Publish Pre-release (#1)

* adds basic module layout

* fix module manifest encoding

* fix callsign in appveyor helper

* adds challenge file related functions

* adds connection manager functions

* adds Test-ChallengeFile

* adds item related functions

* adds store related functions

* adds cSpell dictionary

* adds CredentialStore related Pester tests

* [WIP] test Pester file

* fix typo

* adds file dependencies

* [WIP] fix pester tests

* fix exception state

* [WIP] add file dependencies

* fix gitkeep filename

* set constant debug module version string

* adds Pester Tests for New-CredentialStoreItem

* adds basic readme file

* adds functions to export; adds meta data

* adds vscode debug config

* adds test for optional dependencies

* [WIP] Implements optional dependency test

* adds taskrunner definitions

* adds CBH

* add gitignore file

* adds basic Build tasks

* typo fixed

* adds build folder to ignore list

* adds Cisco and NetApp opt dependencies

* adds build task

* fix end of line dequence

* remove task.json error

* adds sources for optional modules

* enables Pester and posh-git

* prepare pre-release
pull/2/head
Marco Blessing 5 years ago committed by GitHub
parent 5ebba20cea
commit 64af16cc08
  1. 3
      .gitignore
  2. 40
      .vscode/cSpell.json
  3. 48
      .vscode/launch.json
  4. 50
      .vscode/settings.json
  5. 56
      .vscode/tasks.json
  6. 85
      README.md
  7. 56
      appveyor.yml
  8. 1
      bin/.gitkeep
  9. 0
      resources/.gitkeep
  10. 3
      resources/cs/Broken_CS.json
  11. 1
      resources/cs/Challenge.bin
  12. BIN
      resources/cs/CredentialStore.json
  13. 44
      src/ChallengeFile/Get-ChallengeFile.ps1
  14. 72
      src/ChallengeFile/Set-ChallengeFile.ps1
  15. 48
      src/ChallengeFile/Test-ChallengeFile.ps1
  16. 213
      src/Connection/Connect-To.ps1
  17. 147
      src/Connection/Disconnect-From.ps1
  18. 31
      src/Dependency.json
  19. 47
      src/Helper/Get-RandomKey.ps1
  20. 85
      src/Helper/Resolve-Dependency.ps1
  21. 104
      src/Helper/Test-Module.ps1
  22. 109
      src/Item/Get-CredentialStoreItem.ps1
  23. 135
      src/Item/New-CredentialStoreItem.ps1
  24. 94
      src/Item/Remove-CredentialStoreItem.ps1
  25. 114
      src/Item/Set-CredentialStoreItem.ps1
  26. 93
      src/Item/Test-CredentialStoreItem.ps1
  27. 140
      src/PSCredentialStore.psd1
  28. 10
      src/PSCredentialStore.psm1
  29. 69
      src/Store/Get-CredentialStore.ps1
  30. 111
      src/Store/New-CredentialStore.ps1
  31. 61
      src/Store/Test-CredentialStore.ps1
  32. 0
      tests/.gitkeep
  33. 65
      tests/Item/01_New-CredentialStoreItem.Tests.ps1
  34. 37
      tests/Store/00_Get-CredentialStore.Tests.ps1
  35. 114
      tests/Store/00_New-CredentialStore.Tests.ps1
  36. 40
      tests/Store/00_Test-CredentialStore.Tests.ps1
  37. 178
      tools/AppVeyor.psm1

3
.gitignore vendored

@ -0,0 +1,3 @@
# Don't local track test builds
bin/PSCredentialStore.zip
bin/PSCredentialStore/*

@ -0,0 +1,40 @@
// cSpell Settings
{
// Version of the setting file. Always 0.1
"version": "0.1",
// language - current active spelling language
"language": "en",
// words - list of words to be always considered correct
"words": [
"Cmdlet",
"Cmdlets",
"GUID",
"Hashtable",
"Httpclient",
"Multipart",
"NTFS",
"Params",
"Ponduit",
"Repo",
"Veyor",
"appveyor",
"callsign",
"choco",
"chocolatey",
"codecoverage",
"creds",
"formdata",
"googlemail",
"notlike",
"notmatch",
"powershellgallery",
"testresults",
"wildcards"
],
// flagWords - list of words to be always considered incorrect
// This is useful for offensive words and common spelling errors.
// For example "hte" should be "the"
"flagWords": [
"hte"
]
}

@ -0,0 +1,48 @@
{
// Use IntelliSense to learn about possible attributes.
// Hover to view descriptions of existing attributes.
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"type": "PowerShell",
"request": "launch",
"name": "PowerShell Launch Current File",
"script": "${file}",
"args": [],
"cwd": "${file}"
},
{
"type": "PowerShell",
"request": "launch",
"name": "PowerShell Launch Current File in Temporary Console",
"script": "${file}",
"args": [],
"cwd": "${file}",
"createTemporaryIntegratedConsole": true
},
{
"type": "PowerShell",
"request": "launch",
"name": "PowerShell Launch Current File w/Args Prompt",
"script": "${file}",
"args": [
"${command:SpecifyScriptArgs}"
],
"cwd": "${file}"
},
{
"type": "PowerShell",
"request": "attach",
"name": "PowerShell Attach to Host Process",
"processId": "${command:PickPSHostProcess}",
"runspaceId": 1
},
{
"type": "PowerShell",
"request": "launch",
"name": "PowerShell Interactive Session",
"cwd": "${workspaceRoot}"
}
]
}

