Best way to terminate a PowerShell function based on parameters - powershell

I have a few functions that get called either from Jenkins as part of a pipeline, they also get called from a pester test or lastly they can get called from the powershell console. The issue I have really stems from Jenkins not seeming to handle write-output in the way I think it should.
So what I am doing is creating a Boolean param that will allow my to choose if I terminate my function with a exit code or a return message. The exit code will be used by my pipeline logic and the return message for the rest ?
Is there a alternate approach I should be using this seems to be a bit of a hack.
function Get-ServerPowerState
{
[CmdletBinding()]
param
(
[string[]]$ilo_ip,
[ValidateSet('ON', 'OFF')]
[string]$Status,
[boolean]$fail
)
BEGIN
{
$here = Split-Path -Parent $Script:MyInvocation.MyCommand.Path
$Credentials = IMPORT-CLIXML "$($here)\Lib\iLOCred.xml"
}
PROCESS
{
foreach ($ip in $ilo_ip)
{
New-LogEntry -Message ("Getting current powerstate " + $ip)
If (Test-Connection -ComputerName $ip.ToString() -Count 1 -Quiet)
{
$hostPower = Get-HPiLOhostpower -Server $ip -Credential
$Credentials -DisableCertificateAuthentication
}
}
}
END
{
If($fail){
New-LogEntry -Message "Script been set to fail with exit code" -Log Verbose
New-LogEntry -Message "The host is powered - $($HostPower.Host_Power)" -Log Verbose
If($hostPower.HOST_POWER -match $Status)
{
Exit 0
}
else {
Exit 1
}
}
else {
New-LogEntry -Message "Script been set to NOT fail with exit code" -Log Verbose
New-LogEntry -Message "The host is powered - $($HostPower.Host_Power)" -Log Verbose
If($hostPower.HOST_POWER -match $Status)
{
return 0
}
else {
return 1
}
}
}
}


Like this
function Get-Output {
param ([switch]$asint)
if ($asint) {
return 1
}
else {
write-output 'one'
}
}
Get-Output
Get-Output -asint
If you intend to use the output in the pipeline then use Write-Output. If you intend to only send it to the host process then use Write-Host. I typically use the return keyword if I want to assign a return value to a variable.
[int]$result = Get-Output -asint

Related

How to determine success of ScriptBlock?

I want to know if a ScriptBlock executed successfully.
If I run
1/0; echo $?
I get
RuntimeException: Attempted to divide by zero.
false
but if I do
$s = { 1/0 }; Invoke-Command $s; echo $?
I get
RuntimeException: Attempted to divide by zero.
true
I assume that $? is referring to the execution of Invoke-Command, but how can I get success of the script block itself?
I don't need to use Invoke-Command, if changing to $s.Invoke() is viable then happily use that.
Context
I want to write a function for a DSL along the likes of
function at_place {
Param(
[string] $Path,
[scriptblock] $ScriptBlock
)
Push-Location $Path ;
Invoke-Command $ScriptBlock ;
# following line doesn't work
[bool] $ScriptBlockPass = $? ;
If ( $? ){
Write-Debug "success!" ;
Pop-Location ;
} Else {
Write-Error "ScriptBlock failed, remaining at $Path, please fix manually." ;
throw "ScriptBlock failed at $Path" ;
}
}
I have things in my buffer like
Push-Location ~/foo; doStuff; If ( $? ){ Pop-Location; } Else { Write-Error "Failed, fix here" }
Which I would like to write as
at_place ~/foo { doStuff; }
My actual change is about using Git to ignore a bunch of files, stash them, apply some edits, and then reignore them etc. Simplified here hopefully to be more broadly applicable and less distracting.

Your question is a bit broad and the answer is, it really depends.
Child scope invocations can only update the value of $? via $PSCmdlet using either .WriteError method or .ThrowTerminatingError method as stated in the about Automatic Variables documentation. This would imply that the script block or function is an advanced one:
$s = {
[CmdletBinding()]
param()
try {
1 / 0
}
catch {
$PSCmdlet.WriteError($_)
}
}
& $s # Writes Error
$? # Value will be False (Failure)
For a non-advanced function or script block, $? would be categorized as unreliable, one way to know if the script block succeeded (and by succeeded I mean it had no errors) and, in my opinion, the most reliable one, would be to set the error preference to Stop to target both, terminating an non terminating errors and execute the script block in a try / catch / finally:
$s = { Write-Error foo }
try {
$previousPreference = $ErrorActionPreference
$ErrorActionPreference = 'Stop'
& $s
}
catch {
'had errors'
}
finally {
$ErrorActionPreference = $previousPreference
}
As for the new edit, I would approach your function this way:
function at_place {
[CmdletBinding()]
Param(
[string] $Path,
[scriptblock] $ScriptBlock
)
try {
$sbSuccess = $true
$ErrorActionPreference = 'Stop'
$pushSuccess = Push-Location $Path -PassThru
& $ScriptBlock
}
catch {
$sbSuccess = $false
$PSCmdlet.ThrowTerminatingError($_)
}
finally {
if($pushSuccess -and $sbSuccess) {
Pop-Location
}
}
}

How to run a module within a Scriptblock in PowerShell?

