Merge branch 'master' of https://gitea.ocram85.com/OCram85/PSCredentialStore

.changelog.yml

@@ -0,0 +1,32 @@
+# The full repository name
+repo: OCram85/PSCredentialStore
+
+# Service type (gitea or github)
+service: gitea
+
+# Base URL for Gitea instance if using gitea service type (optional)
+# Default: https://gitea.com
+base-url: https://gitea.ocram85.com
+
+# Changelog groups and which labeled PRs to add to each group
+groups:
+  - name: ✨ FEATURES
+    labels:
+      - feature
+  - name: 📦 META
+    labels:
+      - meta
+  - name: 🐛 BUGFIXES
+    labels:
+      - bug
+  - name: 🛠️ ENHANCEMENTS
+    labels:
+      - enhancement
+  - name: 📚 DOCS
+    labels:
+      - docs
+  - name: 🔖 MISC
+    default: true
+
+# regex indicating which labels to skip for the changelog
+skip-labels: skip-changelog|backport\/.+

.drone.yml

@@ -120,7 +120,7 @@ steps:
           Install-Module -Name 'DroneHelper' -Repository 'PSGallery' -ErrorAction 'Stop' -AllowPrerelease -Force;
           Import-Module -Name 'DroneHelper' -ErrorAction 'Stop';
           Install-ModuleDependency;
-          New-BuildPackage -Verbose
+          New-BuildPackage -Verbose -AdditionalPath @('./src/Vendor', './src/openssl.conf')
         }"
 
   - name: GiteaRelease

.gitattributes

@@ -21,4 +21,5 @@
 
 # Vendor resources config
 src/Vendor/libressl255/* filter=lfs diff=lfs merge=lfs -text
+src/Vendor/libressl/* filter=lfs diff=lfs merge=lfs -text
 *.pfx filter=lfs diff=lfs merge=lfs -text

CHANGELOG.md

@@ -1,9 +1,25 @@
 # Changelog
 
 <!-- insertMark -->
+## [v1.1.1](https://gitea.ocram85.com/OCram85/PSCredentialStore/releases/tag/v1.1.1) - 2022-10-10
+
+* 📦 META
+  * Adds changelog config for gitea changelog cli tool (#77)
+* 🐛 BUGFIXES
+  * Fix Set-CredentialStoreItem (#76)
+  * Fix optional module dependencies (#75)
+
+### Contributors
+
+
+* [@OCram85](https://gitea.ocram85.com/OCram85)
+* [@pinguinfuss](https://gitea.ocram85.com/pinguinfuss)
+
 ## `v1.1.0`
 
-- (acb09ba) update Changelog
+- (3d4f53d) adds pinguinfuss contributed fix (#73)
+- (6fce8d6) Updates libressl files (#71)
+- (ddb85d9) addChangelog (#70)
 - (5bdb383) updates Readme (#69)
 - (a95ba31) remove optional depenency helper (#68)
 - (1e7dd78) adds CiscoUCSCentral connection type (#67)
@@ -20,7 +36,6 @@
 - (4abfec5) adds PR template (#55)
 - (7708df9) Update pwsh style to latest community standards (#52)
 
-
 ## `v1.0.542`
 
 - 🧙 pre migrated Gitea version

src/Certificate/New-CSCertificate.ps1

@@ -66,7 +66,7 @@ function New-CSCertificate {
             ($PSVersionTable.PSEdition -eq 'Desktop' -and $PSVersionTable.PSVersion.Major -lt 6) -or
             ($IsWindows -eq $true)
         ) {
-            $openssl = Join-Path -Path $ModuleBase -ChildPath '/Vendor/libressl255/openssl.exe'
+            $openssl = Join-Path -Path $ModuleBase -ChildPath '/Vendor/libressl/openssl.exe'
         }
 
