diff --git a/step-templates/mysql-add-database-user-to-role.json b/step-templates/mysql-add-database-user-to-role.json index a07b8e52e..c3747734b 100644 --- a/step-templates/mysql-add-database-user-to-role.json +++ b/step-templates/mysql-add-database-user-to-role.json @@ -4,13 +4,13 @@ "Description": "Adds a database user to a role", "Author": "twerthi", "ActionType": "Octopus.Script", - "Version": 6, + "Version": 7, "CommunityActionTemplateId": null, "Packages": [], "Properties": { "Octopus.Action.Script.ScriptSource": "Inline", "Octopus.Action.Script.Syntax": "PowerShell", - "Octopus.Action.Script.ScriptBody": "# Define functions\nfunction Get-ModuleInstalled\n{\n # Define parameters\n param(\n $PowerShellModuleName\n )\n\n # Check to see if the module is installed\n if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName))\n {\n # It is installed\n return $true\n }\n else\n {\n # Module not installed\n return $false\n }\n}\n\nfunction Install-PowerShellModule\n{\n # Define parameters\n param(\n $PowerShellModuleName,\n $LocalModulesPath\n )\n\n\t# Check to see if the package provider has been installed\n if ((Get-NugetPackageProviderNotInstalled) -ne $false)\n {\n \t# Display that we need the nuget package provider\n Write-Host \"Nuget package provider not found, installing ...\"\n \n # Install Nuget package provider\n Install-PackageProvider -Name Nuget -Force\n }\n\n\t# Save the module in the temporary location\n Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n}\n\nfunction Get-NugetPackageProviderNotInstalled\n{\n\t# See if the nuget package provider has been installed\n return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Get-UserInRole\n{\n\t# Define parameters\n param ($UserHostname,\n $Username,\n $RoleHostName,\n $RoleName)\n \n\t# Execute query\n $grants = Invoke-SqlQuery \"SHOW GRANTS FOR '$Username'@'$UserHostName';\"\n\n # Loop through Grants\n foreach ($grant in $grants.ItemArray)\n {\n # Check grant\n if ($grant -eq \"GRANT ``$RoleName``@``$RoleHostName`` TO ``$Username``@``$UserHostName``\")\n {\n # They're in the group\n return $true\n }\n }\n\n # Not found\n return $false\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PSScriptRoot\\Modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([System.IO.Path]::PathSeparator)$env:PSModulePath\"\n$PowerShellModuleName = \"SimplySql\"\n\n# Set secure protocols\n[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12\n\n# Check to see if SimplySql module is installed\nif ((Get-ModuleInstalled -PowerShellModuleName $PowerShellModuleName) -ne $true)\n{\n # Tell user what we're doing\n Write-Output \"PowerShell module $PowerShellModuleName is not installed, downloading temporary copy ...\"\n\n # Install temporary copy\n Install-PowerShellModule -PowerShellModuleName $PowerShellModuleName -LocalModulesPath $LocalModules\n}\n\n# Display\nWrite-Output \"Importing module $PowerShellModuleName ...\"\n\n# Check to see if it was downloaded\nif ((Test-Path -Path \"$LocalModules\\$PowerShellModuleName\") -eq $true)\n{\n\t# Import from specific location\n $PowerShellModuleName = \"$LocalModules\\$PowerShellModuleName\"\n}\n\n# Declare connection string\n$connectionString = \"Server=$addMySQLServerName;Port=$addMySQLServerPort;\"\n\n# Customize connection string based on authentication method\nswitch ($mySqlAuthenticationMethod) {\n \"awsiam\" {\n # Region is part of the RDS endpoint, extract\n $region = ($addMySQLServerName.Split(\".\"))[2]\n\n Write-Host \"Generating AWS IAM token ...\"\n $addLoginPasswordWithAddRoleRights = (aws rds generate-db-auth-token --hostname $addMySQLServerName --region $region --port $addMySQLServerPort --username $addLoginWithAddRoleRights)\n \n # Append remaining portion of connection string\n $connectionString += \";Uid=$addLoginWithAddRoleRights;Pwd=`\"$addLoginPasswordWithAddRoleRights`\";\"\n\n break\n }\n\n \"usernamepassword\" {\n # Append remaining portion of connection string\n $connectionString += \";Uid=$addLoginWithAddRoleRights;Pwd=`\"$addLoginPasswordWithAddRoleRights`\";\"\n \n break \n }\n\n \"windowsauthentication\" {\n # Append remaining portion of connection string\n $connectionString += \";IntegratedSecurity=yes;Uid=$addLoginWithAddRoleRights;\"\n\n break\n }\n\n \"azuremanagedidentity\" {\n Write-Host \"Generating Azure Managed Identity token ...\"\n $token = Invoke-RestMethod -Method GET -Uri \"http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://ossrdbms-aad.database.windows.net\" -Headers @{\"MetaData\" = \"true\" }\n\n $addLoginPasswordWithAddRoleRights = $token.access_token\n\n $connectionString += \";Uid=$addLoginWithAddRoleRights;Pwd=`\"$addLoginPasswordWithAddRoleRights`\";\"\n\n break\n }\n\n \"gcpserviceaccount\" {\n # Define header\n $header = @{ \"Metadata-Flavor\" = \"Google\" }\n\n # Retrieve service accounts\n $serviceAccounts = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/\" -Headers $header\n\n # Results returned in plain text format, get into array and remove empty entries\n $serviceAccounts = $serviceAccounts.Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)\n\n # Retreive the specific service account assigned to the VM\n $serviceAccount = $serviceAccounts | Where-Object { $_.Contains(\"iam.gserviceaccount.com\") }\n\n if ([string]::IsNullOrWhiteSpace(($addLoginWithAddRoleRights))) {\n $addLoginWithAddRoleRights = $serviceAccount.SubString(0, $serviceAccount.IndexOf(\".gserviceaccount.com\"))\n }\n\n Write-Host \"Generating GCP IAM token ...