76 lines
2.6 KiB
PowerShell
76 lines
2.6 KiB
PowerShell
|
function Get-ReportUserCredentialsFromSecretServer () {
|
||
|
<#
|
||
|
.SYNOPSIS
|
||
|
Gets the username and password of a report user secret from Secret Server.
|
||
|
|
||
|
.PARAMETER secretUserName
|
||
|
Username of the user to authenticate with on Secret Server.
|
||
|
|
||
|
.PARAMETER secretPassword
|
||
|
Password of the user to authenticate with on Secret Server.
|
||
|
|
||
|
.PARAMETER environmentName
|
||
|
The environment name of the report user to retrieve (e.g. "12")
|
||
|
|
||
|
.PARAMETER environmentType
|
||
|
The environment type of the report user to retrieve (e.g. "Production")
|
||
|
|
||
|
.OUTPUTS
|
||
|
Either an object containing the username and password of the reports user or null.
|
||
|
|
||
|
.EXAMPLE
|
||
|
Get-ReportUserCredentialsFromSecretServer -secretUserName "BobBarker" -secretPassword "PIR123!" -environmentName "12" -environmentType "Production"
|
||
|
|
||
|
Password Username
|
||
|
-------- --------
|
||
|
ExamplePwd ExampleUser
|
||
|
#>
|
||
|
[CmdletBinding()]
|
||
|
Param(
|
||
|
[Parameter(Mandatory=$true)]
|
||
|
[String]$secretUserName,
|
||
|
[Parameter(Mandatory=$true)]
|
||
|
[String]$secretPassword,
|
||
|
[Parameter(Mandatory=$true)]
|
||
|
[String]$environmentName,
|
||
|
[Parameter(Mandatory=$true)]
|
||
|
[String]$environmentType
|
||
|
)
|
||
|
|
||
|
$loglead = (Get-LogLeadName)
|
||
|
|
||
|
# Note: If the bootstrap scripts are modified to pass in a credential object, this won't be necessary.
|
||
|
$secretCredential = New-Object System.Management.Automation.PSCredential ( $secretUserName , (Get-SecureString $secretPassword))
|
||
|
|
||
|
$folderName = "ReportUsers"
|
||
|
$result = $null
|
||
|
|
||
|
# Determine the name of the secret based on environment type.
|
||
|
# Only production (for now) has separate secrets per-environment.
|
||
|
$secretName = $null
|
||
|
if($environmentType -eq "Production") {
|
||
|
# Extract the major pod from the name.
|
||
|
$dotSearch = $environmentName.IndexOf(".")
|
||
|
if($dotSearch -ge 0) {
|
||
|
$environmentName = $environmentName.Substring(0, $dotSearch)
|
||
|
}
|
||
|
$secretName = "$environmentType-$environmentName-ReportUser"
|
||
|
} else {
|
||
|
$secretName = "$environmentType-ReportUser"
|
||
|
}
|
||
|
|
||
|
Write-Verbose "$loglead : Searching for secret '$secretName' in folder '$folderName'"
|
||
|
$resultCredential = ( Get-UserCredentialsFromSecretServer $secretCredential $folderName $secretName )
|
||
|
|
||
|
# Note: If the bootstrap scripts are modified to accept credential results, this won't be necessary.
|
||
|
if ( $null -ne $resultCredential ) {
|
||
|
|
||
|
$result = New-Object PSObject -Property @{
|
||
|
'Username' = $resultCredential.UserName
|
||
|
'Password' = (Get-PasswordFromCredential $resultCredential)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return $result
|
||
|
}
|