SecretStore Release Candidate 3

This post was originally published on this site

The SecretStore release candidate 3 (RC3) module is now available on the PowerShell Gallery. This contains an exciting new feature which allows users to non-interactively create, and configure a SecretStore. This feature was added to support CI systems and other automated scenarios.

SecretStore is an extension vault module, for PowerShell SecretManagement, which works over all supported PowerShell platforms on Windows, Linux, and macOS. For more context on this module and the SecretManagement module refer to the previous blog posts:

For more context on these modules check out these previous blog posts:

Before installing this module, please uninstall the current preview versions of the module and restart your PowerShell session.

To install these updates run the following commands:

Uninstall-Module Microsoft.PowerShell.SecretStore -Force
# Restart your PowerShell session
Install-Module -Name Microsoft.PowerShell.SecretStore -Repository PSGallery
Register-SecretVault -Name SecretStore -ModuleName Microsoft.PowerShell.SecretStore -DefaultVault -AllowClobber

SecretStore Updates

Previously, Set-SecretStoreConfiguration required manual password confirmation to make changes to SecretStore configuration. This update adds a -Password parameter to Set-SecretStoreConfiguration to endable automated creation and configuration of a SecretVault.

Breaking Change

  • The -Force parameter was removed from the Set-SecretStoreConfiguration command, and instead the -Confirm:$false should be used to suppress PowerShell confirmation prompting in automation scripts.

New Feature

  • Set-SecretStoreConfiguration command now takes a -Password parameter so that there is no need to prompt for a password

How to non-interactively create and configure a SecretStore

This is an example of automation script that installs and configures the Microsoft.PowerShell.SecretStore module without user prompting. The configuration requires a password and sets user interaction to None, so that SecretStore will never prompt the user. The configuration also requires a password, and the password is passed in as a SecureString object. The -Confirm:false parameter is used so that PowerShell will not prompt for confirmation.

The SecretStore password must be provided in a secure fashion. Here the password is being imported from an encrypted file using Windows Data Protection API, but this is a Windows only solution. Another option is to use a CI system mechanism such as secure variables.

Next, the SecretManagement module is installed and the SecretStore module registered so that the SecretStore secrets can be managed.

The Unlock-SecretStore cmdlet is used to unlock the SecretStore for this session. The password timeout was configured for 1 hour and SecretStore will remain unlocked in the session for that amount of time, after which it will need to be unlocked again before secrets can be accessed.

Install-Module -Name Microsoft.PowerShell.SecretStore -Repository PSGallery -Force
$password = Import-CliXml -Path $securePasswordPath

Set-SecretStoreConfiguration -Scope CurrentUser -Authentication Password -PasswordTimeout 3600 -Interaction None -Password $password -Confirm:$false

Install-Module -Name Microsoft.PowerShell.SecretManagement -Repository PSGallery -Force
Register-SecretVault -Name SecretStore -ModuleName Microsoft.PowerShell.SecretStore -DefaultVault

Unlock-SecretStore -Password $password

General Availability (GA)

This is a “go live” release, which means that we feel that this RC is feature complete and supported in production.

If no bugs are identified through this release, we will increment the versioning and declare the module as GA in late March. If any high-risk bugs are identified we will continue to release RCs until the quality bar is met for a GA release.

Feedback and Support

Community feedback has been essential to the iterative development of these modules. Thank you to everyone who has contributed issues, and feedback thus far! To file issues or get support for the SecretManagement interface or vault development experience please use the SecretManagement repository. For issues which pertain specifically to the SecretStore and its cmdlet interface please use the SecretStore repository.

Sydney Smith

PowerShell Team



The post SecretStore Release Candidate 3 appeared first on PowerShell Team.

Updating help for the PSReadLine module in Windows PowerShell 5.1

This post was originally published on this site

Back in November of 2020 I
posted instructions
about how to work around the problem of updating the help for the PSReadLine module.

The version of the PSReadline module that shipped in Windows PowerShell 5.1 used a lowercase
letter in the name. The name of the module was changed for the release of PowerShell 6. It now uses
a capital L in the name. And even after following the instructions in the previous post, you still
get the same error when you try to update help for Windows PowerShell 5.1.