\"\n # Retrieve token for account\n $token = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/$serviceAccount/token\" -Headers $header\n \n $addLoginPasswordWithAddRoleRights = $token.access_token\n $connectionString += \";Uid=$addLoginWithAddRoleRights;Pwd=`\"$addLoginPasswordWithAddRoleRights`\";\"\n\n break\n }\n}\n\n\n# Import the module\nImport-Module -Name $PowerShellModuleName\n\ntry\n{\n if ($addUseSSL -eq \"True\")\n {\n \t# Append to connection string\n $connectionString += \"SslMode=Required;\"\n }\n else\n {\n \t# Disable SSL\n $connectionString += \"SslMode=none;\"\n }\n \n Open-MySqlConnection -ConnectionString $connectionString\n \n\n # See if database exists\n $userInRole = Get-UserInRole -UserHostname $addUserHostname -Username $addUsername -RoleHostName $addRoleHostName -RoleName $addRoleName\n\n if ($userInRole -eq $false)\n {\n # Create database\n Write-Output \"Adding user $addUsername@$addUserHostName to role $addRoleName@$addRoleHostName ...\"\n $executionResults = Invoke-SqlUpdate \"GRANT '$addRoleName'@'$addRoleHostName' TO '$addUsername'@'$addUserHostName';\"\n\n # See if it was created\n $userInRole = Get-UserInRole -UserHostname $addUserHostname -Username $addUsername -RoleHostName $addRoleHostName -RoleName $addRoleName\n \n # Check array\n if ($userInRole -eq $true)\n {\n # Success\n Write-Output \"$addUserName@$addUserHostName added to $addRoleName@$addRoleHostName successfully!\"\n }\n else\n {\n # Failed\n Write-Error \"Failure adding $addUserName@$addUserHostName to $addRoleName@$addRoleHostName!\"\n }\n }\n else\n {\n \t# Display message\n Write-Output \"User $addUsername@$addUserHostName is already in role $addRoleName@$addRoleHostName\"\n }\n}\nfinally\n{\n Close-SqlConnection\n}\n" + "Octopus.Action.Script.ScriptBody": "# Define variables\n$connectionName = \"OctopusDeploy\"\n\n# Define functions\nfunction Get-ModuleInstalled\n{\n # Define parameters\n param(\n $PowerShellModuleName\n )\n\n # Check to see if the module is installed\n if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName))\n {\n # It is installed\n return $true\n }\n else\n {\n # Module not installed\n return $false\n }\n}\n\nfunction Install-PowerShellModule\n{\n # Define parameters\n param(\n $PowerShellModuleName,\n $LocalModulesPath\n )\n\n\t# Check to see if the package provider has been installed\n if ((Get-NugetPackageProviderNotInstalled) -ne $false)\n {\n \t# Display that we need the nuget package provider\n Write-Host \"Nuget package provider not found, installing ...\"\n \n # Install Nuget package provider\n Install-PackageProvider -Name Nuget -Force\n }\n\n\t# Save the module in the temporary location\n Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n}\n\nfunction Get-NugetPackageProviderNotInstalled\n{\n\t# See if the nuget package provider has been installed\n return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Get-UserInRole\n{\n\t# Define parameters\n param ($UserHostname,\n $Username,\n $RoleHostName,\n $RoleName)\n \n\t# Execute query\n $grants = Invoke-SqlQuery \"SHOW GRANTS FOR '$Username'@'$UserHostName';\" -ConnectionName $connectionName\n\n # Loop through Grants\n foreach ($grant in $grants.ItemArray)\n {\n # Check grant\n if ($grant -eq \"GRANT ``$RoleName``@``$RoleHostName`` TO ``$Username``@``$UserHostName``\")\n {\n # They're in the group\n return $true\n }\n }\n\n # Not found\n return $false\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PSScriptRoot\\Modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([System.IO.Path]::PathSeparator)$env:PSModulePath\"\n$PowerShellModuleName = \"SimplySql\"\n\n# Set secure protocols\n[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12\n\n# Check to see if SimplySql module is installed\nif ((Get-ModuleInstalled -PowerShellModuleName $PowerShellModuleName) -ne $true)\n{\n # Tell user what we're doing\n Write-Output \"PowerShell module $PowerShellModuleName is not installed, downloading temporary copy ...\"\n\n # Install temporary copy\n Install-PowerShellModule -PowerShellModuleName $PowerShellModuleName -LocalModulesPath $LocalModules\n}\n\n# Display\nWrite-Output \"Importing module $PowerShellModuleName ...\"\n\n# Check to see if it was downloaded\nif ((Test-Path -Path \"$LocalModules\\$PowerShellModuleName\") -eq $true)\n{\n\t# Import from specific location\n $PowerShellModuleName = \"$LocalModules\\$PowerShellModuleName\"\n}\n\n# Declare connection string\n$connectionString = \"Server=$addMySQLServerName;Port=$addMySQLServerPort;\"\n\n# Customize connection string based on authentication method\nswitch ($mySqlAuthenticationMethod) {\n \"awsiam\" {\n # Region is part of the RDS endpoint, extract\n $region = ($addMySQLServerName.Split(\".\"))[2]\n\n Write-Host \"Generating AWS IAM token ...\"\n $addLoginPasswordWithAddRoleRights = (aws rds generate-db-auth-token --hostname $addMySQLServerName --region $region --port $addMySQLServerPort --username $addLoginWithAddRoleRights)\n \n # Append remaining portion of connection string\n $connectionString += \";Uid=$addLoginWithAddRoleRights;Pwd=`\"$addLoginPasswordWithAddRoleRights`\";\"\n\n break\n }\n\n \"usernamepassword\" {\n # Append remaining portion of connection string\n $connectionString += \";Uid=$addLoginWithAddRoleRights;Pwd=`\"$addLoginPasswordWithAddRoleRights`\";\"\n \n break \n }\n\n \"windowsauthentication\" {\n # Append remaining portion of connection string\n $connectionString += \";IntegratedSecurity=yes;Uid=$addLoginWithAddRoleRights;\"\n\n break\n }\n\n \"azuremanagedidentity\" {\n Write-Host \"Generating Azure Managed Identity token ...