Venafi · gdbarron · Jun 17, 2022 · Jun 7, 2022 · Jun 7, 2022 · Jun 7, 2022
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -11,6 +11,7 @@ jobs:
       - uses: actions/checkout@v2
         with:
           token: ${{ secrets.CD_TOKEN }}
+
       - name: Update psd and psm version
         shell: pwsh
         run: |
@@ -28,18 +29,21 @@ jobs:
           "New version: $newVersion"
           # set version to be used in later steps
           "venafips_new_version=$newVersion" | Out-File -FilePath $env:GITHUB_ENV -Append
+
       - name: Update changelog
         shell: pwsh
         run: |
           $newVersionString = '## ${{ env.venafips_new_version }}'
           $releaseNotes = Get-Content -Path '${{ github.workspace }}/RELEASE.md' -Raw
           $changelog = Get-Content -Path '${{ github.workspace }}/CHANGELOG.md' -Raw
           Set-Content -Path '${{ github.workspace }}/CHANGELOG.md' -Value ($newVersionString + "`r`n" + $releaseNotes + "`r`n`r`n" + $changelog)
+
       - name: Install platyPS module
         shell: pwsh
         run: |
           Set-PSRepository PSGallery -InstallationPolicy Trusted
           Install-Module platyPS -ErrorAction Stop
+
       - name: Update docs
         shell: pwsh
         run: |
@@ -87,6 +91,7 @@ jobs:
               $Part
           }
           $YMLtext | Set-Content -Path '${{ github.workspace }}/mkdocs.yml'
+
       - name: Update repo
         run: |
           git config --global user.name 'Greg Brownstein'
@@ -98,6 +103,7 @@ jobs:
           git status
           git commit -m "Update manifest and docs to ${{ env.venafips_new_version }}"
           git push
+
       - name: Generate file hash
         shell: pwsh
         run: |
@@ -109,20 +115,40 @@ jobs:
           $_.Path.Replace("$fullPath/", '')
           }
           } | ConvertTo-Json | Out-File -FilePath ${{ github.workspace }}/hash.json
+
       - name: Upload hash.json artifact
         uses: actions/upload-artifact@v2
         with:
           name: hash.json
           path: ${{ github.workspace }}/hash.json
+
       - name: Create GitHub release
         if: github.ref == 'refs/heads/main'
         uses: softprops/action-gh-release@v1
         with:
           files: ${{ github.workspace }}/hash.json
           tag_name: v${{ env.venafips_new_version }}
           body_path: ${{ github.workspace }}/RELEASE.md
+
       - name: Publish
         if: github.ref == 'refs/heads/main'
         shell: pwsh
         run: |
           Publish-Module -Path "${{ github.workspace }}/${{ env.module_name }}" -NuGetApiKey ${{ secrets.NUGET_KEY }} -Verbose
+
+      - name: Login to dockerhub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Build image
+        run: >
+          docker build
+          --pull
+          -t venafi/venafips-module:latest
+          -t venafi/venafips-module:${{ env.venafips_new_version }}
+          .
+
+      - name: Publish image and tags
+        run: docker push --all-tags venafi/venafips-module
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,10 @@
+FROM mcr.microsoft.com/powershell:latest
+
+RUN pwsh -Command 'Set-PSRepository PSGallery -InstallationPolicy Trusted; Install-Module VenafiPS -ErrorAction Stop'
+
+ENV TPP_SERVER=${TPP_SERVER}
+ENV TPP_TOKEN=${TPP_TOKEN}
+ENV VAAS_KEY=${VAAS_KEY}
+ENV POWERSHELL_TELEMETRY_OPTOUT=1
+
+SHELL ["pwsh"]
diff --git a/VenafiPS/Private/Test-VenafiSession.ps1 b/VenafiPS/Private/Test-VenafiSession.ps1
@@ -1,51 +1,50 @@
-<#
-.SYNOPSIS
-Validate authentication session/key/token
-
-.DESCRIPTION
-Validate authentication session from New-VenafiSession, a VaaS key, or TPP token.
+function Test-VenafiSession {
+    <#
+    .SYNOPSIS
+    Validate authentication session/key/token
 
-.PARAMETER VenafiSession
-Authentication for the function.
-The value defaults to the script session object $VenafiSession created by New-VenafiSession.
-A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+    .DESCRIPTION
+    Validate authentication session from New-VenafiSession, a VaaS key, or TPP token.
 
