OCram85/PSCredentialStore
1
0
Fork 1
Code Issues 1 Pull Requests 2 Releases 26 Activity

Compare commits

base: OCram85:v1.1.0-dev1
Branches Tags
OCram85:master pinguinfuss:Find-CredentialStoreItem pinguinfuss:ConnectTo-StorageGRID pinguinfuss:master pinguinfuss:vendorDir
OCram85:v1.1.1-rc1 OCram85:v1.1.0 OCram85:v1.1.0-dev9 OCram85:v1.1.0-dev8 OCram85:v1.1.0-dev7 OCram85:v1.1.0-dev6 OCram85:v1.1.0-dev5 OCram85:v1.1.0-dev4 OCram85:v1.1.0-dev3 OCram85:v1.1.0-dev2 OCram85:v1.1.0-alpha1 OCram85:v1.1.0-dev1 OCram85:1.0.548 OCram85:1.0.477 OCram85:1.0.467 OCram85:0.5.428 OCram85:0.5.391 OCram85:0.5.377 OCram85:0.2.3.199 OCram85:0.2.2.194 OCram85:0.2.1.182 OCram85:0.2.1.178 OCram85:0.2.1.138 OCram85:0.2.0.81 OCram85:0.2.0.78 OCram85:0.1.68 OCram85:0.1.51 OCram85:0.1.50 OCram85:0.1.47 pinguinfuss:v1.1.0-dev9 pinguinfuss:v1.1.0-dev8 pinguinfuss:v1.1.0-dev7 pinguinfuss:v1.1.0-dev6 pinguinfuss:v1.1.0-dev5 pinguinfuss:v1.1.0-dev4 pinguinfuss:v1.1.0-dev3 pinguinfuss:v1.1.0-dev2 pinguinfuss:v1.1.0-alpha1 pinguinfuss:v1.1.0-dev1 pinguinfuss:1.0.548 pinguinfuss:1.0.477 pinguinfuss:1.0.467 pinguinfuss:0.5.428 pinguinfuss:0.5.391 pinguinfuss:0.5.377 pinguinfuss:0.2.3.199 pinguinfuss:0.2.2.194 pinguinfuss:0.2.1.182 pinguinfuss:0.2.1.178 pinguinfuss:0.2.1.138 pinguinfuss:0.2.0.81 pinguinfuss:0.2.0.78 pinguinfuss:0.1.68 pinguinfuss:0.1.51 pinguinfuss:0.1.50 pinguinfuss:0.1.47
...
compare: pinguinfuss:ConnectTo-StorageGRID
Branches Tags
pinguinfuss:Find-CredentialStoreItem pinguinfuss:ConnectTo-StorageGRID pinguinfuss:master pinguinfuss:vendorDir OCram85:master
pinguinfuss:v1.1.0-dev9 pinguinfuss:v1.1.0-dev8 pinguinfuss:v1.1.0-dev7 pinguinfuss:v1.1.0-dev6 pinguinfuss:v1.1.0-dev5 pinguinfuss:v1.1.0-dev4 pinguinfuss:v1.1.0-dev3 pinguinfuss:v1.1.0-dev2 pinguinfuss:v1.1.0-alpha1 pinguinfuss:v1.1.0-dev1 pinguinfuss:1.0.548 pinguinfuss:1.0.477 pinguinfuss:1.0.467 pinguinfuss:0.5.428 pinguinfuss:0.5.391 pinguinfuss:0.5.377 pinguinfuss:0.2.3.199 pinguinfuss:0.2.2.194 pinguinfuss:0.2.1.182 pinguinfuss:0.2.1.178 pinguinfuss:0.2.1.138 pinguinfuss:0.2.0.81 pinguinfuss:0.2.0.78 pinguinfuss:0.1.68 pinguinfuss:0.1.51 pinguinfuss:0.1.50 pinguinfuss:0.1.47 OCram85:v1.1.1-rc1 OCram85:v1.1.0 OCram85:v1.1.0-dev9 OCram85:v1.1.0-dev8 OCram85:v1.1.0-dev7 OCram85:v1.1.0-dev6 OCram85:v1.1.0-dev5 OCram85:v1.1.0-dev4 OCram85:v1.1.0-dev3 OCram85:v1.1.0-dev2 OCram85:v1.1.0-alpha1 OCram85:v1.1.0-dev1 OCram85:1.0.548 OCram85:1.0.477 OCram85:1.0.467 OCram85:0.5.428 OCram85:0.5.391 OCram85:0.5.377 OCram85:0.2.3.199 OCram85:0.2.2.194 OCram85:0.2.1.182 OCram85:0.2.1.178 OCram85:0.2.1.138 OCram85:0.2.0.81 OCram85:0.2.0.78 OCram85:0.1.68 OCram85:0.1.51 OCram85:0.1.50 OCram85:0.1.47

35 Commits
v1.1.0-dev ... ConnectTo-

Author SHA1 Message Date
pinguinfuss
ffab53f0d7 Merge branch 'master' into ConnectTo-StorageGRID 2023-05-22 21:58:50 +02:00
pinguinfuss
789be844d0 Merge branch 'master' of https://gitea.ocram85.com/OCram85/PSCredentialStore 2023-05-22 21:57:36 +02:00
pinguinfuss
fd6dc42099 Revert "Implement a function to "find" a CredentialStoreItem in CredentialStores" 
This reverts commit db0fa1cf4a.
 2023-05-22 21:51:21 +02:00
pinguinfuss
76a4dd6e99 Fix the indentation 2023-05-22 21:49:39 +02:00
pinguinfuss
db0fa1cf4a Implement a function to "find" a CredentialStoreItem in CredentialStores 2023-05-22 21:44:13 +02:00
pinguinfuss
471a372bf9 Refine the implementation 2023-05-22 21:37:39 +02:00
pinguinfuss
e3349cc4dd Add external dependencies for NetAppSGWS 2023-03-09 20:35:57 +01:00
pinguinfuss
2399f227c9 Implement NetAppSGWS 2023-03-09 20:34:05 +01:00
pinguinfuss
1747bb24a8 Add a bit of spacing. Remove default as there is nothing to do. 2023-03-09 20:33:27 +01:00
pinguinfuss
c125ad0acd prettify parameters and stuff 2023-03-09 20:27:38 +01:00
pinguinfuss
2a51e76b07 Fix comment-based-help 2023-03-09 20:27:23 +01:00
pinguinfuss
13351d7e2e Isn't a valid parameter for Disconnect-From 2023-03-09 20:27:10 +01:00
pinguinfuss
3105a3230a Rework some logic 2023-03-09 20:25:26 +01:00
pinguinfuss
9ed86fd126 Reordering 2023-03-09 20:18:57 +01:00
pinguinfuss
4c9c03d7da Implement SGWS 2023-03-09 20:16:48 +01:00
pinguinfuss
22631f2836 More reordering/cleanup 2023-03-09 20:16:31 +01:00
pinguinfuss
a5b430e4ae Revert this to be in sync with max line length PSScriptAnalyzer rule 2023-03-09 13:39:08 +01:00
pinguinfuss
c272b30cb4 remove the splattings around Write-Error 2023-03-09 13:32:12 +01:00
pinguinfuss
b7ad5663dc Define some defaults for the preferences variables 2023-03-09 13:31:50 +01:00
pinguinfuss
9de752691b Fix the variable names 2023-03-09 13:11:28 +01:00
pinguinfuss
f27f1faad7 Sort the connection list 2023-03-09 13:10:54 +01:00
pinguinfuss
56727afa3e prettify the parameters 2023-03-09 13:09:15 +01:00
pinguinfuss
79a1a214c2 Replace double-quotes with single-quotes 2023-03-09 13:08:21 +01:00
OCram85
f2b7910b15 Prepare release v1.1.1 (#78)
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details 
#### 📖 Summary

- updates changelog

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #78
 2022-10-10 10:24:52 +02:00
OCram85
0b5c9823e0 Adds changelog config for gitea changelog cli tool (#77)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
#### 📖 Summary

- adds initial default config for changelog generation

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [ ] Tested via Drone.io pipeline
- [x] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #77
 2022-10-10 10:10:18 +02:00
pinguinfuss
42fdb0a373 Fix Set-CredentialStoreItem (#76)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
#### 📖 Summary

- Fix Set-CredentialStoreItem. Currently it doesn't warn if the user is trying to update a CredentialStoreItem, that does not exist.
- Also add a bit of documentation and UnitTests.
- Fix the quotation of Test-CredentialStoreItem.

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <ocram85@noreply.local>
Reviewed-on: #76
Reviewed-by: OCram85 <ocram85@noreply.local>
Co-authored-by: pinguinfuss <christian@heimdaheim.de>
Co-committed-by: pinguinfuss <christian@heimdaheim.de>
 2022-10-10 10:05:08 +02:00
pinguinfuss
2bd250971b Fix optional module dependencies (#75)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
#### 📖 Summary

- Fix the optional dependencies.
  - DataONTAP was never a PSGallery module, and we have to custom build that.
  - NetApp finally submitted NetApp.ONTAP into PSGallery, so we can depend on that.
- Updates UCS- and VMware-modules.

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [ ] Tested via Drone.io pipeline
- [ ] Custom test
- [x] No test plan

##### Details / Justification

Sadly, you have to run it. The module loader does not have a unit test.

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <ocram85@noreply.local>
Reviewed-on: #75
Reviewed-by: OCram85 <ocram85@noreply.local>
Co-authored-by: pinguinfuss <christian@heimdaheim.de>
Co-committed-by: pinguinfuss <christian@heimdaheim.de>
 2022-10-10 10:00:42 +02:00
OCram85
ac6a9d8202 prepare release 1.1.0 (#74)
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details 
#### 📖 Summary

- updates changelog

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #74
 2022-09-21 09:39:56 +02:00
OCram85
3d4f53ddc7 adds pinguinfuss contributed fix (#73)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
#### 📖 Summary

- redo PR from @pinguinfuss
  - fix error message
  - fix string quotation

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

- just redo #72.
  - there was an issue caused by git config `core.autocrl` displaying / diffin the wrong line ending sequence

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #73
 2022-09-20 15:01:05 +02:00
OCram85
6fce8d6a8c Updates libressl files (#71)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
#### 📖 Summary

- adds missing `vendor` files into build package.
- adds missing `openssl.conf` in build package.
- updates libressl / openssl to v3.5.3

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

-  See `v1.1.0-dev9` build
  - https://gitea.ocram85.com/OCram85/PSCredentialStore/releases/tag/v1.1.0-dev9
Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #71
 2022-09-20 11:58:29 +02:00
OCram85
ddb85d907f addChangelog (#70)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
#### 📖 Summary

- adds CHANGELOG.md via DroneHelper

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #70
 2022-07-28 15:15:52 +02:00
OCram85
5bdb383627 updates Readme (#69)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
#### 📖 Summary

- fix typos
- Updates several sections

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #69
 2022-07-28 10:41:46 +02:00
Marco Blessing
a95ba31e40 remove optional depenency helper (#68)
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details 
#### 📖 Summary

- removed optional dependency helper. Moved optional deps into `ExternalModuleDependencies` field.