\"\n $token = Invoke-RestMethod -Method GET -Uri \"http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://ossrdbms-aad.database.windows.net\" -Headers @{\"MetaData\" = \"true\" }\n\n $addLoginPasswordWithAddRoleRights = $token.access_token\n\n $connectionString += \";Uid=$addLoginWithAddRoleRights;Pwd=`\"$addLoginPasswordWithAddRoleRights`\";\"\n\n break\n }\n\n \"gcpserviceaccount\" {\n # Define header\n $header = @{ \"Metadata-Flavor\" = \"Google\" }\n\n # Retrieve service accounts\n $serviceAccounts = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/\" -Headers $header\n\n # Results returned in plain text format, get into array and remove empty entries\n $serviceAccounts = $serviceAccounts.Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)\n\n # Retreive the specific service account assigned to the VM\n $serviceAccount = $serviceAccounts | Where-Object { $_.Contains(\"iam.gserviceaccount.com\") }\n\n if ([string]::IsNullOrWhiteSpace(($addLoginWithAddRoleRights))) {\n $addLoginWithAddRoleRights = $serviceAccount.SubString(0, $serviceAccount.IndexOf(\".gserviceaccount.com\"))\n }\n\n Write-Host \"Generating GCP IAM token ...\"\n # Retrieve token for account\n $token = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/$serviceAccount/token\" -Headers $header\n \n $addLoginPasswordWithAddRoleRights = $token.access_token\n $connectionString += \";Uid=$addLoginWithAddRoleRights;Pwd=`\"$addLoginPasswordWithAddRoleRights`\";\"\n\n break\n }\n}\n\n\n# Import the module\nImport-Module -Name $PowerShellModuleName\n\ntry\n{\n if ($addUseSSL -eq \"True\")\n {\n \t# Append to connection string\n $connectionString += \"SslMode=Required;\"\n }\n else\n {\n \t# Disable SSL\n $connectionString += \"SslMode=none;\"\n }\n \n if (![string]::IsNullOrWhitespace($mysqlAdditionalParameters))\n {\n foreach ($parameter in $mysqlAdditionalParameters.Split(\",\"))\n {\n # Check for delimiter\n if (!$connectionString.EndsWith(\";\") -and !$parameter.StartsWith(\";\"))\n {\n # Append delimeter\n $connectionString +=\";\"\n }\n\n $connectionString += $parameter.Trim()\n }\n }\n \n \n Open-MySqlConnection -ConnectionString $connectionString -ConnectionName $connectionName\n \n\n # See if database exists\n $userInRole = Get-UserInRole -UserHostname $addUserHostname -Username $addUsername -RoleHostName $addRoleHostName -RoleName $addRoleName\n\n if ($userInRole -eq $false)\n {\n # Create database\n Write-Output \"Adding user $addUsername@$addUserHostName to role $addRoleName@$addRoleHostName ...\"\n $executionResults = Invoke-SqlUpdate \"GRANT '$addRoleName'@'$addRoleHostName' TO '$addUsername'@'$addUserHostName';\" -ConnectionName $connectionName\n\n # See if it was created\n $userInRole = Get-UserInRole -UserHostname $addUserHostname -Username $addUsername -RoleHostName $addRoleHostName -RoleName $addRoleName\n \n # Check array\n if ($userInRole -eq $true)\n {\n # Success\n Write-Output \"$addUserName@$addUserHostName added to $addRoleName@$addRoleHostName successfully!\"\n }\n else\n {\n # Failed\n Write-Error \"Failure adding $addUserName@$addUserHostName to $addRoleName@$addRoleHostName!\"\n }\n }\n else\n {\n \t# Display message\n Write-Output \"User $addUsername@$addUserHostName is already in role $addRoleName@$addRoleHostName\"\n }\n}\nfinally\n{\n\t# Close connection if open\n if ((Test-SqlConnection -ConnectionName $connectionName) -eq $true)\n {\n \tClose-SqlConnection -ConnectionName $connectionName\n }\n}\n" }, "Parameters": [ { @@ -113,14 +113,24 @@ "Octopus.ControlType": "Select", "Octopus.SelectOptions": "awsiam|AWS IAM\nusernamepassword|Username/password\nwindowsauthentication|Windows Authentication\nazuremanagedidentity|Azure Managed Identity\ngcpserviceaccount|GCP IAM" } + }, + { + "Id": "a97452b5-f7ef-4b72-ab2f-b440cda16343", + "Name": "mysqlAdditionalParameters", + "Label": "Additional connection string parameters", + "HelpText": "A comma-delimited list of additional parameters to add to the connection string. ex `AllowPublicKeyRetrieval=True`\"", + "DefaultValue": "", + "DisplaySettings": { + "Octopus.ControlType": "SingleLineText" + } } ], "StepPackageId": "Octopus.Script", - "LastModifiedBy": "coryreid", + "LastModifiedBy": "twerthi", "$Meta": { - "ExportedAt": "2022-06-20T15:05:10.618Z", - "OctopusVersion": "2022.3.349-hotfix.1272", - "Type": "ActionTemplate" + "ExportedAt": "2024-03-22T16:19:47.074Z", + "OctopusVersion": "2024.1.12087", + "Type": "ActionTemplate" }, "Category": "mysql" } diff --git a/step-templates/mysql-create-database.json b/step-templates/mysql-create-database.json index 12f25e573..0e26fb903 100644 --- a/step-templates/mysql-create-database.json +++ b/step-templates/mysql-create-database.json @@ -4,12 +4,12 @@ "Description": "Creates a MySQL database if it doesn't already exist. This template is also compatible with MariaDB.\n\nNote - this template will install the Nuget package provider if it's not already present.", "ActionType": "Octopus.Script", "Author": "twerthi", - "Version": 8, + "Version": 9, "Packages": [], "Properties": { "Octopus.Action.Script.ScriptSource": "Inline", "Octopus.Action.Script.Syntax": "PowerShell", - "Octopus.Action.Script.ScriptBody": "# Define variables\n$connectionName = \"OctopusDeploy\"\n\n# Define functions\nfunction Get-ModuleInstalled {\n # Define parameters\n param(\n $PowerShellModuleName\n )\n\n # Check to see if the module is installed\n if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName)) {\n # It is installed\n return $true\n }\n else {\n # Module not installed\n return $false\n }\n}\n\nfunction Install-PowerShellModule {\n # Define parameters\n param(\n $PowerShellModuleName,\n $LocalModulesPath\n )\n\n # Check to see if the package provider has been installed\n if ((Get-NugetPackageProviderNotInstalled) -ne $false) {\n # Display that we need the nuget package provider\n Write-Host \"Nuget package provider not found, installing ...