 
-  def args
+  def legacy_args
     '-NoProfile -NonInteractive -NoLogo -ExecutionPolicy Bypass'
   end
 end