         $Env:OPENSSL_CONF = Join-Path $ModuleBase -ChildPath '/openssl.conf'

src/Item/New-CredentialStoreItem.Tests.ps1

@@ -102,7 +102,7 @@ Describe "New-CredentialStoreItem" {
         It "Missing CredentialStore should throw" {
             {
                 New-CredentialStoreItem -Shared -Path '/tmp/missingStore.json' -RemoteHost 'notrelevant'
-            } | Should -Throw "Could not add anything into the given CredentialStore."
+            } | Should -Throw "The given credential store (/tmp/missingStore.json) does not exist!"
         }
     }
     Context "Testing pipeline paramter" {

src/Item/New-CredentialStoreItem.ps1

@@ -32,7 +32,7 @@ function New-CredentialStoreItem {
         [None]
 
     .EXAMPLE
-        New-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local"
+        New-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost esx01.myside.local'
     #>
 
     [CmdletBinding(DefaultParameterSetName = 'Private')]
@@ -68,7 +68,7 @@ function New-CredentialStoreItem {
 
     begin {
         # Set the CredentialStore for private, shared or custom mode.
-        Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName)
+        Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
         if ($PSCmdlet.ParameterSetName -eq 'Private') {
             $Path = Get-DefaultCredentialStorePath
         }
@@ -84,9 +84,9 @@ function New-CredentialStoreItem {
         if (-not(Test-CredentialStore -Shared -Path $Path)) {
             $MessageParams = @{
                 Exception   = [System.IO.FileNotFoundException]::new(
-                    'Could not add anything into the given CredentialStore.'
+                    'The given credential store ({0}) does not exist!' -f $Path
                 )
-                ErrorAction = "Stop"
+                ErrorAction = 'Stop'
             }
             Write-Error @MessageParams
         }
@@ -95,8 +95,8 @@ function New-CredentialStoreItem {
 
         $CurrentDate = Get-Date -Format 'u'
 
-        if ($Identifier -ne "") {
+        if ($Identifier -ne '') {
-            $CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost
+            $CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
         }
         else {
             $CredentialName = $RemoteHost