\"\n \n # Install Nuget package provider\n Install-PackageProvider -Name Nuget -Force\n }\n\n # Save the module in the temporary location\n Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n}\n\nfunction Get-NugetPackageProviderNotInstalled {\n # See if the nuget package provider has been installed\n return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Get-DatabaseExists {\n # Define parameters\n param ($DatabaseName)\n \n # Execute query\n return Invoke-SqlQuery \"SHOW DATABASES LIKE '$DatabaseName';\" -ConnectionName $connectionName\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PSScriptRoot\\Modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([System.IO.Path]::PathSeparator)$env:PSModulePath\"\n$PowerShellModuleName = \"SimplySql\"\n\n# Set secure protocols\n[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12\n\n# Check to see if SimplySql module is installed\nif ((Get-ModuleInstalled -PowerShellModuleName $PowerShellModuleName) -ne $true) {\n # Tell user what we're doing\n Write-Output \"PowerShell module $PowerShellModuleName is not installed, downloading temporary copy ...\"\n\n # Install temporary copy\n Install-PowerShellModule -PowerShellModuleName $PowerShellModuleName -LocalModulesPath $LocalModules\n}\n\n# Display\nWrite-Output \"Importing module $PowerShellModuleName ...\"\n\n# Check to see if it was downloaded\nif ((Test-Path -Path \"$LocalModules\\$PowerShellModuleName\") -eq $true) {\n # Import from temp location\n $PowerShellModuleName = \"$LocalModules\\$PowerShellModuleName\"\n}\n\n# Declare connection string\n$connectionString = \"Server=$createMySQLServerName;Port=$createPort;\"\n\n# Customize connection string based on authentication method\nswitch ($mySqlAuthenticationMethod) {\n \"awsiam\" {\n # Region is part of the RDS endpoint, extract\n $region = ($createMySQLServerName.Split(\".\"))[2]\n\n Write-Host \"Generating AWS IAM token ...\"\n $createUserPassword = (aws rds generate-db-auth-token --hostname $createMySQLServerName --region $region --port $createPort --username $createUsername)\n \n # Append remaining portion of connection string\n $connectionString += \";Uid=$createUsername;Pwd=`\"$createUserPassword`\";\"\n\n break\n }\n\n \"usernamepassword\" {\n # Append remaining portion of connection string\n $connectionString += \";Uid=$createUsername;Pwd=`\"$createUserPassword`\";\"\n \n break \n }\n\n \"windowsauthentication\" {\n # Append remaining portion of connection string\n $connectionString += \";IntegratedSecurity=yes;Uid=$createUsername;\"\n\n break\n }\n\n \"azuremanagedidentity\" {\n Write-Host \"Generating Azure Managed Identity token ...\"\n $token = Invoke-RestMethod -Method GET -Uri \"http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://ossrdbms-aad.database.windows.net\" -Headers @{\"MetaData\" = \"true\" }\n\n $createUserPassword = $token.access_token\n\n $connectionString += \";Uid=$createUsername;Pwd=`\"$createUserPassword`\";\"\n\n break\n }\n\n \"gcpserviceaccount\" {\n # Define header\n $header = @{ \"Metadata-Flavor\" = \"Google\" }\n\n # Retrieve service accounts\n $serviceAccounts = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/\" -Headers $header\n\n # Results returned in plain text format, get into array and remove empty entries\n $serviceAccounts = $serviceAccounts.Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)\n\n # Retreive the specific service account assigned to the VM\n $serviceAccount = $serviceAccounts | Where-Object { $_.Contains(\"iam.gserviceaccount.com\") }\n\n if ([string]::IsNullOrWhiteSpace(($createUsername))) {\n $createUsername = $serviceAccount.SubString(0, $serviceAccount.IndexOf(\".gserviceaccount.com\"))\n }\n\n Write-Host \"Generating GCP IAM token ...\"\n # Retrieve token for account\n $token = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/$serviceAccount/token\" -Headers $header\n \n $createUserPassword = $token.access_token\n $connectionString += \";Uid=$createUsername;Pwd=`\"$createUserPassword`\";\"\n\n break\n }\n}\n\n\n# Import the module\nImport-Module -Name $PowerShellModuleName\n\n\ntry {\n # Connect to MySQL\n $connectionString = \"Server=$createMySQLServerName;Port=$createPort;Uid=$createUsername;Pwd=$createUserPassword;\"\n if ($createUseSSL -eq \"True\") {\n # Append to connection string\n $connectionString += \"SslMode=Required;\"\n }\n else {\n # Disable ssl\n $connectionString += \"SslMode=none;\"\n }\n \n Open-MySqlConnection -ConnectionString $connectionString -ConnectionName $connectionName\n\n # See if database exists\n $databaseExists = Get-DatabaseExists -DatabaseName $createDatabaseName\n\n if ($databaseExists.ItemArray.Count -eq 0) {\n # Create database\n Write-Output \"Creating database $createDatabaseName ...\"\n $executionResult = Invoke-SqlUpdate \"CREATE DATABASE $createDatabaseName;\" -ConnectionName $connectionName\n\n # Check result\n if ($executionResult -ne 1) {\n # Commit transaction\n Write-Error \"Create schema failed.\"\n }\n else {\n # See if it was created\n $databaseExists = Get-DatabaseExists -DatabaseName $createDatabaseName\n \n # Check array\n if ($databaseExists.ItemArray.Count -eq 1) {\n # Success\n Write-Output \"$createDatabaseName created successfully!\"\n }\n else {\n # Failed\n Write-Error \"$createDatabaseName was not created!\"\n }\n }\n }\n else {\n # Display message\n Write-Output \"Database $createDatabaseName already exists.