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #68
 2022-07-26 11:33:10 +02:00
Marco Blessing
1e7dd78c2b adds CiscoUCSCentral connection type (#67)
Some checks reported errors
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build was killed
Details 
#### 📖 Summary

- adds CiscoUCSCentrall connection type in `Connect-To` and `Disconnect-From`

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #67
 2022-07-19 14:29:25 +02:00
Marco Blessing
b76668c1e7 fix Test-CredentialStoreItem return (#66)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
#### 📖 Summary

- `Test-CredentialStoreItem` now returns `$false` and not a terminating error if store doesn't exists.
- Updates platyPS generated docs

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] Tested via Drone.io pipeline
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

- fixes #50

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #66
 2022-07-19 11:46:21 +02:00
51 changed files with 2425 additions and 2258 deletions
Expand all files Collapse all files

32
.changelog.yml Normal file
View File

@ -0,0 +1,32 @@
# The full repository name
repo: OCram85/PSCredentialStore
# Service type (gitea or github)
service: gitea
# Base URL for Gitea instance if using gitea service type (optional)
# Default: https://gitea.com
base-url: https://gitea.ocram85.com
# Changelog groups and which labeled PRs to add to each group
groups:
- name: ✨ FEATURES
labels:
- feature
- name: 📦 META
labels:
- meta
- name: 🐛 BUGFIXES
labels:
- bug
- name: 🛠️ ENHANCEMENTS
labels:
- enhancement
- name: 📚 DOCS
labels:
- docs
- name: 🔖 MISC
default: true
# regex indicating which labels to skip for the changelog
skip-labels: skip-changelog|backport\/.+

2
.drone.yml
View File

@ -120,7 +120,7 @@ steps:
Install-Module -Name 'DroneHelper' -Repository 'PSGallery' -ErrorAction 'Stop' -AllowPrerelease -Force; Install-Module -Name 'DroneHelper' -Repository 'PSGallery' -ErrorAction 'Stop' -AllowPrerelease -Force;
Import-Module -Name 'DroneHelper' -ErrorAction 'Stop'; Import-Module -Name 'DroneHelper' -ErrorAction 'Stop';
Install-ModuleDependency; Install-ModuleDependency;
New-BuildPackage -Verbose New-BuildPackage -Verbose -AdditionalPath @('./src/Vendor', './src/openssl.conf')
}" }"
- name: GiteaRelease - name: GiteaRelease

1
.gitattributes vendored
View File

@ -21,4 +21,5 @@
# Vendor resources config # Vendor resources config
src/Vendor/libressl255/* filter=lfs diff=lfs merge=lfs -text src/Vendor/libressl255/* filter=lfs diff=lfs merge=lfs -text
src/Vendor/libressl/* filter=lfs diff=lfs merge=lfs -text
*.pfx filter=lfs diff=lfs merge=lfs -text *.pfx filter=lfs diff=lfs merge=lfs -text

41
CHANGELOG.md Normal file
View File

@ -0,0 +1,41 @@
# Changelog
<!-- insertMark -->
## [v1.1.1](https://gitea.ocram85.com/OCram85/PSCredentialStore/releases/tag/v1.1.1) - 2022-10-10
* 📦 META
* Adds changelog config for gitea changelog cli tool (#77)
* 🐛 BUGFIXES
* Fix Set-CredentialStoreItem (#76)
* Fix optional module dependencies (#75)
### Contributors
* [@OCram85](https://gitea.ocram85.com/OCram85)
* [@pinguinfuss](https://gitea.ocram85.com/pinguinfuss)
## `v1.1.0`
- (3d4f53d) adds pinguinfuss contributed fix (#73)
- (6fce8d6) Updates libressl files (#71)
- (ddb85d9) addChangelog (#70)
- (5bdb383) updates Readme (#69)
- (a95ba31) remove optional depenency helper (#68)
- (1e7dd78) adds CiscoUCSCentral connection type (#67)
- (b76668c) fix Test-CredentialStoreItem return (#66)
- (ae62ccc) switch to GNU AGPLv3 license (#64)
- (a66e824) adds community contribution for CiscoUCS connection fix (#63)
- (3d90d91) fix lint (PSScriptAnalyzer) issues (#62)
- (d0b7e53) adds DroneHelper (#61)
- (d4b00a5) Migrates to Pester5+ tests (#59)
- (e340466) update references (#60)
- (88743e9) fix pester verbosity config (#58)
- (c31ee79) Update issue templates (#57)
- (c45490a) Update issue templates (#56)
- (4abfec5) adds PR template (#55)
- (7708df9) Update pwsh style to latest community standards (#52)
## `v1.0.542`
- 🧙 pre migrated Gitea version

