search

poshbotio / PoshBot

Powershell-based bot framework
MIT License
536 stars 108 forks source link

Adding Approvals to PoshBot Configs #155

Closed mgeorgebrown89 closed 5 years ago

mgeorgebrown89 commented 5 years ago

I've added functionality to pull credentials from an outside source like how I've seen recommended in the docs, which means I create the config new each time the bot is started up. I create a $BotParams hash table and splat this to New-PoshBotConfiguration, but when I included an ApprovalConfiguration table, it tells me a paramater cannot be found that matches. Here's my code:

$BotParams = @{
        ApprovalConfiguration    = @{
            ExpireMinutes = 30
            Commands      = @{
                Expression   = 'neverfail:*'
                Groups       = @('admin', 'Cloud Ops Engineers')
                PeerApproval = $true
            }
        }
        Name                     = $BotName
        BotAdmins                = $BotAdmin
        CommandPrefix            = '!'
        LogLevel                 = 'Verbose'
        BackendConfiguration     = @{
            Name  = 'SlackBackend'
            Token = $Token
        }
        AlternateCommandPrefixes = @('vec', 'VEC', 'Vec')
        ConfigurationDirectory   = $PoshbotPath
        LogDirectory             = $PoshbotLogs
        PluginDirectory          = $PoshbotPlugins
        PluginConfiguration      = @{
            vTM       = @{
                Credential = Get-PluginCredentials -Plugin "vTM" -Name "Credential"
            }
            neverfail = @{
                Credential = Get-PluginCredentials -Plugin "neverfail" -Name "Credential"
            }
            pingdom   = @{
                Credential = Get-PluginCredentials -Plugin "pingdom" -Name "Credential"
                AppKey     = Get-PluginCredentials -Plugin "pingdom" -Name "AppKey"
            }
            amazon    = @{
                SecretKey = Get-PluginCredentials -Plugin "amazon" -name "SecretKey"
                AccessKey = Get-PluginCredentials -Plugin "amazon" -Name "AccessKey"
            }
        }
    }

    # Set up folders for logging and plugins, save the config
    $null = mkdir $PoshbotPath, $PoshbotPlugins, $PoshbotLogs -Force
    $pbc = New-PoshBotConfiguration @BotParams

I get this error back:

New-PoshBotConfiguration : A parameter cannot be found that matches parameter name 
    'ApprovalConfiguration'.
    At C:\Repositories\PoshBot\utilities\start-poshbot.ps1:55 char:33
    + $pbc = New-PoshBotConfiguration @BotParams
    +                                 ~~~~~~~~~~
        + CategoryInfo          : InvalidArgument: (:) [New-PoshBotConfiguration], 
    ParameterBindingException
       + FullyQualifiedErrorId : NamedParameterNotFound,New-PoshBotConfiguration

I've looked a little bit at the actual PoshBot code (and will do so more) but it seems like what is actually passed in doesn't match the output in the config file. I dunno.

mgeorgebrown89 commented 5 years ago

Yes, I immediately figured it out. Never mind!

dreznicek commented 5 years ago

Would be great if you posted what you figured out :)

mgeorgebrown89 commented 5 years ago

Yeah, sorry @dreznicek . I meant to come back and do that later, but I just actually took the time to look at the code for New-PoshBotConfiguration and saw that the parameters it took were different than what I was trying. So even though a complete config.psd1 file looks like this regarding approvals:

@{
  ApprovalConfiguration = @{
    Commands = @(@{
      PeerApproval = $True
      Groups = @('admin','Cloud Ops Engineers')
      Expression = 'neverfail:*'
    },@{
      PeerApproval = $True
      Groups = @('admin','Cloud Ops Engineers')
      Expression = 'amazon:New-AWS_R53Entry:*'
    })
    ExpireMinutes = 30
  }
#more stuff
}

The parameters it accepts are ApprovalExpireMinutes and ApprovalCommandConfigurations which then I presume end up nested like the above code block. I'm not sure if this is just me being confused or the documentation needs clarification (which I'd be happy to do, I've just been focusing on getting it to work), but either way, I had to do something like this when constructing my config since I'm building it at runtime to help with credential security. 


$BotParams = @{
    ApprovalExpireMinutes = 30
    ApprovalCommandConfigurations = @(
        @{
            Expression = 'neverfail:*'
            Groups = @('admin', 'Cloud Ops Engineers')
            PeerApproval = $true
        }
        @{
            Expression = 'amazon:New-AWS_R53Entry:*'
            Groups = @('admin', 'Cloud Ops Engineers')
            PeerApproval = $true
        }
    )
#more stuff
}
devblackops commented 5 years ago

@mgeorgebrown89 @dreznicek Yes, The parameters to New-PoshBotConfiguration do not 100% match the properties in the actual [Configuration] object that the function returns. This is because some of the properties in the configuration are not native types, [ApprovalCommandConfiguration] is one of them. I thought it would be better to only expose native PowerShell types to the user / public function and keep the implementation details separate.