From 9fcf5d5057e2222a6942200fcb1418c6d6151c50 Mon Sep 17 00:00:00 2001
From: Tanmay Manolkar <tamanolk@microsoft.com>
Date: Fri, 21 Jun 2024 11:42:14 -0700
Subject: [PATCH 1/6] Create automation-cert-rhel.yml

---
 .../templates/automation-cert-rhel.yml        | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 azure-pipelines/templates/automation-cert-rhel.yml

diff --git a/azure-pipelines/templates/automation-cert-rhel.yml b/azure-pipelines/templates/automation-cert-rhel.yml
new file mode 100644
index 00000000..c8b165da
--- /dev/null
+++ b/azure-pipelines/templates/automation-cert-rhel.yml
@@ -0,0 +1,29 @@
+# File: automation-cert.yml
+
+steps:
+  - task: AzureKeyVault@2
+    displayName: 'Azure Key Vault: Download Cert for Automation'
+    inputs:
+      azureSubscription: 'AuthSdkResourceManager'
+      KeyVaultName: 'msidlabs'
+      SecretsFilter: 'LabVaultAccessCert'
+
+  - task: Bash@3
+    displayName: Install Automation Cert
+    inputs:
+      targetType: inline
+      script: |
+        echo "Decoding and exporting certificate"
+        
+        # Decode base64 encoded certificate
+        echo "$LabVaultAccessCert" | base64 -d > $(Build.SourcesDirectory)/LabVaultAccessCert.pfx
+        
+        cert_path=$(Build.SourcesDirectory)/LabVaultAccessCert.pfx
+        
+        if [ -f "$cert_path" ]; then
+          echo "PFX file created successfully at certpath : $cert_path"
+          echo "##vso[task.setvariable variable=LabVaultAppCert;isOutput=true]$cert_path"
+        else
+          echo "Failed to create PFX file at $cert_path"
+          exit 1
+        fi

From cf8b84f104ba554e6122b1afe3dcf360e9c10605 Mon Sep 17 00:00:00 2001
From: Tanmay Manolkar <tamanolk@microsoft.com>
Date: Fri, 21 Jun 2024 13:12:40 -0700
Subject: [PATCH 2/6] Update automation-cert-rhel.yml

---
 .../templates/automation-cert-rhel.yml            | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/azure-pipelines/templates/automation-cert-rhel.yml b/azure-pipelines/templates/automation-cert-rhel.yml
index c8b165da..cb801781 100644
--- a/azure-pipelines/templates/automation-cert-rhel.yml
+++ b/azure-pipelines/templates/automation-cert-rhel.yml
@@ -18,12 +18,15 @@ steps:
         # Decode base64 encoded certificate
         echo "$LabVaultAccessCert" | base64 -d > $(Build.SourcesDirectory)/LabVaultAccessCert.pfx
         
-        cert_path=$(Build.SourcesDirectory)/LabVaultAccessCert.pfx
-        
-        if [ -f "$cert_path" ]; then
-          echo "PFX file created successfully at certpath : $cert_path"
-          echo "##vso[task.setvariable variable=LabVaultAppCert;isOutput=true]$cert_path"
+        # Verify the certificate file creation
+        if [ -f "$(Build.SourcesDirectory)/LabVaultAccessCert.pfx" ]; then
+          echo "The needed PFX file created successfully at $(Build.SourcesDirectory)/LabVaultAccessCert.pfx"
         else
-          echo "Failed to create PFX file at $cert_path"
+          echo "Failed to create the needed PFX file at $(Build.SourcesDirectory)/LabVaultAccessCert.pfx"
           exit 1
         fi
+  
+        # Set the certificate path as an environment variable for later steps
+        certPathVar=$(Build.SourcesDirectory)/LabVaultAccessCert.pfx
+        echo "##vso[task.setvariable variable=LabVaultAppCert]$certPathVar"
+        echo "##vso[task.setvariable variable=LabVaultAppCert;isOutput=true]$certPathVar"

From 51e7bee14b266d525f89ceb66452b46239354521 Mon Sep 17 00:00:00 2001
From: Tanmay Manolkar <tamanolk@microsoft.com>
Date: Fri, 21 Jun 2024 14:37:32 -0700
Subject: [PATCH 3/6] Update automation-cert-rhel.yml

---
 azure-pipelines/templates/automation-cert-rhel.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/azure-pipelines/templates/automation-cert-rhel.yml b/azure-pipelines/templates/automation-cert-rhel.yml
index cb801781..53ad9185 100644
--- a/azure-pipelines/templates/automation-cert-rhel.yml
+++ b/azure-pipelines/templates/automation-cert-rhel.yml
@@ -16,7 +16,10 @@ steps:
         echo "Decoding and exporting certificate"
         
         # Decode base64 encoded certificate
-        echo "$LabVaultAccessCert" | base64 -d > $(Build.SourcesDirectory)/LabVaultAccessCert.pfx
+        kvSecretBytes=$(echo "$(LabVaultAccessCert)" | base64 --decode)
+
+        # Export certificate to PKCS#12 format
+        openssl pkcs12 -export -out LabVaultAccessCert.pfx -in <(echo "$kvSecretBytes")
         
         # Verify the certificate file creation
         if [ -f "$(Build.SourcesDirectory)/LabVaultAccessCert.pfx" ]; then

From eac68da4fd098bf7139e18d8d47231171709797d Mon Sep 17 00:00:00 2001
From: Tanmay Manolkar <tamanolk@microsoft.com>
Date: Fri, 21 Jun 2024 14:54:48 -0700
Subject: [PATCH 4/6] Update automation-cert-rhel.yml