@ -0,0 +1,50 @@
// Place your settings in this file to overwrite default and user settings.
{
// Set basic file related options:
"files.encoding": "utf8",
"files.eol": "\r\n",
"files.trimTrailingWhitespace": true,
"files.insertFinalNewline": true,
// Formation and editor options
"editor.renderWhitespace": "boundary",
"editor.formatOnSave": true,
"editor.formatOnType": true,
"editor.rulers": [
116
],
// powershell general
"powershell.startAutomatically": true,
"powershell.useX86Host": false,
"powershell.enableProfileLoading": true,
"powershell.scriptAnalysis.enable": true,
// powershell code Formatting
"powershell.codeFormatting.openBraceOnSameLine": true,
"powershell.codeFormatting.newLineAfterOpenBrace": true,
"powershell.codeFormatting.newLineAfterCloseBrace": true,
"powershell.codeFormatting.whitespaceBeforeOpenBrace": true,
"powershell.codeFormatting.whitespaceBeforeOpenParen": true,
"powershell.codeFormatting.whitespaceAroundOperator": true,
"powershell.codeFormatting.whitespaceAfterSeparator": true,
"powershell.codeFormatting.ignoreOneLineBlock": true,
"powershell.codeFormatting.alignPropertyValuePairs": false,
// cspell spellchecker options
"cSpell.enabledLanguageIds": [
"c",
"cpp",
"csharp",
"go",
"javascript",
"javascriptreact",
"json",
"latex",
"markdown",
"php",
"plaintext",
"powershell",
"python",
"text",
"typescript",
"typescriptreact",
"yml"
]
}

56
.vscode/tasks.json vendored

@ -0,0 +1,56 @@
{
// See https://go.microsoft.com/fwlink/?LinkId=733558
// for the documentation about the tasks.json format
"version": "2.0.0",
// Start PowerShell
"windows": {
"command": "${env:windir}/System32/WindowsPowerShell/v1.0/powershell.exe",
"args": [
"-NoProfile",
"-ExecutionPolicy",
"Bypass"
]
},
"linux": {
"command": "/usr/bin/powershell",
"args": [
"-NoProfile"
]
},
"osx": {
"command": "/usr/local/bin/powershell",
"args": [
"-NoProfile"
]
},
"tasks": [
{
"taskName": "Test",
"suppressTaskName": true,
"args": [
"Write-Host 'Invoking Pester...'; $ProgressPreference = 'SilentlyContinue'; Invoke-Pester -Script '.\\tests\\*' -EnableExit $flase -PesterOption @{IncludeVSCodeMarker=$true};",
"Invoke-Command { Write-Host 'Completed Test task in task runner.' }"
],
"problemMatcher": "$pester",
"group": {
"kind": "test",
"isDefault": true
}
},
{
"taskName": "DebugBuild",
"suppressTaskName": true,
"args": [
"Write-Host 'Invoking Build...';",
"Write-Host -Object 'Test previous builds.' -ForegroundColor Blue;",
"If (Test-Path -Path '.\\bin\\PSCredentialStore.zip') { Remove-Item -Path '.\\bin\\PSCredentialStore.zip' -Verbose};",
"Copy-Item -Path '.\\src\\' -Destination '.\\bin\\PSCredentialStore' -Recurse -Verbose -Force;",
"Compress-Archive -Path '.\\src\\*' -DestinationPath '.\\bin\\PSCredentialStore.zip' -Update -Verbose;"
],
"group": {
"kind": "build",
"isDefault": true
}
}
]
}