\"\n }\n}\nfinally {\n\t# Close connection if open\n if ((Test-SqlConnection -ConnectionName $connectionName) -eq $true)\n {\n \tClose-SqlConnection -ConnectionName $connectionName\n }\n}" + "Octopus.Action.Script.ScriptBody": "# Define variables\n$connectionName = \"OctopusDeploy\"\n\n# Define functions\nfunction Get-ModuleInstalled {\n # Define parameters\n param(\n $PowerShellModuleName\n )\n\n # Check to see if the module is installed\n if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName)) {\n # It is installed\n return $true\n }\n else {\n # Module not installed\n return $false\n }\n}\n\nfunction Install-PowerShellModule {\n # Define parameters\n param(\n $PowerShellModuleName,\n $LocalModulesPath\n )\n\n # Check to see if the package provider has been installed\n if ((Get-NugetPackageProviderNotInstalled) -ne $false) {\n # Display that we need the nuget package provider\n Write-Host \"Nuget package provider not found, installing ...\"\n \n # Install Nuget package provider\n Install-PackageProvider -Name Nuget -Force\n }\n\n # Save the module in the temporary location\n Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n}\n\nfunction Get-NugetPackageProviderNotInstalled {\n # See if the nuget package provider has been installed\n return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Get-DatabaseExists {\n # Define parameters\n param ($DatabaseName)\n \n # Execute query\n return Invoke-SqlQuery \"SHOW DATABASES LIKE '$DatabaseName';\" -ConnectionName $connectionName\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PSScriptRoot\\Modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([System.IO.Path]::PathSeparator)$env:PSModulePath\"\n$PowerShellModuleName = \"SimplySql\"\n\n# Set secure protocols\n[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12\n\n# Check to see if SimplySql module is installed\nif ((Get-ModuleInstalled -PowerShellModuleName $PowerShellModuleName) -ne $true) {\n # Tell user what we're doing\n Write-Output \"PowerShell module $PowerShellModuleName is not installed, downloading temporary copy ...\"\n\n # Install temporary copy\n Install-PowerShellModule -PowerShellModuleName $PowerShellModuleName -LocalModulesPath $LocalModules\n}\n\n# Display\nWrite-Output \"Importing module $PowerShellModuleName ...\"\n\n# Check to see if it was downloaded\nif ((Test-Path -Path \"$LocalModules\\$PowerShellModuleName\") -eq $true) {\n # Import from temp location\n $PowerShellModuleName = \"$LocalModules\\$PowerShellModuleName\"\n}\n\n# Declare connection string\n$connectionString = \"Server=$createMySQLServerName;Port=$createPort;\"\n\n# Customize connection string based on authentication method\nswitch ($mySqlAuthenticationMethod) {\n \"awsiam\" {\n # Region is part of the RDS endpoint, extract\n $region = ($createMySQLServerName.Split(\".\"))[2]\n\n Write-Host \"Generating AWS IAM token ...\"\n $createUserPassword = (aws rds generate-db-auth-token --hostname $createMySQLServerName --region $region --port $createPort --username $createUsername)\n \n # Append remaining portion of connection string\n $connectionString += \";Uid=$createUsername;Pwd=`\"$createUserPassword`\";\"\n\n break\n }\n\n \"usernamepassword\" {\n # Append remaining portion of connection string\n $connectionString += \";Uid=$createUsername;Pwd=`\"$createUserPassword`\";\"\n \n break \n }\n\n \"windowsauthentication\" {\n # Append remaining portion of connection string\n $connectionString += \";IntegratedSecurity=yes;Uid=$createUsername;\"\n\n break\n }\n\n \"azuremanagedidentity\" {\n Write-Host \"Generating Azure Managed Identity token ...\"\n $token = Invoke-RestMethod -Method GET -Uri \"http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://ossrdbms-aad.database.windows.net\" -Headers @{\"MetaData\" = \"true\" }\n\n $createUserPassword = $token.access_token\n\n $connectionString += \";Uid=$createUsername;Pwd=`\"$createUserPassword`\";\"\n\n break\n }\n\n \"gcpserviceaccount\" {\n # Define header\n $header = @{ \"Metadata-Flavor\" = \"Google\" }\n\n # Retrieve service accounts\n $serviceAccounts = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/\" -Headers $header\n\n # Results returned in plain text format, get into array and remove empty entries\n $serviceAccounts = $serviceAccounts.Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)\n\n # Retreive the specific service account assigned to the VM\n $serviceAccount = $serviceAccounts | Where-Object { $_.Contains(\"iam.gserviceaccount.com\") }\n\n if ([string]::IsNullOrWhiteSpace(($createUsername))) {\n $createUsername = $serviceAccount.SubString(0, $serviceAccount.IndexOf(\".gserviceaccount.com\"))\n }\n\n Write-Host \"Generating GCP IAM token ...\"\n # Retrieve token for account\n $token = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/$serviceAccount/token\" -Headers $header\n \n $createUserPassword = $token.access_token\n $connectionString += \";Uid=$createUsername;Pwd=`\"$createUserPassword`\";\"\n\n break\n }\n}\n\n\n# Import the module\nImport-Module -Name $PowerShellModuleName\n\n\ntry {\n # Connect to MySQL\n $connectionString = \"Server=$createMySQLServerName;Port=$createPort;Uid=$createUsername;Pwd=$createUserPassword;\"\n if ($createUseSSL -eq \"True\") {\n # Append to connection string\n $connectionString += \"SslMode=Required;\"\n }\n else {\n # Disable ssl\n $connectionString += \"SslMode=none;\"\n }\n \n if (![string]::IsNullOrWhitespace($mysqlAdditionalParameters))\n {\n foreach ($parameter in $mysqlAdditionalParameters.Split(\",\"))\n {\n # Check for delimiter\n if (!$connectionString.EndsWith(\";\") -and !