---
 azure-pipelines/templates/automation-cert-rhel.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/azure-pipelines/templates/automation-cert-rhel.yml b/azure-pipelines/templates/automation-cert-rhel.yml
index 53ad9185..b2a58fbb 100644
--- a/azure-pipelines/templates/automation-cert-rhel.yml
+++ b/azure-pipelines/templates/automation-cert-rhel.yml
@@ -16,11 +16,15 @@ steps:
         echo "Decoding and exporting certificate"
         
         # Decode base64 encoded certificate
-        kvSecretBytes=$(echo "$(LabVaultAccessCert)" | base64 --decode)
+         kvSecretBytes=$(echo "$(LabVaultAccessCert)" | tr -d '\r' | base64 -d)
 
+        # Write decoded bytes to a temporary file
+        echo "$kvSecretBytes" > LabVaultAccessCert.pem
+  
         # Export certificate to PKCS#12 format
-        openssl pkcs12 -export -out LabVaultAccessCert.pfx -in <(echo "$kvSecretBytes")
+        openssl pkcs12 -export -out LabVaultAccessCert.pfx -inkey LabVaultAccessCert.pem -in LabVaultAccessCert.pem -passout pass:
         
+      
         # Verify the certificate file creation
         if [ -f "$(Build.SourcesDirectory)/LabVaultAccessCert.pfx" ]; then
           echo "The needed PFX file created successfully at $(Build.SourcesDirectory)/LabVaultAccessCert.pfx"

From bc51c20e8f68ce46518518a9a0e6f750ee5b4dd9 Mon Sep 17 00:00:00 2001
From: tanmaymanolkar1 <65260743+tanmaymanolkar1@users.noreply.github.com>
Date: Mon, 15 Jul 2024 14:40:04 -0700
Subject: [PATCH 5/6] Update automation-cert-rhel.yml

---
 .../templates/automation-cert-rhel.yml           | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/azure-pipelines/templates/automation-cert-rhel.yml b/azure-pipelines/templates/automation-cert-rhel.yml
index b2a58fbb..a235be0c 100644
--- a/azure-pipelines/templates/automation-cert-rhel.yml
+++ b/azure-pipelines/templates/automation-cert-rhel.yml
@@ -6,7 +6,7 @@ steps:
     inputs:
       azureSubscription: 'AuthSdkResourceManager'
       KeyVaultName: 'msidlabs'
-      SecretsFilter: 'LabVaultAccessCert'
+      SecretsFilter: 'LabAuth'
 
   - task: Bash@3
     displayName: Install Automation Cert
@@ -16,24 +16,24 @@ steps:
         echo "Decoding and exporting certificate"
         
         # Decode base64 encoded certificate
-         kvSecretBytes=$(echo "$(LabVaultAccessCert)" | tr -d '\r' | base64 -d)
+         kvSecretBytes=$(echo "$(LabAuth)" | tr -d '\r' | base64 -d)
 
         # Write decoded bytes to a temporary file
-        echo "$kvSecretBytes" > LabVaultAccessCert.pem
+        echo "$kvSecretBytes" > LabAuth.pem
   
         # Export certificate to PKCS#12 format
-        openssl pkcs12 -export -out LabVaultAccessCert.pfx -inkey LabVaultAccessCert.pem -in LabVaultAccessCert.pem -passout pass:
+        openssl pkcs12 -export -out LabAuth.pfx -inkey LabAuth.pem -in LabAuth.pem -passout pass:
         
       
         # Verify the certificate file creation
-        if [ -f "$(Build.SourcesDirectory)/LabVaultAccessCert.pfx" ]; then
-          echo "The needed PFX file created successfully at $(Build.SourcesDirectory)/LabVaultAccessCert.pfx"
+        if [ -f "$(Build.SourcesDirectory)/LabAuth.pfx" ]; then
+          echo "The needed PFX file created successfully at $(Build.SourcesDirectory)/LabAuth.pfx"
         else
-          echo "Failed to create the needed PFX file at $(Build.SourcesDirectory)/LabVaultAccessCert.pfx"
+          echo "Failed to create the needed PFX file at $(Build.SourcesDirectory)/LabAuth.pfx"
           exit 1
         fi
   
         # Set the certificate path as an environment variable for later steps
-        certPathVar=$(Build.SourcesDirectory)/LabVaultAccessCert.pfx
+        certPathVar=$(Build.SourcesDirectory)/LabAuth.pfx
         echo "##vso[task.setvariable variable=LabVaultAppCert]$certPathVar"
         echo "##vso[task.setvariable variable=LabVaultAppCert;isOutput=true]$certPathVar"

From 7ac5ad60ea2443e3a601e39649b1b322ae1da47c Mon Sep 17 00:00:00 2001
From: Tanmay Manolkar <tamanolk@microsoft.com>
Date: Thu, 18 Jul 2024 16:00:22 -0700
Subject: [PATCH 6/6] Update automation-cert.yml

---
 azure-pipelines/templates/automation-cert.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/azure-pipelines/templates/automation-cert.yml b/azure-pipelines/templates/automation-cert.yml
index 1e1e7012..d545619d 100644
--- a/azure-pipelines/templates/automation-cert.yml
+++ b/azure-pipelines/templates/automation-cert.yml
@@ -45,4 +45,4 @@ steps:
         Write-Error "Failed to create PFX file at $certPathVar"
       } 
 
-      Write-Host "##vso[task.setvariable variable=LabVaultAppCert]$certPathVar"    
+      Write-Host "##vso[task.setvariable variable=LabVaultAppCert;isOutput=true]$certPathVar"