Merge pull request #20 from PowerShell/dev

Release of version 1.2.0.0 of xBitlocker

Author: kwirkykat

.codecov.yml

@@ -0,0 +1,24 @@
+codecov:
+  notify:
+    require_ci_to_pass: no
+
+comment:
+  layout: "reach, diff"
+  behavior: default
+
+coverage:
+  range: 50..80
+  round: down
+  precision: 0
+
+  status:
+    project:
+      default:
+        # Set the overall project code coverage requirement to 70%
+        target: 70
+    patch:
+      default:
+        # Set the pull request requirement to not regress overall coverage by more than 5%
+        # and let codecov.io set the goal for the code changed in the patch.
+        target: auto
+        threshold: 5

.gitignore

@@ -0,0 +1,4 @@
+DSCResource.Tests
+.vs
+.vscode
+node_modules

.markdownlint.json

@@ -0,0 +1,10 @@
+{
+    "default": true,
+    "MD029": {
+        "style": "one"
+    },
+    "MD013": true,
+    "MD024": false,
+    "MD034": false,
+    "no-hard-tabs": true
+}

.vscode/settings.json

@@ -0,0 +1,13 @@
+{
+    "powershell.codeFormatting.openBraceOnSameLine": false,
+    "powershell.codeFormatting.newLineAfterOpenBrace": false,
+    "powershell.codeFormatting.newLineAfterCloseBrace": true,
+    "powershell.codeFormatting.whitespaceBeforeOpenBrace": true,
+    "powershell.codeFormatting.whitespaceBeforeOpenParen": true,
+    "powershell.codeFormatting.whitespaceAroundOperator": true,
+    "powershell.codeFormatting.whitespaceAfterSeparator": true,
+    "powershell.codeFormatting.ignoreOneLineBlock": false,
+    "powershell.codeFormatting.preset": "Custom",
+    "files.trimTrailingWhitespace": true,
+    "files.insertFinalNewline": true
+}

DSCResources/MSFT_xBLAutoBitlocker/MSFT_xBLAutoBitlocker.psm1

@@ -70,7 +70,8 @@ function Get-TargetResource
         $UsedSpaceOnly
     )
 
-    #Load helper module    Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0
+    #Load helper module
+    Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0
 
     CheckForPreReqs
 
@@ -151,8 +152,9 @@ function Set-TargetResource
         [System.Boolean]
         $UsedSpaceOnly
     )
-    
-    #Load helper module    Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0
+
+    #Load helper module
+    Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0
 
     CheckForPreReqs
 
@@ -254,7 +256,8 @@ function Test-TargetResource
         $UsedSpaceOnly
     )
 
-    #Load helper module    Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0
+    #Load helper module
+    Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0
 
     CheckForPreReqs
 
@@ -372,10 +375,35 @@ function GetAutoBitlockerStatus
     {
         [Hashtable]$returnValue = @{}
 
+        # Convert DriveType into values returned by Win32_EncryptableVolume.VolumeType
+        switch ($DriveType)
+        {
+            'Fixed'
+            {
+                $driveTypeValue = 1
+            }
+            'Removable'
+            {
+                $driveTypeValue = 2
+            }
+        }
+
         foreach ($blv in $allBlvs)
         {
             $vol = $null
-            $vol = Get-Volume -Path $blv.MountPoint -ErrorAction SilentlyContinue | where {$_.DriveType -like $DriveType}
+
+            $encryptableVolumes = Get-CimInstance -Namespace 'root\cimv2\security\microsoftvolumeencryption' -Class Win32_Encryptablevolume -ErrorAction SilentlyContinue
+
+            if (Split-Path -Path $blv.MountPoint -IsAbsolute)
+            {
+                # MountPoint is a Drive Letter
+                $vol = $encryptableVolumes | Where-Object {($_.DriveLetter -eq $blv.Mountpoint) -and ($_.VolumeType -eq $driveTypeValue)}
+            }
+            else
+            {
+                # MountPoint is a path
+                $vol = $encryptableVolumes | Where-Object {($_.DeviceID -eq $blv.Mountpoint) -and ($_.VolumeType -eq $driveTypeValue)}
+            }
 