$parameter.StartsWith(\";\"))\n {\n # Append delimeter\n $connectionString +=\";\"\n }\n\n $connectionString += $parameter.Trim()\n }\n }\n \n Open-MySqlConnection -ConnectionString $connectionString -ConnectionName $connectionName\n\n # See if database exists\n $databaseExists = Get-DatabaseExists -DatabaseName $createDatabaseName\n\n if ($databaseExists.ItemArray.Count -eq 0) {\n # Create database\n Write-Output \"Creating database $createDatabaseName ...\"\n $executionResult = Invoke-SqlUpdate \"CREATE DATABASE $createDatabaseName;\" -ConnectionName $connectionName\n\n # Check result\n if ($executionResult -ne 1) {\n # Commit transaction\n Write-Error \"Create schema failed.\"\n }\n else {\n # See if it was created\n $databaseExists = Get-DatabaseExists -DatabaseName $createDatabaseName\n \n # Check array\n if ($databaseExists.ItemArray.Count -eq 1) {\n # Success\n Write-Output \"$createDatabaseName created successfully!\"\n }\n else {\n # Failed\n Write-Error \"$createDatabaseName was not created!\"\n }\n }\n }\n else {\n # Display message\n Write-Output \"Database $createDatabaseName already exists.\"\n }\n}\nfinally {\n\t# Close connection if open\n if ((Test-SqlConnection -ConnectionName $connectionName) -eq $true)\n {\n \tClose-SqlConnection -ConnectionName $connectionName\n }\n}" }, "Parameters": [ { @@ -82,6 +82,16 @@ "Octopus.ControlType": "Select", "Octopus.SelectOptions": "awsiam|AWS IAM\nusernamepassword|Username/password\nwindowsauthentication|Windows Authentication\nazuremanagedidentity|Azure Managed Identity\ngcpserviceaccount|GCP IAM" } + }, + { + "Id": "273612dc-5c75-4591-9da9-dc8e40b7bf39", + "Name": "mysqlAdditionalParameters", + "Label": "Additional connection string parameters", + "HelpText": "A comma-delimited list of additional parameters to add to the connection string. ex `AllowPublicKeyRetrieval=True`", + "DefaultValue": "", + "DisplaySettings": { + "Octopus.ControlType": "SingleLineText" + } } ], "StepPackageId": "Octopus.Script", diff --git a/step-templates/mysql-create-user.json b/step-templates/mysql-create-user.json index 28d4afaac..a33c9cd49 100644 --- a/step-templates/mysql-create-user.json +++ b/step-templates/mysql-create-user.json @@ -3,13 +3,13 @@ "Name": "MySQL - Create User If Not Exists", "Description": "Creates a new user account on a MySQL database server", "ActionType": "Octopus.Script", - "Version": 6, + "Version": 7, "Author": "twerthi", "Packages": [], "Properties": { "Octopus.Action.Script.ScriptSource": "Inline", "Octopus.Action.Script.Syntax": "PowerShell", - "Octopus.Action.Script.ScriptBody": "# Define functions\nfunction Get-ModuleInstalled\n{\n # Define parameters\n param(\n $PowerShellModuleName\n )\n\n # Check to see if the module is installed\n if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName))\n {\n # It is installed\n return $true\n }\n else\n {\n # Module not installed\n return $false\n }\n}\n\nfunction Install-PowerShellModule\n{\n # Define parameters\n param(\n $PowerShellModuleName,\n $LocalModulesPath\n )\n\n\t# Check to see if the package provider has been installed\n if ((Get-NugetPackageProviderNotInstalled) -ne $false)\n {\n \t# Display that we need the nuget package provider\n Write-Host \"Nuget package provider not found, installing ...\"\n \n # Install Nuget package provider\n Install-PackageProvider -Name Nuget -Force\n }\n\n\t# Save the module in the temporary location\n Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n}\n\nfunction Get-NugetPackageProviderNotInstalled\n{\n\t# See if the nuget package provider has been installed\n return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Get-UserExists\n{\n\t# Define parameters\n param ($Hostname,\n $Username)\n \n\t# Execute query\n return Invoke-SqlQuery \"SELECT * FROM mysql.user WHERE Host = '$Hostname' AND User = '$Username';\"\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PSScriptRoot\\Modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([System.IO.Path]::PathSeparator)$env:PSModulePath\"\n$PowerShellModuleName = \"SimplySql\"\n\n# Set secure protocols\n[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12\n\n# Check to see if SimplySql module is installed\nif ((Get-ModuleInstalled -PowerShellModuleName $PowerShellModuleName) -ne $true)\n{\n # Tell user what we're doing\n Write-Output \"PowerShell module $PowerShellModuleName is not installed, downloading temporary copy ...\"\n\n # Install temporary copy\n Install-PowerShellModule -PowerShellModuleName $PowerShellModuleName -LocalModulesPath $LocalModules\n}\n\n# Display\nWrite-Output \"Importing module $PowerShellModuleName ...\"\n\n# Check to see if it was downloaded\nif ((Test-Path -Path \"$LocalModules\\$PowerShellModuleName\") -eq $true)\n{\n\t# Use specific location\n $PowerShellModuleName = \"$LocalModules\\$PowerShellModuleName\"\n}\n\n# Declare connection string\n$connectionString = \"Server=$createMySQLServerName;Port=$createPort;\"\n$connectionString = \"Server=$createMySQLServerName;Port=$createMySQLServerPort;Uid=$createLoginWithAddUserRights;Pwd=$createLoginPasswordWithAddUserRights;\"\n\n\n# Customize connection string based on authentication method\nswitch ($mySqlAuthenticationMethod) {\n \"awsiam\" {\n # Region is part of the RDS endpoint, extract\n $region = ($createMySQLServerName.Split(\".\"))[2]\n\n Write-Host \"Generating AWS IAM token ...