Tests/Public/Get-PWSHCertutilShortTermExpiringCerts.Tests.ps1
|
BeforeAll { Import-Module (Resolve-Path "$PSScriptRoot\..\..\Posh-Certutil.psd1") -Force $testJson = @' { "version": "1.0", "profiles": { "test-profile": { "description": "Test", "remoting": { "useTls": true, "port": 5986, "maxSessionsPerCA": 2 }, "cas": [{ "fqdn": "ca01.test.local", "displayName": "CA01" }], "certutilView": { "restrict": { "expiringCerts": "GeneralFlags=0,Disposition=20,NotAfter>={TODAY},NotAfter<={EXPIRE_DATE}" }, "out": { "expiringCerts": ["RequestID","CommonName","NotAfter"] } }, "syncState": { "lastSync": "2026-01-01T00:00:00Z", "fieldNameMap": { "RequestID": "RequestID", "CommonName": "CommonName", "NotAfter": "NotAfter" } } } } } '@ $script:TestConfigPath = [IO.Path]::GetTempFileName() Set-Content -Path $script:TestConfigPath -Value $testJson -Encoding UTF8 InModuleScope Posh-Certutil -Parameters @{ ConfigPath = $script:TestConfigPath } { param($ConfigPath) $script:ConfigPath = $ConfigPath } $fakeSession = New-MockObject -Type System.Management.Automation.Runspaces.PSSession } AfterAll { Remove-Item -Path $script:TestConfigPath -ErrorAction SilentlyContinue Remove-Module Posh-Certutil -ErrorAction SilentlyContinue } Describe 'Get-PWSHCertutilShortTermExpiringCerts' -Tag Unit { BeforeEach { Mock -ModuleName Posh-Certutil Get-CASession { $fakeSession } Mock -ModuleName Posh-Certutil Get-CALocalDate { @{ Today = '01/01/2026'; ExpireDate = '01/31/2026' } } Mock -ModuleName Posh-Certutil Invoke-CertutilView { @('"RequestID","CommonName","NotAfter"') } } It 'Calls Get-CALocalDate with Days=30 by default' { Get-PWSHCertutilShortTermExpiringCerts -Profile 'test-profile' | Out-Null Should -Invoke -ModuleName Posh-Certutil Get-CALocalDate ` -ParameterFilter { $Days -eq 30 } -Times 1 } It 'Passes both CA-side dates into the restrict string' { Get-PWSHCertutilShortTermExpiringCerts -Profile 'test-profile' | Out-Null Should -Invoke -ModuleName Posh-Certutil Invoke-CertutilView ` -ParameterFilter { $Restrict -like '*01/01/2026*' -and $Restrict -like '*01/31/2026*' } -Times 1 } It 'Calls Get-CALocalDate with Days=90 when -Days 90 is specified' { Get-PWSHCertutilShortTermExpiringCerts -Profile 'test-profile' -Days 90 | Out-Null Should -Invoke -ModuleName Posh-Certutil Get-CALocalDate ` -ParameterFilter { $Days -eq 90 } -Times 1 } It 'Rejects -Days values not in the allowed set' { { Get-PWSHCertutilShortTermExpiringCerts -Profile 'test-profile' -Days 45 } | Should -Throw } } |