Skip to content

Commit

Permalink
initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@singhgss
singhgss committed Dec 17, 2024
1 parent 08508ce commit 6554412
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 3 deletions.
3 changes: 2 additions & 1 deletion setup/main.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,8 @@ If ($Locale -eq $null) {
}

try {
$RuntimeConfig = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name 'gsaConfigExportLatest' -AsPlainText -ErrorAction Stop | ConvertFrom-Json | Select-Object -Expand runtime
$encryptedSecret = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name 'gsaConfigExportLatest' -AsPlainText
$RuntimeConfig = ConvertFrom-SecureString $encryptedSecret | ConvertFrom-Json | Select-Object -Expand runtime
Set-AzContext -SubscriptionId $RuntimeConfig.subscriptionId
}
catch {
Expand Down
3 changes: 2 additions & 1 deletion ...up/modules/Deploy-GuardrailsSolutionAccelerator/Deploy-GuardrailsSolutionAccelerator.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -433,7 +433,8 @@ Function Deploy-GuardrailsSolutionAccelerator {
'deployerAzureID' = $config['runtime']['userId']
}

$secretValue = (ConvertTo-SecureString -String (ConvertTo-Json $config -Depth 10) -AsPlainText -Force)
$secureValue = (ConvertTo-SecureString -String (ConvertTo-Json $config -Depth 10) -AsPlainText -Force)

Check failure

Code scanning / PSScriptAnalyzer

File 'Deploy-GuardrailsSolutionAccelerator.psm1' uses ConvertTo-SecureString with plaintext. This will expose secure information. Encrypted standard strings should be used instead. Error

File 'Deploy-GuardrailsSolutionAccelerator.psm1' uses ConvertTo-SecureString with plaintext. This will expose secure information. Encrypted standard strings should be used instead.
$secretValue = ConvertFrom-SecureString $secureValue
Set-AzKeyVaultSecret -VaultName $config['runtime']['keyVaultName'] -Name $configSecretName -SecretValue $secretValue -Tag $secretTags -ContentType 'application/json' -Verbose:$useVerbose | Out-Null

Write-Host "Completed deployment of the Guardrails Solution Accelerator!" -ForegroundColor Green
Expand Down
3 changes: 2 additions & 1 deletion ...ardrailsSolutionAcceleratorSetup/modules/Get-GSAExportedConfig/Get-GSAExportedConfig.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,8 @@ Function Get-GSAExportedConfig {
}

try {
[string]$configValue = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name 'gsaConfigExportLatest' -AsPlainText -ErrorAction Stop
$configValue = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name 'gsaConfigExportLatest' -AsPlainText -ErrorAction Stop
$configValue = ConvertFrom-SecureString $configValue
}
catch {
Write-Error -Message "Unable to retrieve the latest configuration from the Key Vault. Please ensure that the Key Vault exists and that the latest configuration has been exported. Message: $_" -ErrorAction Stop
Expand Down

0 comments on commit 6554412

Please sign in to comment.