-
Notifications
You must be signed in to change notification settings - Fork 635
Document Windows App Control Feature #2654
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: devel
Are you sure you want to change the base?
Conversation
* Python with Ansible and the required collections installed | ||
* Access to the certificate and private key trusted by the App Control policy, typically as a PFX file | ||
|
||
.. literalinclude:: powershell/New-AnsiblePowerShellSignature.ps1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is quite a large script so a literalinclude
may not be the best idea. Any suggestions on how to potentially just link to the script this points to instead as a hyperlink?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The :download:
directive that @samccann mentions is a good option. Although maybe it's not that informative and forces the reader to download a script and then go away from the docs and get off track.
You could do kind of a hybrid approach like this where you just include a portion of the script:
.. literalinclude:: powershell/New-AnsiblePowerShellSignature.ps1
:lines: 11-21
You can view the complete script at `New-AnsiblePowerShellSignature.ps1 <path/to/powershell/New-AnsiblePowerShellSignature.ps1>`_.
Another approach could be creating a codeblock that highlights excerpts from the script and adds some comments. Although looking at the script it's well documented with examples so it might be hard to squeeze all of that into a codeblock. If it would be possible to give a really concise overview (maybe the Signs just the content include in Ansible and the ansible.windows collection
example?) to give the reader a sense of how to use the script then follow the codeblock with either the download directive or a hyperlink.
|
||
The policy then should then add the certificate as a trusted publisher to the ``User Mode Signing Scenario``, for example this is an example policy configuration that contains a trusted publisher: | ||
|
||
.. code-block:: text |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I originally had this as .. code-block:: xml
to get some XML highlighting but it seems like we don't have it enabled/allowed in this repo. Happy with text
here but if we want to enable xml
I can always change this back.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hey I'm not sure how do enable xml?
This adds some documentation for a new feature added in Ansible 2.19.