New-VcConnector - support both manifests

.github/workflows/ci.yml

@@ -73,7 +73,7 @@ jobs:
         run: |
           Write-host $PSVersionTable.PSVersion.Major $PSVersionTable.PSRemotingProtocolVersion.Minor
           Set-PSRepository psgallery -InstallationPolicy trusted
-          Install-Module -Name Pester -RequiredVersion 5.0.4 -confirm:$false -Force
+          Install-Module -Name Pester -confirm:$false -Force
           import-module Pester
           $config = [PesterConfiguration]::Default
           $config.Run.Path = '${{ github.workspace }}/Tests'
@@ -96,7 +96,7 @@ jobs:
       run: |
         Write-host $PSVersionTable.PSVersion.Major $PSVersionTable.PSRemotingProtocolVersion.Minor
         Set-PSRepository psgallery -InstallationPolicy trusted
-        Install-Module -Name Pester -RequiredVersion 5.0.4 -Confirm:$false -Force
+        Install-Module -Name Pester -Confirm:$false -Force
         import-module Pester
         $config = [PesterConfiguration]::Default
         $config.Run.Path = '${{ github.workspace }}/Tests'

Tests/ModuleExports.Tests.ps1

@@ -4,7 +4,7 @@ BeforeAll {
 }
 Describe 'ExportedFunctions' {
     BeforeAll {
-        $ps1FileNames = Get-ChildItem -Path "$($moduleInfo | Where-Object{$_.name -eq 'venafips'} | Select-Object -exp modulebase)\public\*.ps1" -Exclude *tests.ps1, *profile.ps1 |
+        $ps1FileNames = Get-ChildItem -Path "$($moduleInfo | Where-Object{$_.name -eq 'venafips'} | Select-Object -exp modulebase)\Public\*.ps1" -Exclude *tests.ps1, *profile.ps1 |
         Select-Object -ExpandProperty BaseName
 
         $exportedFunctions = Get-Command -Module $moduleInfo.Name -CommandType Function | Select-Object -ExpandProperty Name

VenafiPS/Public/Export-VdcCertificate.ps1

@@ -1,7 +1,7 @@
 function Export-VdcCertificate {
     <#
     .SYNOPSIS
-    Expoort certificate data from TLSPDC
+    Export certificate data from TLSPDC
 
     .DESCRIPTION
     Export certificate data

VenafiPS/Public/Export-VdcVaultObject.ps1

@@ -0,0 +1,105 @@
+function Export-VdcVaultObject {
+    <#
+    .SYNOPSIS
+    Export an object from the vault
+
+    .DESCRIPTION
+    Export different object types from the vault.
+    The currently supported types are certificate, key, and PKCS12.
+    If the type is not supported, the base64 data will be returned as is.
+
+    .PARAMETER ID
+    ID of the vault object to export
+
+    .PARAMETER OutPath
+    Folder path to save the certificate/key to.  The name of the file will be determined automatically.
+
+    .PARAMETER VenafiSession
+    Authentication for the function.
+    The value defaults to the script session object $VenafiSession created by New-VenafiSession.
+    A TLSPDC token can also be provided.
+    If providing a TLSPDC token, an environment variable named VDC_SERVER must also be set.
+
+    .INPUTS
+    ID
+
+    .OUTPUTS
+    PSCustomObject if unhandled type, otherwise saves the object to a file
+
+    .EXAMPLE
+    Export-VdcVaultObject -ID 12345 -OutPath 'c:\temp'
+
+    Get vault object and save to a file
+
+    #>
+
+    [CmdletBinding()]
+
+    param (
+
+        [Parameter(Mandatory, ValueFromPipelineByPropertyName)]
+        [Alias('VaultId')]
+        [int] $ID,
+
+        [Parameter(Mandatory)]
+        [ValidateNotNullOrEmpty()]
+        [ValidateScript( {
+                if (Test-Path $_ -PathType Container) {
+                    $true
+                }
+                else {
+                    Throw "Output path '$_' does not exist"
+                }
+            })]
+        [String] $OutPath,
+
+        [Parameter()]
+        [psobject] $VenafiSession
+    )
+
+    begin {
+        Test-VenafiSession -VenafiSession $VenafiSession -Platform 'VDC'
+    }
+
+    process {
+        $response = Invoke-VenafiRestMethod -Method 'Post' -UriLeaf 'SecretStore/Retrieve' -Body @{ 'VaultID' = $ID }
+
+        if ( $response.Result -ne 0 ) {
+            Write-Error "Failed to retrieve vault object with a result code of $($response.Result).  Look up this code at https://docs.venafi.com/Docs/currentSDK/TopNav/Content/SDK/WebSDK/r-SDK-SecretStore-ResultCodes.php."
+            return
+        }
+
+        $ext = $null
+
+        switch ( $response.VaultType ) {
+            { $_ -in 2, 1073741826 } {
+                # certificate
+                $ext = 'cer'
+            }
+
+            { $_ -in 4, 1073741828 } {
+                # PKCS12
+                $ext = 'p12'
+            }
+
+            { $_ -in 256, 1073742080 } {
+                # PKCS8
+                $ext = 'key'
+            }
+        }
+
+        if ( $ext ) {
+            $outFile = Join-Path -Path (Resolve-Path -Path $OutPath) -ChildPath ('{0}.{1}' -f $ID, $ext)
+            $bytes = [Convert]::FromBase64String($response.Base64Data)
+            [IO.File]::WriteAllBytes($outFile, $bytes)
+
+            Write-Verbose "Saved $outFile"
+        }
+        else {
+            # unhandled type, send data as is
+            Write-Verbose "Unhandled vault type $($response.VaultType), returning data as is"
+            $response | Select-Object -Property *, @{'n' = 'VaultID'; 'e' = { $ID } } -ExcludeProperty Result
+        }
+
+    }
+}