-.PARAMETER Platform
-Platform, either TPP or Vaas, to validate VenafiSession against.
+    .PARAMETER VenafiSession
+    Authentication for the function.
+    The value defaults to the script session object $VenafiSession created by New-VenafiSession.
+    A TPP token or VaaS key can also provided.
+    If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
-.PARAMETER AuthType
-Authentication type, either Key or Token, to validate VenafiSession against.
+    .PARAMETER Platform
+    Platform, either TPP or Vaas, to validate VenafiSession against.
 
-.PARAMETER PassThru
-Provide the determined platform from VenafiSession
+    .PARAMETER AuthType
+    Authentication type, either Key or Token, to validate VenafiSession against.
 
-.OUTPUTS
-String - if PassThru provided
+    .PARAMETER PassThru
+    Provide the determined platform from VenafiSession
 
-.EXAMPLE
-Test-VenafiSession -VenafiSession $VenafiSession
-Test a session
+    .OUTPUTS
+    String - if PassThru provided
 
-.EXAMPLE
-Test-VenafiSession -VenafiSession $VenafiSession -PassThru
-Test a session and return the platform type found
+    .EXAMPLE
+    Test-VenafiSession -VenafiSession $VenafiSession
+    Test a session
 
-.EXAMPLE
-Test-VenafiSession -VenafiSession $key
-Test a VaaS key
+    .EXAMPLE
+    Test-VenafiSession -VenafiSession $VenafiSession -PassThru
+    Test a session and return the platform type found
 
-.EXAMPLE
-Test-VenafiSession -VenafiSession $VenafiSession -Platform TPP
-Test session ensuring the platform is TPP
+    .EXAMPLE
+    Test-VenafiSession -VenafiSession $key
+    Test a VaaS key
 
-.EXAMPLE
-Test-VenafiSession -VenafiSession $VenafiSession -Platform TPP -AuthType Token
-Test session ensuring the platform is TPP and authentication type is token
+    .EXAMPLE
+    Test-VenafiSession -VenafiSession $VenafiSession -Platform TPP
+    Test session ensuring the platform is TPP
 
-#>
+    .EXAMPLE
+    Test-VenafiSession -VenafiSession $VenafiSession -Platform TPP -AuthType Token
+    Test session ensuring the platform is TPP and authentication type is token
 
-function Test-VenafiSession {
+    #>
 
     [CmdletBinding(DefaultParameterSetName = 'All')]
 
@@ -71,7 +70,13 @@ function Test-VenafiSession {
     process {
 
         if ( -not $VenafiSession ) {
-            throw 'Please run New-VenafiSession or provide a VaaS key or TPP token.'
+            if ( $env:TPP_TOKEN ) {
+                $VenafiSession = $env:TPP_TOKEN
+            } elseif ( $env:VAAS_KEY ) {
+                $VenafiSession = $env:VAAS_KEY
+            } else {
+                throw 'Please run New-VenafiSession or provide a VaaS key or TPP token.'
+            }
         }
 
         switch ($VenafiSession.GetType().Name) {
@@ -81,11 +86,9 @@ function Test-VenafiSession {
 
                 if ( $AuthType ) {
                     $VenafiSession.Validate($Platform, $AuthType)
-                }
-                elseif ($Platform) {
+                } elseif ($Platform) {
                     $VenafiSession.Validate($Platform)
-                }
-                else {
+                } else {
                     $VenafiSession.Validate()
                 }
 
@@ -105,17 +108,16 @@ function Test-VenafiSession {
                     }
 
                     $platformOut = 'VaaS'
-                }
-                else {
+                } else {
 
                     # TPP access token
                     Write-Verbose 'Session is TPP token'
                     if ( $Platform -and $Platform -ne 'TPP' ) {
                         throw "This function or parameter set is only accessible for $Platform"
                     }
                     # get server from environment variable
-                    if ( -not $env:TppServer ) {
-                        throw 'TPP token provided for VenafiSession, but TppServer environment variable was not found'
+                    if ( -not $env:TPP_SERVER ) {
+                        throw 'TPP token provided, but TPP_SERVER environment variable was not found'
                     }
 
                     $platformOut = 'TPP'

diff --git a/VenafiPS/Public/Add-TppCertificateAssociation.ps1 b/VenafiPS/Public/Add-TppCertificateAssociation.ps1
@@ -23,7 +23,7 @@ This will only be successful if the certificate management type is Provisioning
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 InputObject, Path

diff --git a/VenafiPS/Public/Add-VenafiTeamMember.ps1 b/VenafiPS/Public/Add-VenafiTeamMember.ps1
@@ -19,7 +19,7 @@ For TPP, this is the identity ID property from Find-TppIdentity or Get-VenafiIde
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 ID

