Add read-only trust matrix report and -ReportOnly audit mode (v2.1.0)#10
Merged
Conversation
Introduce the reporting/audit building blocks for the trust matrix (issue #8): - Get-SPSTrustStatus (public): read-only collector that walks Farms x Trusts x Services x RemoteFarms and resolves each trust dimension (ROOT, STS, Published, Topology permission, SA permission, Proxy) via the existing Get-SPS* getters. Performs no changes; 'Content' services are marked N/A for STS/Published/SA-permission/Proxy; getter failures are captured as 'Error' + a per-row Note without aborting the audit. Returns an ordered hashtable ready for ConvertTo-Json / Export-SPSTrustReport. - Export-SPSTrustReport (public): renders a status object (-Status) or a results JSON file (-InputFile) into a self-contained, offline HTML report with summary cards and an interactive (search + click-to-sort) trust matrix using status pills. - Backup-SPSJsonFile (public): ported archive-before-overwrite helper. - Private HTML helpers: ConvertTo-SPSHtmlEncoded, Get-SPSReportHtmlHead (with pill styles), Get-SPSReportCardHtml, Get-SPSReportHtmlScript (DOM-based search/sort). - Manifest bumped to 2.1.0; the 3 new public functions exported. - Tests: tests/Modules/SPSTrust.Report.Tests.ps1 covers the collector (row shape, N/A handling, error capture, no state-changing calls), the renderer (HTML shape, pills, dir creation, JSON round-trip, HTML encoding) and Backup-SPSJsonFile. 81 tests pass; PSScriptAnalyzer clean. Refs #8 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…rust.ps1 - Add -ReportOnly switch (read-only audit: skips the four mutating stages and only collects state + writes the report) and -HistoryRetentionDays (default 30). - Initialize Results/ (+ history/) and Reports/ folders; add a run-mode banner line. - Guard the certificate-exchange / publish / permission / proxy stages behind 'if (-not $ReportOnly)'. - Always run a read-only stage 5: Get-SPSTrustStatus -> archive previous results with Backup-SPSJsonFile -> prune history via Clear-SPSLogFolder -Extension '*.json' -> write Results JSON -> Export-SPSTrustReport HTML. Wrapped in try/catch so a report failure never masks the run outcome. - .gitignore: exclude runtime Logs/, Results/, Reports/. - Tests: cover the new params (ReportOnly switch, HistoryRetentionDays) and the report wiring (guard, Get-SPSTrustStatus, Backup-SPSJsonFile, Export-SPSTrustReport, history pruning). 88 tests pass; analyzer clean. Refs #8 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Wiki: add Reports.md (trust matrix dimensions, read-only guarantee, when the report is generated, Results/Reports output layout, regeneration from a saved snapshot, related parameters). Link it from _Sidebar and Home; update Usage with -ReportOnly, -HistoryRetentionDays, a report example and the new output section. - CHANGELOG.md: add the 2.1.0 section (Added/Changed). - RELEASE-NOTES.md: replace with the 2.1.0 section (used verbatim as the Release body), noting full backward compatibility with 2.0.0. Refs #8 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Pester Test Results88 tests 88 ✅ 2s ⏱️ Results for commit 2953ad6. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add a read-only trust matrix report to SPSTrust (issue #8), shipped as a backward-compatible 2.1.0 minor release.
What changed
Get-SPSTrustStatus(public, read-only) — walksFarms × Trusts × Services × RemoteFarmsand resolves each trust dimension (ROOT, STS, Published, Topology permission, SA permission, Proxy) via the existingGet-SPS*getters. Changes nothing.Contentservices → N/A for STS/Published/SA-perm/Proxy. Getter failures captured asError+ a per-row note without aborting.Export-SPSTrustReport(public) — renders a status object (-Status) or a results JSON (-InputFile) into a self-contained, offline HTML report: summary cards + interactive (search + click-to-sort) matrix with colored status pills.Backup-SPSJsonFile(public) + private HTML helpers (ConvertTo-SPSHtmlEncoded,Get-SPSReportHtmlHead,Get-SPSReportCardHtml,Get-SPSReportHtmlScript).SPSTrust.ps1— new-ReportOnly(read-only audit) and-HistoryRetentionDays(default 30). The four mutating stages are guarded behindif (-not $ReportOnly); a read-only stage 5 always runs: collect → archive previous results → prune history → writeResults\*.json→ writeReports\*.html.Reports.md; Home/Usage/Sidebar updated. CHANGELOG + RELEASE-NOTES for 2.1.0. Manifest bumped to 2.1.0..gitignoreexcludes runtimeLogs/,Results/,Reports/.Compatibility
No breaking changes. Existing
-ConfigFile/-FarmAccount/-CleanServicesusage is unchanged; the reporting stage is additive and read-only.Validation
New tests cover the collector (row shape, N/A handling, error capture, no state-changing calls), the renderer (HTML shape, pills, dir creation, JSON round-trip, HTML-encoding/injection guard),
Backup-SPSJsonFile, and the script report wiring.Closes #8