What’s New #

Starting in 1.31, the application can update itself by running sqldsc update.

Start support for Azure “SQL Databases”. Please see the Azure section. Only those resources listed in the Azure section have been tested against Azure SQL Databases.
Added limited support for SQL Server Agent Jobs. Please see the Resource Block Schema section.
Added support for Database Roles. Please see the Resource Block Schema section.

The application logging format has changed to make it easier to read. Please install the NDJSON Colorizer to better view the logs. There’s also a way to dump logs for inclusion in change control documents. See Logging
Targets support SQL Server logins. Please see the section on Targets
Targets can define roles which override the default Roles or added_roles which add to the default Roles. Please see Roles for more details.
Both test and apply stop processing on errors. Originally they would stop the current target but process other targets. However the safest action is to stop immediately if there’s a problem. If the test is running multi-threaded, each thread will finish its target but won’t start new a one.
Testing a password in the Vault can test both passwords and password hashes.

Improved handling of SQL Server logins. See SQL Server Logins for details.
- Capture and reuse SIDs
- Store hashed passwords in the Credential Vault
- Get the SID and hashed password from an existing login
If a database isn’t writeable, any changes for that database are silently skipped.

The application checks if a user is in the sysadmin role. If they are not, the target is skipped. This better supports running with two different accounts.
The PRO edition can configure the multi-threaded settings using a settings file. Please see the Application Settings section.
The application can update itself by running sqldsc update. If there is a newer version, it will prompt you to install it.
sqldsc init will create a .vscode directory with the suggested extensions.

Added a --parallel flag for the PRO. This sets the number of testing threads equal to the number of targets. Applying is always done sequentially.

Previously, when running, sqldsc apply, all servers are first tested, then all servers go through the apply phase. Now, only those servers that indicate a change will go through the apply phase. This can be overridden with the --applyall flag. This flag forces all servers to go through the apply phase.
If the PRO features are enabled (see the README_Pro), the --threads flag will allow you to set the number of concurrent threads that will be used for the test phase. The apply phase is always done single-threaded.

sqldsc info prints a summary table that lists the target files and target counts and the resource files and resource counts

Logging is now is written to individual files in a dir tree: YYYY/sqldsc_YYYY_01_Domain_User.log. This should prevent duplicates and eliminate the need to merge files.

Cleaned up logging. There are now three levels that provide increased detail: Verbose, then Debug, then Trace. Verbose is really just printing the SQL statements.
Added expected_rows to the sql_script resource. If the test_query returns a different number of rows than this, the script will be run.
Added properties for target for dial timeout and connect timeout.
Added a target_defaults block to set defaults for all targets in the file.

Resource Blocks now overwrite previous definitions. Prior to this they would be merged. It’s just too complicated to figure out where different settings come from in files. For example, assume you define a database resource for a “DBA” database in defaults.hcl. Then in a node-specific configuration file, you define a “DBA” database with a different set of properties. The later more specific resource will now completely overwrite the newer resource. That newer resource will then be applied to the database.

The sql_file resource has been renamed to sql_script. Please rename the sql directory directory to scripts. The attribute names have also changed. Please see the schema document.
If no ensure attribute is found, default to present.
For logins, if no name attribute is found, default to the Resouce Name.
For agent operators, if no name attribute is found, default to the Resouce Name.
For databases, if no name attribute is found, default to the Resouce Name.
For configurations, if no name attribute is found, default to the Resouce Name.

Add database_role_member resource blocks
Clean up attribute names so that a “_name” suffix isn’t requried for SQL Server objects such as logins and roles

Added vault to store encrypted passwords locally
Added attributes to the login resource including the SID, expiration check, policy check, and default database.
Added a sql_file resource to create common procedures or objects on servers
Added a database_user resource
Added a syntax check for .hcl files at the start of processing
Switched SQL Server drivers. If you experience connectivity issues, please contact me