61
README.md
View File

@ -5,7 +5,10 @@
<p align="center"> <p align="center">
<a href="https://gitea.ocram85.com/OCram85/PSCredentialStore/"> <a href="https://gitea.ocram85.com/OCram85/PSCredentialStore/">
<img src="https://gitea.ocram85.com/OCram85/PSCredentialStore/raw/branch/master/assets/social-logo.png" alt="PSCredentialStore" /> <img
src="https://gitea.ocram85.com/OCram85/PSCredentialStore/raw/branch/master/assets/social-logo.png"
alt="PSCredentialStore"
>
</a> </a>
</p> </p>
@ -19,7 +22,10 @@
<p align="center"> <p align="center">
<a href="https://drone.ocram85.com/OCram85/PSCredentialStore"> <a href="https://drone.ocram85.com/OCram85/PSCredentialStore">
<img src="https://drone.ocram85.com/api/badges/OCram85/PSCredentialStore/status.svg" alt="Master Branch Build Status"> <img
src="https://drone.ocram85.com/api/badges/OCram85/PSCredentialStore/status.svg"
alt="Master Branch Build Status"
>
</a> </a>
<!-- CodeCove disabled for self hosting git <!-- CodeCove disabled for self hosting git
<a href="https://codecov.io/gh/OCram85/PSCredentialStore"> <a href="https://codecov.io/gh/OCram85/PSCredentialStore">
@ -27,23 +33,30 @@
</a> </a>
--> -->
<a href="https://www.powershellgallery.com/packages/PSCredentialStore"> <a href="https://www.powershellgallery.com/packages/PSCredentialStore">
<img src="https://img.shields.io/powershellgallery/v/PSCredentialStore.svg?style=plastic" alt="PowershellGallery Published Version"> <img
src="https://img.shields.io/powershellgallery/v/PSCredentialStore.svg?style=plastic"
alt="PowershellGallery Published Version"
>
</a> </a>
<a href="https://www.powershellgallery.com/packages/PSCredentialStore"> <a href="https://www.powershellgallery.com/packages/PSCredentialStore">
<img src="https://img.shields.io/powershellgallery/vpre/PSCredentialStore.svg?label=latest%20preview&style=plastic" /> <img
src="https://img.shields.io/powershellgallery/vpre/PSCredentialStore.svg?label=latest%20preview&style=plastic"
>
</a> </a>
<a href="https://www.powershellgallery.com/packages/PSCredentialStore"> <a href="https://www.powershellgallery.com/packages/PSCredentialStore">
<img src="https://img.shields.io/powershellgallery/dt/PSCredentialStore.svg?style=plastic" /> <img
src="https://img.shields.io/powershellgallery/dt/PSCredentialStore.svg?style=plastic"
>
</a> </a>
</p> </p>
## :key: General ## :key: General
The PSCredentialStore is a simple credential manager for `PSCredential` objects. It stores PSCredentials in a simple json The PSCredentialStore is a simple credential manager for `PSCredential` objects. It stores PSCredentials in a simple
file. You can choose between a private and shared credential store. The private one exists in your profile and can json file. You can choose between a private and shared credential store. The private one exists in your profile and
ony accessed by your account on the same machine. The shared store enables you to use different credentials for your can ony accessed by your account on the same machine. The shared store enables you to use different credentials for
scripts without exposing them as plain text. your scripts without exposing them as plain text.
PSCredentialStore was developed to simplify the delegation of complex powershell scripts. In this case you often PSCredentialStore was developed to simplify the delegation of complex powershell scripts. In this case you often
need to store credentials for non interactive usage like in scheduled tasks. need to store credentials for non interactive usage like in scheduled tasks.
@ -51,10 +64,10 @@ need to store credentials for non interactive usage like in scheduled tasks.
Starting with version `1.0.0` PSCredential uses Pfx certificates fo encryption. You can use Pfx certificate files Starting with version `1.0.0` PSCredential uses Pfx certificates fo encryption. You can use Pfx certificate files
or certificates stored in the certificate store. or certificates stored in the certificate store.
For more details read the [about_PSCredentialStore](/docs/about_PSCredentialStore.md) page on gitea or via CLI with For more details read the [about_PSCredentialStore](docs/about_PSCredentialStore.md) page on Gitea or via CLI with
`Get-Help about_PSCredentialStore`. `Get-Help about_PSCredentialStore`.
You can find the [reference](/docs/PSCredentialStore.md) in the /docs/ path as well. You can find the full [reference](docs/Readme.md) in the */docs/* path as well.
## :vulcan_salute: Requirements ## :vulcan_salute: Requirements
@ -63,24 +76,26 @@ You can find the [reference](/docs/PSCredentialStore.md) in the /docs/ path as w
## :bomb: About Security ## :bomb: About Security
>This section explains some security topics and the the design decisions we made to balance the usage and security needs. > This section explains some security topics and the design decisions we made to balance the usage and security needs.
To be able to delegate `PSCredentials` objects we can't exclusively rely on the `SecureString` cmdlets. You can't To be able to delegate `PSCredentials` objects we can't exclusively rely on the `SecureString` cmdlets. You can't
decrypt and reuse such credentials from a different user account or even machine. This is caused by automatically decrypt and reuse such credentials from a different user account or even machine. This is caused by automatically
generated encryption key which, is used create a `Secure String` based encrypted string. generated encryption key, which is used create a `Secure String` based encrypted string.
In order to delegate a password, while still using the underlying security framework, we have to provide a custom In order to delegate a password, while still using the underlying security framework, we have to provide a custom
encryption key. This leads to the fact, that everyone who has access to the key could encrypt or decrypt your data. encryption key. This leads to the fact, that everyone who has access to the key could encrypt or decrypt your data.
So we decided to use the public and private keys from valid certificates as part of the custom encryption keys to encrypt your data. So we decided to use the public and private keys from valid certificates as part of the custom encryption keys to
encrypt your data.
This means clearly: Everyone who has access to the `CredentialStore` needs also access to the certificate file to work with it. This means clearly: Everyone who has access to the `CredentialStore` needs also access to the certificate file to
work with it.
Keep in mind you need to secure the access with your NTFS file permissions to avoid unwanted usage. Another option is Keep in mind you need to secure the access with your NTFS file permissions to avoid unwanted usage. Another option
to import the certificate into your certification vaults of you operating system. In this case you can grand the is to import the certificate into your certification vaults of you operating system. In this case you can grand the
permission to the certificates itself. permission to the certificates itself.
Here is s brief hierarchy description of the certificate location: *(First match wins)* Here is a brief hierarchy description for the certificate lookup order: *(First match wins)*
| CredentialStore Type | Certificate Location | | CredentialStore Type | Certificate Location |
| -------------------- | ---------------------- | | -------------------- | ---------------------- |
@ -95,7 +110,7 @@ Here is s brief hierarchy description of the certificate location: *(First match
### :artificial_satellite: PowerShellGallery.com (Recommended Way) ### :artificial_satellite: PowerShellGallery.com (Recommended Way)
* Make sure you use PowerShell 5.1 or higher with `$PSVersionTable`. * Make sure you use PowerShell 5.1 or higher with `$PSVersionTable`.
* Use the builtin PackageManagement and install with: `Import-Module PowerShellGet; Install-Module 'PSCredentialStore' -Repository 'PSGallery'` * Use the builtin PackageManagement + PowerShellGet module and install PSCredentialStore with: `Import-Module PowerShellGet; Install-Module 'PSCredentialStore' -Repository 'PSGallery'`
* Additionally use the `-AllowPrerelease` switch until we publish the final release! * Additionally use the `-AllowPrerelease` switch until we publish the final release!
* Done. Start exploring the Module with `Import-Module PSCredentialStore; Get-Command -Module PSCredentialStore` * Done. Start exploring the Module with `Import-Module PSCredentialStore; Get-Command -Module PSCredentialStore`
@ -109,8 +124,9 @@ Here is s brief hierarchy description of the certificate location: *(First match
### :sparkles: Quick Start ### :sparkles: Quick Start
**1.** First we need a blank credential store. You can decide between a *private* or *shared* store. The private **1.** First we need a blank credential store. You can decide between a *private* or *shared* one.
Credential Store can only be accessed with your profile on the machine you created it.
> :bulb: Note: The private credential store can only be accessed with your profile on the machine you created it.
Starting with version `1.0.0` you can decide the storage type of your fresh created certificate. As default Starting with version `1.0.0` you can decide the storage type of your fresh created certificate. As default
PSCredentialStore creates a new pfx certificate file beside the credential store itself. Optionally you can provide PSCredentialStore creates a new pfx certificate file beside the credential store itself. Optionally you can provide
@ -131,6 +147,7 @@ New-CredentialStore -Shared -Path 'C:\CredentialStore.json'
``` ```
**2.** Now you can manage your credential store items: **2.** Now you can manage your credential store items:
```powershell ```powershell
# This will prompt for credentials and stores it in a private store # This will prompt for credentials and stores it in a private store
New-CredentialStoreItem -RemoteHost 'dc01.myside.local' -Identifier 'AD' New-CredentialStoreItem -RemoteHost 'dc01.myside.local' -Identifier 'AD'
@ -141,7 +158,7 @@ Invoke-Command -ComputerName 'dc01.myside.local' -Credential $DCCreds -ScripBloc
``` ```
The credential store contains also a simple function to establish a connection with several systems or protocols. The credential store contains also a simple function to establish a connection with several systems or protocols.
If you have already installed the underlying framework / modules, you can connect these endpoints: If you have already installed the underlying framework / modules, you can connect to these endpoint types:
* **CiscoUcs** - Establish a connection to a Cisco UCS fabric interconnect. * **CiscoUcs** - Establish a connection to a Cisco UCS fabric interconnect.
* Required Modules: [`Cisco.UCS.Core`, `Cisco.UCSManager`](https://software.cisco.com/download/release.html?i=!y&mdfid=286305108&softwareid=284574017&release=2.1.1) * Required Modules: [`Cisco.UCS.Core`, `Cisco.UCSManager`](https://software.cisco.com/download/release.html?i=!y&mdfid=286305108&softwareid=284574017&release=2.1.1)

29
docs/Connect-To.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---
@ -35,31 +36,36 @@ Connect-To -RemoteHost "ucs.myside.local" -Type CiscoUcs
### EXAMPLE 2 ### EXAMPLE 2
``` ```
Connect-To -RemoteHost "ftp.myside.local" -Type FTP Connect-To -RemoteHost "ucscentral.myside.local" -Type 'CiscoUcsCentral'
``` ```
### EXAMPLE 3 ### EXAMPLE 3
``` ```
Connect-To -RemoteHost "fas.myside.local" -Type NetAppFAS Connect-To -RemoteHost "ftp.myside.local" -Type FTP
``` ```
### EXAMPLE 4 ### EXAMPLE 4
``` ```
Connect-To -RemoteHost "esx01.myside.local" -Type VMware Connect-To -RemoteHost "fas.myside.local" -Type NetAppFAS
``` ```
### EXAMPLE 5 ### EXAMPLE 5
``` ```
Connect-To -RemoteHost "vCenter.myside.local" -Type CisServer Connect-To -RemoteHost "esx01.myside.local" -Type VMware
``` ```
### EXAMPLE 6 ### EXAMPLE 6
``` ```
Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTP Connect-To -RemoteHost "vCenter.myside.local" -Type CisServer
``` ```
### EXAMPLE 7 ### EXAMPLE 7
``` ```
Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTP
```
### EXAMPLE 8
```
Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTPS Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTPS
``` ```
@ -166,7 +172,16 @@ Accept wildcard characters: False
### -Type ### -Type
Specify the host type of the target. Specify the host type of the target.
Currently implemented targets are: Possible connection values are: Currently implemented targets are: Possible connection values are:
CiscoUcs, FTP, NetAppFAS, VMware, CisServer, ExchangeHTTP, ExchangeHTTPS, SCP.
- CiscoUcs
- CiscoUcsCentral
- CisServer
- ExchangeHTTP
- ExchangeHTTPS
- FTP
- NetAppFAS
- SCP
- VMware
```yaml ```yaml
Type: String Type: String

16
docs/Disconnect-From.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---
@ -94,8 +95,17 @@ Accept wildcard characters: False
### -Type ### -Type
Specify the host type of the target. Specify the host type of the target.
Currently implemented targets are: CiscoUcs, FTP, NetAppFAS, VMware, Currently implemented targets are:
CisServer, ExchangeHTTP, ExchangeHTTPS, SCP.
- CiscoUcs
- CiscoUcsCentral
- FTP
- NetAppFAS
- VMware
- CisServer
- ExchangeHTTP
- ExchangeHTTPS
- SCP
```yaml ```yaml
Type: String Type: String

3
docs/Get-CSCertificate.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

3
docs/Get-CredentialStore.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

3
docs/Get-CredentialStoreItem.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

3
docs/Import-CSCertificate.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

13
docs/New-CSCertAttribute.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---
@ -23,7 +24,15 @@ Defines the certificate related properties for an upcoming New-PfxCertificate ex
### EXAMPLE 1 ### EXAMPLE 1
``` ```
New-CSCertAttribute -Country 'DE' -State 'BW' -City 'Karlsruhe' -Organization 'AwesomeIT' -OrganizationalUnitName '' -CommonName 'MyPrivateCert' $AttribParams = @{
Country = 'DE'
State = 'BW'
City = 'Karlsruhe'
Organization ='AwesomeIT'
OrganizationalUnitName ='PSCredentialStore'
CommonName ='MyPrivateCert'
}
New-CSCertAttribute @AttribParams
``` ```
## PARAMETERS ## PARAMETERS

3
docs/New-CSCertificate.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

15
docs/New-CredentialStore.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---
@ -123,8 +124,8 @@ Accept wildcard characters: False
### -SkipPFXCertCreation ### -SkipPFXCertCreation
You can skip the pfx certificate creation process. You can skip the pfx certificate creation process.
This makes sense if you have a previously created cert or want to This makes sense if you have a previously created cert
import a cert in cross-platform environments. or want to import a cert in cross-platform environments.
```yaml ```yaml
Type: SwitchParameter Type: SwitchParameter
@ -139,10 +140,10 @@ Accept wildcard characters: False
``` ```
### -UseCertStore ### -UseCertStore
Instead of using a plain pfx file beside your CredentialStore file you can import it into the user or machine Instead of using a plain pfx file beside your CredentialStore file you can import it into the user or
certificate store. machine certificate store.
In this case the system itself secures the cert and you don't hat to set custom NTFS In this case the system itself secures the cert and you don't hat to set custom
permissions so secure your shared certificate. NTFS permissions so secure your shared certificate.
```yaml ```yaml
Type: SwitchParameter Type: SwitchParameter

3
docs/New-CredentialStoreItem.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

4
docs/PSCredentialStore.md → docs/Readme.md
View File

@ -1,6 +1,6 @@
--- ---
Module Name: PSCredentialStore Module Name: PSCredentialStore
Module Guid: 6800e192-9df8-4e30-b253-eb2c799bbe84 6800e192-9df8-4e30-b253-eb2c799bbe84 Module Guid: 6800e192-9df8-4e30-b253-eb2c799bbe84
Download Help Link: {{ Update Download Link }} Download Help Link: {{ Update Download Link }}
Help Version: {{ Please enter version of help manually (X.X.X.X) format }} Help Version: {{ Please enter version of help manually (X.X.X.X) format }}
Locale: en-US Locale: en-US
@ -8,7 +8,7 @@ Locale: en-US
# PSCredentialStore Module # PSCredentialStore Module
## Description ## Description
{{ Fill in the Description }} See global Readme file for usage instructions.
## PSCredentialStore Cmdlets ## PSCredentialStore Cmdlets
### [Connect-To](Connect-To.md) ### [Connect-To](Connect-To.md)

