Question

Powershell Orch - Call a pre-built scripts and pass params

  • 16 November 2022
  • 7 replies
  • 220 views

Userlevel 1
Badge

Hi there

 

Im wondering if its possible for the powershell orch app to be able to call a pre-built script and pass parameters to it.

I have a few scripts that would be ideal to now turn into Service requests but the scripts all have built in creds (using encrytion), which ive seen the Powershell App struggles with.  But if i can call my script and simply pass some parameters to it then it “should” work.  The scripts are stored on the Server we installed FS Orch on

and egample of what im looking for is
execute command

.\nameofscript.ps {{ticket.id}} {{ticket.from_email}}

this would call the script and pass “ticket id” and “Ticket from Email” as the params


7 replies

Userlevel 7
Badge +16

Hello @Chris.Armitage I am in the process of setting up some powershell scripts inside of a custom object. I bet you could try and pass in placeholders that are associate to the ticket that calls the custom object and ultimately runs the script. Would be cool if that worked. Will need to test it.

Userlevel 1
Badge

yeah ideally in my head you should be able to potentially use invoke-command call the script from a share and pass the params at the end ie 

 

invoke-command -filepath \\<server>\<share>\<script.ps1> <param from ticket> <param from ticket>

You could also use invoke-expression id guess but so far ive had no luck. 

while i could simply copy and paste the scripts into teh command box i find the box is way too small to really work in plus im not comfortable with storing credentials there.

currently ive been looking at a solution where by we have a token from Github stored in a keyvault in azure and account can access that with an encrypted key password to then access Github grab teh required script save it to a temp file and then pass parameters to the temp script, once done it’ll remove the temp.  Early testing this works well but would be a manual task with someone running a script and filling in a couple of bits from teh ticket/SR, which isnt ideal

Userlevel 7
Badge +16

yeah ideally in my head you should be able to potentially use invoke-command call the script from a share and pass the params at the end ie 

 

invoke-command -filepath \\<server>\<share>\<script.ps1> <param from ticket> <param from ticket>

You could also use invoke-expression id guess but so far ive had no luck. 

while i could simply copy and paste the scripts into teh command box i find the box is way too small to really work in plus im not comfortable with storing credentials there.

currently ive been looking at a solution where by we have a token from Github stored in a keyvault in azure and account can access that with an encrypted key password to then access Github grab teh required script save it to a temp file and then pass parameters to the temp script, once done it’ll remove the temp.  Early testing this works well but would be a manual task with someone running a script and filling in a couple of bits from teh ticket/SR, which isnt ideal

Wow that is clever!!! I am not a big advocate for how authenticating works in orchestration applications in general. Anyone with admin access to freshservice could potentially wreak havoc on servers. My hope is that we can segregate levels of access to admin modules on a more granular level. Then maybe we could use “Credentials” module to store credentials and leave access to creating and changing those credentials to operational admins.

Userlevel 1
Badge

@zachary.king yes i agree thats why our scripts have encypted passwords etc

also the added bonus of being a created script is that ive manged to secure within our Gthub using the token but you cant get access to that other than in our azure…. also i set tokens for a limted time BUT all that really means is once i renew a token i update our keyvault rather than have to update each script that needs the token access

another feature that would be handy within FreshService is if we could output the required fields from a ticket/SR to a sharepointList

as tbh then we could use power automate to monitor the list and once it gets a new entry it would just kick a script/automation off

 

EDIT: in fact ive just found THIS and wondered if you could share more info or direct me in right direction? as this could solve a lot of mine and my colleagues problems, and at least get us started on automating a fair bit of stuff

Badge

Did you ever find a solution for this? I get an error “ Key not valid for use in specified state” whenever I try to use something like the following: Get-Content "C:\path\to\password.txt" | ConvertTo-SecureString

If you could just use the credential manager in Freshservice to pass credentials to powershell, this entire issue would be moot.

Hello,

Yes, it is definitely possible to achieve what you're looking for using the PowerShell Orch app.

You can call a pre-built script and pass parameters to it by using the Start-Process cmdlet in PowerShell. In your example, you would use something like this:


Start-Process -FilePath "C:\path\to\script\nameofscript.ps1" -ArgumentList "{{ticket.id}}", "{{ticket.from_email}}"


 

This command would execute the script nameofscript.ps1 and pass the parameters {{ticket.id}} and {{ticket.from_email}}.

Make sure to replace "C:\path\to\script\nameofscript.ps1" with the actual path to your script.

Keep in mind that if your script relies on credentials, you might need to handle them differently, possibly by using a secure storage mechanism or passing them as encrypted parameters.

 

Userlevel 7
Badge +16

@zachary.king yes i agree thats why our scripts have encypted passwords etc

also the added bonus of being a created script is that ive manged to secure within our Gthub using the token but you cant get access to that other than in our azure…. also i set tokens for a limted time BUT all that really means is once i renew a token i update our keyvault rather than have to update each script that needs the token access

another feature that would be handy within FreshService is if we could output the required fields from a ticket/SR to a sharepointList

as tbh then we could use power automate to monitor the list and once it gets a new entry it would just kick a script/automation off

 

EDIT: in fact ive just found THIS and wondered if you could share more info or direct me in right direction? as this could solve a lot of mine and my colleagues problems, and at least get us started on automating a fair bit of stuff

Hey @Chris.Armitage I realize this was awhile ago but was going through some old post and realized I never offered any help in the “Edit” part of your post.

In regards to sending data from a freshservice ticket to a sharepoint list, I would first look to see what API endpoints are available for interacting with SharePoint. Here is a link to the SharePoint API REST documentation. Take this and the Web Request node of the workflow automator and you should be able to send the freshservice ticket information to the desired SharePoint list. It may take some trial and error to figure out the correct way to authenticate against the MS Graph API, and then call the necessary SharePoint List endpoint to create an item. I would suggest using a tool like Postman to practice calling API endpoints.

A second option would be to use MS Power Automate. Here are the basic connectors that you would need

Hopefully that helps! Again sorry for the delay.

Reply