src/Item/Set-CredentialStoreItem.Tests.ps1

@@ -0,0 +1,130 @@
+[Diagnostics.CodeAnalysis.SuppressMessageAttribute(
+    'PSAvoidUsingConvertToSecureStringWithPlainText',
+    '',
+    Justification = 'just used in pester tests.'
+)]
+[Diagnostics.CodeAnalysis.SuppressMessageAttribute(
+    'PSProvideCommentHelp',
+    '',
+    Justification = 'no need in internal pester helpers.'
+)]
+param ()
+
+BeforeAll {
+    $ManifestFile = (Get-Item -Path './src/*.psd1').FullName
+    Import-Module $ManifestFile -Force
+
+    $PrivateFunctions = (Get-ChildItem -Path './src/Private/*.ps1' | Where-Object {
+            $_.BaseName -notmatch '.Tests'
+        }
+    ).FullName
+    foreach ( $func in $PrivateFunctions) {
+        . $func
+    }
+
+    # Backup existing credential stores
+    $VerbosePreference = 'Continue'
+    Write-Verbose -Message 'Backup private Credential Store...'
+    $CSPath = Get-DefaultCredentialStorePath
+    $BackupFile = '{0}.back' -f $CSPath
+    if (Test-Path -Path $CSPath) {
+        Move-Item -Path $CSPath -Destination $BackupFile
+    }
+    Write-Verbose -Message 'Backup shared CredentialStore...'
+    $CSShared = Get-DefaultCredentialStorePath -Shared
+    $BackupSharedFile = '{0}.back' -f $CSShared
+    if (Test-Path -Path $CSShared) {
+        Move-Item -Path $CSShared -Destination $BackupSharedFile
+    }
+    Write-Verbose -Message 'Remove old CredentialStore in Temp dir'
+    $CSTemp = Join-Path -Path (Get-TempDir) -ChildPath '/CredentialStore.json'
+    if (Test-Path -Path $CSTemp) {
+        Remove-Item -Path $CSTemp
+    }
+    $VerbosePreference = 'SilentlyContinue'
+}
+
+Describe 'New-CredentialStoreItem' {
+    Context 'Private Credential Store tests' {
+        It 'Add entry to a private store.' {
+            # Create a fresh CredentialStore first
+            New-CredentialStore -Force
+
+            # Define the content of the CredentialStoreItem.
+            $RemoteHost = 'barfoo'
+            $UserName = 'MyUser'
+            $Password = 'fooobarysdfsfs' | ConvertTo-SecureString -AsPlainText -Force
+
+            # Form the CredentialObject.
+            $creds = [PSCredential]::new($UserName, $Password)
+
+            # Create the CredentialStoreItem.
+            New-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds
+
+            # Formulate an update to the CredentialStoreItem.
+            $ClearPassword = 'fooobaryadfafa'
+            $Password = $ClearPassword | ConvertTo-SecureString -AsPlainText -Force
+            $creds = [PSCredential]::new($UserName, $Password)
+            {
+                Set-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds
+            } | Should -Not -Throw
+
+            # Control the content of the CredentialStore.
+            $content = Get-CredentialStoreItem -RemoteHost $RemoteHost
+            $content.GetNetworkCredential().Password | Should -Be $ClearPassword
+        }
+    }
+    Context 'Shared Credential Store tests' {
+        It 'Add entry to a shared store.' {
+            # Create a fresh CredentialStore first
+            $tmpCS = Join-Path -Path (Get-TempDir) -ChildPath '/CredentialStore.json'
+            New-CredentialStore -Path $tmpCS -Force -Shared
+
+            # Define the content of the CredentialStoreItem.
+            $RemoteHost = 'barfoo'
+            $UserName = 'MyUser'
+            $Password = 'fooobarysdfsfs' | ConvertTo-SecureString -AsPlainText -Force
+
+            # Form the CredentialObject.
+            $creds = [PSCredential]::new($UserName, $Password)
+
+            # Create the CredentialStoreItem.
+            New-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds -Path $tmpCS -Shared
+
+            # Formulate an update to the CredentialStoreItem.
+            $ClearPassword = 'fooobaryadfafa'
+            $Password = $ClearPassword | ConvertTo-SecureString -AsPlainText -Force
+            $creds = [PSCredential]::new($UserName, $Password)
+
+            {
+                Set-CredentialStoreItem -RemoteHost $RemoteHost -Credential $creds -Path $tmpCS -Shared
+            } | Should -Not -Throw
+
+            # Control the content of the CredentialStore.
+            $content = Get-CredentialStoreItem -RemoteHost $RemoteHost -Path $tmpCS -Shared
+            $content.GetNetworkCredential().Password | Should -Be $ClearPassword
+        }
+    }
+}
+
+AfterAll {
+    # Cleanup test stores and restore existing ones.
+    $VerbosePreference = 'Continue'
+    Write-Verbose -Message 'Restoring private CredentialStore'
+    If (Test-Path -Path $BackupFile) {
+        If (Test-Path -Path $CSPath) {
+            Remove-Item -Path $CSPath
+            Move-Item -Path $BackupFile -Destination $CSPath
+        }
+    }
+
+    Write-Verbose -Message 'Restoring shared CredentialStore'
+    If (Test-Path -Path $BackupSharedFile) {
+        If (Test-Path -Path $CSShared) {
+            Remove-Item -Path $CSShared
+            Move-Item -Path $BackupSharedFile -Destination $CSShared
+        }
+    }
+    $VerbosePreference = 'SilentlyContinue'
+
+}

src/Item/Set-CredentialStoreItem.ps1

@@ -13,7 +13,7 @@ function Set-CredentialStoreItem {
         Specify the host you for which you would like to change the credentials.
 
     .PARAMETER Identifier
-        Defaults to "". Specify a string, which separates two CredentialStoreItems for the
+        Defaults to ''. Specify a string, which separates two CredentialStoreItems for the
         same hostname.
 