3
docs/Remove-CredentialStoreItem.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

3
docs/Set-CredentialStoreItem.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

3
docs/Test-CSCertificate.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

3
docs/Test-CSConnection.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

3
docs/Test-CredentialStore.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

8
docs/Test-CredentialStoreItem.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---
@ -27,6 +28,11 @@ Use this cmdlet for basic checks with a single item.
Check the item first with this function before Check the item first with this function before
you try to interact with it. you try to interact with it.
Breaking Change for \`v1.1.0+\`:
Test-CredentialStoreItem will return \`$false\` even if the store doesn't exist.
We removed the terminating
error and replaced it with a warning message.
## EXAMPLES ## EXAMPLES
### EXAMPLE 1 ### EXAMPLE 1

3
docs/Use-CSCertificate.md
View File

@ -1,6 +1,7 @@
--- ---
external help file: PSCredentialStore-help.xml external help file: ModuleRoot-help.xml
Module Name: PSCredentialStore Module Name: PSCredentialStore
online version:
schema: 2.0.0 schema: 2.0.0
--- ---

38
resources/Dependency.json
View File

@ -1,38 +0,0 @@
{
"Version": 0.1,
"Mandatory": {},
"Optional": [
{
"Name": "foobar2000",
"Modules": [
"foobar2000"
]
},
{
"Name": "foo",
"Modules": [
"foo",
"bar"
]
},
{
"Name": "bar",
"Modules": [
"bar"
]
},
{
"Name": "Existing",
"Modules": [
"PowerShellGet"
]
},
{
"Name": "PSGetMixed",
"Modules": [
"PowerShellGet",
"foobar2000"
]
}
]
}

2
src/Certificate/New-CSCertificate.ps1
View File

@ -66,7 +66,7 @@ function New-CSCertificate {
($PSVersionTable.PSEdition -eq 'Desktop' -and $PSVersionTable.PSVersion.Major -lt 6) -or ($PSVersionTable.PSEdition -eq 'Desktop' -and $PSVersionTable.PSVersion.Major -lt 6) -or
($IsWindows -eq $true) ($IsWindows -eq $true)
) { ) {
$openssl = Join-Path -Path $ModuleBase -ChildPath '/Vendor/libressl255/openssl.exe' $openssl = Join-Path -Path $ModuleBase -ChildPath '/Vendor/libressl/openssl.exe'
} }
$Env:OPENSSL_CONF = Join-Path $ModuleBase -ChildPath '/openssl.conf' $Env:OPENSSL_CONF = Join-Path $ModuleBase -ChildPath '/openssl.conf'