@ -1 +1,84 @@
# PSCredentialStore
| AppVeyor Overall | AppVeyor Master | AppVeyor Dev | Coveralls.io | Download |
| :--------------: | :-------------: | :----------: | :-----------: | :--------:|
| [![Build status](https://ci.appveyor.com/api/projects/status/b4t8x88xai3ee7gk?svg=true)](https://ci.appveyor.com/project/OCram85/PSCredentialStore) | [![Build status](https://ci.appveyor.com/api/projects/status/b4t8x88xai3ee7gk/branch/master?svg=true)](https://ci.appveyor.com/project/OCram85/PSCredentialStore/branch/master) | [![Build status](https://ci.appveyor.com/api/projects/status/b4t8x88xai3ee7gk/branch/dev?svg=true)](https://ci.appveyor.com/project/OCram85/PSCredentialStore/branch/dev) | [![Coverage Status](https://coveralls.io/repos/github/OCram85/PSCredentialStore/badge.svg?branch=master)](https://coveralls.io/github/OCram85/PSCredentialStore?branch=master) | [![Download](https://img.shields.io/badge/powershellgallery-PSCredentialStore-blue.svg)](https://www.powershellgallery.com/packages/PSCredentialStore)
General
=======
The PSCredentialStore is an simple credential manager for PSCredentials. It stores multiple credential objects in a
simple json file. You can choose between a private and shared store. The private one exists in your profile and can
ony accessed by your account on the same machine. The shared store enables you to use different credentials for your
script without exposing them as plain text.
**The shared store isn't 100% secure and I don't recommend using it in production!**
PSCredentialStore was developed to simplify the delegation of complex powershell scripts. In this case you often
need to store credentials for non interactive usage like in scheduled tasks.
To get started read the [about_PSCredentialStore](/src/en-US/about_PSCredential.help.txt) page.
Installation
============
PowerShellGallery.com (Recommended Way)
---------------------------------------
* Make sure you use PowerShell 4.0 or higher with `$PSVersionTable`.
* Use the builtin PackageManagement and install with: `Install-Module PSCredentialStore`
* Done. Start exploring the Module with `Import-Module PSCredentialStore ; Get-Command -Module PSCredentialStore`
Manual Way
----------
* Take a look at the [Latest Release](https://github.com/OCram85/PSCredentialStore/releases/latest) page.
* Download the `PSCredentialStore.zip`.
* Unpack the Zip and put it in your Powershell Module path.
* Don't forget to change the NTFS permission flag in the context menu.
* Start with `Import-Module PSCredentialStore`
Quick Start
-----------
**1.** First we need a blank CredentialStore. You can decide between a *private* or *shared* store. The private
Credential Store can only be accessed with your profile on the machine you created it.
```powershell
# Private Credential Store
New-CredentialStore
# Shared Credential Store
New-CredentialStore -Shared
#Shared CredentialStore in custom Location
New-CredentialStore -Shared -Path 'C:\CredentialStore.json'
```
**2.** Now you can manage your CredentialStoreItems:
```powershell
# This will prompt for credentials and stores it in a private store
New-CredentialStoreItem -RemoteHost 'dc01.myside.local' -Identifier 'AD'
# You can now use it in other scripts like this:
$DCCreds = Get-CredentialStoreItem -RemoteHost 'dc01.myside.local' -Identifier 'AD'
Invoke-Command -ComputerName 'dc01.myside.local' -Credential $DCCreds -ScripBlock {Get-Process}
```
The CredentialStore contains also a simple function to establish a connection with several systems or protocols.
If you have already installed the underlying framework your can connect to:
* **CiscoUcs** - Establish a connection to a Cisco UCS fabric interconnect.
* Required Modules: [`Cisco.UCS.Core`, `Cisco.UCSManager`](https://software.cisco.com/download/release.html?i=!y&mdfid=286305108&softwareid=284574017&release=2.1.1)
* **FTP** - Establish a connection to a FTP host.
* Required Modules: [`WinSCP`](https://www.powershellgallery.com/packages/WinSCP)
* **NetAppFAS** - Establish a connection to a NetApp Clustered ONTAP filer.
* Required Modules: [`DataONTAP`](http://mysupport.netapp.com/tools/info/ECMLP2310788I.html?productID=61926)
* **VMware** - Establish a connection to a VMware vCenter or ESXi host.
* Required Modules: [`VMware.VimAutomation.Core`](https://www.powershellgallery.com/packages/VMware.PowerCLI)
Here are some basic examples:
```powershell
Connect-To -RemoteHost "ucs.myside.local" -Type CiscoUcs
Connect-To -RemoteHost "ftp.myside.local" -Type FTP
Connect-To -RemoteHost "fas.myside.local" -Type NetAppFAS
Connect-To -RemoteHost "esx01.myside.local" -Type VMware
```

@ -0,0 +1,56 @@
version: 0.1.{build}
branches:
only:
- master
- dev
- debug
skip_tags: true
#image: WMF 5
# Test ne build image:
image: Visual Studio 2017
# Install pester module and init the Appveyor support.
install:
- ps: Install-PackageProvider -Name NuGet -MinimumVersion '2.8.5.201' -Force -Verbose
- ps: Import-PackageProvider NuGet -MinimumVersion '2.8.5.201' -Force
- ps: Install-Module -Name 'Pester' -Scope CurrentUser -Force -SkipPublisherCheck -AllowClobber
- ps: Update-Module 'Pester'
- ps: Install-Module -Name 'posh-git' -Scope CurrentUser -Force -SkipPublisherCheck -AllowClobber
- ps: Update-Module 'posh-git'
- ps: Install-Module -Name 'PSCoverage' -Scope CurrentUser -Force -SkipPublisherCheck -AllowClobber
- ps: Import-Module 'PSCoverage'
- ps: Import-Module .\tools\AppVeyor.psm1
environment:
NuGetToken:
secure: 835qfZIkC9mE7QhkYfOZVAdR8rZhPvxG8BO4CbeaelRQOhlqmaSr8G1DWRJzZ/bS
CoverallsToken:
secure: eTjWqHL48MBr8wp1rSgLrXHdtpfDV/uClacP3svlWJfCvn/zVokpuaMnWM5RoyIY
build: false
before_build:
- ps: Invoke-AppVeyorBumpVersion
build_script:
- ps: Invoke-AppVeyorBuild
test_script:
- ps: Invoke-AppVeyorTests
- ps: Invoke-CoverageReport
deploy:
- provider: GitHub
auth_token:
secure: M+bBX5/nKdJB0eViP7xtrLVTwf3vGDUA9N2MMprZp2i+9ZR3CBVcJnSzJWUmalhB
artifact: PSCredentialStore.zip # upload all NuGet packages to release assets
draft: true
prerelease: true
on:
branch: master # release from master branch only
after_deploy:
- ps: Invoke-AppVeyorPSGallery

@ -0,0 +1 @@
This is a placeholder file. The build Server will create all bin files here.

