Compare commits
12 Commits
v1.1.0-dev
...
master
Author | SHA1 | Date |
---|---|---|
OCram85 | f2b7910b15 | |
OCram85 | 0b5c9823e0 | |
pinguinfuss | 42fdb0a373 | |
pinguinfuss | 2bd250971b | |
OCram85 | ac6a9d8202 | |
OCram85 | 3d4f53ddc7 | |
OCram85 | 6fce8d6a8c | |
OCram85 | ddb85d907f | |
OCram85 | 5bdb383627 | |
OCram85 | a95ba31e40 | |
OCram85 | 1e7dd78c2b | |
OCram85 | b76668c1e7 |
|
@ -0,0 +1,32 @@
|
|||
# The full repository name
|
||||
repo: OCram85/PSCredentialStore
|
||||
|
||||
# Service type (gitea or github)
|
||||
service: gitea
|
||||
|
||||
# Base URL for Gitea instance if using gitea service type (optional)
|
||||
# Default: https://gitea.com
|
||||
base-url: https://gitea.ocram85.com
|
||||
|
||||
# Changelog groups and which labeled PRs to add to each group
|
||||
groups:
|
||||
- name: ✨ FEATURES
|
||||
labels:
|
||||
- feature
|
||||
- name: 📦 META
|
||||
labels:
|
||||
- meta
|
||||
- name: 🐛 BUGFIXES
|
||||
labels:
|
||||
- bug
|
||||
- name: 🛠️ ENHANCEMENTS
|
||||
labels:
|
||||
- enhancement
|
||||
- name: 📚 DOCS
|
||||
labels:
|
||||
- docs
|
||||
- name: 🔖 MISC
|
||||
default: true
|
||||
|
||||
# regex indicating which labels to skip for the changelog
|
||||
skip-labels: skip-changelog|backport\/.+
|
|
@ -120,7 +120,7 @@ steps:
|
|||
Install-Module -Name 'DroneHelper' -Repository 'PSGallery' -ErrorAction 'Stop' -AllowPrerelease -Force;
|
||||
Import-Module -Name 'DroneHelper' -ErrorAction 'Stop';
|
||||
Install-ModuleDependency;
|
||||
New-BuildPackage -Verbose
|
||||
New-BuildPackage -Verbose -AdditionalPath @('./src/Vendor', './src/openssl.conf')
|
||||
}"
|
||||
|
||||
- name: GiteaRelease
|
||||
|
|
|
@ -21,4 +21,5 @@
|
|||
|
||||
# Vendor resources config
|
||||
src/Vendor/libressl255/* filter=lfs diff=lfs merge=lfs -text
|
||||
src/Vendor/libressl/* filter=lfs diff=lfs merge=lfs -text
|
||||
*.pfx filter=lfs diff=lfs merge=lfs -text
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
# Changelog
|
||||
|
||||
<!-- insertMark -->
|
||||
## [v1.1.1](https://gitea.ocram85.com/OCram85/PSCredentialStore/releases/tag/v1.1.1) - 2022-10-10
|
||||
|
||||
* 📦 META
|
||||
* Adds changelog config for gitea changelog cli tool (#77)
|
||||
* 🐛 BUGFIXES
|
||||
* Fix Set-CredentialStoreItem (#76)
|
||||
* Fix optional module dependencies (#75)
|
||||
|
||||
### Contributors
|
||||
|
||||
|
||||
* [@OCram85](https://gitea.ocram85.com/OCram85)
|
||||
* [@pinguinfuss](https://gitea.ocram85.com/pinguinfuss)
|
||||
|
||||
## `v1.1.0`
|
||||
|
||||
- (3d4f53d) adds pinguinfuss contributed fix (#73)
|
||||
- (6fce8d6) Updates libressl files (#71)
|
||||
- (ddb85d9) addChangelog (#70)
|
||||
- (5bdb383) updates Readme (#69)
|
||||
- (a95ba31) remove optional depenency helper (#68)
|
||||
- (1e7dd78) adds CiscoUCSCentral connection type (#67)
|
||||
- (b76668c) fix Test-CredentialStoreItem return (#66)
|
||||
- (ae62ccc) switch to GNU AGPLv3 license (#64)
|
||||
- (a66e824) adds community contribution for CiscoUCS connection fix (#63)
|
||||
- (3d90d91) fix lint (PSScriptAnalyzer) issues (#62)
|
||||
- (d0b7e53) adds DroneHelper (#61)
|
||||
- (d4b00a5) Migrates to Pester5+ tests (#59)
|
||||
- (e340466) update references (#60)
|
||||
- (88743e9) fix pester verbosity config (#58)
|
||||
- (c31ee79) Update issue templates (#57)
|
||||
- (c45490a) Update issue templates (#56)
|
||||
- (4abfec5) adds PR template (#55)
|
||||
- (7708df9) Update pwsh style to latest community standards (#52)
|
||||
|
||||
## `v1.0.542`
|
||||
|
||||
- 🧙 pre migrated Gitea version
|
61
README.md
61
README.md
|
@ -5,7 +5,10 @@
|
|||
|
||||
<p align="center">
|
||||
<a href="https://gitea.ocram85.com/OCram85/PSCredentialStore/">
|
||||
<img src="https://gitea.ocram85.com/OCram85/PSCredentialStore/raw/branch/master/assets/social-logo.png" alt="PSCredentialStore" />
|
||||
<img
|
||||
src="https://gitea.ocram85.com/OCram85/PSCredentialStore/raw/branch/master/assets/social-logo.png"
|
||||
alt="PSCredentialStore"
|
||||
>
|
||||
</a>
|
||||
</p>
|
||||
|
||||
|
@ -19,7 +22,10 @@
|
|||
|
||||
<p align="center">
|
||||
<a href="https://drone.ocram85.com/OCram85/PSCredentialStore">
|
||||
<img src="https://drone.ocram85.com/api/badges/OCram85/PSCredentialStore/status.svg" alt="Master Branch Build Status">
|
||||
<img
|
||||
src="https://drone.ocram85.com/api/badges/OCram85/PSCredentialStore/status.svg"
|
||||
alt="Master Branch Build Status"
|
||||
>
|
||||
</a>
|
||||
<!-- CodeCove disabled for self hosting git
|
||||
<a href="https://codecov.io/gh/OCram85/PSCredentialStore">
|
||||
|
@ -27,23 +33,30 @@
|
|||
</a>
|
||||
-->
|
||||
<a href="https://www.powershellgallery.com/packages/PSCredentialStore">
|
||||
<img src="https://img.shields.io/powershellgallery/v/PSCredentialStore.svg?style=plastic" alt="PowershellGallery Published Version">
|
||||
<img
|
||||
src="https://img.shields.io/powershellgallery/v/PSCredentialStore.svg?style=plastic"
|
||||
alt="PowershellGallery Published Version"
|
||||
>
|
||||
</a>
|
||||
<a href="https://www.powershellgallery.com/packages/PSCredentialStore">
|
||||
<img src="https://img.shields.io/powershellgallery/vpre/PSCredentialStore.svg?label=latest%20preview&style=plastic" />
|
||||
<img
|
||||
src="https://img.shields.io/powershellgallery/vpre/PSCredentialStore.svg?label=latest%20preview&style=plastic"
|
||||
>
|
||||
</a>
|
||||
<a href="https://www.powershellgallery.com/packages/PSCredentialStore">
|
||||
<img src="https://img.shields.io/powershellgallery/dt/PSCredentialStore.svg?style=plastic" />
|
||||
<img
|
||||
src="https://img.shields.io/powershellgallery/dt/PSCredentialStore.svg?style=plastic"
|
||||
>
|
||||
</a>
|
||||
</p>
|
||||
|
||||
|
||||
## :key: General
|
||||
|
||||
The PSCredentialStore is a simple credential manager for `PSCredential` objects. It stores PSCredentials in a simple json
|
||||
file. You can choose between a private and shared credential store. The private one exists in your profile and can
|
||||
ony accessed by your account on the same machine. The shared store enables you to use different credentials for your
|
||||
scripts without exposing them as plain text.