326
src/Connection/Connect-To.ps1
View File

@ -10,12 +10,22 @@ function Connect-To {
Specify the host, for which you would like to change the credentials. Specify the host, for which you would like to change the credentials.
.PARAMETER Identifier .PARAMETER Identifier
Defaults to "". Specify a string, which separates two CredentialStoreItems for the Defaults to ''. Specify a string, which separates two CredentialStoreItems for the
same hostname. same hostname.
.PARAMETER Type .PARAMETER Type
Specify the host type of the target. Currently implemented targets are: Possible connection values are: Specify the host type of the target. Currently implemented targets are: Possible connection values are:
CiscoUcs, FTP, NetAppFAS, VMware, CisServer, ExchangeHTTP, ExchangeHTTPS, SCP.
- CiscoUcs
- CiscoUcsCentral
- ExchangeHTTP
- ExchangeHTTPS
- FTP
- NetAppFAS
- NetAppStorageGRID
- SCP
- VMware
- VMwareCisServer
.PARAMETER Credentials .PARAMETER Credentials
Use this parameter to bypass the stored credentials. Without this parameter Connect-To tries to read the Use this parameter to bypass the stored credentials. Without this parameter Connect-To tries to read the
@ -39,33 +49,42 @@ function Connect-To {
[None] [None]
.EXAMPLE .EXAMPLE
Connect-To -RemoteHost "ucs.myside.local" -Type CiscoUcs Connect-To -RemoteHost 'vc.domain.local' -Type CisServer
.EXAMPLE .EXAMPLE
Connect-To -RemoteHost "ftp.myside.local" -Type FTP Connect-To -RemoteHost 'ucs.domain.local' -Type CiscoUcs
.EXAMPLE .EXAMPLE
Connect-To -RemoteHost "fas.myside.local" -Type NetAppFAS Connect-To -RemoteHost 'ucs-central.domain.local' -Type 'CiscoUcsCentral'
.EXAMPLE .EXAMPLE
Connect-To -RemoteHost "esx01.myside.local" -Type VMware Connect-To -RemoteHost 'exchange01.domain.local' -Type ExchangeHTTP
.EXAMPLE .EXAMPLE
Connect-To -RemoteHost "vCenter.myside.local" -Type CisServer Connect-To -RemoteHost 'exchange01.domain.local' -Type ExchangeHTTPS
.EXAMPLE .EXAMPLE
Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTP Connect-To -RemoteHost 'ftp.domain.local' -Type FTP
.EXAMPLE .EXAMPLE
Connect-To -RemoteHost "exchange01.myside.local" -Type ExchangeHTTPS Connect-To -RemoteHost 'fas.domain.local' -Type NetAppFAS
.EXAMPLE
Connect-To -RemoteHost 'grid.domain.local' -Type NetAppStorageGRID
.EXAMPLE
Connect-To -RemoteHost 'esx01.domain.local' -Type VMware
#> #>
[CmdletBinding(DefaultParameterSetName = 'Private')] [CmdletBinding(DefaultParameterSetName = 'Private')]
[Diagnostics.CodeAnalysis.SuppressMessageAttribute( [Diagnostics.CodeAnalysis.SuppressMessageAttribute(
'PSAvoidGlobalVars', 'PSAvoidGlobalVars',
'', '',
Justification = 'Wrapping existing var from WinSCP module.' Justification = 'Wrapping existing var from WinSCP module.'
)] )]
param ( param (
[Parameter(Mandatory = $true, ParameterSetName = 'Shared')] [Parameter(Mandatory = $true, ParameterSetName = 'Shared')]
[Parameter(Mandatory = $true, ParameterSetName = 'Private')] [Parameter(Mandatory = $true, ParameterSetName = 'Private')]
@ -79,13 +98,15 @@ function Connect-To {
[Parameter(Mandatory = $true, ParameterSetName = 'Private')] [Parameter(Mandatory = $true, ParameterSetName = 'Private')]
[ValidateSet( [ValidateSet(
'CiscoUcs', 'CiscoUcs',
'FTP', 'CiscoUcsCentral',
'NetAppFAS',
'VMware',
'CisServer',
'ExchangeHTTP', 'ExchangeHTTP',
'ExchangeHTTPS', 'ExchangeHTTPS',
'SCP' 'FTP',
'NetAppFAS',
'NetAppStorageGRID',
'SCP',
'VMware',
'VMwareCisServer'
)] )]
[string] $Type, [string] $Type,
@ -107,7 +128,7 @@ function Connect-To {
begin { begin {
# Set the CredentialStore for private, shared or custom mode. # Set the CredentialStore for private, shared or custom mode.
Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName) Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
if ($PSCmdlet.ParameterSetName -eq 'Private') { if ($PSCmdlet.ParameterSetName -eq 'Private') {
$Path = Get-DefaultCredentialStorePath $Path = Get-DefaultCredentialStorePath
} }
@ -117,14 +138,8 @@ function Connect-To {
} }
} }
# First check the optional modules
if (-not (Resolve-Dependency -Name $Type)) {
Write-Error -Message (
"Could not resolve the optional dependencies defined for {0}" -f $Type
) -ErrorAction 'Stop'
}
switch ($Type) { switch ($Type) {
"VMware" { 'VMware' {
# Disable the yellow certificate warning, since we haven't replaced the SSL certs for vCenter/ESXi # Disable the yellow certificate warning, since we haven't replaced the SSL certs for vCenter/ESXi
$null = Set-PowerCLIConfiguration -Scope Session -InvalidCertificateAction Ignore -Confirm:$false $null = Set-PowerCLIConfiguration -Scope Session -InvalidCertificateAction Ignore -Confirm:$false
@ -132,6 +147,11 @@ function Connect-To {
$null = Set-PowerCLIConfiguration -Scope Session -ProxyPolicy NoProxy -Confirm:$false $null = Set-PowerCLIConfiguration -Scope Session -ProxyPolicy NoProxy -Confirm:$false
} }
} }
# Set sane defaults for Progress, ErrorAction and InformationPreference
$ProgressPreference = 'SilentlyContinue'
$ErrorActionPreference = 'Stop'
$InformationPreference = 'Continue'
} }
process { process {
@ -142,8 +162,8 @@ function Connect-To {
# Check if $Identifier has been defined, in which case we need to use different name for # Check if $Identifier has been defined, in which case we need to use different name for
# the lookup of the CredentialStoreItem. # the lookup of the CredentialStoreItem.
try { try {
if ($Identifier -ne "") { if ($Identifier -ne '') {
$RemoteHostIdentifier = "{0}/{1}" -f $Identifier, $RemoteHost $RemoteHostIdentifier = '{0}/{1}' -f $Identifier, $RemoteHost
$creds = Get-CredentialStoreItem -Shared -RemoteHost $RemoteHostIdentifier -Path $Path $creds = Get-CredentialStoreItem -Shared -RemoteHost $RemoteHostIdentifier -Path $Path
} }
else { else {
@ -154,8 +174,8 @@ function Connect-To {
catch { catch {
$MessageParams = @{ $MessageParams = @{
Message = ( Message = (
"Unable to look up credential store item for RemoteHost " + 'Unable to look up credential store item for RemoteHost ' +
("{0}/Identifier {1}!" -f $RemoteHost, $Identifier) ('{0}/Identifier {1}!' -f $RemoteHost, $Identifier)
) )
ErrorAction = 'Stop' ErrorAction = 'Stop'
} }
@ -166,30 +186,70 @@ function Connect-To {
$creds = $Credentials $creds = $Credentials
} }
if ($creds.UserName -eq "" -or $creds.Password.GetType().Name -ne 'SecureString') { if ($creds.UserName -eq '' -or $creds.Password.GetType().Name -ne 'SecureString') {
$MessageParams = @{ $MessageParams = @{
Message = "Please provide valid credentials for RemoteHost {0}!" -f $RemoteHost Message = 'Please provide valid credentials for RemoteHost {0}!' -f $RemoteHost
ErrorAction = 'Stop' ErrorAction = 'Stop'
} }
Write-Error @MessageParams Write-Error @MessageParams
} }
else { else {
switch ($Type) { switch ($Type) {
"CiscoUcs" { 'CiscoUcs' {
try { try {
$handle = Connect-Ucs -Name $RemoteHost -Credential $creds -ErrorAction 'Stop' -NotDefault $handle = Connect-Ucs -Name $RemoteHost -Credential $creds -NotDefault
$ExecutionContext.SessionState.PSVariable.Set('DefaultUcs', $handle) $ExecutionContext.SessionState.PSVariable.Set('DefaultUcs', $handle)
} }
catch { catch {
$MessageParams = @{ Write-Error -Message ('Unable to connect to {0} using Type {1}.' -f $RemoteHost, $Type)
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
} }
} }
"FTP" {
'CiscoUcsCentral' {
try {
$handle = Connect-UcsCentral -Name $RemoteHost -Credential $creds -NotDefault
$ExecutionContext.SessionState.PSVariable.Set('DefaultUcsCentral', $handle)
}
catch {
Write-Error -Message ('Unable to connect to {0} using {1}' -f $RemoteHost, $Type)
}
}
'ExchangeHTTP' {
try {
$ConnectionParams = @{
ConnectionURI = 'http://{0}/powershell' -f $RemoteHost
ConfigurationName = 'Microsoft.Exchange'
Credential = $creds
}
$global:PSExchangeRemote = New-PSSession @ConnectionParams
# ScriptAnalyzer issue (unused var) workaround.
$null = $global:PSExchangeRemote
}
catch {
# Write a error message to the log.
Write-Error -Message ('Unable to connect to {0} using Type {1}.' -f $RemoteHost, $Type)
}
}
'ExchangeHTTPS' {
try {
$ConnectionParams = @{
ConnectionURI = 'https://{0}/powershell' -f $RemoteHost
ConfigurationName = 'Microsoft.Exchange'
Credential = $creds
}
$global:PSExchangeRemote = New-PSSession @ConnectionParams
}
catch {
# Write a error message to the log.
Write-Error -Message ('Unable to connect to {0} using Type {1}.' -f $RemoteHost, $Type)
}
}
'FTP' {
# First establish the FTP session # First establish the FTP session
$WinSCPConParams = @{ $WinSCPConParams = @{
Credential = $creds Credential = $creds
@ -197,115 +257,81 @@ function Connect-To {
Protocol = 'Ftp' Protocol = 'Ftp'
FtpMode = 'Passive' FtpMode = 'Passive'
} }
try { try {
$FTPSessionOption = New-WinSCPSessionOption @WinSCPConParams $FTPSessionOption = New-WinSCPSessionOption @WinSCPConParams
$Global:WinSCPSession = New-WinSCPSession -SessionOption $FTPSessionOption $global:WinSCPSession = New-WinSCPSession -SessionOption $FTPSessionOption
} }
catch { catch {
throw "Could not connect to {0} using {1} protocol!" -f $RemoteHost, $Type Write-Error -Message ('Could not connect to {0} using {1} protocol!' -f $RemoteHost, $Type)
} }
# Check the Connection State # Check the Connection State
if (!($WinSCPSession.Opened)) { if (-not $WinSCPSession.Opened) {
# Check the connection state and find out if the session is still open. # Check the connection state and find out if the session is still open.
$MessageParams = @{ $m = 'Connection to {0} using Type {1} was established. ' -f $RemoteHost, $Type
Message = ( $m += 'But now it seems to be lost!'
("Connection to {0} using Type {1} " -f $RemoteHost, $Type) + Write-Error -Message $m
"was established. But now it seems to be lost!"
)
ErrorAction = 'Stop'
} }
Write-Error @MessageParams
}
}
"NetAppFAS" {
try {
$null = Connect-NcController -Name $RemoteHost -Credential $creds -ErrorAction Stop -HTTPS
} }
catch { 'NetAppFAS' {
# Write a error message to the log. # Construct the splatting for Connect-NcController
$MessageParams = @{ $params = @{
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type Name = $RemoteHost
ErrorAction = 'Stop'
}
Write-Error @MessageParams
}
}
"VMware" {
try {
Connect-VIServer -Server $RemoteHost -Credential $creds -ErrorAction Stop | Out-Null
}
catch {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
}
}
"CisServer" {
try {
if ($PassThru.IsPresent) {
Connect-CisServer -Server $RemoteHost -Credential $creds -ErrorAction Stop
}
else {
Connect-CisServer -Server $RemoteHost -Credential $creds -ErrorAction Stop | Out-Null
}
}
catch {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
}
}
"ExchangeHTTP" {
try {
$ConnectionParams = @{
ConnectionURI = "http://{0}/powershell" -f $RemoteHost
ConfigurationName = 'Microsoft.Exchange'
Credential = $creds Credential = $creds
ErrorAction = 'Stop' HTTPS = $true
} }
$Global:PSExchangeRemote = New-PSSession @ConnectionParams
# ScriptAnalyzer issue (unused var) workaround. # Check if -PassThru was passed. If so, a) do not set the default variable and b) return the
$null = $Global:PSExchangeRemote # session object to the caller.
if ($PSBoundParameters.ContainsKey('PassThru')) {
$params.Add('Transient', $true)
} }
catch {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
}
}
"ExchangeHTTPS" {
try { try {
$ConnectionParams = @{ $handle = Connect-NcController @params
ConnectionURI = "https://{0}/powershell" -f $RemoteHost
ConfigurationName = 'Microsoft.Exchange'
Credential = $creds
ErrorAction = 'Stop'
}
$Global:PSExchangeRemote = New-PSSession @ConnectionParams
} }
catch { catch {
# Write a error message to the log. # Write a error message to the log.
$MessageParams = @{ Write-Error -Message ('Unable to connect to {0} using Type {1}.' -f $RemoteHost, $Type)
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
} }
Write-Error @MessageParams
if ($PSBoundParameters.ContainsKey('PassThru')) {
return $handle
} }
} }
"SCP" {
'NetAppStorageGRID' {
# Construct the splatting for Connect-SgwServer
$params = @{
Name = $RemoteHost
Credential = $creds
SkipCertificateCheck = $true
}
# Check if -PassThru was passed. If so, a) do not set the default variable and b) return the
# session object to the caller.
if ($PSBoundParameters.ContainsKey('PassThru')) {
$params.Add('Transient', $true)
}
try {
$SgwSession = Connect-SgwServer @params
}
catch {
# Write a error message to the log.
Write-Error -Message ('Unable to connect to {0} using Type {1}.' -f $RemoteHost, $Type)
}
if ($PSBoundParameters.ContainsKey('PassThru')) {
return $SgwSession
}
}
'SCP' {
$WinSCPSessionParams = @{ $WinSCPSessionParams = @{
Credential = $creds Credential = $creds
Hostname = $RemoteHost Hostname = $RemoteHost
@ -314,39 +340,49 @@ function Connect-To {
} }
try { try {
$SessionOption = New-WinSCPSessionOption @WinSCPSessionParams $SessionOption = New-WinSCPSessionOption @WinSCPSessionParams
$Global:WinSCPSession = New-WinSCPSession -SessionOption $SessionOption $global:WinSCPSession = New-WinSCPSession -SessionOption $SessionOption
Write-Verbose -Message ( Write-Verbose -Message (
"SCP Connection established with {0}" -f $Global:WinSCPSession.Hostname 'SCP Connection established with {0}' -f $global:WinSCPSession.Hostname
) )
} }
catch { catch {
# Write a error message to the log. # Write a error message to the log.
$MessageParams = @{ Write-Error -Message ('Unable to connect to {0} using Type {1}.' -f $RemoteHost, $Type)
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
} }
# Check the Connection State # Check the Connection State
if (!($WinSCPSession.Opened)) { if (!($WinSCPSession.Opened)) {
# Check the connection state and find out if the session is still open. # Check the connection state and find out if the session is still open.
$MessageParams = @{ $m = 'Connection to {0} using Type {1} was established. ' -f $RemoteHost, $Type
Message = ( $m += 'But now it seems to be lost!'
("Connection to {0} using Type {1} was established. " -f $RemoteHost, $Type) + Write-Error -Message $m
"But now it seems to be lost!"
)
ErrorAction = 'Stop'
}
Write-Error @MessageParams
} }
} }
default {
'VMware' {
try {
Connect-VIServer -Server $RemoteHost -Credential $creds -ErrorAction Stop | Out-Null
}
catch {
# Write a error message to the log. # Write a error message to the log.
$MessageParams = @{ Write-Error -Message ('Unable to connect to {0} using Type {1}.' -f $RemoteHost, $Type)
Message = "Unable to connect to {0} using Type {1}." -f $RemoteHost, $Type }
ErrorAction = 'Stop' }
'VMwareCisServer' {
try {
if ($PassThru.IsPresent) {
Connect-CisServer -Server $RemoteHost -Credential $creds
}
else {
$null = Connect-CisServer -Server $RemoteHost -Credential $creds
}
}
catch {
# Write a error message to the log.
Write-Error -Message ('Unable to connect to {0} using Type {1}.' -f $RemoteHost, $Type)
} }
Write-Error @MessageParams
} }
} }
} }

