72 lines
3.5 KiB
PowerShell
72 lines
3.5 KiB
PowerShell
function Read-WebTierSecrets {
|
|
<#
|
|
.SYNOPSIS
|
|
Reads Web Tier Secrets.
|
|
#>
|
|
|
|
[CmdletBinding()]
|
|
Param(
|
|
[string]$secretUserName,
|
|
[string]$secretPassword,
|
|
[string]$secretFolder,
|
|
[string]$secretDomain
|
|
)
|
|
|
|
$logLead = (Get-LogLeadName);
|
|
$hasCerts = $false
|
|
|
|
# Create a temporary download folder for certificates
|
|
$randomFolderName = [System.IO.Path]::GetRandomFileName().Split('.') | Select-Object -First 1
|
|
$downloadFolder = Join-Path $PSScriptRoot $randomFolderName
|
|
|
|
if (!([System.IO.Directory]::Exists($downloadFolder))) {
|
|
Write-Verbose ("$logLead : Creating temporary download folder {0}" -f $downloadFolder)
|
|
New-Item $downloadFolder -ItemType Directory -Force | Out-Null
|
|
}
|
|
|
|
# Pull Secrets
|
|
Write-Output ("$logLead : Getting WebServer Secrets for Folder {0} using user {1}" -f $secretFolder, $secretUserName)
|
|
$secrets = Get-SecretsForPod $secretUserName $secretPassword $secretDomain $secretFolder
|
|
|
|
$savedCertificates = @()
|
|
|
|
# Have to explicitly call GetEnumerator because of the way PS handles Dictionaries to HashTables
|
|
foreach ($secret in $secrets.GetEnumerator()) {
|
|
[System.Reflection.Assembly]::LoadWithPartialName("System.IO.Compression.FileSystem") | Out-Null
|
|
|
|
if ($secret.Value.SecretType -eq [Alkami.Ops.SecretServer.Enum.SecretType]::Certificate) {
|
|
$cert = [Alkami.Ops.SecretServer.Model.Certificate]$secret.Value
|
|
Save-CertificatesToDisk $cert ([ref]$savedCertificates) $downloadFolder
|
|
$hasCerts = $true
|
|
}
|
|
elseif ($secret.Value.SecretType -eq [Alkami.Ops.SecretServer.Enum.SecretType]::User) {
|
|
if ($secret.Value.SecretName -like "*localreport*") {
|
|
Write-Output ("$logLead : Setting ReportServer local reports user to {0}" -f $secret.Value.UserName)
|
|
($webTierAppSettings | Where-Object {$_.Name -eq "ReportServerUserName"}).Value = $secret.Value.UserName
|
|
($webTierAppSettings | Where-Object {$_.Name -eq "ReportServerPassword"}).Value = $secret.Value.Password
|
|
}
|
|
elseif ($secret.Value.SecretName -like "*adminreport*") {
|
|
Write-Output ("$logLead : Setting ReportServer admin reports user to {0}" -f $secret.Value.UserName)
|
|
($webTierAppSettings | Where-Object {$_.Name -eq "ReportUserName"}).Value = $secret.Value.UserName
|
|
($webTierAppSettings | Where-Object {$_.Name -eq "ReportPassword"}).Value = $secret.Value.Password
|
|
}
|
|
}
|
|
elseif ($secret.Value.SecretType -eq [Alkami.Ops.SecretServer.Enum.SecretType]::ConnectionString -and $masterConnectionString -eq "REPLACEME") {
|
|
$secretConnectionString = ([Alkami.Ops.SecretServer.Model.ConnectionString]$secret.Value).ConnectionStringBuilder
|
|
Write-Output ("$logLead : Setting ReportServer URL to server {0}" -f $secretConnectionString.DataSource)
|
|
($webTierAppSettings | Where-Object {$_.Name -eq "ReportServer"}).Value = ("http://" + $secretConnectionString.DataSource)
|
|
($webTierAppSettings | Where-Object {$_.Name -eq "ReportServerUrl"}).Value = ("http://" + $secretConnectionString.DataSource + "/Pages/ReportViewer.aspx")
|
|
}
|
|
}
|
|
|
|
if ($hasCerts) {
|
|
Read-WebTierCertificates $downloadFolder $savedCertificates
|
|
}
|
|
|
|
if (Test-Path $downloadFolder) {
|
|
Write-Verbose ("$logLead : Removing temporary download folder {0}" -f $downloadFolder)
|
|
Remove-Item $downloadFolder -Recurse -Force
|
|
}
|
|
}
|
|
|
|
Set-Alias -name Load-WebTierSecrets -value Read-WebTierSecrets; |