Failed to update Help for the module(s) ‘PSReadline

The root problem in Windows PowerShell 5.1 is that the module is automatically loaded at startup
using the PSReadline name (with the lowercase l). Use the following steps workaround this
problem and update the help.

  1. Close all powershell.exe processes. Then rename the PSReadline module folder name to
  2. Open an powershell.exe session in Administrator privilege.
  3. Run Remove-Module PSReadLine to remove the auto-loaded PSReadLine module.
  4. Run Import-Module PSReadLine (use PSReadLine with capital L).
  5. Then run Update-Help -Module PSReadLine -Force

These steps load the module in your session using the new name, which allows Update-Help to use the
correct name to find the help content.

The post Updating help for the PSReadLine module in Windows PowerShell 5.1 appeared first on PowerShell Team.

Announcing PSReadLine 2.2-beta.2 with Dynamic help

This post was originally published on this site

We are pleased to announce the new feature Dynamic Help in
PSReadLine 2.2.0-beta.2.
Features like TabCompletetion and the Help system make PowerShell easier to use. Expanding on that
theme, Dynamic Help provides just-in-time help at the command line. This experience allows you to
stay focused on your work in the terminal without losing your place typing on the pipeline.

Supported Releases

Dynamic Help is implemented and presented through the PSReadLine module. In an effort to bring the
benefits of Dynamic Help to the most users, Dynamic Help is supported down-level to Windows
PowerShell 5.1.

PSReadLine 2.2.0-beta2, including Dynamic Help, is supported in the following versions:

  • Windows PowerShell 5.1
  • PowerShell 7.0+

Install PSReadLine with Dynamic Help

To receive the benefits of Dynamic Help, download and install the PSReadLine module from PSGallery.

Install-Module PSReadLine -AllowPrerelease

Getting Cmdlet Help

Dynamic Help provides a view of full cmdlet help shown on an alternative screen buffer using a cross
platform Pager utility. PSReadLine maps the function ShowCommandHelp to the F1 key.

  • When the cursor is at the end of a fully expanded cmdlet, pressing F1 displays the help for
    that cmdlet.
  • When the cursor is at the end of a fully expanded parameter, pressing F1 displays the help
    beginning at the parameter.

Image DynHelp1

The Pager in PSReadLine supports viewing content one screen at a time. To navigate the displayed
help content, press the up and down arrow keys to scroll the screen. Pressing Q exits the
alternative screen buffer and returns to the current cursor location in the the primary screen

The Pager is a work in progress and we welcome your feedback and suggestions. To provide feedback
and for more information, see the Pager repository on GitHub.

Focused Parameter Help

Pressing the Alt-h key combination provides dynamic help for parameters. The help is shown below
the current command line like MenuComplete. The cursor must be at the end of the fully-expanded
parameter name when you press the Alt-h key.

Image DynHelp Alt H


The PSReadLine function ShowParameterHelp is bound to Alt-h.
The Alt bindings do not currently work on macOS as detailed in this
issue. Mac users will need to map
ShowParameterHelp function to an available key combination.

Set-PSReadLineKeyHandler -chord "Ctrl-l" -Function ShowParameterHelp

Selection of Arguments

To rapidly select and change the arguments of a cmdlet without disturbing your syntax, press
Alt-a. Selection of arguments is scoped within a script block. Based on the cursor position, it
searches from the innermost script block to the outmost script block, and stops when it finds any
arguments in a script block scope.

Image dynhelpA


The PSReadLine function SelectCommandArgument is bound to
Alt-a. The Alt bindings do not currently work on macOS as detailed in this
issue. Mac users will need to map
SelectCommandArgument function to an available key combination.

Set-PSReadLineKeyHandler -chord "Ctrl-k" -function SelectCommandArgument

Feedback and Support

Community feedback is essential to the iterative development of PSReadLine and features like Dynamic
Help. Thank you for your continued support and engagement. To file issues for PSReadLine or Dynamic
Help, please visit the PSReadLine repository.

Jason Helmick

PowerShell Team

The post Announcing PSReadLine 2.2-beta.2 with Dynamic help appeared first on PowerShell Team.