235
src/Connection/Disconnect-From.ps1
View File

@ -1,21 +1,26 @@
function Disconnect-From { function Disconnect-From {
<# <#
.SYNOPSIS .SYNOPSIS
Terminates a session established with Connect-To using a CredentialStoreItem. Terminates a session established with Connect-To.
.DESCRIPTION .DESCRIPTION
Terminates a session established with Connect-To using a CredentialStoreItem. Terminates a session established with Connect-To.
.PARAMETER RemoteHost .PARAMETER RemoteHost
Specify the remote endpoint, whose session you would like to terminate. Specify the remote endpoint, whose session you would like to terminate.
.PARAMETER Identifier
Defaults to "". Specify a string, which separates two CredentialStoreItems for the
same hostname.
.PARAMETER Type .PARAMETER Type
Specify the host type of the target. Currently implemented targets are: CiscoUcs, FTP, NetAppFAS, VMware, Specify the host type of the target. Currently implemented targets are:
CisServer, ExchangeHTTP, ExchangeHTTPS, SCP. - CiscoUcs
- CiscoUcsCentral
- ExchangeHTTP
- ExchangeHTTPS
- FTP
- NetAppFAS
- NetAppStorageGRID
- SCP
- VMware
- VMwareCisServer
.PARAMETER Force .PARAMETER Force
Force the disconnect, even if the disconnect would fail. Force the disconnect, even if the disconnect would fail.
@ -27,36 +32,45 @@ function Disconnect-From {
[None] [None]
.EXAMPLE .EXAMPLE
Disconnect-From -RemoteHost "ucs.myside.local" -Type CiscoUcs Disconnect-From -RemoteHost 'vc.domain.local' -Type CisServer
.EXAMPLE .EXAMPLE
Disconnect-From -RemoteHost "ftp.myside.local" -Type FTP Disconnect-From -RemoteHost 'ucs.domain.local' -Type CiscoUcs
.EXAMPLE .EXAMPLE
Disconnect-From -RemoteHost "fas.myside.local" -Type NetAppFAS Disconnect-From -RemoteHost 'ucs-central.domain.local' -Type 'CiscoUcsCentral'
.EXAMPLE .EXAMPLE
Disconnect-From -RemoteHost "esx01.myside.local" -Type VMware Disconnect-From -RemoteHost 'exchange01.domain.local' -Type ExchangeHTTP
.EXAMPLE .EXAMPLE
Disconnect-From -RemoteHost "esx01.myside.local" -Type VMware -Force:$True Disconnect-From -RemoteHost 'exchange01.domain.local' -Type ExchangeHTTPS
.EXAMPLE .EXAMPLE
Disconnect-From -RemoteHost "vcenter.myside.local" -Type CisServer Disconnect-From -RemoteHost 'ftp.domain.local' -Type FTP
.EXAMPLE .EXAMPLE
Disconnect-From -RemoteHost "exchange01.myside.local" -Type ExchangeHTTP Disconnect-From -RemoteHost 'fas.domain.local' -Type NetAppFAS
.EXAMPLE .EXAMPLE
Disconnect-From -RemoteHost "exchange01.myside.local" -Type ExchangeHTTPS Disconnect-From -RemoteHost 'grid.domain.local' -Type NetAppStorageGRID
.EXAMPLE
Disconnect-From -RemoteHost 'esx01.domain.local' -Type VMware
.EXAMPLE
Disconnect-From -RemoteHost 'esx01.domain.local' -Type VMware -Force:$True
#> #>
[CmdletBinding()] [CmdletBinding()]
[Diagnostics.CodeAnalysis.SuppressMessageAttribute( [Diagnostics.CodeAnalysis.SuppressMessageAttribute(
'PSAvoidGlobalVars', 'PSAvoidGlobalVars',
'', '',
Justification = 'Wrapping existing global vars from external modules' Justification = 'Wrapping existing global vars from external modules'
)] )]
param ( param (
[Parameter(Mandatory = $true)] [Parameter(Mandatory = $true)]
[string] $RemoteHost, [string] $RemoteHost,
@ -64,13 +78,15 @@ function Disconnect-From {
[Parameter(Mandatory = $true)] [Parameter(Mandatory = $true)]
[ValidateSet( [ValidateSet(
'CiscoUcs', 'CiscoUcs',
'FTP', 'CiscoUcsCentral',
'NetAppFAS',
'VMware',
'CisServer',
'ExchangeHTTP', 'ExchangeHTTP',
'ExchangeHTTPS', 'ExchangeHTTPS',
'SCP' 'FTP',
'NetAppFAS',
'NetAppStorageGRID',
'SCP',
'VMware',
'VMwareCisServer'
)] )]
[string] $Type, [string] $Type,
@ -78,134 +94,133 @@ function Disconnect-From {
[switch] $Force [switch] $Force
) )
begin {} begin {
# Set sane defaults for Progress, ErrorAction and InformationPreference
$ProgressPreference = 'SilentlyContinue'
$ErrorActionPreference = 'Stop'
$InformationPreference = 'Continue'
}
process { process {
switch -Regex ($Type) { switch -Regex ($Type) {
"VMware" { 'CiscoUcs' {
try { try {
if ($Force) { $null = Disconnect-Ucs -Ucs $RemoteHost
Disconnect-VIServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop -Force:$true
}
else {
Disconnect-VIServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop
}
} }
catch { catch {
# Write a error message to the log. # Write a error message to the log.
$MessageParams = @{ Write-Error -Message ('Unable to disconnect from {0} using Type {1}.' -f $RemoteHost, $Type)
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
}
}
"CisServer" {
try {
if ($Force) {
Disconnect-CisServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop -Force:$true
}
else {
Disconnect-CisServer -Server $RemoteHost -Confirm:$false -ErrorAction Stop
} }
} }
'CiscoUCSCentral' {
try {
$null = Disconnect-UcsCentral -Name $RemoteHost
$ExecutionContext.SessionState.PSVariable.Set('DefaultUcsCentral', $null)
}
catch { catch {
# Write a error message to the log. Write-Error -Message ('Unable to disconnect from {0} using Type {1}.' -f $RemoteHost, $Type)
$MessageParams = @{
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
} }
} }
'ExchangeHTTP*' {
try {
Get-Variable -Name 'PSExchangeRemote' -Scope 'Global'
Remove-PSSession -Session $global:PSExchangeRemote
}
catch {
Write-Error -Message ('Unable to disconnect from {0} using Type {1}.' -f $RemoteHost, $Type)
}
}
# Check for an existing WinSCP Session var # Check for an existing WinSCP Session var
"FTP" { 'FTP' {
if ($Global:WinSCPSession.Opened) { if ($global:WinSCPSession.Opened) {
Remove-WinSCPSession -WinSCPSession $Global:WinSCPSession Remove-WinSCPSession -WinSCPSession $global:WinSCPSession
} }
else { else {
$MessageParams = @{ Write-Error -Message 'There is no open WinSCP Session'
Message = 'There is no open WinSCP Session'
ErrorAction = 'Stop'
}
Write-Error @MessageParams
} }
} }
# DataONTAP doesn't have a CmdLet `Disconnect-NcController`. # DataONTAP doesn't have a CmdLet `Disconnect-NcController`.
# So we go ahead and clear the CurrentNcController variable. # So we go ahead and clear the CurrentNcController variable.
"NetAppFAS" { 'NetAppFAS' {
try { try {
$MessageParams = @{ $m = 'Setting {0} to $null, which will disconnect NetAppFAS' -f $global:CurrentNcController
Message = ( Write-Verbose -Message $m
"Setting {0} to `$null, which will disconnect NetAppFAS" -f $Global:CurrentNcController $global:CurrentNcController = $null
)
ErrorAction = 'Continue'
}
Write-Verbose @MessageParams
$Global:CurrentNcController = $null
} }
catch { catch {
# Write a error message to the log. # Write a error message to the log.
$MessageParams = @{ Write-Error -Message ('Unable to disconnect from {0} using Type {1}.' -f $RemoteHost, $Type)
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
} }
Write-Error @MessageParams
} }
} 'NetAppSGWS' {
"CiscoUcs" {
try { try {
Disconnect-Ucs -Ucs $RemoteHost $null = Disconnect-SgwServer -Server $RemoteHost
$null = Remove-Variable -Name CurrentSgwServer -Scope Global -ErrorAction 'SilentlyContinue'
} }
catch { catch {
# Write a error message to the log. # Write a error message to the log.
$MessageParams = @{ Write-Error -Message ('Unable to disconnect from {0} using Type {1}.' -f $RemoteHost, $Type)
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
} }
} }
"ExchangeHTTP*" {
try { 'SCP' {
Get-Variable -Name 'PSExchangeRemote' -Scope Global -ErrorAction Stop if ($global:WinSCPSession.Opened) {
Remove-PSSession -Session $Global:PSExchangeRemote -ErrorAction Stop Remove-WinSCPSession -WinSCPSession $global:WinSCPSession
}
catch {
$MessageParams = @{
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
}
}
"SCP" {
if ($Global:WinSCPSession.Opened) {
Remove-WinSCPSession -WinSCPSession $Global:WinSCPSession
} }
else { else {
$MessageParams = @{ Write-Error -Message 'There is no open WinSCP Session'
Message = 'There is no open WinSCP Session'
ErrorAction = 'Stop'
}
Write-Error @MessageParams
}
}
default {
# Write a error message to the log.
$MessageParams = @{
Message = "Unable to disconnect from {0} using Type {1}." -f $RemoteHost, $Type
ErrorAction = 'Stop'
}
Write-Error @MessageParams
}
} }
} }
end {} 'VMware' {
# Construct the splatting for Disconnect-VIServer
$params = @{
Server = $RemoteHost
Confirm = $false
}
if ($PSBoundParameters.ContainsKey('Force')) {
$params.Add('Force', $true)
}
try {
$null = Disconnect-VIServer @params
}
catch {
# Write a error message to the log.
Write-Error -Message ('Unable to disconnect from {0} using Type {1}.' -f $RemoteHost, $Type)
}
}
'VMwareCisServer' {
try {
if ($Force) {
$null = Disconnect-CisServer -Server $RemoteHost -Confirm:$false -Force:$true
}
else {
$null = Disconnect-CisServer -Server $RemoteHost -Confirm:$false
}
}
catch {
# Write a error message to the log.
Write-Error -Message ('Unable to disconnect from {0} using Type {1}.' -f $RemoteHost, $Type)
}
}
default {
# Write a error message to the log.
Write-Error -Message ('Unable to disconnect from {0} using Type {1}.' -f $RemoteHost, $Type)
}
}
}
} }

2
src/Item/New-CredentialStoreItem.Tests.ps1
View File

@ -102,7 +102,7 @@ Describe "New-CredentialStoreItem" {
It "Missing CredentialStore should throw" { It "Missing CredentialStore should throw" {
{ {
New-CredentialStoreItem -Shared -Path '/tmp/missingStore.json' -RemoteHost 'notrelevant' New-CredentialStoreItem -Shared -Path '/tmp/missingStore.json' -RemoteHost 'notrelevant'
} | Should -Throw "Could not add anything into the given CredentialStore." } | Should -Throw "The given credential store (/tmp/missingStore.json) does not exist!"
} }
} }
Context "Testing pipeline paramter" { Context "Testing pipeline paramter" {

12
src/Item/New-CredentialStoreItem.ps1
View File

@ -32,7 +32,7 @@ function New-CredentialStoreItem {
[None] [None]
.EXAMPLE .EXAMPLE
New-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local" New-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost esx01.myside.local'
#> #>
[CmdletBinding(DefaultParameterSetName = 'Private')] [CmdletBinding(DefaultParameterSetName = 'Private')]
@ -68,7 +68,7 @@ function New-CredentialStoreItem {
begin { begin {
# Set the CredentialStore for private, shared or custom mode. # Set the CredentialStore for private, shared or custom mode.
Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName) Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
if ($PSCmdlet.ParameterSetName -eq 'Private') { if ($PSCmdlet.ParameterSetName -eq 'Private') {
$Path = Get-DefaultCredentialStorePath $Path = Get-DefaultCredentialStorePath
} }
@ -84,9 +84,9 @@ function New-CredentialStoreItem {
if (-not(Test-CredentialStore -Shared -Path $Path)) { if (-not(Test-CredentialStore -Shared -Path $Path)) {
$MessageParams = @{ $MessageParams = @{
Exception = [System.IO.FileNotFoundException]::new( Exception = [System.IO.FileNotFoundException]::new(
'Could not add anything into the given CredentialStore.' 'The given credential store ({0}) does not exist!' -f $Path
) )
ErrorAction = "Stop" ErrorAction = 'Stop'
} }
Write-Error @MessageParams Write-Error @MessageParams
} }
@ -95,8 +95,8 @@ function New-CredentialStoreItem {
$CurrentDate = Get-Date -Format 'u' $CurrentDate = Get-Date -Format 'u'
if ($Identifier -ne "") { if ($Identifier -ne '') {
$CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost $CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
} }
else { else {
$CredentialName = $RemoteHost $CredentialName = $RemoteHost

130
src/Item/Set-CredentialStoreItem.Tests.ps1 Normal file
View File

@ -0,0 +1,130 @@
[Diagnostics.CodeAnalysis.SuppressMessageAttribute(
'PSAvoidUsingConvertToSecureStringWithPlainText',
'',
Justification = 'just used in pester tests.'
)]
[Diagnostics.CodeAnalysis.SuppressMessageAttribute(
'PSProvideCommentHelp',
'',
Justification = 'no need in internal pester helpers.'
)]
param ()
BeforeAll {
$ManifestFile = (Get-Item -Path './src/*.psd1').FullName
Import-Module $ManifestFile -Force
$PrivateFunctions = (Get-ChildItem -Path './src/Private/*.ps1' | Where-Object {
$_.BaseName -notmatch '.Tests'
}
).FullName
foreach ( $func in $PrivateFunctions) {
. $func
}
# Backup existing credential stores
$VerbosePreference = 'Continue'
Write-Verbose -Message 'Backup private Credential Store...'
$CSPath = Get-DefaultCredentialStorePath
$BackupFile = '{0}.back' -f $CSPath
if (Test-Path -Path $CSPath) {
Move-Item -Path $CSPath -Destination $BackupFile
}
Write-Verbose -Message 'Backup shared CredentialStore...'
$CSShared = Get-DefaultCredentialStorePath -Shared
$BackupSharedFile = '{0}.back' -f $CSShared
if (Test-Path -Path $CSShared) {
Move-Item -Path $CSShared -Destination $BackupSharedFile
}
Write-Verbose -Message 'Remove old CredentialStore in Temp dir'
$CSTemp = Join-Path -Path (Get-TempDir) -ChildPath '/CredentialStore.json'
if (Test-Path -Path $CSTemp) {
Remove-Item -Path $CSTemp
}
$VerbosePreference = 'SilentlyContinue'
}
Describe 'New-CredentialStoreItem' {
Context 'Private Credential Store tests' {
It 'Add entry to a private store.' {
# Create a fresh CredentialStore first
New-CredentialStore -Force
# Define the content of the CredentialStoreItem.
$RemoteHost = 'barfoo'
$UserName = 'MyUser'
$Password = 'fooobarysdfsfs' | ConvertTo-SecureString -AsPlainText -Force
# Form the CredentialObject.
$creds = [PSCredential]::new($UserName, $Password)
# Create the CredentialStoreItem.
New-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds
# Formulate an update to the CredentialStoreItem.
$ClearPassword = 'fooobaryadfafa'
$Password = $ClearPassword | ConvertTo-SecureString -AsPlainText -Force
$creds = [PSCredential]::new($UserName, $Password)
{
Set-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds
} | Should -Not -Throw
# Control the content of the CredentialStore.
$content = Get-CredentialStoreItem -RemoteHost $RemoteHost
$content.GetNetworkCredential().Password | Should -Be $ClearPassword
}
}
Context 'Shared Credential Store tests' {
It 'Add entry to a shared store.' {
# Create a fresh CredentialStore first
$tmpCS = Join-Path -Path (Get-TempDir) -ChildPath '/CredentialStore.json'
New-CredentialStore -Path $tmpCS -Force -Shared
# Define the content of the CredentialStoreItem.
$RemoteHost = 'barfoo'
$UserName = 'MyUser'
$Password = 'fooobarysdfsfs' | ConvertTo-SecureString -AsPlainText -Force
# Form the CredentialObject.
$creds = [PSCredential]::new($UserName, $Password)
# Create the CredentialStoreItem.
New-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds -Path $tmpCS -Shared
# Formulate an update to the CredentialStoreItem.
$ClearPassword = 'fooobaryadfafa'
$Password = $ClearPassword | ConvertTo-SecureString -AsPlainText -Force
$creds = [PSCredential]::new($UserName, $Password)
{
Set-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds -Path $tmpCS -Shared
} | Should -Not -Throw
# Control the content of the CredentialStore.
$content = Get-CredentialStoreItem -RemoteHost $RemoteHost -Path $tmpCS -Shared
$content.GetNetworkCredential().Password | Should -Be $ClearPassword
}
}
}
AfterAll {
# Cleanup test stores and restore existing ones.
$VerbosePreference = 'Continue'
Write-Verbose -Message 'Restoring private CredentialStore'
If (Test-Path -Path $BackupFile) {
If (Test-Path -Path $CSPath) {
Remove-Item -Path $CSPath
Move-Item -Path $BackupFile -Destination $CSPath
}
}
Write-Verbose -Message 'Restoring shared CredentialStore'
If (Test-Path -Path $BackupSharedFile) {
If (Test-Path -Path $CSShared) {
Remove-Item -Path $CSShared
Move-Item -Path $BackupSharedFile -Destination $CSShared
}
}
$VerbosePreference = 'SilentlyContinue'
}

53
src/Item/Set-CredentialStoreItem.ps1
View File

@ -13,7 +13,7 @@ function Set-CredentialStoreItem {
Specify the host you for which you would like to change the credentials. Specify the host you for which you would like to change the credentials.
.PARAMETER Identifier .PARAMETER Identifier
Defaults to "". Specify a string, which separates two CredentialStoreItems for the Defaults to ''. Specify a string, which separates two CredentialStoreItems for the
same hostname. same hostname.
.PARAMETER Shared .PARAMETER Shared
@ -30,10 +30,10 @@ function Set-CredentialStoreItem {
[None] [None]
.EXAMPLE .EXAMPLE
Set-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local" Set-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost 'esx01.myside.local'
.EXAMPLE .EXAMPLE
Set-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local" -Identifier svc Set-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost 'esx01.myside.local' -Identifier svc
#> #>
[CmdletBinding(DefaultParameterSetName = 'Private')] [CmdletBinding(DefaultParameterSetName = 'Private')]
@ -65,7 +65,7 @@ function Set-CredentialStoreItem {
begin { begin {
# Set the CredentialStore for private, shared or custom mode. # Set the CredentialStore for private, shared or custom mode.
Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName) Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
if ($PSCmdlet.ParameterSetName -eq 'Private') { if ($PSCmdlet.ParameterSetName -eq 'Private') {
$Path = Get-DefaultCredentialStorePath $Path = Get-DefaultCredentialStorePath
} }
@ -77,32 +77,52 @@ function Set-CredentialStoreItem {
} }
process { process {
# Lets do a quick test on the given CredentialStore. # Define the default splatting.
if (-not(Test-CredentialStore -Shared -Path $Path)) { $DefaultSplatting = @{
Path = $Path
}
# Check if the user passed -Shared. If he added -Shared, we'll pass it into the splatting
if ($PSBoundParameters.ContainsKey('Shared')) {
$DefaultSplatting.Add('Shared', $true)
}
else {
$DefaultSplatting.Add('Shared', $false)
}
# Now lets check the given CredentialStore.
if (-not(Test-CredentialStore @DefaultSplatting)) {
$MessageParams = @{ $MessageParams = @{
Message = 'Could not add anything into the given CredentailStore.' Message = ('The given CredentialStore ({0}) does no exist.' -f $Path)
ErrorAction = 'Stop' ErrorAction = 'Stop'
} }
Write-Error @MessageParams Write-Error @MessageParams
} }
# Read the file content based on the given ParameterSetName # Read the file content based on the given ParameterSetName
$CSContent = Get-CredentialStore -Shared -Path $Path $CSContent = Get-CredentialStore @DefaultSplatting
# Get a formatted current date for the last update time of the Item.
$CurrentDate = Get-Date -Format 'u' $CurrentDate = Get-Date -Format 'u'
if ($Identifier -ne "") { # Check if the user supplied an identifier. If so, we need to mangle the CredentialName, as that's where
$CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost # the identifier is actually added.
if ($Identifier -ne '') {
$CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
} }
else { else {
$CredentialName = $RemoteHost $CredentialName = $RemoteHost
} }
# If the user didn't supply a CredentialObject, we need to prompt for it.
if (-not($Credential)) { if (-not($Credential)) {
$Credential = Get-Credential -Message $CredentialName $Credential = Get-Credential -Message $CredentialName
} }
if ($Credential.UserName) { # If the username isn't empty, we ca go ahead and update the entry.
if ($null -ne $Credential.UserName -and -not [string]::IsNullOrWhiteSpace($Credential.UserName)) {
# Check if the path to the PfxCertificate is stored in the CredentialStore. If so load the certificate.
# If not, load try loading the certificate from the Filepath of the CredentialStore.
if ($null -eq $CSContent.PfxCertificate) { if ($null -eq $CSContent.PfxCertificate) {
$Cert = Get-CSCertificate -Type $CSContent.Type -Thumbprint $CSContent.Thumbprint $Cert = Get-CSCertificate -Type $CSContent.Type -Thumbprint $CSContent.Thumbprint
} }
@ -110,13 +130,17 @@ function Set-CredentialStoreItem {
$Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop $Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop
} }
# Now locate the Item.
if (Get-Member -InputObject $CSContent -Name $CredentialName -MemberType Properties) { if (Get-Member -InputObject $CSContent -Name $CredentialName -MemberType Properties) {
# Get a random AES key for the entry.
$RSAKey = Get-RandomAESKey $RSAKey = Get-RandomAESKey
$CSContent.$CredentialName.User = $Credential.UserName $CSContent.$CredentialName.User = $Credential.UserName
$ConvertParams = @{ $ConvertParams = @{
SecureString = $Credential.Password SecureString = $Credential.Password
Key = $RSAKey Key = $RSAKey
} }
# Now create a updated item containing the updated credentials.
$CSContent.$CredentialName.Password = ConvertFrom-SecureString @ConvertParams $CSContent.$CredentialName.Password = ConvertFrom-SecureString @ConvertParams
$CSContent.$CredentialName.LastChange = $CurrentDate $CSContent.$CredentialName.LastChange = $CurrentDate
$CSContent.$CredentialName.EncryptedKey = [Convert]::ToBase64String( $CSContent.$CredentialName.EncryptedKey = [Convert]::ToBase64String(
@ -125,10 +149,15 @@ function Set-CredentialStoreItem {
[System.Security.Cryptography.RSAEncryptionPadding]::Pkcs1 [System.Security.Cryptography.RSAEncryptionPadding]::Pkcs1
) )
) )
# Convert the CredentialStore back into JSON and save it to the file.
ConvertTo-Json -InputObject $CSContent -Depth 5 | Out-File -FilePath $Path -Encoding utf8 ConvertTo-Json -InputObject $CSContent -Depth 5 | Out-File -FilePath $Path -Encoding utf8
} }
else {
Write-Warning -Message ('Unable to locate CredentialStoreItem for {0}' -f $CredentialName)
} }
Else { }
else {
$MessageParams = @{ $MessageParams = @{
Message = 'Please Provide at least a valid user!' Message = 'Please Provide at least a valid user!'
ErrorAction = 'Stop' ErrorAction = 'Stop'