|
||||
The PSCredentialStore is a simple credential manager for `PSCredential` objects. It stores PSCredentials in a simple
|
||||
json file. You can choose between a private and shared credential store. The private one exists in your profile and
|
||||
can ony accessed by your account on the same machine. The shared store enables you to use different credentials for
|
||||
your scripts without exposing them as plain text.
|
||||
|
||||
PSCredentialStore was developed to simplify the delegation of complex powershell scripts. In this case you often
|
||||
need to store credentials for non interactive usage like in scheduled tasks.
|
||||
|
@ -51,10 +64,10 @@ need to store credentials for non interactive usage like in scheduled tasks.
|
|||
Starting with version `1.0.0` PSCredential uses Pfx certificates fo encryption. You can use Pfx certificate files
|
||||
or certificates stored in the certificate store.
|
||||
|
||||
For more details read the [about_PSCredentialStore](/docs/about_PSCredentialStore.md) page on gitea or via CLI with
|
||||
For more details read the [about_PSCredentialStore](docs/about_PSCredentialStore.md) page on Gitea or via CLI with
|
||||
`Get-Help about_PSCredentialStore`.
|
||||
|
||||
You can find the [reference](/docs/PSCredentialStore.md) in the /docs/ path as well.
|
||||
You can find the full [reference](docs/Readme.md) in the */docs/* path as well.
|
||||
|
||||
## :vulcan_salute: Requirements
|
||||
|
||||
|
@ -63,24 +76,26 @@ You can find the [reference](/docs/PSCredentialStore.md) in the /docs/ path as w
|
|||
|
||||
## :bomb: About Security
|
||||
|
||||
>This section explains some security topics and the the design decisions we made to balance the usage and security needs.
|
||||
> This section explains some security topics and the design decisions we made to balance the usage and security needs.
|
||||
|
||||
To be able to delegate `PSCredentials` objects we can't exclusively rely on the `SecureString` cmdlets. You can't
|
||||
decrypt and reuse such credentials from a different user account or even machine. This is caused by automatically
|
||||
generated encryption key which, is used create a `Secure String` based encrypted string.
|
||||
generated encryption key, which is used create a `Secure String` based encrypted string.
|
||||
|
||||
In order to delegate a password, while still using the underlying security framework, we have to provide a custom
|
||||
encryption key. This leads to the fact, that everyone who has access to the key could encrypt or decrypt your data.
|
||||
|
||||
So we decided to use the public and private keys from valid certificates as part of the custom encryption keys to encrypt your data.
|
||||
So we decided to use the public and private keys from valid certificates as part of the custom encryption keys to
|
||||
encrypt your data.
|
||||
|
||||
This means clearly: Everyone who has access to the `CredentialStore` needs also access to the certificate file to work with it.
|
||||
This means clearly: Everyone who has access to the `CredentialStore` needs also access to the certificate file to
|
||||
work with it.
|
||||
|
||||
Keep in mind you need to secure the access with your NTFS file permissions to avoid unwanted usage. Another option is
|
||||
to import the certificate into your certification vaults of you operating system. In this case you can grand the
|
||||
Keep in mind you need to secure the access with your NTFS file permissions to avoid unwanted usage. Another option
|
||||
is to import the certificate into your certification vaults of you operating system. In this case you can grand the
|
||||
permission to the certificates itself.
|
||||
|
||||
Here is s brief hierarchy description of the certificate location: *(First match wins)*
|
||||
Here is a brief hierarchy description for the certificate lookup order: *(First match wins)*
|
||||
|
||||
| CredentialStore Type | Certificate Location |
|
||||
| -------------------- | ---------------------- |
|
||||
|
@ -95,7 +110,7 @@ Here is s brief hierarchy description of the certificate location: *(First match
|
|||
### :artificial_satellite: PowerShellGallery.com (Recommended Way)
|
||||
|
||||
* Make sure you use PowerShell 5.1 or higher with `$PSVersionTable`.
|
||||
* Use the builtin PackageManagement and install with: `Import-Module PowerShellGet; Install-Module 'PSCredentialStore' -Repository 'PSGallery'`
|
||||
* Use the builtin PackageManagement + PowerShellGet module and install PSCredentialStore with: `Import-Module PowerShellGet; Install-Module 'PSCredentialStore' -Repository 'PSGallery'`
|
||||
* Additionally use the `-AllowPrerelease` switch until we publish the final release!
|
||||
* Done. Start exploring the Module with `Import-Module PSCredentialStore; Get-Command -Module PSCredentialStore`
|
||||
|
||||
|
@ -109,8 +124,9 @@ Here is s brief hierarchy description of the certificate location: *(First match
|
|||
|
||||
### :sparkles: Quick Start
|
||||
|
||||
**1.** First we need a blank credential store. You can decide between a *private* or *shared* store. The private
|
||||
Credential Store can only be accessed with your profile on the machine you created it.
|
||||
**1.** First we need a blank credential store. You can decide between a *private* or *shared* one.
|
||||
|
||||
> :bulb: Note: The private credential store can only be accessed with your profile on the machine you created it.