     .PARAMETER Shared
@@ -30,10 +30,10 @@ function Set-CredentialStoreItem {
         [None]
 
     .EXAMPLE
-        Set-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local"
+        Set-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost 'esx01.myside.local'
 
     .EXAMPLE
-        Set-CredentialStoreItem -Path "C:\TMP\mystore.json" -RemoteHost "esx01.myside.local" -Identifier svc
+        Set-CredentialStoreItem -Path 'C:\TMP\mystore.json' -RemoteHost 'esx01.myside.local' -Identifier svc
     #>
 
     [CmdletBinding(DefaultParameterSetName = 'Private')]
@@ -65,7 +65,7 @@ function Set-CredentialStoreItem {
 
     begin {
         # Set the CredentialStore for private, shared or custom mode.
-        Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName)
+        Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
         if ($PSCmdlet.ParameterSetName -eq 'Private') {
             $Path = Get-DefaultCredentialStorePath
         }
@@ -77,32 +77,52 @@ function Set-CredentialStoreItem {
     }
 
     process {
-        # Lets do a quick test on the given CredentialStore.
+        # Define the default splatting.
-        if (-not(Test-CredentialStore -Shared -Path $Path)) {
+        $DefaultSplatting = @{
+            Path = $Path
+        }
+
+        # Check if the user passed -Shared. If he added -Shared, we'll pass it into the splatting
+        if ($PSBoundParameters.ContainsKey('Shared')) {
+            $DefaultSplatting.Add('Shared', $true)
+        }
+        else {
+            $DefaultSplatting.Add('Shared', $false)
+        }
+
+        # Now lets check the given CredentialStore.
+        if (-not(Test-CredentialStore @DefaultSplatting)) {
             $MessageParams = @{
-                Message     = 'Could not add anything into the given CredentailStore.'
+                Message     = ('The given CredentialStore ({0}) does no exist.' -f $Path)
                 ErrorAction = 'Stop'
             }
             Write-Error @MessageParams
         }
 
         # Read the file content based on the given ParameterSetName
-        $CSContent = Get-CredentialStore -Shared -Path $Path
+        $CSContent = Get-CredentialStore @DefaultSplatting
 
+        # Get a formatted current date for the last update time of the Item.
         $CurrentDate = Get-Date -Format 'u'
 
-        if ($Identifier -ne "") {
+        # Check if the user supplied an identifier. If so, we need to mangle the CredentialName, as that's where
-            $CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost
+        # the identifier is actually added.
+        if ($Identifier -ne '') {
+            $CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
         }
         else {
             $CredentialName = $RemoteHost
         }
 
+        # If the user didn't supply a CredentialObject, we need to prompt for it.
         if (-not($Credential)) {
             $Credential = Get-Credential -Message $CredentialName
         }
 
-        if ($Credential.UserName) {
+        # If the username isn't empty, we ca go ahead and update the entry.
+        if ($null -ne $Credential.UserName -and -not [string]::IsNullOrWhiteSpace($Credential.UserName)) {
+            # Check if the path to the PfxCertificate is stored in the CredentialStore. If so load the certificate.
+            # If not, load try loading the certificate from the Filepath of the CredentialStore.
             if ($null -eq $CSContent.PfxCertificate) {
                 $Cert = Get-CSCertificate -Type $CSContent.Type -Thumbprint $CSContent.Thumbprint
             }
@@ -110,13 +130,17 @@ function Set-CredentialStoreItem {
                 $Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop
             }
 
+            # Now locate the Item.
             if (Get-Member -InputObject $CSContent -Name $CredentialName -MemberType Properties) {
+                # Get a random AES key for the entry.
                 $RSAKey = Get-RandomAESKey
                 $CSContent.$CredentialName.User = $Credential.UserName
                 $ConvertParams = @{
                     SecureString = $Credential.Password
                     Key          = $RSAKey
                 }
+
+                # Now create a updated item containing the updated credentials.
                 $CSContent.$CredentialName.Password = ConvertFrom-SecureString @ConvertParams
                 $CSContent.$CredentialName.LastChange = $CurrentDate
                 $CSContent.$CredentialName.EncryptedKey = [Convert]::ToBase64String(
@@ -125,10 +149,15 @@ function Set-CredentialStoreItem {
                         [System.Security.Cryptography.RSAEncryptionPadding]::Pkcs1
                     )
                 )
+
+                # Convert the CredentialStore back into JSON and save it to the file.
                 ConvertTo-Json -InputObject $CSContent -Depth 5 | Out-File -FilePath $Path -Encoding utf8
             }
+            else {
+                Write-Warning -Message ('Unable to locate CredentialStoreItem for {0}' -f $CredentialName)
+            }
         }
-        Else {
+        else {
             $MessageParams = @{
                 Message     = 'Please Provide at least a valid user!'
                 ErrorAction = 'Stop'

src/Item/Test-CredentialStoreItem.ps1

@@ -33,11 +33,11 @@ function Test-CredentialStoreItem {
         [None]
 