@ -0,0 +1,3 @@
{
"Version": "1.2.0",
"Creation": "2016-06-14 08:41:10"

@ -0,0 +1 @@
!マ<EFBFBD><EFBFBD>H4サ<EFBFBD><EFBFBD>"=w肛Sヨ2

Binary file not shown.

@ -0,0 +1,44 @@
function Get-ChallengeFile {
<#
.SYNOPSIS
Reads the challenge file as binary content.
.DESCRIPTION
Use this function to tread a challenge file. Returns a [Byte[]] Array.
.PARAMETER Path
Specify a file to read.
.INPUTS
[None]
.OUTPUTS
[Byte[]]
.EXAMPLE
.\Get-RandomKey -Path "C:\TMP\Challenge.bin"
.NOTES
File Name : Get-ChallengeFile.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[CmdletBinding()]
param(
[Parameter(Mandatory = $false)]
[string]$Path = "{0}\PSCredentialStore\Challenge.bin" -f $env:ProgramData
)
if (Test-Path $Path) {
try {
[io.file]::ReadAllBytes($Path)
}
catch {
Write-Error ("Could not read file {0}." -f $Path) -ErrorAction Stop
}
}
}

@ -0,0 +1,72 @@
Function Set-ChallengeFile() {
<#
.SYNOPSIS
Writes the given key into the challenge file
.DESCRIPTION
You can use the file content for ConvertTo-SecureString operations.
.PARAMETER Path
The file you wish to create.
.PARAMETER KeySize
Specify the key size for the encryption key.
.PARAMETER Force
Use this switch to override an older file version.
.INPUTS
[None]
.OUTPUTS
[None]
.EXAMPLE
.\Set-ChallengeFile -Path "C:\TMP\myfile.json" -Force
.NOTES
File Name : Set-ChallengeFile.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[CmdletBinding()]
param(
[Parameter(Mandatory = $false)]
[string]$Path = "{0}\PSCredentialStore\Challenge.bin" -f $env:ProgramData,
[Parameter(Mandatory = $false)]
[ValidateSet(16, 24, 32)]
[string]$KeySize = "24",
[switch]$Force
)
if ((Test-Path -Path $Path)) {
if ($Force -eq $true) {
Remove-Item -Path $Path -Confirm:$false -Force
}
else {
Write-Error "The given file already exists!. Use the -Force switch to override it." -ErrorAction Stop
}
}
$PSCredentialStoreDataDir = Split-Path -Path $Path -Parent
if (-not (Test-Path $PSCredentialStoreDataDir)) {
try {
New-Item -ItemType Directory -Path $PSCredentialStoreDataDir
}
catch {
Write-Error ("Could not create the parent data dir {0}" -f $PSCredentialDataDir) -ErrorAction Stop
}
}
try {
$Keys = Get-RandomKey -Size $KeySize
[io.file]::WriteAllBytes($Path, $Keys)
}
catch {
$_.Exception | Format-List -Force | Out-String | Write-Error -ErrorAction Stop
}
}

@ -0,0 +1,48 @@
function Test-ChallengeFile {
<#
.SYNOPSIS
Simple path check for challenge file needed by the CredentialStores.
.DESCRIPTION
This is supposed to be a internal function to check the existence for a challenge file.
.PARAMETER Path
Specify the path to the challenge file.
.INPUTS
[None]
.OUTPUTS
[Bool].
.EXAMPLE
If (Test-ChallengeFile) {
Write-Host "The file exists."
}
Else {
Write-Warning "Couldn't find the given file!"
}
.NOTES
File Name : Test-ChallengeFile.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[CmdletBinding()]
param(
[Parameter(Mandatory = $false)]
[ValidateNotNullOrEmpty()]
[String]$Path = "{0}\PSCredentialStore\Challenge.bin" -f $env:ProgramData
)
if (Test-Path $Path) {
$true
}
else {
$false
}
}