|
||||
|
||||
Starting with version `1.0.0` you can decide the storage type of your fresh created certificate. As default
|
||||
PSCredentialStore creates a new pfx certificate file beside the credential store itself. Optionally you can provide
|
||||
|
@ -131,6 +147,7 @@ New-CredentialStore -Shared -Path 'C:\CredentialStore.json'
|
|||
```
|
||||
|
||||
**2.** Now you can manage your credential store items:
|
||||
|
||||
```powershell
|
||||
# This will prompt for credentials and stores it in a private store
|
||||
New-CredentialStoreItem -RemoteHost 'dc01.myside.local' -Identifier 'AD'
|
||||
|
@ -141,7 +158,7 @@ Invoke-Command -ComputerName 'dc01.myside.local' -Credential $DCCreds -ScripBloc
|
|||
```
|
||||
|
||||
The credential store contains also a simple function to establish a connection with several systems or protocols.
|
||||
If you have already installed the underlying framework / modules, you can connect these endpoints:
|
||||
If you have already installed the underlying framework / modules, you can connect to these endpoint types:
|
||||
|
||||
* **CiscoUcs** - Establish a connection to a Cisco UCS fabric interconnect.
|
||||
* Required Modules: [`Cisco.UCS.Core`, `Cisco.UCSManager`](https://software.cisco.com/download/release.html?i=!y&mdfid=286305108&softwareid=284574017&release=2.1.1)
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
@ -35,31 +36,36 @@ Connect-To -RemoteHost "ucs.myside.local" -Type CiscoUcs
|
|||
|
||||
### EXAMPLE 2
|
||||
```
|
||||
Connect-To -RemoteHost "ftp.myside.local" -Type FTP
|
||||
Connect-To -RemoteHost "ucscentral.myside.local" -Type 'CiscoUcsCentral'
|
||||
```
|
||||
|
||||
### EXAMPLE 3
|
||||
```
|
||||
Connect-To -RemoteHost "fas.myside.local" -Type NetAppFAS
|
||||
Connect-To -RemoteHost "ftp.myside.local" -Type FTP
|
||||
```
|
||||
|
||||
### EXAMPLE 4
|
||||
```
|
||||
Connect-To -RemoteHost "esx01.myside.local" -Type VMware
|
||||
Connect-To -RemoteHost "fas.myside.local" -Type NetAppFAS
|
||||
```
|
||||
|
||||
### EXAMPLE 5
|
||||
```
|
||||
Connect-To -RemoteHost "vCenter.myside.local" -Type CisServer
|
||||
Connect-To -RemoteHost "esx01.myside.local" -Type VMware
|
||||
```
|
||||
|
||||
### EXAMPLE 6
|
||||
```
|
||||
Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTP
|
||||
Connect-To -RemoteHost "vCenter.myside.local" -Type CisServer
|
||||
```
|
||||
|
||||
### EXAMPLE 7
|
||||
```
|
||||
Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTP
|
||||
```
|
||||
|
||||
### EXAMPLE 8
|
||||
```
|
||||
Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTPS
|
||||
```
|
||||
|
||||
|
@ -166,7 +172,16 @@ Accept wildcard characters: False
|
|||
### -Type
|
||||
Specify the host type of the target.
|
||||
Currently implemented targets are: Possible connection values are:
|
||||
CiscoUcs, FTP, NetAppFAS, VMware, CisServer, ExchangeHTTP, ExchangeHTTPS, SCP.
|
||||
|
||||
- CiscoUcs
|
||||
- CiscoUcsCentral
|
||||
- CisServer
|
||||
- ExchangeHTTP
|
||||
- ExchangeHTTPS
|
||||
- FTP
|
||||
- NetAppFAS
|
||||
- SCP
|
||||
- VMware
|
||||
|
||||
```yaml
|
||||
Type: String
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
@ -94,8 +95,17 @@ Accept wildcard characters: False
|
|||
|
||||
### -Type
|
||||
Specify the host type of the target.
|
||||
Currently implemented targets are: CiscoUcs, FTP, NetAppFAS, VMware,
|
||||
CisServer, ExchangeHTTP, ExchangeHTTPS, SCP.
|
||||
Currently implemented targets are:
|
||||
|
||||
- CiscoUcs
|
||||
- CiscoUcsCentral
|
||||
- FTP
|
||||
- NetAppFAS
|
||||
- VMware
|
||||
- CisServer
|
||||
- ExchangeHTTP
|
||||
- ExchangeHTTPS
|
||||
- SCP
|
||||
|
||||
```yaml
|
||||
Type: String
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
@ -23,7 +24,15 @@ Defines the certificate related properties for an upcoming New-PfxCertificate ex
|
|||
|
||||
### EXAMPLE 1
|
||||
```
|
||||
New-CSCertAttribute -Country 'DE' -State 'BW' -City 'Karlsruhe' -Organization 'AwesomeIT' -OrganizationalUnitName '' -CommonName 'MyPrivateCert'
|
||||
$AttribParams = @{
|
||||
Country = 'DE'
|
||||
State = 'BW'
|
||||
City = 'Karlsruhe'
|
||||
Organization ='AwesomeIT'
|
||||
OrganizationalUnitName ='PSCredentialStore'
|
||||
CommonName ='MyPrivateCert'
|
||||
}
|
||||
New-CSCertAttribute @AttribParams
|
||||
```
|
||||
|
||||
## PARAMETERS
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
@ -123,8 +124,8 @@ Accept wildcard characters: False
|
|||
|
||||
### -SkipPFXCertCreation
|
||||
You can skip the pfx certificate creation process.
|
||||
This makes sense if you have a previously created cert or want to
|
||||
import a cert in cross-platform environments.
|
||||
This makes sense if you have a previously created cert
|
||||
or want to import a cert in cross-platform environments.
|
||||
|
||||
```yaml
|
||||
Type: SwitchParameter
|
||||
|
@ -139,10 +140,10 @@ Accept wildcard characters: False
|
|||
```
|
||||
|
||||
### -UseCertStore
|
||||
Instead of using a plain pfx file beside your CredentialStore file you can import it into the user or machine
|
||||
certificate store.
|
||||
In this case the system itself secures the cert and you don't hat to set custom NTFS
|
||||
permissions so secure your shared certificate.
|
||||
Instead of using a plain pfx file beside your CredentialStore file you can import it into the user or
|
||||
machine certificate store.
|
||||
In this case the system itself secures the cert and you don't hat to set custom
|
||||
NTFS permissions so secure your shared certificate.
|
||||
|
||||
```yaml
|
||||
Type: SwitchParameter
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
Module Name: PSCredentialStore
|
||||
Module Guid: 6800e192-9df8-4e30-b253-eb2c799bbe84 6800e192-9df8-4e30-b253-eb2c799bbe84
|
||||
Module Guid: 6800e192-9df8-4e30-b253-eb2c799bbe84
|
||||
Download Help Link: {{ Update Download Link }}
|
||||
Help Version: {{ Please enter version of help manually (X.X.X.X) format }}
|
||||
Locale: en-US
|
||||
|
@ -8,7 +8,7 @@ Locale: en-US
|
|||
|
||||
# PSCredentialStore Module
|
||||
## Description
|
||||
{{ Fill in the Description }}
|
||||
See global Readme file for usage instructions.
