From 6444b97990f13643195dac40bc4176c0606c09af Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Mon, 11 Dec 2023 20:44:49 +0000 Subject: [PATCH 1/4] Update generated README --- README.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/README.md b/README.md index 5a4c4c4..f19be3f 100644 --- a/README.md +++ b/README.md @@ -14,8 +14,6 @@ The Universal Orchestrator is part of the Keyfactor software distribution and is The Universal Orchestrator is the successor to the Windows Orchestrator. This Orchestrator Extension plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator. - - ## Support for GCP Load Balancer GCP Load Balancer is supported by Keyfactor for Keyfactor customers. If you have a support issue, please open a support ticket with your Keyfactor representative. @@ -23,7 +21,6 @@ GCP Load Balancer is supported by Keyfactor for Keyfactor customers. If you have ###### To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab. - --- From 6247db1eafcfa1e38f95007ef6de9f4b21be1314 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Mon, 11 Dec 2023 20:46:32 +0000 Subject: [PATCH 2/4] Fix Private Key Entry setting --- CHANGELOG.md | 3 +++ GCPLoadBalancer/GCPStore.cs | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b78b156..ed13e3e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +v2.1.2 +- Bug Fix: Private key entry return value - set to True + v2.1.1 - Modify to include root certificate in certificate chain during a Managment-Add (cert add/renewal) job diff --git a/GCPLoadBalancer/GCPStore.cs b/GCPLoadBalancer/GCPStore.cs index 3118a14..b59a56b 100644 --- a/GCPLoadBalancer/GCPStore.cs +++ b/GCPLoadBalancer/GCPStore.cs @@ -215,7 +215,7 @@ public List list() Alias = sslCertificate.Name, Certificates = new string[] { sslCertificate.Certificate }, ItemStatus = OrchestratorInventoryItemStatus.Unknown, - PrivateKeyEntry = false, + PrivateKeyEntry = true, UseChainLevel = false }); } @@ -228,7 +228,7 @@ public List list() Alias = sslCertificate.Name, Certificates = new string[] { sslCertificate.SelfManaged.Certificate }, ItemStatus = OrchestratorInventoryItemStatus.Unknown, - PrivateKeyEntry = false, + PrivateKeyEntry = true, UseChainLevel = false }); } From d9be46418821a43c95795e6ef340be13f17449aa Mon Sep 17 00:00:00 2001 From: leefine02 Date: Mon, 18 Dec 2023 20:14:38 +0000 Subject: [PATCH 3/4] Private Key Entry - set to True --- integration-manifest.json | 37 ++++++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/integration-manifest.json b/integration-manifest.json index d4b20d0..3d14424 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -26,7 +26,42 @@ "supportsReenrollment": false, "supportsInventory": false, "platformSupport": "Unused" + }, + "store_types": { + "GCPLoadBal": { + "Name": "GCP Load Balancer", + "ShortName": "GCPLoadBal", + "Capability": "GCPLoadBal", + "ServerRequired": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Optional", + "PowerShell": false, + "PrivateKeyAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": false, + "Discovery": false, + "Enrollment": false, + "Remove": true + }, + "PasswordOptions": { + "Style": "Default", + "EntrySupported": false, + "StoreRequired": false + }, + "Properties": [ + { + "Name": "jsonKey", + "DisplayName": "Service Account Key", + "Required": true, + "DependsOn": "", + "Type": "Secret", + "DefaultValue": "" + } + ], + "EntryParameters": [] + } } } } -} + } From b893d79b3c978990a6706cf503ec800e9e439dc6 Mon Sep 17 00:00:00 2001 From: Mikey Henderson Date: Mon, 18 Dec 2023 12:16:19 -0800 Subject: [PATCH 4/4] Update workflow v2 (#15) * Update workflow to v2 bootstrap * add UOFramework version to manifest * add default keyfactor_platform_version=9.10 --------- Co-authored-by: Michael Henderson Co-authored-by: Keyfactor --- .../workflows/keyfactor-starter-workflow.yml | 55 ++++++------------- README.md | 4 ++ integration-manifest.json | 3 + 3 files changed, 23 insertions(+), 39 deletions(-) diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml index 38c763c..6d8de53 100644 --- a/.github/workflows/keyfactor-starter-workflow.yml +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -1,42 +1,19 @@ -name: Starter Workflow -on: [workflow_dispatch, push, pull_request] +name: Keyfactor Bootstrap Workflow -jobs: - call-create-github-release-workflow: - uses: Keyfactor/actions/.github/workflows/github-release.yml@main - - get-manifest-properties: - runs-on: windows-latest - outputs: - update_catalog: ${{ steps.read-json.outputs.prop }} - steps: - - uses: actions/checkout@v3 - - name: Read json - id: read-json - shell: pwsh - run: | - $json = Get-Content integration-manifest.json | ConvertFrom-Json - echo "::set-output name=prop::$(echo $json.update_catalog)" - - call-dotnet-build-and-release-workflow: - needs: [call-create-github-release-workflow] - uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main - with: - release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} - release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }} - release_dir: GCPLoadBalancer/bin/Release/netcoreapp3.1 - secrets: - token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }} +on: + workflow_dispatch: + pull_request: + types: [opened, closed, synchronize, edited, reopened] + push: + create: + branches: + - 'release-*.*' - call-generate-readme-workflow: - if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' - uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main +jobs: + call-starter-workflow: + uses: keyfactor/actions/.github/workflows/starter.yml@v2 secrets: - token: ${{ secrets.APPROVE_README_PUSH }} - - call-update-catalog-workflow: - needs: get-manifest-properties - if: needs.get-manifest-properties.outputs.update_catalog == 'True' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') - uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main - secrets: - token: ${{ secrets.SDK_SYNC_PAT }} + token: ${{ secrets.V2BUILDTOKEN}} + APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}} + gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }} + gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }} diff --git a/README.md b/README.md index f19be3f..0468496 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,10 @@ GCP Load Balancer is supported by Keyfactor for Keyfactor customers. If you have +## Keyfactor Version Supported + +The minimum version of the Keyfactor Universal Orchestrator Framework needed to run this version of the extension is 10.1 + ## Platform Specific Notes The Keyfactor Universal Orchestrator may be installed on either Windows or Linux based platforms. The certificate operations supported by a capability may vary based what platform the capability is installed on. The table below indicates what capabilities are supported based on which platform the encompassing Universal Orchestrator is running. diff --git a/integration-manifest.json b/integration-manifest.json index 3d14424..32f2c3b 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -6,9 +6,12 @@ "update_catalog": true, "link_github": true, "support_level": "kf-supported", + "release_dir": "GCPLoadBalancer/bin/Release/netcoreapp3.1", "description": "The Google Cloud Platform (GCP) Load Balancer Orchestrator allows for the management of Google Cloud Platform Load Balancer certificate stores. Inventory, Management-Add, and Management-Remove functions are supported. Also, re-binding to endpoints IS supported for certificate renewals (but NOT adding new certificates). The orchestrator uses the Google Cloud Compute Engine API (https://cloud.google.com/compute/docs/reference/rest/v1) to manage stores.", "about": { "orchestrator": { + "UOFramework": "10.1", + "keyfactor_platform_version": "9.10", "win": { "supportsCreateStore": false, "supportsDiscovery": false,