@ -0,0 +1,213 @@
function Connect-To {
<#
.SYNOPSIS
Connects to the given host using the stored CredentialStoreItem.
.DESCRIPTION
Establish a connection to the selected host using a stored CredentialStoreItem.
.PARAMETER RemoteHost
Specify the host, for which you would like to change the credentials.
.PARAMETER Identifier
Defaults to "". Specify a string, which separates two CredentialStoreItems for the
same hostname.
.PARAMETER Type
Specify the host type of the target. Currently implemented targets are:
- CiscoUcs Establish a connection to a Cisco UCS fabric interconnect.
- FTP Establish a connection to a FTP host.
- NetAppFAS Establish a connection to a NetApp Clustered ONTAP filer.
- VMware Establish a connection to a VMware vCenter or ESXi host.
.PARAMETER Credentials
Use this parameter to bypass the stored credentials. Without this parameter Connect-To tries to read the
needed credentials from the CredentialStore. If you provide this parameter you skip this lookup behavior.
So you can use it to enable credentials without preparing any user interaction.
.PARAMETER Path
Define a custom path to a shared CredentialStore.
.PARAMETER Shared
Switch to shared mode with this param. This enforces the command to work with a shared CredentialStore which
can be decrypted across systems.
.INPUTS
[None]
.OUTPUTS
[None]
.EXAMPLE
Connect-To -RemoteHost "ucs.myside.local" -Type CiscoUcs
Connect-To -RemoteHost "ftp.myside.local" -Type FTP
Connect-To -RemoteHost "fas.myside.local" -Type NetAppFAS
Connect-To -RemoteHost "esx01.myside.local" -Type VMware
.EXAMPLE
$MyCreds = Get-Credential
Connect-To -RemoteHost "vcr01.myside.local" -Type VMware -Credentials $MyCreds
Get-VM -Name "*vlm*" | Select-Object -Property Name
Disconnect-From -RemoteHost "vcr01.myside.local" -Type VMware
.NOTES
File Name : Connect-To.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires : PSFTP, PowerCLI
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[CmdletBinding(DefaultParameterSetName = "Private")]
param(
[Parameter(Mandatory = $true, ParameterSetName = "Shared")]
[Parameter(Mandatory = $true, ParameterSetName = "Private")]
[String]$RemoteHost,
[Parameter(Mandatory = $false, ParameterSetName = "Shared")]
[Parameter(Mandatory = $false, ParameterSetName = "Private")]
[String]$Identifier,
[Parameter(Mandatory = $true, ParameterSetName = "Shared")]
[Parameter(Mandatory = $true, ParameterSetName = "Private")]
[ValidateSet("CiscoUcs", "FTP", "NetAppFAS", "VMware")]
[String]$Type,
[Parameter(Mandatory = $False, ParameterSetName = "Shared")]
[Parameter(Mandatory = $False, ParameterSetName = "Private")]
[PSCredential]$Credentials,
[Parameter(Mandatory = $False, ParameterSetName = "Shared")]
[ValidateNotNullOrEmpty()]
[String]$Path = "{0}\PSCredentialStore\CredentialStore.json" -f $env:ProgramData,
[Parameter(Mandatory = $false, ParameterSetNAme = "Shared")]
[Switch]$Shared
)
begin {
# First check the optional modules
if (-not (Resolve-Dependency -Name $Type)) {
Write-Error -Message ("Could not resolve the optional dependencies defined for {0}" -f $Type) -ErrorAction 'Stop'
}
switch ($Type) {
"VMware" {
# Disable the yellow certificate warning, since we haven't replaced the SSL certs for vCenter/ESXi
$null = Set-PowerCLIConfiguration -Scope Session -InvalidCertificateAction Ignore -Confirm:$false
# Disable connecting through proxy, since vCenter isn't somewhere we need a proxy for.
$null = Set-PowerCLIConfiguration -Scope Session -ProxyPolicy NoProxy -Confirm:$false
}
}
}
process {
# Set the correct CredentialStore Path depending on the used ParameterSetName
if ($PSCmdlet.ParameterSetName -eq "Private") {
$Path = "{0}\CredentialStore.json" -f $env:APPDATA
}
if (-not ($Credentials)) {
# Load the credential from the CredentialStore. If the credential doesn't exist, we need to
# return 1, so a calling if statement can handle the failure detection.
# Check if $Identifier has been defined, in which case we need to use different name for
# the lookup of the CredentialStoreItem.
try {
if ($Identifier -ne "") {
$RemoteHostIdentifier = "{0}/{1}" -f $Identifier, $RemoteHost
$creds = Get-CredentialStoreItem -RemoteHost $RemoteHostIdentifier -Path $Path
}
else {
$creds = Get-CredentialStoreItem -RemoteHost $RemoteHost -Path $Path
}
}
catch {
Write-Message2 ("Unable to look up credential store item for RemoteHost {0}/Identifier {1}!" -f $RemoteHost, $Identifier) -ErrorAction Stop
}
}
else {
$creds = $Credentials
}
if ($creds.UserName -eq "" -or $creds.Password.GetType().Name -ne "SecureString") {
# Write a error message to the log.
Write-Message2 ("Please provide valid credentials for RemoteHost {0}!" -f $RemoteHost) -ErrorAction Stop
}
else {
switch ($Type) {
"CiscoUcs" {
try {
$handle = Connect-Ucs -Name $RemoteHost -Credential $creds -ErrorAction Stop
$ExecutionContext.SessionState.PSVariable.Set("DefaultUcs", $handle)
}
catch {
# Write a error message to the log.
Write-Message2 ("Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type) -ErrorAction Stop
}
}
"FTP" {
# First establish the FTP session
$WinSCPConParams = @{
Credential = $creds
Hostname = $RemoteHost
Protocol = 'Ftp'
FtpMode = 'Passive'
}
try {
$Global:WinSCPSession = New-WinSCPSession @WinSCPConParams
}
catch {
throw "Could not connect to {0} using {1} protocol!" -f $RemoteHost, $Type
}
# Check the Connection State
if (!($WinSCPSession.Opened)) {
# Check the connection state and find out if the session is still open.
$MessageParams = @{
Message = "Connection to {0} using Type {1} was established. But now it seems to be lost!" -f $RemoteHost, $Type
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
"NetAppFAS" {
try {
$null = Connect-NcController -Name $RemoteHost -Credential $creds -ErrorAction Stop -HTTPS
}
catch {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
"VMware" {
try {
Connect-VIServer -Server $RemoteHost -Credential $creds -ErrorAction Stop | Out-Null
}
catch {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
default {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
}
}
}