|
||||
|
||||
## PSCredentialStore Cmdlets
|
||||
### [Connect-To](Connect-To.md)
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
@ -27,6 +28,11 @@ Use this cmdlet for basic checks with a single item.
|
|||
Check the item first with this function before
|
||||
you try to interact with it.
|
||||
|
||||
Breaking Change for \`v1.1.0+\`:
|
||||
Test-CredentialStoreItem will return \`$false\` even if the store doesn't exist.
|
||||
We removed the terminating
|
||||
error and replaced it with a warning message.
|
||||
|
||||
## EXAMPLES
|
||||
|
||||
### EXAMPLE 1
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
external help file: PSCredentialStore-help.xml
|
||||
external help file: ModuleRoot-help.xml
|
||||
Module Name: PSCredentialStore
|
||||
online version:
|
||||
schema: 2.0.0
|
||||
---
|
||||
|
||||
|
|
|
@ -1,38 +0,0 @@
|
|||
{
|
||||
"Version": 0.1,
|
||||
"Mandatory": {},
|
||||
"Optional": [
|
||||
{
|
||||
"Name": "foobar2000",
|
||||
"Modules": [
|
||||
"foobar2000"
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "foo",
|
||||
"Modules": [
|
||||
"foo",
|
||||
"bar"
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "bar",
|
||||
"Modules": [
|
||||
"bar"
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "Existing",
|
||||
"Modules": [
|
||||
"PowerShellGet"
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "PSGetMixed",
|
||||
"Modules": [
|
||||
"PowerShellGet",
|
||||
"foobar2000"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
|
@ -66,7 +66,7 @@ function New-CSCertificate {
|
|||
($PSVersionTable.PSEdition -eq 'Desktop' -and $PSVersionTable.PSVersion.Major -lt 6) -or
|
||||
($IsWindows -eq $true)
|
||||
) {
|
||||
$openssl = Join-Path -Path $ModuleBase -ChildPath '/Vendor/libressl255/openssl.exe'
|
||||
$openssl = Join-Path -Path $ModuleBase -ChildPath '/Vendor/libressl/openssl.exe'
|
||||
}
|
||||
|
||||
$Env:OPENSSL_CONF = Join-Path $ModuleBase -ChildPath '/openssl.conf'
|
||||
|
|
|
@ -15,7 +15,16 @@ function Connect-To {
|
|||
|
||||
.PARAMETER Type
|
||||
Specify the host type of the target. Currently implemented targets are: Possible connection values are:
|
||||
CiscoUcs, FTP, NetAppFAS, VMware, CisServer, ExchangeHTTP, ExchangeHTTPS, SCP.
|
||||
|
||||
- CiscoUcs
|
||||
- CiscoUcsCentral
|
||||
- CisServer
|
||||
- ExchangeHTTP
|
||||
- ExchangeHTTPS
|
||||
- FTP
|
||||
- NetAppFAS
|
||||
- SCP
|
||||
- VMware
|
||||
|
||||
.PARAMETER Credentials
|
||||
Use this parameter to bypass the stored credentials. Without this parameter Connect-To tries to read the
|
||||
|
@ -41,6 +50,9 @@ function Connect-To {
|
|||
.EXAMPLE
|
||||
Connect-To -RemoteHost "ucs.myside.local" -Type CiscoUcs
|
||||
|
||||
.EXAMPLE
|
||||
Connect-To -RemoteHost "ucscentral.myside.local" -Type 'CiscoUcsCentral'
|
||||
|
||||
.EXAMPLE
|
||||
Connect-To -RemoteHost "ftp.myside.local" -Type FTP
|
||||
|
||||
|
@ -79,6 +91,7 @@ function Connect-To {
|
|||
[Parameter(Mandatory = $true, ParameterSetName = 'Private')]
|
||||
[ValidateSet(
|
||||
'CiscoUcs',
|
||||
'CiscoUcsCentral',
|
||||
'FTP',
|
||||
'NetAppFAS',
|
||||
'VMware',
|
||||
|
@ -117,12 +130,6 @@ function Connect-To {
|
|||
}
|
||||
}
|
||||
|
||||
# First check the optional modules
|
||||
if (-not (Resolve-Dependency -Name $Type)) {
|
||||
Write-Error -Message (
|
||||
"Could not resolve the optional dependencies defined for {0}" -f $Type
|
||||
) -ErrorAction 'Stop'
|
||||
}
|
||||
switch ($Type) {
|
||||
"VMware" {
|
||||
# Disable the yellow certificate warning, since we haven't replaced the SSL certs for vCenter/ESXi
|
||||
|
@ -189,6 +196,20 @@ function Connect-To {
|
|||
Write-Error @MessageParams
|
||||
}
|
||||
}
|
||||
"CiscoUcsCentral" {
|
||||
try {
|
||||
$handle = Connect-UcsCentral -Name $RemoteHost -Credential $creds -NotDefault
|
||||
$ExecutionContext.SessionState.PSVariable.Set('DefaultUcsCentral', $handle)
|
||||
}
|
||||
|
||||
catch {
|
||||
$MessageParams = @{
|
||||
Message = ('Unable to connect to {0} using {1}' -f $RemoteHost, $Type)
|
||||
ErrorAction = 'Stop'
|
||||
}
|
||||
Write-Error @MessageParams
|
||||
}
|
||||
}
|
||||
"FTP" {
|
||||
# First establish the FTP session
|
||||
$WinSCPConParams = @{
|
||||
|
|
|
@ -14,8 +14,17 @@ function Disconnect-From {
|
|||
same hostname.
|
||||
|
||||
.PARAMETER Type
|
||||
Specify the host type of the target. Currently implemented targets are: CiscoUcs, FTP, NetAppFAS, VMware,
|
||||
CisServer, ExchangeHTTP, ExchangeHTTPS, SCP.
|
||||
Specify the host type of the target. Currently implemented targets are:
|
||||
|
||||
- CiscoUcs
|
||||
- CiscoUcsCentral
|
||||
- FTP
|
||||
- NetAppFAS
|
||||
- VMware
|
||||
- CisServer
|
||||
- ExchangeHTTP
|
||||
- ExchangeHTTPS
|
||||
- SCP
|
||||
|
||||
.PARAMETER Force
|
||||
Force the disconnect, even if the disconnect would fail.