I am currently trying to import a .psm1 file dynamically into a script block to execute it.
I am using parallelisation along with jobs as I need to trigger several modules simultaneously as different users.
This is the code:
$tasksToRun | ForEach-Object -Parallel {
$ScriptBlock = {
param ($scriptName, $Logger, $GlobalConfig, $scriptsRootFolder )
Write-Output ("hello $($scriptsRootFolder)\tasks\$($scriptName)")
Import-Module ("$($scriptsRootFolder)\tasks\$($scriptName)")
& $scriptName -Logger $Logger -GlobalConfig $GlobalConfig
}
$job = Start-Job -scriptblock $ScriptBlock `
-credential $Cred -Name $_ `
-ArgumentList ($_, $using:Logger, $using:globalConfig, $using:scriptsRootFolder) `
Write-Host ("Running task $_")
$job | Wait-job -Timeout $using:timeout
if ($job.State -eq 'Running') {
# Job is still running, stop it
$job.StopJob()
Write-Host "Stopped $($job.Name) task as it took too long"
}
else {
# Job completed normally, get the results
$job | Receive-Job
Write-Host "Finished task $($job.Name)"
}
}
The logger variable is a hashtable as defined here:
$Logger = #{
generalLog = $function:Logger
certificateLog = $function:LoggerCertificate
alertLog = $function:LoggerAlert
endpointServiceLog = $function:LoggerEndpointService
}
Currently, it is erroring with the following:
ObjectNotFound: The term
' blah blah blah, this is the code straight from the logger function '
is not recognized as the name of a cmdlet, function, script file, or operable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
The logger function servers the purpose of logging to a file in a specific way, it is generalised to that it can be used across many tasks.
A cut down example of a logger (probably won't compile, just deleted a bunch of lines to give you the general idea):
function LoggerEndpointService {
param (
# The full service name.
[string]$ServiceFullName,
# The unique identifier of the service assigned by the operating system.
[string]$ServiceId,
# The description of the service.
[string]$Description,
# The friendly service name.
[string]$ServiceFriendlyName,
# The start mode for the service. (disabled, manual, auto)
[string]$StartMode,
# The status of the service. (critical, started, stopped, warning)
[string]$Status,
# The user account associated with the service.
[string]$User,
# The vendor and product name of the Endpoint solution that reported the event, such as Carbon Black Cb Response.
[string]$VendorProduct
)
$ServiceFullName = If ([string]::IsNullOrEmpty($ServiceFullName)) { "" } Else { $ServiceFullName }
$ServiceId = If ([string]::IsNullOrEmpty($ServiceId)) { "" } Else { $ServiceId }
$ServiceFriendlyName = If ([string]::IsNullOrEmpty($ServiceFriendlyName)) { "" } Else { $ServServiceFriendlyNameiceName }
$StartMode = If ([string]::IsNullOrEmpty($StartMode)) { "" } Else { $StartMode }
$Status = If ([string]::IsNullOrEmpty($Status)) { "" } Else { $Status }
$User = If ([string]::IsNullOrEmpty($User)) { "" } Else { $User }
$Description = If ([string]::IsNullOrEmpty($Description)) { "" } Else { $Description }
$VendorProduct = If ([string]::IsNullOrEmpty($VendorProduct)) { "" } Else { $VendorProduct }
$EventTimeStamp = Get-Date -Format "yyyy-MM-ddTHH:mm:ssK"
$Delay = 100
For ($i = 0; $i -lt 30; $i++) {
try {
$logLine = "{{timestamp=""{0}"" dest=""{1}"" description=""{2}"" service=""{3}"" service_id=""{4}""" `
+ "service_name=""{5}"" start_mode=""{6}"" vendor_product=""{7}"" user=""{8}"" status=""{9}""}}"
$logLine -f $EventTimeStamp, $env:ComputerName, $Description, $ServiceFullName, $ServiceId, $ServiceFriendlyName, $StartMode, $VendorProduct, $User, $Status | Add-Content $LogFile -ErrorAction Stop
break;
}
catch {
Start-Sleep -Milliseconds $Delay
}
if ($i -eq 29) {
Write-Error "Alert logger failed to log, likely due to Splunk holding the file, check eventlog for details." -ErrorAction Continue
if ([System.Diagnostics.EventLog]::SourceExists("SDOLiveScripts") -eq $False) {
Write-Host "Doesn't exist"
New-EventLog -LogName Application -Source "SDOLiveScripts"
}
Write-EventLog -LogName "Application" -Source "SDOLiveScripts" `
-EventID 1337 `
-EntryType Error `
-Message "Failed to log to file $_.Exception.InnerException.Message" `
-ErrorAction Continue
}
}
}
Export-ModuleMember -Function LoggerEndpointService
If anyone could help that'd be great, thank you!

As mentioned in the comments, PowerShell Jobs execute in separate processes and you can't share live objects across process boundaries.
By the time the job executes, $Logger.generalLog is no longer a reference to the scriptblock registered as the Logger function in the calling process - it's just a string, containing the definition of the source function.
You can re-create it from the source code:
$actualLogger = [scriptblock]::Create($Logger.generalLog)
or, in your case, to recreate all of them:
#($Logger.Keys) |ForEach-Object { $Logger[$_] = [scriptblock]::Create($Logger[$_]) }
This will only work if the logging functions are completely independent of their environment - any references to variables in the calling scope or belonging to the source module will fail to resolve!

Returning value from Start-Process argument

I have a PowerShell function (Add-EventLogSource) that checks if an event log source exists. If it does not exist and the shell is not elevated, I start a new, elevated shell and call the function again.
I can't seem to get the return values correct. If the event log source does not exist, and I call Add-EventLogSource, I am not getting the return value all the way back to instance that originally called Add-EventLogSource. Can anyone see the problem? The code looks like this:
Function Add-EventLogSource {
Param (
[Parameter(Mandatory=$True)]
$EventLogSource
)
# Check if $EventLogSource exists as a source. If the shell is not elevated and the check fails to access the Security log, assume the source does not exist.
Try {
$sourceExists = [System.Diagnostics.EventLog]::SourceExists("$EventLogSource")
}
Catch {
$sourceExists = $False
}
If ((([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] “Administrator”)) -AND ($sourceExists -eq $False)) { # Shell is elevated...
Try {
New-EventLog –LogName Application –Source $EventLogSource -ErrorAction Stop
}
Catch {
Return "Error"
}
Return "Created"
}
ElseIf ($sourceExists -eq $False) {
$return = Start-Process PowerShell –Verb RunAs -ArgumentList "Add-EventLogSource -EventLogSource $EventLogSource; start-sleep 5" -Wait
Return $return
}
Else {
Return "Exists"
}
}
Thanks.

How do you exit from an Invoke-Command -ScriptBlock in PowerShell?

How do you exit from an invoke-command script block running on a remote server? I have tried next.
Here is my code:
$Res = Invoke-Command -Session $Ses -ArgumentList ($ROOTdir, $PARAMS.SYS, $PARAMS.main, $PARAMS.zip) -ScriptBlock {
Param($ROOTdir, $SYS, $MAIN, $ZIP)
$list | %{
$completed = $false
$retrycount = 1
while (-not $completed) {
try {
$Copytime = (Measure-Command {
Copy-Item -Path $_.FullName -Destination ($SYS.KITCHENdir) -Force -ErrorVariable copyerror
}).TotalSeconds
$completed = $true
} catch {
if ($retrycount -gt $MAIN.Retry ) {
break or exit #HOW STOP EXECUTING NEXT STEPS AND EXIT
} else {
Start-Sleep $MAIN.DelayRetry
$retrycount++
}
}
}
#IF copy bad result need stop and exit
#The final one can produce flavors here, but it does not look quite kosher
#next steps
}

I suspect you want to use the Exit keyword.
"The exit keyword is used to exit from contexts; it will exit the
(currently running) context where your code is running. This means
that if you use this keyword in a script, and launch the script
directly from your console, it will exit both the script and the
console since they're both running in the same context. However, if
you use the exit keyword in a function within the script, and call
that function from the same script, it will just exit the script and
not the entire console. The exit keyword is best used in functions,
and when those functions are called in a script. It's a great way to
terminate execution of functions."
https://www.pluralsight.com/blog/it-ops/powershell-terminating-code-execution

Is it possible to send 'out of band data' from a remote Invoke-Command call?

I have a system in which I'm remoting into a single machine at a time and running commands, scripts, etc. It would be useful to be able to effectively return log messages from the remote script in "realtime". Some code to get an idea of what I'm trying to do.
Note that both the local Log-*Msg functions log to a database (and tee to standard out/err as appropriate). Also note that we have analogous Log-*Msg methods on the remote side (loaded from a module) that are meant to pitched back across the wire and recorded in the DB as if the local Log-*Msg function was called.
Local Methods
function Exec-Remote {
param(
[ValidateNotNull()]
[System.Management.Automation.Runspaces.PSSession]
$Session=$(throw "Session is mandatory ($($MyInvocation.MyCommand))"),
$argumentList,
$scriptBlock
)
if($argumentList -is [scriptblock]) {$scriptBlock = $argumentList}
if($scriptBlock -eq $null) { throw 'Scriptblock is required'}
Invoke-Command -Session $Session -ArgumentList $argumentList -scriptBlock $scriptBlock | Filter-RemoteLogs
}
Filter Filter-RemoteLogs {
if($_ -isnot [string]) { return $_ }
if($_.StartsWith('Log-VerboseMsg:')) {
Log-VerboseMsg $_.Replace("Log-VerboseMsg:", "") | Out-Null
return
}
if($_.StartsWith('Log-WarningMsg:')) {
Log-WarningMsg $_.Replace("Log-WarningMsg:", "") | Out-Null
return
}
if($_.StartsWith('Log-UserMsg:')) {
Log-UserMsg $_.Replace("Log-UserMsg:", "") | Out-Null
return
}
else { return $_ }
}
Example Remote Method
On the remote side I have a module that gets loaded with a few logging functions, here's one such function:
function Log-VerboseMsg {
param([ValidateNotNullOrEmpty()] $msg)
"Log-VerboseMsg:$msg"
}
For the most part it works, I can do the following
$val = Exec-Remote -Session $PSSession {
Log-VerboseMsg 'A test log message!'
return $true
}
And have it do the right thing transparently.
However, it fails in the following scenario.
$val = Exec-Remote -Session $PSSession {
function Test-Logging {
Log-VerboseMsg 'A test log message!'
return $true
}
$aVariable = Test-Logging
Do-ALongRunningOperation
return $aVariable
}
The above will not return anything until the 'long running operation' completes.
My question to you is the following.
Is there a way for me to reliably do this in Powershell? In some form, if the approach I'm using is really that terrible, feel free to lambast me and explain why.
NOTE: connecting to the DB from the remote environment and recording the log messages will not always be possible, so while that approach could work, for my specific needs it isn't sufficient.

In PowerShell v5 you can use new information stream for this. You should modify local functions as following:
function Exec-Remote {
param(
[ValidateNotNull()]
[System.Management.Automation.Runspaces.PSSession]
$Session=$(throw "Session is mandatory ($($MyInvocation.MyCommand))"),
$argumentList,
$scriptBlock
)
if($argumentList -is [scriptblock]) {$scriptBlock = $argumentList}
if($scriptBlock -eq $null) { throw 'Scriptblock is required'}
# 6>&1 will redirect information stream to output, so Filter-RemoteLogs can process it.
Invoke-Command -Session $Session -ArgumentList $argumentList -scriptBlock $scriptBlock 6>&1 | Filter-RemoteLogs
}
Filter Filter-RemoteLogs {
# Function should be advanced, so we can call $PSCmdlet.WriteInformation.
[CmdletBinding()]
param(
[Parameter(ValueFromPipeline)]
[PSObject]$InputObject
)
if(
# If it is InformationRecord.
($InputObject -is [Management.Automation.InformationRecord]) -and
# And if it come from informational steam.
($WriteInformationStream=$InputObject.PSObject.Properties['WriteInformationStream']) -and
($WriteInformationStream.Value)
) {
# If it is our InformationRecord.
if($InputObject.Tags-contains'MyLoggingInfomation') {
# Write it to log.
&"Log-$($InputObject.MessageData.LogType)Msg" $InputObject.MessageData.Message | Out-Null
} else {
# Return not our InformationRecord to informational stream.
$PSCmdlet.WriteInformation($InputObject)
}
} else {
# Return other objects to output stream.
$PSCmdlet.WriteObject($InputObject)
}
}
And remote logging functions should write to information stream:
function Log-VerboseMsg {
param([ValidateNotNullOrEmpty()] $msg)
Write-Information ([PSCustomObject]#{Message=$msg;LogType='Verbose'}) MyLoggingInfomation
}
function Log-WarningMsg {
param([ValidateNotNullOrEmpty()] $msg)
Write-Information ([PSCustomObject]#{Message=$msg;LogType='Warning'}) MyLoggingInfomation
}
function Log-UserMsg {
param([ValidateNotNullOrEmpty()] $msg)
Write-Information ([PSCustomObject]#{Message=$msg;LogType='User'}) MyLoggingInfomation
}