cciget

0.0.4

src/Connect-CciGet.ps1

                                function Connect-CciGet {

<#

.SYNOPSIS

    Register configured CCI feeds as PSResource repositories and prepare credentials.

.DESCRIPTION

    For each enabled feed in Get-CciGetConfig, Connect-CciGet:

      - Ensures the Azure Artifacts Credential Provider is installed (one-time

        bootstrap on Windows; uses the Microsoft installer at

        https://github.com/microsoft/artifacts-credprovider).

      - Calls Register-PSResourceRepository for the feed (idempotent).

    After Connect-CciGet succeeds, Find-CciModule / Install-CciModule will

    transparently use the user's Entra identity (or, in CI, a workload identity)

    to authenticate to the feed. No PATs are required.

.PARAMETER Tenant

    Optional. Limit registration to the named feed only.

.PARAMETER SkipCredentialProvider

    Skip the credential-provider bootstrap (use when you have managed it

    centrally or are running in CI with a different auth strategy).

#>

    [CmdletBinding()]

    param(

        [string]$Tenant,

        [switch]$SkipCredentialProvider

    )

    if (-not (Get-Module -ListAvailable -Name Microsoft.PowerShell.PSResourceGet)) {

        throw "cciget: Microsoft.PowerShell.PSResourceGet is required but not installed. Run: Install-Module Microsoft.PowerShell.PSResourceGet -Scope CurrentUser"

    }

    Import-Module Microsoft.PowerShell.PSResourceGet -ErrorAction Stop

    if (-not $SkipCredentialProvider) {

        $pluginRoot = Join-Path $env:USERPROFILE '.nuget\plugins\netcore'

        if (-not (Test-Path $pluginRoot) -or -not (Get-ChildItem $pluginRoot -Filter 'CredentialProvider.Microsoft.dll' -Recurse -ErrorAction SilentlyContinue)) {

            Write-Host "cciget: installing Azure Artifacts Credential Provider..."

            try {

                $script = (New-Object System.Net.WebClient).DownloadString('https://aka.ms/install-artifacts-credprovider.ps1')

                Invoke-Expression $script

            } catch {

                Write-Warning "cciget: credential provider install failed: $_. You may need to install manually from https://github.com/microsoft/artifacts-credprovider."

            }

        }

    }

    $feeds = _Resolve-CciGetFeed -Tenant $Tenant

    foreach ($feed in $feeds) {

        $repoName = _Get-CciGetRepositoryName -FeedName $feed.name

        $existing = Get-PSResourceRepository -Name $repoName -ErrorAction SilentlyContinue

        if ($existing) {

            if ($existing.Uri -ne $feed.url) {

                Set-PSResourceRepository -Name $repoName -Uri $feed.url -Trusted

                Write-Verbose "cciget: updated $repoName URL."

            }

        } else {

            Register-PSResourceRepository -Name $repoName -Uri $feed.url -Trusted

            Write-Host "cciget: registered repository '$repoName' -> $($feed.url)"

        }

        # Verify auth by probing the feed. This triggers the credential provider

        # now (at connect time) so auth issues surface here, not in Find-CciModule.

        Write-Host "cciget: verifying access to '$repoName'..."

        try {

            $null = Find-PSResource -Name '_cciget_probe_' -Repository $repoName -ErrorAction Stop

        } catch {

            $msg = $_.Exception.Message

            # "no match" is fine — means auth succeeded but nothing matched the probe name

            if ($msg -notmatch 'no match|No match was found') {

                Write-Warning "cciget: auth check failed for '$repoName': $msg"

            }

        }

        Write-Host "cciget: '$repoName' connected."

    }

    Get-PSResourceRepository -Name (_Get-CciGetRepositoryName -FeedName '*')

}