             if ($vol -ne $null)
             {

Misc/xBitlockerCommon.psm1

@@ -86,7 +86,7 @@ function EnableBitlocker
         {
             throw "A TpmProtector must be used if Pin is used."
         }
-    
+
         if ($PSBoundParameters.ContainsKey("AdAccountOrGroupProtector") -and $PrimaryProtector -notlike "AdAccountOrGroupProtector" -and !(ContainsKeyProtector -Type "AdAccountOrGroup" -KeyProtectorCollection $blv.KeyProtector))
         {
             Write-Verbose "Adding AdAccountOrGroupProtector"
@@ -164,7 +164,7 @@ function EnableBitlocker
                 $handledTpmAlready = $true
 
                 $params.Add("Pin", $Pin.Password)
-                
+
                 if ($PSBoundParameters.ContainsKey("StartupKeyProtector"))
                 {
                     $params.Add("TpmAndPinAndStartupKeyProtector", $true)
@@ -181,7 +181,7 @@ function EnableBitlocker
                 $handledTpmAlready = $true
 
                 $params.Add("TpmAndStartupKeyProtector", $true)
-                $params.Add("StartupKeyPath", $StartupKeyPath)                
+                $params.Add("StartupKeyPath", $StartupKeyPath)
             }
 
 
@@ -325,6 +325,11 @@ function TestBitlocker
         Write-Verbose "Unable to locate MountPoint: $($MountPoint)"
         return $false
     }
+    elseif ($blv.VolumeStatus -eq "FullyDecrypted")
+    {
+        Write-Verbose "MountPoint: $($MountPoint) Not Encrypted"
+        return $false
+    }
     elseif ($blv.KeyProtector -eq $null -or $blv.KeyProtector.Count -eq 0)
     {
         Write-Verbose "No key protectors on MountPoint: $($MountPoint)"
@@ -352,7 +357,7 @@ function TestBitlocker
         if ($PSBoundParameters.ContainsKey("Pin") -and !(ContainsKeyProtector -Type "TpmPin" -KeyProtectorCollection $blv.KeyProtector -StartsWith $true))
         {
             Write-Verbose "MountPoint '$($MountPoint) 'does not have TpmPin assigned."
-            return $false            
+            return $false
         }
 
         if ($PSBoundParameters.ContainsKey("RecoveryKeyProtector") -and !(ContainsKeyProtector -Type "ExternalKey" -KeyProtectorCollection $blv.KeyProtector))
@@ -383,7 +388,7 @@ function TestBitlocker
                 {
                     Write-Verbose "MountPoint '$($MountPoint) 'does not have TPM + StartupKey protector."
                     return $false
-                }          
+                }
             }
         }
 
@@ -397,7 +402,7 @@ function TestBitlocker
     return $true
 }
 
-#Ensures that required Bitlocker prereqs are installed 
+#Ensures that required Bitlocker prereqs are installed
 function CheckForPreReqs
 {
     $hasAllPreReqs = $true
@@ -420,7 +425,7 @@ function CheckForPreReqs
         Write-Error "The RSAT-Feature-Tools-BitLocker feature needs to be installed before the xBitlocker module can be used"
     }
 
-    if ($blAdminToolsRemoteFeature.InstallState -ne "Installed")
+    if ($blAdminToolsRemoteFeature.InstallState -ne 'Installed' -and (Get-OSEdition) -notmatch 'Core')
     {
         $hasAllPreReqs = $false
 
@@ -513,4 +518,14 @@ function RemoveParameters
     }
 }
 
+<#
+.SYNOPSIS
+Returns the OS edtion we currently running on
+#>
+function Get-OSEdition
+{
+    (Get-ItemProperty -Path 'HKLM:/software/microsoft/windows nt/currentversion' -Name InstallationType).InstallationType
+}
+
+
 Export-ModuleMember -Function *