initial upload

.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

.github/FUNDING.yml

@@ -0,0 +1,13 @@
+# These are supported funding model platforms
+
+github: 
+  FriedrichWeinmann
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

.github/workflows/build.yml

@@ -0,0 +1,23 @@
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build:
+
+    runs-on: windows-2019
+
+    steps:
+    - uses: actions/checkout@v1
+    - name: Install Prerequisites
+      run: .\build\vsts-prerequisites.ps1
+      shell: powershell
+    - name: Validate
+      run: .\build\vsts-validate.ps1
+      shell: powershell
+    - name: Build
+      run: .\build\vsts-build.ps1 -ApiKey $env:APIKEY
+      shell: powershell
+      env:
+        APIKEY: ${{ secrets.ApiKey }}

.github/workflows/validate.yml

@@ -0,0 +1,15 @@
+on: [pull_request]
+
+jobs:
+  validate:
+
+    runs-on: windows-2019
+
+    steps:
+    - uses: actions/checkout@v1
+    - name: Install Prerequisites
+      run: .\build\vsts-prerequisites.ps1
+      shell: powershell
+    - name: Validate
+      run: .\build\vsts-validate.ps1
+      shell: powershell

.gitignore

@@ -0,0 +1,22 @@
+
+# ignore the settings folder and files for VSCode and PSS
+.vscode/*
+*.psproj
+*TempPoint*
+
+# Ignore staging info from Visual Studio
+library/VMDeploy.Guest/.vs/*
+library/VMDeploy.Guest/VMDeploy.Guest/bin/*
+library/VMDeploy.Guest/VMDeploy.Guest/obj/*
+
+# ignore PowerShell Studio MetaData
+VMDeploy.Guest/VMDeploy.Guest.psproj
+VMDeploy.Guest/VMDeploy.Guest.psproj.bak
+VMDeploy.Guest/VMDeploy.Guest.psprojs
+VMDeploy.Guest/VMDeploy.Guest.psproj
+
+# ignore the TestResults
+TestResults/*
+
+# ignore the publishing Directory
+publish/*

Actions/application.action.ps1

@@ -0,0 +1,63 @@
+$executionCode = {
+	param (
+		$Configuration
+	)
+
+	$param = @{
+		Path = $Configuration.Path
+		Wait = $true
+		PassThru = $true
+	}
+	if ($Configuration.Arguments) { $param.ArgumentList = $Configuration.Arguments }
+
+	$result = Start-Process @param
+	if ($result.ExitCode -eq 0) {
+		$trackingFile = Join-Path -Path 'VMDeploy:\Runtime' -ChildPath $Configuration.Name
+		"Success" | Set-Content -Path $trackingFile
+		return
+	}
+
+	Write-PSFMessage -Level Warning -Message "Application '{0}' failed with exit code {1}" -StringValues $Configuration.Path, $result.ExitCode -ModuleName 'VMDeploy.Guest' -Data @{
+		Path = $Configuration.Path
+		Arguments = $Configuration.Arguments -join " "
+		ExitCode = $result.ExitCode
+	}
+}
+
+$validationCode = {
+	param (
+		$Configuration
+	)
+
+	if (-not (Test-Path 'VMDeploy:\Runtime')) {
+		$null = New-Item -Path 'VMDeploy:\Runtime' -ItemType Directory -Force
+	}
+
+	$trackingFile = Join-Path -Path 'VMDeploy:\Runtime' -ChildPath $Configuration.Name
+	Test-Path $trackingFile
+}
+
+$PreDeploymentCode = {
+	param (
+		$Configuration,
+
+		$WorkingDirectory
+	)
+}
+
+$param = @{
+	Name               = 'application'
+	ScriptBlock        = $executionCode
+	Validate           = $validationCode
+	Description        = 'Execute an application'
+	PreDeploymentCode  = $PreDeploymentCode
+	ParameterMandatory = @(
+		'Name'
+		'Path'
+	)
+	ParameterOptional = @(
+		'Arguments'
+	)
+	Tag                = 'application','generic'
+}
+Register-VMGuestAction @param