|
||||
|
@ -64,6 +73,7 @@ function Disconnect-From {
|
|||
[Parameter(Mandatory = $true)]
|
||||
[ValidateSet(
|
||||
'CiscoUcs',
|
||||
'CiscoUcsCentral',
|
||||
'FTP',
|
||||
'NetAppFAS',
|
||||
'VMware',
|
||||
|
@ -85,10 +95,10 @@ function Disconnect-From {
|
|||
"VMware" {
|
||||
try {
|
||||
if ($Force) {
|
||||
Disconnect-VIServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop -Force:$true
|
||||
Disconnect-VIServer -Server $RemoteHost -Confirm:$false -ErrorAction 'Stop' -Force:$true
|
||||
}
|
||||
else {
|
||||
Disconnect-VIServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop
|
||||
Disconnect-VIServer -Server $RemoteHost -Confirm:$false -ErrorAction 'Stop'
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -104,10 +114,10 @@ function Disconnect-From {
|
|||
"CisServer" {
|
||||
try {
|
||||
if ($Force) {
|
||||
Disconnect-CisServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop -Force:$true
|
||||
Disconnect-CisServer -Server $RemoteHost -Confirm:$false -ErrorAction 'Stop' -Force:$true
|
||||
}
|
||||
else {
|
||||
Disconnect-CisServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop
|
||||
Disconnect-CisServer -Server $RemoteHost -Confirm:$false -ErrorAction 'Stop'
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -171,10 +181,24 @@ function Disconnect-From {
|
|||
Write-Error @MessageParams
|
||||
}
|
||||
}
|
||||
"CiscoUCSCentral" {
|
||||
try {
|
||||
$handle = Connect-UcsCentral -Name $RemoteHost -Credential $creds -NotDefault
|
||||
$ExecutionContext.SessionState.PSVariable.Set('DefaultUcsCentral', $handle)
|
||||
}
|
||||
catch {
|
||||
$MessageParams = @{
|
||||
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
|
||||
ErrorAction = 'Stop'
|
||||
}
|
||||
Write-Error @MessageParams
|
||||
}
|
||||
}
|
||||
|
||||
"ExchangeHTTP*" {
|
||||
try {
|
||||
Get-Variable -Name 'PSExchangeRemote' -Scope Global -ErrorAction Stop
|
||||
Remove-PSSession -Session $Global:PSExchangeRemote -ErrorAction Stop
|
||||
Get-Variable -Name 'PSExchangeRemote' -Scope 'Global' -ErrorAction 'Stop'
|
||||
Remove-PSSession -Session $Global:PSExchangeRemote -ErrorAction 'Stop'
|
||||
}
|
||||
catch {
|
||||
$MessageParams = @{
|
||||
|
@ -206,6 +230,4 @@ function Disconnect-From {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
end {}
|
||||
}
|
||||
|
|
|
@ -102,7 +102,7 @@ Describe "New-CredentialStoreItem" {
|
|||
It "Missing CredentialStore should throw" {
|
||||
{
|
||||
New-CredentialStoreItem -Shared -Path '/tmp/missingStore.json' -RemoteHost 'notrelevant'
|
||||
} | Should -Throw "Could not add anything into the given CredentialStore."
|
||||
} | Should -Throw "The given credential store (/tmp/missingStore.json) does not exist!"
|
||||
}
|
||||
}
|
||||
Context "Testing pipeline paramter" {
|
||||
|
|
|
@ -32,7 +32,7 @@ function New-CredentialStoreItem {
|
|||
[None]
|
||||
|
||||
.EXAMPLE
|
||||
New-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local"
|
||||
New-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost esx01.myside.local'
|
||||
#>
|
||||
|
||||
[CmdletBinding(DefaultParameterSetName = 'Private')]
|
||||
|
@ -68,7 +68,7 @@ function New-CredentialStoreItem {
|
|||
|
||||
begin {
|
||||
# Set the CredentialStore for private, shared or custom mode.
|
||||
Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName)
|
||||
Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
|
||||
if ($PSCmdlet.ParameterSetName -eq 'Private') {
|
||||
$Path = Get-DefaultCredentialStorePath
|
||||
}
|
||||
|
@ -84,9 +84,9 @@ function New-CredentialStoreItem {
|
|||
if (-not(Test-CredentialStore -Shared -Path $Path)) {
|
||||
$MessageParams = @{
|
||||
Exception = [System.IO.FileNotFoundException]::new(
|
||||
'Could not add anything into the given CredentialStore.'
|
||||
'The given credential store ({0}) does not exist!' -f $Path
|
||||
)
|
||||
ErrorAction = "Stop"
|
||||
ErrorAction = 'Stop'
|
||||
}
|
||||
Write-Error @MessageParams
|
||||
}
|
||||
|
@ -95,8 +95,8 @@ function New-CredentialStoreItem {
|
|||
|
||||
$CurrentDate = Get-Date -Format 'u'
|
||||
|
||||
if ($Identifier -ne "") {
|
||||
$CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost
|
||||
if ($Identifier -ne '') {
|
||||
$CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
|
||||
}
|
||||
else {
|
||||
$CredentialName = $RemoteHost
|
||||
|
|
|
@ -0,0 +1,130 @@
|
|||
[Diagnostics.CodeAnalysis.SuppressMessageAttribute(
|
||||
'PSAvoidUsingConvertToSecureStringWithPlainText',
|
||||
'',
|
||||
Justification = 'just used in pester tests.'
|
||||
)]
|
||||
[Diagnostics.CodeAnalysis.SuppressMessageAttribute(
|
||||
'PSProvideCommentHelp',
|
||||
'',
|
||||
Justification = 'no need in internal pester helpers.'
|
||||
)]
|
||||
param ()
|
||||
|
||||
BeforeAll {
|
||||
$ManifestFile = (Get-Item -Path './src/*.psd1').FullName
|
||||
Import-Module $ManifestFile -Force
|
||||
|
||||
$PrivateFunctions = (Get-ChildItem -Path './src/Private/*.ps1' | Where-Object {
|
||||
$_.BaseName -notmatch '.Tests'
|
||||
}
|
||||
).FullName
|
||||
foreach ( $func in $PrivateFunctions) {
|
||||
. $func
|
||||
}
|
||||
|
||||
# Backup existing credential stores
|
||||
$VerbosePreference = 'Continue'
|
||||
Write-Verbose -Message 'Backup private Credential Store...'
|
||||
$CSPath = Get-DefaultCredentialStorePath
|
||||
$BackupFile = '{0}.back' -f $CSPath
|
||||
if (Test-Path -Path $CSPath) {
|
||||
Move-Item -Path $CSPath -Destination $BackupFile
|
||||
}
|
||||
Write-Verbose -Message 'Backup shared CredentialStore...'