@ -0,0 +1,147 @@
function Disconnect-From {
<#
.SYNOPSIS
Terminates a session established with Connect-To using a CredentialStoreItem.
.DESCRIPTION
Terminates a session established with Connect-To using a CredentialStoreItem.
.PARAMETER RemoteHost
Specify the remote endpoint, whose session you would like to terminate.
.PARAMETER Identifier
Defaults to "". Specify a string, which separates two CredentialStoreItems for the
same hostname.
.PARAMETER Type
Specify the host type of the target. Currently implemented targets are:
- CiscoUcs Establish a connection to a Cisco UCS Fabric Interconnect.
- FTP Establish a connection to a FTP host.
- NetAppFAS Establish a connection to a NetApp Clustered ONTAP filer.
- VMware Establish a connection to a VMware vCenter or ESXi host.
.PARAMETER Force
Force the disconnect, even if the disconnect would fail.
.INPUTS
[None]
.OUTPUTS
[None]
.EXAMPLE
Disconnect-From -RemoteHost "ucs.myside.local" -Type CiscoUcs
.EXAMPLE
Disconnect-From -RemoteHost "ftp.myside.local" -Type FTP
.EXAMPLE
Disconnect-From -RemoteHost "fas.myside.local" -Type NetAppFAS
.EXAMPLE
Disconnect-From -RemoteHost "esx01.myside.local" -Type VMware
.EXAMPLE
Disconnect-From -RemoteHost "esx01.myside.local" -Type VMware -Force:$True
.NOTES
File Name : Disconnect-To.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
[string]$RemoteHost,
[Parameter(Mandatory = $true)]
[ValidateSet("CiscoUcs", "FTP", "NetAppFAS", "VMware")]
[string]$Type,
[Parameter(Mandatory = $false)]
[switch]$Force
)
switch ($Type) {
"VMware" {
try {
if ($Force) {
Disconnect-VIServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop -Force:$true
}
else {
Disconnect-VIServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop
}
}
catch {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
# Check for an existing WinSCP Session var
"FTP" {
if ($Global:WinSCPSession.Opened) {
Remove-WinSCPSession -WinSCPSession $Global:WinSCPSession
}
else {
$MessageParams = @{
Message = "There is no open WinSCP Session"
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
# DataONTAP doesn't have a CmdLet `Disconnect-NcController`.
# So we go ahead and clear the CurrentNcController variable.
"NetAppFAS" {
try {
$MessageParams = @{
Message = "Setting {0} to `$null, which will disconnect NetAppFAS" -f $Global:CurrentNcController
ErrorAction = "Continue"
}
Write-Verbose @MessageParams
$Global:CurrentNcController = $null
}
catch {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
"CiscoUcs" {
try {
Disconnect-Ucs -Ucs $RemoteHost
}
catch {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
default {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
}

@ -0,0 +1,31 @@
{
"Version": 0.1,
"Mandatory": {},
"Optional": [
{
"Name": "VMware",
"Modules": [
"VMware.VimAutomation.Core"
]
},
{
"Name": "CiscoUCS",
"Modules": [
"Cisco.UCS.Core",
"Cisco.UCSManager"
]
},
{
"Name": "FTP",
"Modules": [
"WinSCP"
]
},
{
"Name": "NetAppFAS",
"Modules": [
"DataONTAP"
]
}
]
}

@ -0,0 +1,47 @@
function Get-RandomKey {
<#
.SYNOPSIS
Returns a random key
.DESCRIPTION
You can use the key for further use with SecureStrings.
.PARAMETER Size
Define the key size. You can choose between 16, 24 and 32
.INPUTS
[None]
.OUTPUTS
Returns a Random key as [Byte[]] array.
.EXAMPLE
.\Get-RandomKey -Size 24
.NOTES
File Name : Get-RandomKey.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
[ValidateSet(16, 24, 32)]
[string]$size
)
# Init the vars
[Byte[]]$Key = @()
$i = 0
while ($i -ne $size) {
$element = Get-Random -Minimum 0 -Maximum 255
Write-Debug ("The current element is {0}." -f $element)
$Key += $element
$i++
}
$Key
}

