How to control which version of Powershell Puppet shells out to on Windows?

Question

Microsoft recently changed their download repository for Windows Powershell to require TLS 1.2+ which Windows Powershell 5.1 doesn't support without the runtime setting change to Net.ServicePointManager.

Can I change Puppet to use Pwsh (7.x) as the default or is there some Puppet code I can change to inject the Net.ServicePointManager snippet into to configured 5.1 to support TLS 1.2 in all Puppet initiated Windows Powershell sessions?

The underlying issue I'm trying to solve is package failing with an error similar to this.

score 0 · Answer 1 · answered Jul 10 '20 at 13:22

0

The puppetlabs-powershell module has a short example in the readme on how to use PowerShell6/7 instead of 5.1 by using the pwsh provider instead of the powershell provider: https://github.com/puppetlabs/puppetlabs-powershell#requirements

To use the pwsh provider, change the provider line to pwsh and set the path if your pwsh install is not on PATH.

exec { 'RESOURCENAME':
  ...
  path     => '/usr/alice/pscore',
  provider => pwsh,
}

answered Jul 10 '20 at 13:22

James Pogran

121
3

Sorry, this is in regards to how the package module calls out to Powershell. Not the actual PowerShell module. I'm not sure I am really asking the question correctly. – logicaldiagram Jul 10 '20 at 15:32
If we forked the `cholocatey` provider, could we change this [line](https://github.com/puppetlabs/puppetlabs-chocolatey/blob/master/manifests/install.pp#L48) to `pwsh`? – logicaldiagram Jul 10 '20 at 15:38

score 0 · Accepted Answer · answered Jul 10 '20 at 20:36

0

The issue was in an old windowspowershell provider. The fix is documented here.

answered Jul 10 '20 at 20:36

logicaldiagram

111
5

How to control which version of Powershell Puppet shells out to on Windows?

2 Answers2