|
||||
$CSShared = Get-DefaultCredentialStorePath -Shared
|
||||
$BackupSharedFile = '{0}.back' -f $CSShared
|
||||
if (Test-Path -Path $CSShared) {
|
||||
Move-Item -Path $CSShared -Destination $BackupSharedFile
|
||||
}
|
||||
Write-Verbose -Message 'Remove old CredentialStore in Temp dir'
|
||||
$CSTemp = Join-Path -Path (Get-TempDir) -ChildPath '/CredentialStore.json'
|
||||
if (Test-Path -Path $CSTemp) {
|
||||
Remove-Item -Path $CSTemp
|
||||
}
|
||||
$VerbosePreference = 'SilentlyContinue'
|
||||
}
|
||||
|
||||
Describe 'New-CredentialStoreItem' {
|
||||
Context 'Private Credential Store tests' {
|
||||
It 'Add entry to a private store.' {
|
||||
# Create a fresh CredentialStore first
|
||||
New-CredentialStore -Force
|
||||
|
||||
# Define the content of the CredentialStoreItem.
|
||||
$RemoteHost = 'barfoo'
|
||||
$UserName = 'MyUser'
|
||||
$Password = 'fooobarysdfsfs' | ConvertTo-SecureString -AsPlainText -Force
|
||||
|
||||
# Form the CredentialObject.
|
||||
$creds = [PSCredential]::new($UserName, $Password)
|
||||
|
||||
# Create the CredentialStoreItem.
|
||||
New-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds
|
||||
|
||||
# Formulate an update to the CredentialStoreItem.
|
||||
$ClearPassword = 'fooobaryadfafa'
|
||||
$Password = $ClearPassword | ConvertTo-SecureString -AsPlainText -Force
|
||||
$creds = [PSCredential]::new($UserName, $Password)
|
||||
{
|
||||
Set-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds
|
||||
} | Should -Not -Throw
|
||||
|
||||
# Control the content of the CredentialStore.
|
||||
$content = Get-CredentialStoreItem -RemoteHost $RemoteHost
|
||||
$content.GetNetworkCredential().Password | Should -Be $ClearPassword
|
||||
}
|
||||
}
|
||||
Context 'Shared Credential Store tests' {
|
||||
It 'Add entry to a shared store.' {
|
||||
# Create a fresh CredentialStore first
|
||||
$tmpCS = Join-Path -Path (Get-TempDir) -ChildPath '/CredentialStore.json'
|
||||
New-CredentialStore -Path $tmpCS -Force -Shared
|
||||
|
||||
# Define the content of the CredentialStoreItem.
|
||||
$RemoteHost = 'barfoo'
|
||||
$UserName = 'MyUser'
|
||||
$Password = 'fooobarysdfsfs' | ConvertTo-SecureString -AsPlainText -Force
|
||||
|
||||
# Form the CredentialObject.
|
||||
$creds = [PSCredential]::new($UserName, $Password)
|
||||
|
||||
# Create the CredentialStoreItem.
|
||||
New-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds -Path $tmpCS -Shared
|
||||
|
||||
# Formulate an update to the CredentialStoreItem.
|
||||
$ClearPassword = 'fooobaryadfafa'
|
||||
$Password = $ClearPassword | ConvertTo-SecureString -AsPlainText -Force
|
||||
$creds = [PSCredential]::new($UserName, $Password)
|
||||
|
||||
{
|
||||
Set-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds -Path $tmpCS -Shared
|
||||
} | Should -Not -Throw
|
||||
|
||||
# Control the content of the CredentialStore.
|
||||
$content = Get-CredentialStoreItem -RemoteHost $RemoteHost -Path $tmpCS -Shared
|
||||
$content.GetNetworkCredential().Password | Should -Be $ClearPassword
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
AfterAll {
|
||||
# Cleanup test stores and restore existing ones.
|
||||
$VerbosePreference = 'Continue'
|
||||
Write-Verbose -Message 'Restoring private CredentialStore'
|
||||
If (Test-Path -Path $BackupFile) {
|
||||
If (Test-Path -Path $CSPath) {
|
||||
Remove-Item -Path $CSPath
|
||||
Move-Item -Path $BackupFile -Destination $CSPath
|
||||
}
|
||||
}
|
||||
|
||||
Write-Verbose -Message 'Restoring shared CredentialStore'
|
||||
If (Test-Path -Path $BackupSharedFile) {
|
||||
If (Test-Path -Path $CSShared) {
|
||||
Remove-Item -Path $CSShared
|
||||
Move-Item -Path $BackupSharedFile -Destination $CSShared
|
||||
}
|
||||
}
|
||||
$VerbosePreference = 'SilentlyContinue'
|
||||
|
||||
}
|
|
@ -13,7 +13,7 @@ function Set-CredentialStoreItem {
|
|||
Specify the host you for which you would like to change the credentials.
|
||||
|
||||
.PARAMETER Identifier
|
||||
Defaults to "". Specify a string, which separates two CredentialStoreItems for the
|
||||
Defaults to ''. Specify a string, which separates two CredentialStoreItems for the
|
||||
same hostname.
|
||||
|
||||
.PARAMETER Shared
|
||||
|
@ -30,10 +30,10 @@ function Set-CredentialStoreItem {
|
|||
[None]
|
||||
|
||||
.EXAMPLE
|
||||
Set-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local"
|
||||
Set-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost 'esx01.myside.local'
|
||||
|
||||
.EXAMPLE
|
||||
Set-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local" -Identifier svc
|
||||
Set-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost 'esx01.myside.local' -Identifier svc
|
||||
#>
|
||||
|
||||
[CmdletBinding(DefaultParameterSetName = 'Private')]
|
||||
|
@ -65,7 +65,7 @@ function Set-CredentialStoreItem {
|
|||
|
||||
begin {
|
||||
# Set the CredentialStore for private, shared or custom mode.
|
||||
Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName)
|
||||
Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
|
||||
if ($PSCmdlet.ParameterSetName -eq 'Private') {
|
||||
$Path = Get-DefaultCredentialStorePath
|
||||
}
|
||||
|
@ -77,32 +77,52 @@ function Set-CredentialStoreItem {
|
|||
}
|
||||
|
||||
process {
|
||||
# Lets do a quick test on the given CredentialStore.
|
||||
if (-not(Test-CredentialStore -Shared -Path $Path)) {
|
||||
# Define the default splatting.
|
||||
$DefaultSplatting = @{
|
||||
Path = $Path
|
||||
}
|
||||
|
||||
# Check if the user passed -Shared. If he added -Shared, we'll pass it into the splatting
|
||||
if ($PSBoundParameters.ContainsKey('Shared')) {
|
||||
$DefaultSplatting.Add('Shared', $true)
|
||||
}
|
||||
else {
|
||||
$DefaultSplatting.Add('Shared', $false)
|
||||
}
|
||||
|
||||
# Now lets check the given CredentialStore.
|
||||
if (-not(Test-CredentialStore @DefaultSplatting)) {
|
||||
$MessageParams = @{
|
||||
Message = 'Could not add anything into the given CredentailStore.'
