Public/_PSCloudScript.ps1
<#
.Synopsis Runs an Azure Key Vault Secret using PowerShell Invoke-Expression .Description Runs an Azure Key Vault Secret using PowerShell Invoke-Expression .Link https://osd.osdeploy.com #> function Get-PSCloudScript { [CmdletBinding(DefaultParameterSetName='ByUriContent', PositionalBinding=$false)] param ( [Parameter(Mandatory, ParameterSetName='ByAzKeyVaultSecret')] [ValidateNotNull()] [System.String] # Specifies the name of the key vault to which the secret belongs. This cmdlet constructs the fully qualified domain name (FQDN) of a key vault based on the name that this parameter specifies and your current environment. $VaultName, [Parameter(ParameterSetName='ByAzKeyVaultSecret')] [ValidateNotNull()] [System.String[]] # Specifies the name of the secret to get. $Name, [Parameter(Mandatory, ParameterSetName='ByClipboard')] # Clipboard text to store as the Azure Key Vault secret [System.Management.Automation.SwitchParameter] $Clipboard, [Parameter(Mandatory, ParameterSetName='ByFileContent')] # File selected to store the contents as the Azure Key Vault secret [System.IO.FileInfo]$File, [Parameter(Mandatory, ParameterSetName='ByString')] # String to store as the Azure Key Vault secret [System.String] $String, [Parameter(Mandatory, ParameterSetName='ByGithubRepo',Position=0)] [ValidateNotNull()] [System.String] # Specifies the name of the key vault to which the secret belongs. This cmdlet constructs the fully qualified domain name (FQDN) of a key vault based on the name that this parameter specifies and your current environment. $RepoOwner, [Parameter(Mandatory, ParameterSetName='ByGithubRepo',Position=1)] [ValidateNotNull()] [System.String] # Specifies the name of the key vault to which the secret belongs. This cmdlet constructs the fully qualified domain name (FQDN) of a key vault based on the name that this parameter specifies and your current environment. $RepoName, [Parameter(Mandatory=$false, ParameterSetName='ByGithubRepo',Position=2)] [ValidateNotNull()] [System.String] # Specifies the name of the key vault to which the secret belongs. This cmdlet constructs the fully qualified domain name (FQDN) of a key vault based on the name that this parameter specifies and your current environment. $GithubPath, [Parameter(Mandatory, ParameterSetName='ByUriContent')] # Uri to store as the Azure Key Vault secret [System.Uri] $Uri, [Parameter(Mandatory=$false)] [ValidateSet('Command','File','FileRunas')] [System.String] $Invoke ) Write-Warning 'PSCloudScript functions are currently under development' Write-Warning 'Functionality is subject to change until this warning is removed' $Result = $null #================================================= # ByAzKeyVaultSecret #================================================= if ($PSCmdlet.ParameterSetName -eq 'ByAzKeyVaultSecret') { $Module = Import-Module Az.Accounts -PassThru -ErrorAction Ignore if (-not $Module) { Install-Module Az.Accounts -Force } $Module = Import-Module Az.KeyVault -PassThru -ErrorAction Ignore if (-not $Module) { Install-Module Az.KeyVault -Force } if (!(Get-AzContext -ErrorAction Ignore)) { Connect-AzAccount -DeviceCode } if (Get-AzContext -ErrorAction Ignore) { if (! ($Name)) { $Name = Get-AzKeyVaultSecret -VaultName "$VaultName" | Select-Object -ExpandProperty Name } if ($Name) { foreach ($Item in $Name) { Write-Verbose "Get-AzKeyVaultSecret -VaultName $VaultName -Name $Item" [array]$Result += Get-AzKeyVaultSecret -VaultName "$VaultName" -Name "$Item" -AsPlainText } } } else { Write-Error "Authenticate to Azure using 'Connect-AzAccount -DeviceCode'" } } #================================================= # ByClipboard #================================================= if ($PSCmdlet.ParameterSetName -eq 'ByClipboard') { if (Get-Clipboard -ErrorAction Ignore) { try { $Result = Get-Clipboard -Format Text -Raw } catch { Write-Warning $_ } } } #================================================= # ByFileContent #================================================= if ($PSCmdlet.ParameterSetName -eq 'ByFileContent') { if (Test-Path $File) { try { $Result = Get-Content $File -Raw } catch { Write-Warning $_ } } } #================================================= # ByGithubRepo #================================================= if ($PSCmdlet.ParameterSetName -eq 'ByGithubRepo') { $Uri = "https://api.github.com/repos/$RepoOwner/$RepoName/contents/$GithubPath" Write-Verbose $Uri $GitHubApiRateLimit = Invoke-RestMethod -UseBasicParsing -Uri 'https://api.github.com/rate_limit' -Method Get Write-Warning "You have used $($GitHubApiRateLimit.rate.used) of your $($GitHubApiRateLimit.rate.limit) GitHub API Requests" $Params = @{ Method = 'GET' Uri = $Uri UseBasicParsing = $true } $GitHubApiContent = @() try { $GitHubApiContent = Invoke-RestMethod @Params -ErrorAction Stop } catch { Write-Error $_ Break } $Result = [Text.Encoding]::Utf8.GetString([Convert]::FromBase64String($GitHubApiContent.content)) } #================================================= # ByUriContent #================================================= if ($PSCmdlet.ParameterSetName -eq 'ByUriContent') { if ($Uri -match 'github.com') { $Result = Get-GithubRawContent -Uri $Uri } else { try { $WebRequest = Invoke-WebRequest $GithubRawUrl -UseBasicParsing -Method Head -ErrorAction SilentlyContinue if ($WebRequest.StatusCode -eq 200) { $Result = (Invoke-WebRequest -Uri $GithubRawUrl -UseBasicParsing).Content } } catch { Write-Warning $_ } } } #================================================= # Invoke #================================================= if ($Result) { foreach ($Item in $Result) { if ($Invoke -eq 'Command') { Invoke-Expression -Command $Item } elseif ($Invoke -eq 'File') { $Item | Out-File -FilePath "$env:TEMP\PSCloudScript.ps1" & "$env:TEMP\PSCloudScript.ps1" Remove-Item -Path "$env:TEMP\PSCloudScript.ps1" -Force -ErrorAction Ignore | Out-Null } elseif ($Invoke -eq 'FileRunas') { $Item | Out-File -FilePath "$env:TEMP\PSCloudScript.ps1" Start-Process powershell.exe -Verb Runas "& $env:TEMP\PSCloudScript.ps1" -Wait Remove-Item -Path "$env:TEMP\PSCloudScript.ps1" -Force -ErrorAction Ignore | Out-Null } else { $Item } } } } |