@ -0,0 +1,85 @@
function Resolve-Dependency {
<#
.SYNOPSIS
Tests defined optional dependencies and returns the result as bool.
.DESCRIPTION
Use this function to test for optional modules. You can use it if you provide functions which needs special
modules but you don't want to make them required.
Place a file called Dependency.json in your module root dir. The default format is:
{
"Version": 0.1,
"Mandatory": {},
"Optional": [
{
"Name": "VMware",
"Modules": [
"VMware.VimAutomation.Core"
]
},
{
"Name": "CiscoUCS",
"Modules": []
}
]
}
.PARAMETER Name
Select the dependency item name you defined in the dependency.json.
.INPUTS
[None]
.OUTPUTS
[bool]
.EXAMPLE
If (-not (Resolve-Dependency -Name 'VMware')) {
Write-Error -Message ("Could not resolve the optional dependencies defined for {0}" -f 'VMware') -ErrorAction 'Stop'
}
.NOTES
File Name : ResolveDependency.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[OutputType([bool])]
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[string]$Name
)
begin {
$ModuleRootDir = $MyInvocation.MyCommand.Module.ModuleBase
$DepFilePath = Join-Path -Path $ModuleRootDir -ChildPath "Dependency.json"
if (Test-Path -Path $DepFilePath) {
$Dependency = Get-Content -Path $DepFilePath -Raw -Encoding UTF8 | ConvertFrom-Json
}
else {
Write-Warning ("Could not find the dependency file: {0}" -f $DepFilePath)
}
$res = @()
}
process {
$SelectedDependency = $Dependency.Optional | Where-Object {$_.Name -match $Name}
foreach ($Module in $SelectedDependency.Modules) {
$res += Test-Module -Name $Module
}
if ($res -contains $false) {
return $false
}
else {
return $true
}
}
end {
}
}

@ -0,0 +1,104 @@
function Test-Module {
<#
.SYNOPSIS
Tests if the given module exists on the local system.
.DESCRIPTION
Tests if the given module is installed on the local system. It returns a bool value as result.
.PARAMETER Name
Define a item name you need to test
.PARAMETER Type
Define the dependency type. This could be a Module or PSnapin.
.PARAMETER MessagePattern
You an optionally adjust the message pattern for the error message itself.
The available placeholders are:
- {0} : Type
- {1} : Name
.PARAMETER StopIfFails
This switch forces the entire script to stop if the given dependency object fails.
.INPUTS
[None]
.OUTPUTS
[Bool]
.EXAMPLE
.\Test-Dependency -Name 'VMware.PowerCLI' -Type 'Module'
.EXAMPLE
.\Test-Dependency -Name 'VMware.PowerCLI' -Type 'Module' -StopIfFails
.NOTES
File Name : Get-RandomKey.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[OutputType([bool])]
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Name,
[Parameter(Mandatory = $false)]
[ValidateSet('Module', 'PSSnapin', 'Custom')]
[string]$Type = 'Module',
[Parameter(Mandatory = $false)]
[ValidateNotNullOrEmpty()]
[string]$MessagePattern = @"
Could not find the required {0} called {1}. Please install the required {0} to run this function!
"@,
[Parameter(Mandatory = $false)]
[switch]$StopIfFails
)
begin {
}
process {
$Message = $MessagePattern -f $Type, $Name
Write-Debug $Message
switch ($Type) {
'Module' {
if (Get-Module -Name $Name -ListAvailable) {
return $true
}
else {
if ($StopIfFails) {
Write-Error -Message $Message -ErrorAction Stop -Category NotInstalled
}
return $false
}
}
'PSSnapin' {
if (Get-PSSnapin -Name $Name -Registered) {
return $true
}
else {
if ($StopIfFails) {
Write-Error -Message $Message -ErrorAction Stop -Category NotInstalled
return $false
}
}
}
'Custom' {
Throw 'Custom tests are not implemented yet!'
}
}
}
end {
}
}

@ -0,0 +1,109 @@
function Get-CredentialStoreItem {
<#
.SYNOPSIS
Returns the Credential from a given remote host item.
.DESCRIPTION
Return the credential as PSCredential object.
.PARAMETER RemoteHost
Specify the host, for which you would like to change the credentials.
.PARAMETER Identifier
Provide a custom identifier to the given remote host key. This enables you to store multiple credentials
for a single remote host entry. For example ad/sys1, ftp/sys1, mssql/sys1
.PARAMETER Path
Define a custom path to a shared CredentialStore.
.PARAMETER Shared
Switch to shared mode with this param. This enforces the command to work with a shared CredentialStore which
can be decrypted across systems.
.INPUTS
[None]
.OUTPUTS
[System.Management.Automation.PSCredential]
.EXAMPLE
$myCreds = Get-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local"
.NOTES
File Name : Get-CredentialStoreItem.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[CmdletBinding(DefaultParameterSetName = "Private")]
[OutputType([System.Management.Automation.PSCredential])]
param(
[Parameter(Mandatory = $false, ParameterSetName = "Shared")]
[string]$Path = "{0}\PSCredentialStore\CredentialStore.json" -f $env:ProgramData,
[Parameter(Mandatory = $true, ParameterSetName = "Shared")]
[Parameter(Mandatory = $true, ParameterSetName = "Private")]
[ValidateNotNullOrEmpty()]
[string]$RemoteHost,
[Parameter(Mandatory = $false, ParameterSetName = "Shared")]
[Parameter(Mandatory = $false, ParameterSetName = "Private")]
[ValidateNotNullOrEmpty()]
[string]$Identifier,
[Parameter(Mandatory = $false, ParameterSetName = "Shared")]
[switch]$Shared
)
# First set a constand path for private CredentialStore mode.
if ($PSCmdlet.ParameterSetName -eq "Private") {
$Path = "{0}\CredentialStore.json" -f $env:APPDATA
}
if ($Identifier -ne "") {
$CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost
}
else {
$CredentialName = $RemoteHost
}
if (Test-CredentialStore -Path $Path) {
$CS = Get-CredentialStore -Path $Path
$CSMembers = Get-Member -InputObject $CS
# Let`s first check if the given remote host exists as object property
if (($CSMembers.MemberType -eq "NoteProperty") -and ($CSMembers.Name -eq $CredentialName)) {
if ($CS.Type -eq "Private") {
$CSItem = [ordered]@{
User = $CS.$CredentialName.User
Password = ConvertTo-SecureString -String $CS.$CredentialName.Password
}
}
else {
$Key = Get-ChallengeFile
$CSItem = [ordered]@{
User = $CS.$CredentialName.User
Password = ConvertTo-SecureString -String $CS.$CredentialName.Password -Key $Key
}
}
New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $CSItem.User, $CSItem.Password
}
else {
$MsgParams = @{
ErrorAction = "Stop"
Message = "Could not find credentials for the given remote host: {0}" -f $RemoteHost
}
Write-Error @MsgParams
}
}
else {
$MsgParams = @{
ErrorAction = "Stop"
Message = "The given credential store ({0}) does not exist!" -f $Path
}
Write-Error @MsgParams
}
}