Actions/certdeploy.action.ps1

@@ -0,0 +1,160 @@
+$executionCode = {
+	param (
+		$Configuration
+	)
+
+	$driveLetter = (Get-Item -Path VMDeploy:\).FullName -replace ':.+'
+	Get-Volume -DriveLetter $driveLetter | Get-Partition | Get-Disk | Set-Disk -IsReadOnly $false
+
+	$filePath = Join-Path -Path 'VMDeploy:\Resources' -ChildPath $Configuration.FileName
+	if (-not (Test-Path -Path $filePath)) {
+		Write-PSFMessage -Level Warning -Message "Certificate file not found in the VMDeploy package! Ensure the $($Configuration.FileName) certificate is deployed as a resource!"
+		return
+	}
+	$fullFilePath = (Get-Item -Path $filePath).FullName
+	$fullPWFilePath = "$($fullFilePath)_password"
+	$password = ''
+	if (Test-Path -LiteralPath $fullPWFilePath) { $password = Get-Content -LiteralPath $fullPWFilePath }
+	try {
+		if (-not $password) {
+			$certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($fullFilePath)
+		}
+		else {
+			$certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new()
+			$certificate.Import($fullFilePath, $password, 'MachineKeySet')
+		}
+	}
+	catch {
+		Write-PSFMessage -Level Warning -Message "Error opening certificate $($Configuration.FileName)" -ErrorRecord $_
+		return
+	}
+
+	try {
+		$store = [System.Security.Cryptography.X509Certificates.X509Store]::new(
+			$Configuration.Store,
+			[System.Security.Cryptography.X509Certificates.StoreLocation]::LocalMachine
+		)
+		$store.Open('ReadWrite')
+	}
+	catch {
+		Write-PSFMessage -Level Warning -Message "Error accessing certificate store $($Configuration.Store)" -ErrorRecord $_
+		return
+	}
+
+	try {
+		if ($password) {
+			$store.Close()
+			$param = @{
+				FilePath          = $fullFilePath
+				CertStoreLocation = "Cert:\LocalMachine\$($Configuration.Store)"
+				Password          = $password | ConvertTo-SecureString -AsPlainText -Force
+			}
+			Import-PfxCertificate @param -ErrorAction Stop
+		}
+		else {
+			$store.Add($certificate)
+			$store.Close()
+		}
+	}
+	catch {
+		Write-PSFMessage -Level Warning -Message "Error writing certificate $($Configuration.FileName) to certificate store $($Configuration.Store)" -ErrorRecord $_
+		return
+	}
+}
+
+$validationCode = {
+	param (
+		$Configuration
+	)
+
+	$filePath = Join-Path -Path 'VMDeploy:\Resources' -ChildPath $Configuration.FileName
+	if (-not (Test-Path -Path $filePath)) {
+		Write-PSFMessage -Level Warning -Message "Certificate file not found in the VMDeploy package! Ensure the $($Configuration.FileName) certificate is deployed as a resource!"
+		return $false
+	}
+	$fullFilePath = (Get-Item -Path $filePath).FullName
+	$fullPWFilePath = "$($fullFilePath)_password"
+	$fullThumbprintPath = "$($fullFilePath)_thumbprint"
+	$password = ''
+	if (Test-Path -LiteralPath $fullThumbprintPath) {
+		$certificate = @{ Thumbprint = Get-Content -LiteralPath $fullThumbprintPath | Select-Object -First 1 }
+	}
+	else {
+		if (Test-Path -LiteralPath $fullPWFilePath) { $password = Get-Content -LiteralPath $fullPWFilePath }
+		try {
+			if (-not $password) {
+				$certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($fullFilePath)
+			}
+			else {
+				$certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new()
+				$certificate.Import($fullFilePath, $password, 'MachineKeySet')
+			}
+		}
+		catch {
+			Write-PSFMessage -Level Warning -Message "Error opening certificate $($Configuration.FileName)" -ErrorRecord $_
+			return $false
+		}
+	}
+
+	try {
+		$store = [System.Security.Cryptography.X509Certificates.X509Store]::new(
+			$Configuration.Store,
+			[System.Security.Cryptography.X509Certificates.StoreLocation]::LocalMachine
+		)
+		$store.Open('ReadOnly')
+	}
+	catch {
+		Write-PSFMessage -Level Warning -Message "Error accessing certificate store $($Configuration.Store)" -ErrorRecord $_
+		return $false
+	}
+
+	$result = $store.Certificates.ThumbPrint -contains $certificate.ThumbPrint
+	if ($result -and (Test-Path -LiteralPath $fullPWFilePath)) {
+		Remove-Item -LiteralPath $fullPWFilePath
+		$certificate.ThumbPrint | Set-Content -Path $fullThumbprintPath
+	}
+	$result
+}
+
+$PreDeploymentCode = {
+	param (
+		$Configuration,
+
+		$WorkingDirectory
+	)
+
+	$certPath = "$WorkingDirectory\Resources\$($Configuration.FileName)"
+	if (-not (Test-Path -Path $certPath)) {
+		throw "Certificate not found! $($Configuration.FileName)"
+	}
+
+	if ($Configuration.FileName -notmatch '\.pfx$') { return }
+
+	$securePassword = Read-Host "Specify password for certificate $($Configuration.FileName)" -AsSecureString
+	$password = [PSCredential]::new("Whatever", $securePassword).GetNetworkCredential().Password
+
+	$certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new()
+	try { $certificate.Import($certPath, $password, 'EphemeralKeySet') }
+	catch {
+		throw "Password does not match Certificate: $_"
+	}
+
+	$certPasswordPath = "$($certPath)_password"
+	$password | Set-Content -Path $certPasswordPath
+}
+
+$param = @{
+	Name               = 'CertDeploy'
+	ScriptBlock        = $executionCode
+	Validate           = $validationCode
+	Description        = 'Deploys a certificate to the specified certificate store'
+	PreDeploymentCode  = $PreDeploymentCode
+	ParameterMandatory = @(
+		'FileName'
+		'Store'
+	)
+	ParameterOptional  = @(
+	)
+	Tag                = 'certificate', 'pki'
+}
+Register-VMGuestAction @param