|
||||
Message = ('The given CredentialStore ({0}) does no exist.' -f $Path)
|
||||
ErrorAction = 'Stop'
|
||||
}
|
||||
Write-Error @MessageParams
|
||||
}
|
||||
|
||||
# Read the file content based on the given ParameterSetName
|
||||
$CSContent = Get-CredentialStore -Shared -Path $Path
|
||||
$CSContent = Get-CredentialStore @DefaultSplatting
|
||||
|
||||
# Get a formatted current date for the last update time of the Item.
|
||||
$CurrentDate = Get-Date -Format 'u'
|
||||
|
||||
if ($Identifier -ne "") {
|
||||
$CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost
|
||||
# Check if the user supplied an identifier. If so, we need to mangle the CredentialName, as that's where
|
||||
# the identifier is actually added.
|
||||
if ($Identifier -ne '') {
|
||||
$CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
|
||||
}
|
||||
else {
|
||||
$CredentialName = $RemoteHost
|
||||
}
|
||||
|
||||
# If the user didn't supply a CredentialObject, we need to prompt for it.
|
||||
if (-not($Credential)) {
|
||||
$Credential = Get-Credential -Message $CredentialName
|
||||
}
|
||||
|
||||
if ($Credential.UserName) {
|
||||
# If the username isn't empty, we ca go ahead and update the entry.
|
||||
if ($null -ne $Credential.UserName -and -not [string]::IsNullOrWhiteSpace($Credential.UserName)) {
|
||||
# Check if the path to the PfxCertificate is stored in the CredentialStore. If so load the certificate.
|
||||
# If not, load try loading the certificate from the Filepath of the CredentialStore.
|
||||
if ($null -eq $CSContent.PfxCertificate) {
|
||||
$Cert = Get-CSCertificate -Type $CSContent.Type -Thumbprint $CSContent.Thumbprint
|
||||
}
|
||||
|
@ -110,13 +130,17 @@ function Set-CredentialStoreItem {
|
|||
$Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop
|
||||
}
|
||||
|
||||
# Now locate the Item.
|
||||
if (Get-Member -InputObject $CSContent -Name $CredentialName -MemberType Properties) {
|
||||
# Get a random AES key for the entry.
|
||||
$RSAKey = Get-RandomAESKey
|
||||
$CSContent.$CredentialName.User = $Credential.UserName
|
||||
$ConvertParams = @{
|
||||
SecureString = $Credential.Password
|
||||
Key = $RSAKey
|
||||
}
|
||||
|
||||
# Now create a updated item containing the updated credentials.
|
||||
$CSContent.$CredentialName.Password = ConvertFrom-SecureString @ConvertParams
|
||||
$CSContent.$CredentialName.LastChange = $CurrentDate
|
||||
$CSContent.$CredentialName.EncryptedKey = [Convert]::ToBase64String(
|
||||
|
@ -125,10 +149,15 @@ function Set-CredentialStoreItem {
|
|||
[System.Security.Cryptography.RSAEncryptionPadding]::Pkcs1
|
||||
)
|
||||
)
|
||||
|
||||
# Convert the CredentialStore back into JSON and save it to the file.
|
||||
ConvertTo-Json -InputObject $CSContent -Depth 5 | Out-File -FilePath $Path -Encoding utf8
|
||||
}
|
||||
else {
|
||||
Write-Warning -Message ('Unable to locate CredentialStoreItem for {0}' -f $CredentialName)
|
||||
}
|
||||
Else {
|
||||
}
|
||||
else {
|
||||
$MessageParams = @{
|
||||
Message = 'Please Provide at least a valid user!'
|
||||
ErrorAction = 'Stop'
|
||||
|
|
|
@ -7,6 +7,10 @@ function Test-CredentialStoreItem {
|
|||
Use this cmdlet for basic checks with a single item. Check the item first with this function before
|
||||
you try to interact with it.
|
||||
|
||||
Breaking Change for `v1.1.0+`:
|
||||
Test-CredentialStoreItem will return `$false` even if the store doesn't exist. We removed the terminating
|
||||
error and replaced it with a warning message.
|
||||
|
||||
.PARAMETER Path
|
||||
Define a custom credential store you try to read from. Without the `-Path` parameter
|
||||
`Test-CredentialStoreItem` tries to read from the default private store.
|
||||
|
@ -29,11 +33,11 @@ function Test-CredentialStoreItem {
|
|||
[None]
|
||||
|
||||
.EXAMPLE
|
||||
if (Test-CredentialStoreItem -RemoteHost "Default") {
|
||||
Get-CredentialStoreItem -RemoteHost "Default"
|
||||
if (Test-CredentialStoreItem -RemoteHost 'Default') {
|
||||
Get-CredentialStoreItem -RemoteHost 'Default'
|
||||
}
|
||||
else {
|
||||
Write-Warning ("The given Remote Host {0} does not exist in the credential Store!" -f $RemoteHost)
|
||||
Write-Warning ('The given Remote Host {0} does not exist in the credential Store!' -f $RemoteHost)
|
||||
}
|
||||
#>
|
||||
|
||||
|
@ -41,7 +45,7 @@ function Test-CredentialStoreItem {
|
|||
[OutputType([bool])]
|
||||
param (
|
||||
[Parameter(Mandatory = $false, ParameterSetName = 'Shared')]
|
||||
[string]$Path = "{0}\PSCredentialStore\CredentialStore.json" -f $env:ProgramData,
|
||||
[string]$Path = '{0}\PSCredentialStore\CredentialStore.json' -f $env:ProgramData,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[ValidateNotNullOrEmpty()]