VenafiPS/Public/New-VcConnector.ps1

@@ -8,8 +8,16 @@ function New-VcConnector {
 
     .PARAMETER ManifestPath
     Path to an existing manifest.
-    Ensure the manifest has the deployment element which is not needed when testing in the simulator.
-    See https://github.com/Venafi/vmware-avi-connector?tab=readme-ov-file#manifest for details.
+    Manifest can either be directly from the simulator or a full manifest with deployment element.
+    If the manifest is from the simulator, the DeploymentImage parameter is required.
+
+    .PARAMETER DeploymentImage
+    Path to the already uploaded docker image.
+    This parameter is only to be used for a manifest directly from the simulator.
+
+    .PARAMETER Maintainer
+    Optional value to specify the organization, individual, email, location, or website responsible for maintaining the connector
+    This parameter is only to be used for a manifest directly from the simulator.
 
     .PARAMETER PassThru
     Return newly created connector object
@@ -25,22 +33,28 @@ function New-VcConnector {
     .EXAMPLE
     New-VcConnector -ManifestPath '/tmp/manifest.json'
 
-    Create a new connector
+    Create a new connector from a full manifest
 
     .EXAMPLE
     New-VcConnector -ManifestPath '/tmp/manifest.json' -PassThru
 
     Create a new connector and return the newly created connector object
 
+    .EXAMPLE
+    New-VcConnector -ManifestPath '/tmp/manifest.json' -DeploymentImage 'docker.io/venafi/connector:latest@sha256:1234567890abcdef'
+
+    Create a new connector from a manifest from the simulator
+
     .LINK
     https://developer.venafi.com/tlsprotectcloud/reference/post-v1-plugins
 
     #>
 
-    [CmdletBinding(SupportsShouldProcess)]
+    [CmdletBinding(SupportsShouldProcess, DefaultParameterSetName = 'FullManifest')]
 
     param (
-        [Parameter(Mandatory)]
+        [Parameter(Mandatory, ParameterSetName = 'FromSimulator')]
+        [Parameter(Mandatory, ParameterSetName = 'FullManifest')]
         [ValidateScript(
             {
                 if ( -not ( Test-Path $_ ) ) {
@@ -51,6 +65,12 @@ function New-VcConnector {
         )]
         [string] $ManifestPath,
 
+        [Parameter(Mandatory, ParameterSetName = 'FromSimulator')]
+        [string] $DeploymentImage,
+
+        [Parameter(ParameterSetName = 'FromSimulator')]
+        [string] $Maintainer,
+
         [Parameter()]
         [switch] $PassThru,
 
@@ -65,27 +85,42 @@ function New-VcConnector {
     process {
 
         $manifestObject = Get-Content -Path $ManifestPath -Raw | ConvertFrom-Json
-        $manifest = $manifestObject.manifest
 
-        # ensure deployment is provided which is not needed during simulator testing
-        if ( -not $manifest.deployment ) {
-            throw 'A deployment element was not found in the manifest.  See https://github.com/Venafi/vmware-avi-connector?tab=readme-ov-file#manifest for details.'
+        if ( $PSCmdlet.ParameterSetName -eq 'FromSimulator' ) {
+
+            if ( $manifestObject.manifest -or !$manifestObject.name ) {
+                throw 'This manifest is not from the simulator'
+            }
+
+            $manifestBody = @{
+                pluginType = $manifestObject.pluginType
+                manifest   = $manifestObject
+            }
+            $manifestBody.manifest | Add-Member @{'deployment' = @{
+                    image             = $DeploymentImage
+                    'executionTarget' = 'vsat'
+                }
+            }
+
+            if ( $Maintainer ) {
+                $manifestBody.maintainer = $Maintainer
+            }
+        }
+        else {
+            # full manifest with deployment details, validate we have the structure and data needed
+            if ( !$manifestObject.manifest -or !$manifestObject.manifest.deployment ) {
+                throw 'This is not the correct manifest structure.  See https://developer.venafi.com/tlsprotectcloud/reference/post-v1-plugins.'
+            }
+            $manifestBody = $manifestObject
         }
 
         $params = @{
             Method  = 'Post'
             UriLeaf = 'plugins'
-            Body    = @{
-                manifest   = $manifest
-                pluginType = $manifest.pluginType
-            }
-        }
-
-        if ( $manifestObject.maintainer ) {
-            $params.Body.maintainer = $manifestObject.maintainer
+            Body    = $manifestBody
         }
 
-        if ( $PSCmdlet.ShouldProcess($manifestObject.manifest.name, 'Create connector') ) {
+        if ( $PSCmdlet.ShouldProcess($manifestBody.manifest.name, 'Create connector') ) {
 
             try {
                 $response = Invoke-VenafiRestMethod @params