@ -0,0 +1,135 @@
function New-CredentialStoreItem {
<#
.SYNOPSIS
Adds a credential store item containing host, user and password to the given store.
.DESCRIPTION
The credentials are stored without any relations to it's further use. If you need to change an existing
item please use Set-CredentialStoreItem. You need to decide afterwards, whether to use the credential for
a VIConnection, NetApp FAS or UCS Fabric Interconnect.
.PARAMETER Path
Define the store in which you would like to add a new item.
.PARAMETER RemoteHost
The identifier or rather name for the given credentials.
.PARAMETER Identifier
Provide a custom identifier to the given remote host key. This enables you to store multiple credentials
for a single remote host entry. For example ad/sys1, ftp/sys1, mssql/sys1
.PARAMETER Credential
You can provide credentials optionally as pre existing pscredential object.
.INPUTS
[None]
.OUTPUTS
[None]
.EXAMPLE
New-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local"
.NOTES
File Name : New-CredentialStoreItem.ps1
Author : Marco Blessing - marco.blessing@googlemail.com
Requires :
.LINK
https://github.com/OCram85/PSCredentialStore
#>
[CmdletBinding(DefaultParameterSetName = "Private")]
param(
[Parameter(Mandatory = $false, ParameterSetName = "Shared")]
[string]$Path = "{0}\PSCredentialStore\CredentialStore.json" -f $env:ProgramData,
[Parameter(Mandatory = $true, ParameterSetName = "Shared")]
[Parameter(Mandatory = $true, ParameterSetName = "Private")]
[ValidateNotNullOrEmpty()]
[string]$RemoteHost,
[Parameter(Mandatory = $false, ParameterSetName = "Shared")]
[Parameter(Mandatory = $false, ParameterSetName = "Private")]
[ValidateNotNullOrEmpty()]
[string]$Identifier,
[Parameter(Mandatory = $false)]
[ValidateNotNullOrEmpty()]
[pscredential]$Credential,
[Parameter(Mandatory = $false, ParameterSetName = "Shared")]
[switch]$Shared
)
# First set a constand path for private CredentialStore mode.
if ($PSCmdlet.ParameterSetName -eq "Private") {
$Path = "{0}\CredentialStore.json" -f $env:APPDATA
}
# Lets do a quick test on the given CredentialStore.
if (-not(Test-CredentialStore -Path $Path)) {
$MessageParams = @{
Message = "Could not add anything into the given CredentailStore."
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
# Read the file content based on the given ParameterSetName
$CSContent = Get-CredentialStore -Path $Path
$CurrentDate = Get-Date -UFormat "%Y-%m-%d %H:%M:%S"
if ($Identifier -ne "") {
$CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost
}
else {
$CredentialName = $RemoteHost
}
if (-not($Credential)) {
$Credential = Get-Credential -Message $CredentialName
}
if ($Credential.UserName) {
if ($CSContent.Type -eq "Shared") {
$Key = Get-ChallengeFile
$encypted = ConvertFrom-SecureString -SecureString $Credential.Password -Key $Key
}
else {
$encypted = ConvertFrom-SecureString -SecureString $Credential.Password
}
if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) {
$MessageParams = @{
Message = "The given host already exists. Nothing to do here."
}
Write-Warning @MessageParams
}
else {
$CredentialHash = [ordered]@{
User = $Credential.UserName
Password = $encypted
Creation = $CurrentDate
}
Add-Member -InputObject $CSContent -Name $CredentialName -MemberType NoteProperty -Value $CredentialHash
try {
ConvertTo-Json -InputObject $CSContent | Out-File -FilePath $Path
}
catch [System.Exception] {
$MessageParams = @{
Message = "Couldn't add item into credential store!"
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}
}
else {
$MessageParams = @{
Message = "Please Provide at least a valid user!"
ErrorAction = "Stop"
}
Write-Error @MessageParams
}
}

@ -0,0 +1,94 @@
function Remove-CredentialStoreItem {
<#