\"\n $createLoginPasswordWithAddUserRights = (aws rds generate-db-auth-token --hostname $createMySQLServerName --region $region --port $createPort --username $createLoginWithAddUserRights)\n \n # Append remaining portion of connection string\n $connectionString += \";Uid=$createLoginWithAddUserRights;Pwd=`\"$createLoginPasswordWithAddUserRights`\";\"\n\n break\n }\n\n \"usernamepassword\" {\n # Append remaining portion of connection string\n $connectionString += \";Uid=$createLoginWithAddUserRights;Pwd=`\"$createLoginPasswordWithAddUserRights`\";\"\n \n break \n }\n\n \"windowsauthentication\" {\n # Append remaining portion of connection string\n $connectionString += \";IntegratedSecurity=yes;Uid=$createLoginWithAddUserRights;\"\n\n break\n }\n\n \"azuremanagedidentity\" {\n Write-Host \"Generating Azure Managed Identity token ...\"\n $token = Invoke-RestMethod -Method GET -Uri \"http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://ossrdbms-aad.database.windows.net\" -Headers @{\"MetaData\" = \"true\" }\n\n $createLoginPasswordWithAddUserRights = $token.access_token\n\n $connectionString += \";Uid=$createLoginWithAddUserRights;Pwd=`\"$createLoginPasswordWithAddUserRights`\";\"\n\n break\n }\n\n \"gcpserviceaccount\" {\n # Define header\n $header = @{ \"Metadata-Flavor\" = \"Google\" }\n\n # Retrieve service accounts\n $serviceAccounts = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/\" -Headers $header\n\n # Results returned in plain text format, get into array and remove empty entries\n $serviceAccounts = $serviceAccounts.Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)\n\n # Retreive the specific service account assigned to the VM\n $serviceAccount = $serviceAccounts | Where-Object { $_.Contains(\"iam.gserviceaccount.com\") }\n\n if ([string]::IsNullOrWhiteSpace(($createLoginWithAddUserRights)))\n {\n $createLoginWithAddUserRights = $serviceAccount.SubString(0, $serviceAccount.IndexOf(\".gserviceaccount.com\"))\n }\n\n Write-Host \"Generating GCP IAM token ...\"\n # Retrieve token for account\n $token = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/$serviceAccount/token\" -Headers $header\n \n $createLoginPasswordWithAddUserRights = $token.access_token\n $connectionString += \";Uid=$createLoginWithAddUserRights;Pwd=`\"$createLoginPasswordWithAddUserRights`\";\"\n\n break\n }\n}\n\n# Import the module\nImport-Module -Name $PowerShellModuleName\n\ntry\n{\n\t# Connect to MySQL\n if ($createUseSSL -eq \"True\")\n {\n \t# Append to connection string\n $connectionString += \"SslMode=Required;\"\n }\n else\n {\n \t# Disable ssl\n $connectionString += \"SslMode=none;\"\n }\n \n Open-MySqlConnection -ConnectionString $connectionString\n\n # See if database exists\n $userExists = Get-UserExists -Hostname $createUserHostname -Username $createNewUsername\n\n if ($userExists -eq $null)\n {\n # Create database\n Write-Output \"Creating user $createNewUsername ...\"\n $executionResults = Invoke-SqlUpdate \"CREATE USER '$createNewUsername'@'$createUserHostname' IDENTIFIED BY '$createNewUserPassword';\"\n\n # See if it was created\n $userExists = Get-UserExists -Hostname $createUserHostname -Username $createNewUsername\n \n # Check array\n if ($userExists -ne $null)\n {\n # Success\n Write-Output \"$createNewUsername created successfully!\"\n }\n else\n {\n # Failed\n Write-Error \"$createNewUsername was not created!\"\n }\n }\n else\n {\n \t# Display message\n Write-Output \"User $createNewUsername on $createUserHostname already exists.\"\n }\n}\nfinally\n{\n Close-SqlConnection\n}\n" + "Octopus.Action.Script.ScriptBody": "# Define variables\n$connectionName = \"OctopusDeploy\"\n\n# Define functions\nfunction Get-ModuleInstalled\n{\n # Define parameters\n param(\n $PowerShellModuleName\n )\n\n # Check to see if the module is installed\n if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName))\n {\n # It is installed\n return $true\n }\n else\n {\n # Module not installed\n return $false\n }\n}\n\nfunction Install-PowerShellModule\n{\n # Define parameters\n param(\n $PowerShellModuleName,\n $LocalModulesPath\n )\n\n\t# Check to see if the package provider has been installed\n if ((Get-NugetPackageProviderNotInstalled) -ne $false)\n {\n \t# Display that we need the nuget package provider\n Write-Host \"Nuget package provider not found, installing ...\"\n \n # Install Nuget package provider\n Install-PackageProvider -Name Nuget -Force\n }\n\n\t# Save the module in the temporary location\n Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n}\n\nfunction Get-NugetPackageProviderNotInstalled\n{\n\t# See if the nuget package provider has been installed\n return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Get-UserExists\n{\n\t# Define parameters\n param ($Hostname,\n $Username)\n \n\t# Execute query\n return Invoke-SqlQuery \"SELECT * FROM mysql.user WHERE Host = '$Hostname' AND User = '$Username';\" -ConnectionName $connectionName\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PSScriptRoot\\Modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([System.IO.Path]::PathSeparator)$env:PSModulePath\"\n$PowerShellModuleName = \"SimplySql\"\n\n# Set secure protocols\n[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12\n\n# Check to see if SimplySql module is installed\nif ((Get-ModuleInstalled -PowerShellModuleName $PowerShellModuleName) -ne $true)\n{\n # Tell user what we're doing\n Write-Output \"PowerShell module $PowerShellModuleName is not installed, downloading temporary copy ...\"\n\n # Install temporary copy\n Install-PowerShellModule -PowerShellModuleName $PowerShellModuleName -LocalModulesPath $LocalModules\n}\n\n# Display\nWrite-Output \"Importing module $PowerShellModuleName ...