From b2f387a452807b37dcbe6a45ff2d8f8ba687ce0d Mon Sep 17 00:00:00 2001
From: "Mike F. Robbins" <mikefrobbins@users.noreply.github.com>
Date: Thu, 2 Nov 2023 16:14:00 -0500
Subject: [PATCH] Retrieve tokens from secrets management

---
 .../sdwheeler.GitTools.psm1                   | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/modules/sdwheeler.GitTools/sdwheeler.GitTools.psm1 b/modules/sdwheeler.GitTools/sdwheeler.GitTools.psm1
index 4100204..d33e1ba 100644
--- a/modules/sdwheeler.GitTools/sdwheeler.GitTools.psm1
+++ b/modules/sdwheeler.GitTools/sdwheeler.GitTools.psm1
@@ -11,7 +11,7 @@ function GetIterationPaths {
     $baseurl = 'https://dev.azure.com/msft-skilling/content/powershell/_apis'
     $apiurl = 'work/teamsettings/iterations?api-version=7.0'
     $username = ' '
-    $password = ConvertTo-SecureString $env:CLDEVOPS_TOKEN -AsPlainText -Force
+    $password = Get-Secret -Name CLDEVOPS_TOKEN
     $cred = [PSCredential]::new($username, $password)
     $params = @{
             uri            = "$baseurl/$apiurl"
@@ -87,7 +87,7 @@ function Get-RepoData {
                 $apiurl = 'https://api.github.com/repos/' + $currentRepo.id
                 $hdr = @{
                     Accept        = 'application/vnd.github.json'
-                    Authorization = "token ${Env:\GITHUB_TOKEN}"
+                    Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
                 }
                 break
             }
@@ -492,7 +492,7 @@ function Get-RepoStatus {
     )
     $hdr = @{
         Accept        = 'application/vnd.github.VERSION.full+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
 
     $azlist = 'MicrosoftDocs/azure-docs-powershell', 'Azure/azure-docs-powershell-samples',
@@ -665,7 +665,7 @@ function Invoke-GitHubApi {
     }
     $hdr = @{
         Accept        = 'application/vnd.github.v3.raw+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
     $results = Invoke-RestMethod -Headers $hdr -Uri $uri -Method $method -FollowRelLink
     foreach ($page in $results) { $page }
@@ -713,7 +713,7 @@ function Import-GitHubLabels {
 
     $hdr = @{
         Accept        = 'application/vnd.github.v3+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
     $api = "https://api.github.com/repos/$RepoName/labels"
 
@@ -744,7 +744,7 @@ function Get-PrFiles {
     )
     $hdr = @{
         Accept        = 'application/vnd.github.VERSION.full+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
 
     $pr = Invoke-RestMethod "https://api.github.com/repos/$repo/pulls/$num" -Method GET -head $hdr -FollowRelLink
@@ -771,7 +771,7 @@ function Get-PrMerger {
 
     $hdr = @{
         Accept        = 'application/vnd.github.v3+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
     $query = "q=type:pr+is:merged+repo:$RepoName"
 
@@ -806,7 +806,7 @@ function Get-Issue {
 
     $hdr = @{
         Accept        = 'application/vnd.github.v3+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
     if ($null -ne $IssueUrl) {
         $RepoName = ($IssueUrl.Segments[1..2] -join '').trim('/')
@@ -840,7 +840,7 @@ function Get-IssueList {
     )
     $hdr = @{
         Accept        = 'application/vnd.github.v3.raw+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
     $apiurl = "https://api.github.com/repos/$RepoName/issues"
     $results = (Invoke-RestMethod $apiurl -Headers $hdr -FollowRelLink)
@@ -874,7 +874,7 @@ function New-PrFromBranch {
     $repo = (Show-RepoData)
     $hdr = @{
         Accept        = 'application/vnd.github.raw+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
     $apiurl = "https://api.github.com/repos/$($repo.id)/pulls"
 
@@ -960,7 +960,7 @@ function Get-DevOpsWorkItem {
     if (-not $Verbose) {$Verbose = $false}
 
     $username = ' '
-    $password = ConvertTo-SecureString $env:CLDEVOPS_TOKEN -AsPlainText -Force
+    $password = Get-Secret -Name CLDEVOPS_TOKEN
     $cred = [PSCredential]::new($username, $password)
 
     $vsuri = 'https://dev.azure.com'
@@ -1018,7 +1018,7 @@ function New-DevOpsWorkItem {
     if (-not $Verbose) {$Verbose = $false}
 
     $username = ' '
-    $password = ConvertTo-SecureString $env:CLDEVOPS_TOKEN -AsPlainText -Force
+    $password = Get-Secret -Name CLDEVOPS_TOKEN
     $cred = [PSCredential]::new($username, $password)
 
     $vsuri = 'https://dev.azure.com'
@@ -1161,7 +1161,7 @@ function Update-DevOpsWorkItem {
     if (-not $Verbose) {$Verbose = $false}
 
     $username = ' '
-    $password = ConvertTo-SecureString $env:CLDEVOPS_TOKEN -AsPlainText -Force
+    $password = Get-Secret -Name CLDEVOPS_TOKEN
     $cred = [PSCredential]::new($username, $password)
 
     $vsuri = 'https://dev.azure.com'
@@ -1462,7 +1462,7 @@ function New-MergeToLive {
     )
     $hdr = @{
         Accept        = 'application/vnd.github.v3+json'
-        Authorization = "token ${Env:\GITHUB_TOKEN}"
+        Authorization = "token $(Get-Secret -Name GITHUB_TOKEN -AsPlainText)"
     }
     $apiurl = "https://api.github.com/repos/$($repo.id)/pulls"
     $params = @{