24
src/Item/Test-CredentialStoreItem.ps1
View File

@ -7,6 +7,10 @@ function Test-CredentialStoreItem {
Use this cmdlet for basic checks with a single item. Check the item first with this function before Use this cmdlet for basic checks with a single item. Check the item first with this function before
you try to interact with it. you try to interact with it.
Breaking Change for `v1.1.0+`:
Test-CredentialStoreItem will return `$false` even if the store doesn't exist. We removed the terminating
error and replaced it with a warning message.
.PARAMETER Path .PARAMETER Path
Define a custom credential store you try to read from. Without the `-Path` parameter Define a custom credential store you try to read from. Without the `-Path` parameter
`Test-CredentialStoreItem` tries to read from the default private store. `Test-CredentialStoreItem` tries to read from the default private store.
@ -29,11 +33,11 @@ function Test-CredentialStoreItem {
[None] [None]
.EXAMPLE .EXAMPLE
if (Test-CredentialStoreItem -RemoteHost "Default") { if (Test-CredentialStoreItem -RemoteHost 'Default') {
Get-CredentialStoreItem -RemoteHost "Default" Get-CredentialStoreItem -RemoteHost 'Default'
} }
else { else {
Write-Warning ("The given Remote Host {0} does not exist in the credential Store!" -f $RemoteHost) Write-Warning ('The given Remote Host {0} does not exist in the credential Store!' -f $RemoteHost)
} }
#> #>
@ -41,7 +45,7 @@ function Test-CredentialStoreItem {
[OutputType([bool])] [OutputType([bool])]
param ( param (
[Parameter(Mandatory = $false, ParameterSetName = 'Shared')] [Parameter(Mandatory = $false, ParameterSetName = 'Shared')]
[string]$Path = "{0}\PSCredentialStore\CredentialStore.json" -f $env:ProgramData, [string]$Path = '{0}\PSCredentialStore\CredentialStore.json' -f $env:ProgramData,
[Parameter(Mandatory = $true)] [Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()] [ValidateNotNullOrEmpty()]
@ -57,7 +61,7 @@ function Test-CredentialStoreItem {
begin { begin {
# Set the CredentialStore for private, shared or custom mode. # Set the CredentialStore for private, shared or custom mode.
Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName) Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
if ($PSCmdlet.ParameterSetName -eq 'Private') { if ($PSCmdlet.ParameterSetName -eq 'Private') {
$Path = Get-DefaultCredentialStorePath $Path = Get-DefaultCredentialStorePath
} }
@ -69,8 +73,8 @@ function Test-CredentialStoreItem {
} }
process { process {
if ($Identifier -ne "") { if ($Identifier -ne '') {
$CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost $CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
} }
else { else {
$CredentialName = $RemoteHost $CredentialName = $RemoteHost
@ -88,10 +92,10 @@ function Test-CredentialStoreItem {
} }
else { else {
$MsgParams = @{ $MsgParams = @{
ErrorAction = 'Stop' Message = 'The given credential store ({0}) does not exist!' -f $Path
Message = "The given credential store ({0}) does not exist!" -f $Path
} }
Write-Error @MsgParams Write-Warning @MsgParams
return $false
} }
} }

35
src/PSCredentialStore.psd1
View File

@ -143,7 +143,40 @@
# RequireLicenseAcceptance = $false # RequireLicenseAcceptance = $false
# External dependent modules of this module # External dependent modules of this module
# ExternalModuleDependencies = @() ExternalModuleDependencies = @(
@{
ModuleName = 'VMware.VimAutomation.Core'
ModuleVersion = '6.5.2.6234650'
},
@{
ModuleName = 'VMware.VimAutomation.Cis.Core'
ModuleVersion = '6.5.4.6983166'
},
@{
ModuleName = 'Cisco.UCS.Core'
ModuleVersion = '2.3.1.5'
},
@{
ModuleName = 'Cisco.UCSManager'
ModuleVersion = '2.5.2.2'
},
@{
ModuleName = 'WinSCP'
ModuleVersion = '5.17.8.1'
},
@{
ModuleName = 'NetApp.ONTAP'
ModuleVersion = '9.10.1.2111'
},
@{
ModuleName = 'StorageGRID-WebScale'
ModuleVersion = '7.2.1'
},
@{
ModuleName = 'StorageGRID-WebScale'
ModuleVersion = '7.2.1'
}
)
} # End of PSData hashtable } # End of PSData hashtable

60
src/Private/Resolve-Dependency.Tests.ps1
View File

@ -1,60 +0,0 @@
BeforeAll {
$ManifestFile = (Get-Item -Path "./src/*.psd1").FullName
Import-Module $ManifestFile -Force
$PrivateFunctions = (Get-ChildItem -Path "./src/Private/*.ps1" | Where-Object {
$_.BaseName -notmatch '.Tests'
}
).FullName
foreach ( $func in $PrivateFunctions) {
. $func
}
}
Describe "Resolve-Dependency" {
Context "Basic syntax check" {
BeforeAll {
Mock Get-ModuleBase {
return (Join-Path -Path $PWD -ChildPath '/resources')
}
Mock Test-Module {
return $true
}
}
It "Test1: Should not throw" {
{ Resolve-Dependency -Name 'foobar2000' } | Should -Not -Throw
}
It "Test2: Output type should be bool" {
Resolve-Dependency -Name 'foobar2000' | Should -BeOfType bool
}
}
Context "Enforce Error" {
# Return incorrect module base to enforce there is no config file.
Mock Get-ModuleBase {
if ($IsWindows) { return "C:\" }
elseif ($isLinux) { return "/" }
}
It "Missing dependency file should not cause an error" {
{ Resolve-Dependency -Name 'awesome' } | Should -Not -Throw
}
It "Missing dependency file should return true" {
Resolve-Dependency -Name 'awesome' | Should -Be $true
}
}
Context "Testing input variations" {
It "Should return true if all given dependencies exist" {
Mock Get-ModuleBase {
return (Join-Path -Path $PWD -ChildPath '/resources')
}
Resolve-Dependency -Name 'Existing' | Should -Be $true
}
It "Mixed results should return false" {
Mock Get-ModuleBase {
return (Join-Path -Path $PWD -ChildPath '/resources')
}
Resolve-Dependency -Name 'PSGetMixed' | Should -Be $false
}
}
}

87
src/Private/Resolve-Dependency.ps1
View File

@ -1,87 +0,0 @@
function Resolve-Dependency {
<#
.SYNOPSIS
Tests defined optional dependencies and returns the result as bool.
.DESCRIPTION
Use this function to test for optional modules. You can use it if you provide functions which needs special
modules but you don't want to make them required.
Place a file called Dependency.json in your module root dir. The default format is:
{
"Version": 0.1,
"Mandatory": {},
"Optional": [
{
"Name": "VMware",
"Modules": [
"VMware.VimAutomation.Core"
]
},
{
"Name": "CiscoUCS",
"Modules": []
}
]
}
.PARAMETER Name
Select the dependency item name you defined in the dependency.json.
.INPUTS
[None]
.OUTPUTS
[bool]
.EXAMPLE
If (-not (Resolve-Dependency -Name 'VMware')) {
Write-Error -Message (
"Could not resolve the optional dependencies defined for {0}" -f 'VMware'
) -ErrorAction 'Stop'
}
#>
[OutputType([bool])]
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Name
)
begin {
$ModuleRootDir = Get-ModuleBase
$DepFilePath = Join-Path -Path $ModuleRootDir -ChildPath "Dependency.json"
if (Test-Path -Path $DepFilePath) {
$Dependency = Get-Content -Path $DepFilePath -Raw -Encoding UTF8 | ConvertFrom-Json
}
else {
Write-Warning ("Could not find the dependency file: {0}" -f $DepFilePath)
}
}
process {
# ScriptAnalyzer issue workaround (unused var)
$null = $Name
$SelectedDependency = $Dependency.Optional | Where-Object { $_.Name -match $Name }
# return true if there is no dependency defined
if ($null -eq $SelectedDependency) {
return $true
}
$res = @()
foreach ($Module in $SelectedDependency.Modules) {
$res += Test-Module -Name $Module
}
# return false if there was not module at all
if (($res -contains $false) -or ($res.Count -eq 0)) {
return $false
}
else {
return $true
}
}
end {}
}

0
src/Vendor/libressl255/LICENSE → src/Vendor/libressl/LICENSE vendored
View File

BIN
src/Vendor/libressl/openssl.exe (Stored with Git LFS) vendored Normal file
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libcrypto-41.dll (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libcrypto-41.exp (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libcrypto-41.lib (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libcrypto-41.pdb (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libssl-43.dll (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libssl-43.exp (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libssl-43.lib (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libssl-43.pdb (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libtls-15.dll (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libtls-15.exp (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libtls-15.lib (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/libtls-15.pdb (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/ocspcheck.exe (Stored with Git LFS) vendored
View File

Binary file not shown.

BIN
src/Vendor/libressl255/openssl.exe (Stored with Git LFS) vendored
View File

Binary file not shown.