\"\n\n# Check to see if it was downloaded\nif ((Test-Path -Path \"$LocalModules\\$PowerShellModuleName\") -eq $true)\n{\n\t# Use specific location\n $PowerShellModuleName = \"$LocalModules\\$PowerShellModuleName\"\n}\n\n# Declare connection string\n$connectionString = \"Server=$createMySQLServerName;Port=$createPort;\"\n$connectionString = \"Server=$createMySQLServerName;Port=$createMySQLServerPort;Uid=$createLoginWithAddUserRights;Pwd=$createLoginPasswordWithAddUserRights;\"\n\n\n# Customize connection string based on authentication method\nswitch ($mySqlAuthenticationMethod) {\n \"awsiam\" {\n # Region is part of the RDS endpoint, extract\n $region = ($createMySQLServerName.Split(\".\"))[2]\n\n Write-Host \"Generating AWS IAM token ...\"\n $createLoginPasswordWithAddUserRights = (aws rds generate-db-auth-token --hostname $createMySQLServerName --region $region --port $createPort --username $createLoginWithAddUserRights)\n \n # Append remaining portion of connection string\n $connectionString += \";Uid=$createLoginWithAddUserRights;Pwd=`\"$createLoginPasswordWithAddUserRights`\";\"\n\n break\n }\n\n \"usernamepassword\" {\n # Append remaining portion of connection string\n $connectionString += \";Uid=$createLoginWithAddUserRights;Pwd=`\"$createLoginPasswordWithAddUserRights`\";\"\n \n break \n }\n\n \"windowsauthentication\" {\n # Append remaining portion of connection string\n $connectionString += \";IntegratedSecurity=yes;Uid=$createLoginWithAddUserRights;\"\n\n break\n }\n\n \"azuremanagedidentity\" {\n Write-Host \"Generating Azure Managed Identity token ...\"\n $token = Invoke-RestMethod -Method GET -Uri \"http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://ossrdbms-aad.database.windows.net\" -Headers @{\"MetaData\" = \"true\" }\n\n $createLoginPasswordWithAddUserRights = $token.access_token\n\n $connectionString += \";Uid=$createLoginWithAddUserRights;Pwd=`\"$createLoginPasswordWithAddUserRights`\";\"\n\n break\n }\n\n \"gcpserviceaccount\" {\n # Define header\n $header = @{ \"Metadata-Flavor\" = \"Google\" }\n\n # Retrieve service accounts\n $serviceAccounts = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/\" -Headers $header\n\n # Results returned in plain text format, get into array and remove empty entries\n $serviceAccounts = $serviceAccounts.Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)\n\n # Retreive the specific service account assigned to the VM\n $serviceAccount = $serviceAccounts | Where-Object { $_.Contains(\"iam.gserviceaccount.com\") }\n\n if ([string]::IsNullOrWhiteSpace(($createLoginWithAddUserRights)))\n {\n $createLoginWithAddUserRights = $serviceAccount.SubString(0, $serviceAccount.IndexOf(\".gserviceaccount.com\"))\n }\n\n Write-Host \"Generating GCP IAM token ...\"\n # Retrieve token for account\n $token = Invoke-RestMethod -Method Get -Uri \"http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/$serviceAccount/token\" -Headers $header\n \n $createLoginPasswordWithAddUserRights = $token.access_token\n $connectionString += \";Uid=$createLoginWithAddUserRights;Pwd=`\"$createLoginPasswordWithAddUserRights`\";\"\n\n break\n }\n}\n\n# Import the module\nImport-Module -Name $PowerShellModuleName\n\ntry\n{\n\t# Connect to MySQL\n if ($createUseSSL -eq \"True\")\n {\n \t# Append to connection string\n $connectionString += \"SslMode=Required;\"\n }\n else\n {\n \t# Disable ssl\n $connectionString += \"SslMode=none;\"\n }\n\n if (![string]::IsNullOrWhitespace($mysqlAdditionalParameters))\n {\n foreach ($parameter in $mysqlAdditionalParameters.Split(\",\"))\n {\n # Check for delimiter\n if (!$connectionString.EndsWith(\";\") -and !$parameter.StartsWith(\";\"))\n {\n # Append delimeter\n $connectionString +=\";\"\n }\n\n $connectionString += $parameter.Trim()\n }\n }\n\n\tOpen-MySqlConnection -ConnectionString $connectionString -ConnectionName $connectionName\n \n # See if database exists\n $userExists = Get-UserExists -Hostname $createUserHostname -Username $createNewUsername\n\n if ($userExists -eq $null)\n {\n # Create database\n Write-Output \"Creating user $createNewUsername ...\"\n $executionResults = Invoke-SqlUpdate \"CREATE USER '$createNewUsername'@'$createUserHostname' IDENTIFIED BY '$createNewUserPassword';\" -ConnectionName $connectionName\n\n # See if it was created\n $userExists = Get-UserExists -Hostname $createUserHostname -Username $createNewUsername\n \n # Check array\n if ($userExists -ne $null)\n {\n # Success\n Write-Output \"$createNewUsername created successfully!\"\n }\n else\n {\n # Failed\n Write-Error \"$createNewUsername was not created!\"\n }\n }\n else\n {\n \t# Display message\n Write-Output \"User $createNewUsername on $createUserHostname already exists.\"\n }\n}\nfinally\n{\n\t# Close connection if open\n if ((Test-SqlConnection -ConnectionName $connectionName) -eq $true)\n {\n \tClose-SqlConnection -ConnectionName $connectionName\n }\n}\n" }, "Parameters": [ { @@ -102,14 +102,24 @@ "Octopus.ControlType": "Select", "Octopus.SelectOptions": "awsiam|AWS IAM\nusernamepassword|Username/password\nwindowsauthentication|Windows Authentication\nazuremanagedidentity|Azure Managed Identity\ngcpserviceaccount|GCP IAM" } + }, + { + "Id": "5a8ca84d-ad02-46ac-b8f2-f19191fe9cc5", + "Name": "mysqlAdditionalParameters", + "Label": "Additional connection string parameters", + "HelpText": "A comma-delimited list of additional parameters to add to the connection string. ex `AllowPublicKeyRetrieval=True`", + "DefaultValue": "", + "DisplaySettings": { + "Octopus.ControlType": "SingleLineText" + } } ], - "LastModifiedBy": "coryreid", + "LastModifiedBy": "twerthi", "StepPackageId": "Octopus.Script", "$Meta": { - "ExportedAt": "2022-06-20T15:01:57.470Z", - "OctopusVersion": "2022.3.349-hotfix.1272", - "Type": "ActionTemplate" + "ExportedAt": "2024-03-22T16:22:09.124Z", + "OctopusVersion": "2024.1.12087", + "Type": "ActionTemplate" }, "Category": "mysql" }