|
||||
|
@ -57,7 +61,7 @@ function Test-CredentialStoreItem {
|
|||
|
||||
begin {
|
||||
# Set the CredentialStore for private, shared or custom mode.
|
||||
Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName)
|
||||
Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
|
||||
if ($PSCmdlet.ParameterSetName -eq 'Private') {
|
||||
$Path = Get-DefaultCredentialStorePath
|
||||
}
|
||||
|
@ -69,8 +73,8 @@ function Test-CredentialStoreItem {
|
|||
}
|
||||
|
||||
process {
|
||||
if ($Identifier -ne "") {
|
||||
$CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost
|
||||
if ($Identifier -ne '') {
|
||||
$CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
|
||||
}
|
||||
else {
|
||||
$CredentialName = $RemoteHost
|
||||
|
@ -88,10 +92,10 @@ function Test-CredentialStoreItem {
|
|||
}
|
||||
else {
|
||||
$MsgParams = @{
|
||||
ErrorAction = 'Stop'
|
||||
Message = "The given credential store ({0}) does not exist!" -f $Path
|
||||
Message = 'The given credential store ({0}) does not exist!' -f $Path
|
||||
}
|
||||
Write-Error @MsgParams
|
||||
Write-Warning @MsgParams
|
||||
return $false
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -143,7 +143,32 @@
|
|||
# RequireLicenseAcceptance = $false
|
||||
|
||||
# External dependent modules of this module
|
||||
# ExternalModuleDependencies = @()
|
||||
ExternalModuleDependencies = @(
|
||||
@{
|
||||
ModuleName = 'VMware.VimAutomation.Core'
|
||||
ModuleVersion = '12.7.0.20091293'
|
||||
},
|
||||
@{
|
||||
ModuleName = 'VMware.VimAutomation.Cis.Core'
|
||||
ModuleVersion = '12.6.0.19601368'
|
||||
},
|
||||
@{
|
||||
ModuleName = 'Cisco.UCS.Common'
|
||||
ModuleVersion = '3.0.1.2'
|
||||
},
|
||||
@{
|
||||
ModuleName = 'Cisco.UCSManager'
|
||||
ModuleVersion = '3.0.1.2'
|
||||
},
|
||||
@{
|
||||
ModuleName = 'WinSCP'
|
||||
ModuleVersion = '5.17.8.1'
|
||||
},
|
||||
@{
|
||||
ModuleName = 'NetApp.ONTAP'
|
||||
ModuleVersion = '9.10.1.2111'
|
||||
}
|
||||
)
|
||||
|
||||
} # End of PSData hashtable
|
||||
|
||||
|
|
|
@ -1,60 +0,0 @@
|
|||
BeforeAll {
|
||||
$ManifestFile = (Get-Item -Path "./src/*.psd1").FullName
|
||||
Import-Module $ManifestFile -Force
|
||||
|
||||
$PrivateFunctions = (Get-ChildItem -Path "./src/Private/*.ps1" | Where-Object {
|
||||
$_.BaseName -notmatch '.Tests'
|
||||
}
|
||||
).FullName
|
||||
foreach ( $func in $PrivateFunctions) {
|
||||
. $func
|
||||
}
|
||||
}
|
||||
|
||||
Describe "Resolve-Dependency" {
|
||||
Context "Basic syntax check" {
|
||||
BeforeAll {
|
||||
Mock Get-ModuleBase {
|
||||
return (Join-Path -Path $PWD -ChildPath '/resources')
|
||||
}
|
||||
Mock Test-Module {
|
||||
return $true
|
||||
}
|
||||
}
|
||||
|
||||
It "Test1: Should not throw" {
|
||||
{ Resolve-Dependency -Name 'foobar2000' } | Should -Not -Throw
|
||||
}
|
||||
It "Test2: Output type should be bool" {
|
||||
Resolve-Dependency -Name 'foobar2000' | Should -BeOfType bool
|
||||
}
|
||||
}
|
||||
Context "Enforce Error" {
|
||||
# Return incorrect module base to enforce there is no config file.
|
||||
Mock Get-ModuleBase {
|
||||
if ($IsWindows) { return "C:\" }
|
||||
elseif ($isLinux) { return "/" }
|
||||
}
|
||||
It "Missing dependency file should not cause an error" {
|
||||
{ Resolve-Dependency -Name 'awesome' } | Should -Not -Throw
|
||||
}
|
||||
|
||||
It "Missing dependency file should return true" {
|
||||
Resolve-Dependency -Name 'awesome' | Should -Be $true
|
||||
}
|
||||
}
|
||||
Context "Testing input variations" {
|
||||
It "Should return true if all given dependencies exist" {
|
||||
Mock Get-ModuleBase {
|
||||
return (Join-Path -Path $PWD -ChildPath '/resources')
|
||||
}
|
||||
Resolve-Dependency -Name 'Existing' | Should -Be $true
|
||||
}
|
||||
It "Mixed results should return false" {
|
||||
Mock Get-ModuleBase {
|
||||
return (Join-Path -Path $PWD -ChildPath '/resources')
|
||||
}
|
||||
Resolve-Dependency -Name 'PSGetMixed' | Should -Be $false
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,87 +0,0 @@
|
|||
function Resolve-Dependency {
|
||||
<#
|
||||
.SYNOPSIS
|
||||
Tests defined optional dependencies and returns the result as bool.
|
||||
|
||||
.DESCRIPTION
|
||||
Use this function to test for optional modules. You can use it if you provide functions which needs special
|
||||
modules but you don't want to make them required.
|
||||
|
||||
Place a file called Dependency.json in your module root dir. The default format is:
|
||||
|
||||
{
|
||||
"Version": 0.1,
|
||||
"Mandatory": {},
|
||||
"Optional": [
|
||||
{
|
||||
"Name": "VMware",
|
||||
"Modules": [
|
||||
"VMware.VimAutomation.Core"
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "CiscoUCS",
|
||||
"Modules": []
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
.PARAMETER Name
|
||||
Select the dependency item name you defined in the dependency.json.
|
||||
.INPUTS
|
||||
[None]
|
||||
|
||||
.OUTPUTS
|
||||
[bool]
|
||||
|
||||
.EXAMPLE
|
||||
If (-not (Resolve-Dependency -Name 'VMware')) {
|
||||
Write-Error -Message (
|
||||
"Could not resolve the optional dependencies defined for {0}" -f 'VMware'
|
||||
) -ErrorAction 'Stop'
|
||||
}
|
||||
#>
|
||||
|
||||
[OutputType([bool])]
|
||||
[CmdletBinding()]
|
||||
param (
|
||||
[Parameter(Mandatory = $true)]
|
||||
[ValidateNotNullOrEmpty()]
|
||||
[string]$Name
|
||||
)
|
||||
|
||||
begin {
|
||||
$ModuleRootDir = Get-ModuleBase
|
||||
$DepFilePath = Join-Path -Path $ModuleRootDir -ChildPath "Dependency.json"
|
||||
if (Test-Path -Path $DepFilePath) {
|
||||
$Dependency = Get-Content -Path $DepFilePath -Raw -Encoding UTF8 | ConvertFrom-Json
|
||||
}
|
||||
else {
|
||||
Write-Warning ("Could not find the dependency file: {0}" -f $DepFilePath)
|
||||
}
|
||||
}
|
||||
|
||||
process {
|
||||
# ScriptAnalyzer issue workaround (unused var)
|
||||
$null = $Name
|
||||
$SelectedDependency = $Dependency.Optional | Where-Object { $_.Name -match $Name }
|
||||
# return true if there is no dependency defined
|
||||
if ($null -eq $SelectedDependency) {
|
||||
return $true
|
||||
}
|
||||
|
||||
$res = @()
|
||||
foreach ($Module in $SelectedDependency.Modules) {
|
||||
$res += Test-Module -Name $Module
|
||||
}
|
||||
# return false if there was not module at all
|
||||
if (($res -contains $false) -or ($res.Count -eq 0)) {
|
||||
return $false
|
||||
}
|
||||
else {
|
||||
return $true
|
||||
}
|
||||
}
|
||||
|
||||
end {}
|
||||
}
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue