Merge pull request #1453 from SteveL-MSFT/windows-firewall

Add `Microsoft.Windows/FirewallRuleList` resource

Author: SteveL-MSFT

Cargo.lock

@@ -21,6 +21,7 @@ members = [
     "resources/sshdconfig",
     "resources/WindowsUpdate",
     "resources/windows_service",
+    "resources/windows_firewall",
     "tools/dsctest",
     "tools/test_group_resource",
     "grammars/tree-sitter-dscexpression",
@@ -51,6 +52,7 @@ default-members = [
     "resources/sshdconfig",
     "resources/WindowsUpdate",
     "resources/windows_service",
+    "resources/windows_firewall",
     "tools/dsctest",
     "tools/test_group_resource",
     "grammars/tree-sitter-dscexpression",
@@ -81,6 +83,7 @@ Windows = [
     "resources/sshdconfig",
     "resources/WindowsUpdate",
     "resources/windows_service",
+    "resources/windows_firewall",
     "tools/dsctest",
     "tools/test_group_resource",
     "grammars/tree-sitter-dscexpression",
@@ -258,6 +261,7 @@ ipnetwork = { version = "0.21" }
 # WindowsUpdate, windows_service
 windows = { version = "0.62", features = [
     "Win32_Foundation",
+    "Win32_NetworkManagement_WindowsFirewall",
     "Win32_System_Com",
     "Win32_System_Ole",
     "Win32_System_Services",

Cargo.toml

@@ -11,7 +11,7 @@ BeforeDiscovery {
 
 Describe 'Tests for listing resources' {
     It 'dsc resource list' {
-        $resources = dsc resource list | ConvertFrom-Json -Depth 10
+        $resources = dsc resource list | ConvertFrom-Json -Depth 15
         $LASTEXITCODE | Should -Be 0
         $resources | Should -Not -BeNullOrEmpty
         $resources.Count | Should -BeGreaterThan 0

dsc/tests/dsc_resource_list.tests.ps1

@@ -0,0 +1,14 @@
+{
+    "Name": "windows_firewall",
+    "Kind": "Resource",
+    "IsRust": true,
+    "SupportedPlatformOS": "Windows",
+    "Binaries": [
+        "windows_firewall"
+    ],
+    "CopyFiles": {
+        "Windows": [
+            "windows_firewall.dsc.resource.json"
+        ]
+    }
+}

resources/windows_firewall/.project.data.json

@@ -0,0 +1,17 @@
+[package]
+name = "windows_firewall"
+version = "0.1.0"
+edition = "2024"
+
+[package.metadata.i18n]
+available-locales = ["en-us"]
+default-locale = "en-us"
+load-path = "locales"
+
+[dependencies]
+rust-i18n = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
+
+[target.'cfg(windows)'.dependencies]
+windows = { workspace = true }

resources/windows_firewall/Cargo.toml

@@ -0,0 +1,32 @@
+_version = 1
+
+[main]
+missingOperation = "Missing operation. Usage: windows_firewall get --input <json> | set --input <json> | export [--input <json>]"
+unknownOperation = "Unknown operation: '%{operation}'. Expected: get, set, or export"
+missingInput = "Missing --input argument"
+missingInputValue = "Missing value for --input argument"
+invalidJson = "Invalid JSON input: %{error}"
+windowsOnly = "This resource is only supported on Windows"
+
+[get]
+rulesArrayEmpty = "The rules array cannot be empty for get operations"
+selectorRequired = "Each firewall rule in a get request must include a name"
+
+[set]
+rulesArrayEmpty = "The rules array cannot be empty for set operations"
+selectorRequired = "Each firewall rule in a set request must include a name"
+
+[firewall]
+comInitFailed = "Failed to initialize COM for Windows Firewall access: %{error}"
+policyOpenFailed = "Failed to open the Windows Firewall policy: %{error}"
+ruleEnumerationFailed = "Failed to enumerate Windows Firewall rules: %{error}"
+ruleLookupFailed = "Failed to look up firewall rule '%{name}': %{error}"
+ruleCreateFailed = "Failed to create a firewall rule object: %{error}"
+ruleAddFailed = "Failed to add firewall rule '%{name}': %{error}"
+ruleRemoveFailed = "Failed to remove firewall rule '%{name}': %{error}"
+ruleUpdateFailed = "Failed to update firewall rule '%{name}': %{error}"
+ruleReadFailed = "Failed to read firewall rule '%{name}': %{error}"
+portsNotAllowed = "Ports cannot be specified for firewall rule '%{name}' because protocol %{protocol} does not support ports"
+invalidProfiles = "Invalid profiles value '%{value}'. Valid values are Domain, Private, Public, or All"
+invalidInterfaceType = "Invalid interface type '%{value}'. Valid values are RemoteAccess, Wireless, Lan, or All"
+invalidProtocol = "Invalid protocol number '%{value}'. Must be between 0 and 256"