diff --git a/VenafiPS/Public/Add-VenafiTeamOwner.ps1 b/VenafiPS/Public/Add-VenafiTeamOwner.ps1
@@ -19,7 +19,7 @@ For TPP, this is the identity ID property from Find-TppIdentity or Get-VenafiIde
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 ID

diff --git a/VenafiPS/Public/Convert-TppObject.ps1 b/VenafiPS/Public/Convert-TppObject.ps1
@@ -20,7 +20,7 @@ Return a TppObject representing the newly converted object
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 Path

diff --git a/VenafiPS/Public/ConvertTo-TppGuid.ps1 b/VenafiPS/Public/ConvertTo-TppGuid.ps1
@@ -12,7 +12,7 @@ DN path representing an object
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 Path

diff --git a/VenafiPS/Public/ConvertTo-TppPath.ps1 b/VenafiPS/Public/ConvertTo-TppPath.ps1
@@ -12,7 +12,7 @@ Guid type, [guid] 'xyxyxyxy-xyxy-xyxy-xyxy-xyxyxyxyxyxy'
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 Guid

diff --git a/VenafiPS/Public/Export-VenafiCertificate.ps1 b/VenafiPS/Public/Export-VenafiCertificate.ps1
@@ -47,7 +47,7 @@ You must adhere to the following rules:
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 CertificateId/Path from TppObject

diff --git a/VenafiPS/Public/Find-TppClient.ps1 b/VenafiPS/Public/Find-TppClient.ps1
@@ -13,7 +13,7 @@ Allowed values include VenafiAgent, AgentJuniorMachine, AgentJuniorUser, Portal,
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 None

diff --git a/VenafiPS/Public/Find-TppCodeSignEnvironment.ps1 b/VenafiPS/Public/Find-TppCodeSignEnvironment.ps1
@@ -12,7 +12,7 @@ Name of the environment to search for
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 None

diff --git a/VenafiPS/Public/Find-TppCodeSignProject.ps1 b/VenafiPS/Public/Find-TppCodeSignProject.ps1
@@ -12,7 +12,7 @@ Name of the project to search for
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 None

diff --git a/VenafiPS/Public/Find-TppCodeSignTemplate.ps1 b/VenafiPS/Public/Find-TppCodeSignTemplate.ps1
@@ -12,7 +12,7 @@ Name of the project to search for
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 None

diff --git a/VenafiPS/Public/Find-TppIdentity.ps1 b/VenafiPS/Public/Find-TppIdentity.ps1
@@ -28,7 +28,7 @@ Returns the identity of the authenticated user and all associated identities.  W
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 Name

diff --git a/VenafiPS/Public/Find-TppObject.ps1 b/VenafiPS/Public/Find-TppObject.ps1
@@ -31,7 +31,7 @@ Searches the subordinates of the object specified in Path.
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 Path

diff --git a/VenafiPS/Public/Find-TppVaultId.ps1 b/VenafiPS/Public/Find-TppVaultId.ps1
@@ -13,7 +13,7 @@ See https://docs.venafi.com/Docs/current/TopNav/Content/SDK/WebSDK/r-SDK-POST-Se
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 Attribute

diff --git a/VenafiPS/Public/Find-VenafiCertificate.ps1 b/VenafiPS/Public/Find-VenafiCertificate.ps1
@@ -147,7 +147,7 @@ Return the count of certificates found from the query as opposed to the certific
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 Path

diff --git a/VenafiPS/Public/Get-TppAttribute.ps1 b/VenafiPS/Public/Get-TppAttribute.ps1
@@ -49,7 +49,7 @@ function Get-TppAttribute {
     Authentication for the function.
     The value defaults to the script session object $VenafiSession created by New-VenafiSession.
     A TPP token or VaaS key can also provided.
-    If providing a TPP token, an environment variable named TppServer must also be set.
+    If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
     .INPUTS
     Path

diff --git a/VenafiPS/Public/Get-TppCodeSignConfig.ps1 b/VenafiPS/Public/Get-TppCodeSignConfig.ps1
@@ -9,7 +9,7 @@ Get CodeSign Protect project settings.  Must have token with scope codesign:mana
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 None

diff --git a/VenafiPS/Public/Get-TppCodeSignEnvironment.ps1 b/VenafiPS/Public/Get-TppCodeSignEnvironment.ps1
@@ -12,7 +12,7 @@ Path of the environment to get
 Authentication for the function.
 The value defaults to the script session object $VenafiSession created by New-VenafiSession.
 A TPP token or VaaS key can also provided.
-If providing a TPP token, an environment variable named TppServer must also be set.
+If providing a TPP token, an environment variable named TPP_SERVER must also be set.
 
 .INPUTS
 Path