     .EXAMPLE
-        if (Test-CredentialStoreItem -RemoteHost "Default") {
+        if (Test-CredentialStoreItem -RemoteHost 'Default') {
-            Get-CredentialStoreItem -RemoteHost "Default"
+            Get-CredentialStoreItem -RemoteHost 'Default'
         }
         else {
-            Write-Warning ("The given Remote Host {0} does not exist in the credential Store!" -f $RemoteHost)
+            Write-Warning ('The given Remote Host {0} does not exist in the credential Store!' -f $RemoteHost)
         }
     #>
 
@@ -45,7 +45,7 @@ function Test-CredentialStoreItem {
     [OutputType([bool])]
     param (
         [Parameter(Mandatory = $false, ParameterSetName = 'Shared')]
-        [string]$Path = "{0}\PSCredentialStore\CredentialStore.json" -f $env:ProgramData,
+        [string]$Path = '{0}\PSCredentialStore\CredentialStore.json' -f $env:ProgramData,
 
         [Parameter(Mandatory = $true)]
         [ValidateNotNullOrEmpty()]
@@ -61,7 +61,7 @@ function Test-CredentialStoreItem {
 
     begin {
         # Set the CredentialStore for private, shared or custom mode.
-        Write-Debug ("ParameterSetName: {0}" -f $PSCmdlet.ParameterSetName)
+        Write-Debug ('ParameterSetName: {0}' -f $PSCmdlet.ParameterSetName)
         if ($PSCmdlet.ParameterSetName -eq 'Private') {
             $Path = Get-DefaultCredentialStorePath
         }
@@ -73,8 +73,8 @@ function Test-CredentialStoreItem {
     }
 
     process {
-        if ($Identifier -ne "") {
+        if ($Identifier -ne '') {
-            $CredentialName = $RemoteHost = "{0}/{1}" -f $Identifier, $RemoteHost
+            $CredentialName = $RemoteHost = '{0}/{1}' -f $Identifier, $RemoteHost
         }
         else {
             $CredentialName = $RemoteHost
@@ -92,7 +92,7 @@ function Test-CredentialStoreItem {
         }
         else {
             $MsgParams = @{
-                Message = "The given credential store ({0}) does not exist!" -f $Path
+                Message = 'The given credential store ({0}) does not exist!' -f $Path
             }
             Write-Warning @MsgParams
             return $false

src/PSCredentialStore.psd1

@@ -146,27 +146,27 @@
             ExternalModuleDependencies = @(
                 @{
                     ModuleName = 'VMware.VimAutomation.Core'
-                    ModuleVersion = '6.5.2.6234650'
+                    ModuleVersion = '12.7.0.20091293'
                 },
                 @{
                     ModuleName = 'VMware.VimAutomation.Cis.Core'
-                    ModuleVersion = '6.5.4.6983166'
+                    ModuleVersion = '12.6.0.19601368'
                 },
                 @{
-                    ModuleName = 'Cisco.UCS.Core'
+                    ModuleName = 'Cisco.UCS.Common'
-                    ModuleVersion = '2.3.1.5'
+                    ModuleVersion = '3.0.1.2'
                 },
                 @{
                     ModuleName = 'Cisco.UCSManager'
-                    ModuleVersion = '2.5.2.2'
+                    ModuleVersion = '3.0.1.2'
                 },
                 @{
                     ModuleName = 'WinSCP'
                     ModuleVersion = '5.17.8.1'
                 },
                 @{
-                    ModuleName = 'DataONTAP'
+                    ModuleName = 'NetApp.ONTAP'
-                    ModuleVersion = '9.7.1.1'
+                    ModuleVersion = '9.10.1.2111'
                 }
             )