Skip to content

Commit

Permalink
fixed bug that was stripping slashes from mountpoint. Updated store t…
Browse files Browse the repository at this point in the history 
…ype definition for HCVPKI
  • Loading branch information
@joevanwanzeeleKF
joevanwanzeeleKF committed Nov 22, 2024
1 parent 8f39ba8 commit 97d863f
Show file tree
Hide file tree
Showing 9 changed files with 92 additions and 107 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
## 3.1.1
* bug fix: no longer stripping slashes from a mountpoint that includes them

## 3.1.0

* Added support for enterprise namespaces and alternate mount-points during discovery by allowing the value to be entered in the "directories to search" field.
Expand Down
23 changes: 21 additions & 2 deletions hashicorp-vault-orchestrator.sln
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,36 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.32413.511
# Visual Studio Version 17
VisualStudioVersion = 17.11.35327.3
MinimumVisualStudioVersion = 10.0.40219.1
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "hashicorp-vault-orchestrator", "hashicorp-vault-orchestrator\hashicorp-vault-orchestrator.csproj", "{76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}"
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{83623EBF-AC4C-4158-922D-959AEFC75453}"
ProjectSection(SolutionItems) = preProject
images\cert-store-kv.PNG = images\cert-store-kv.PNG
images\cert-store-pki.PNG = images\cert-store-pki.PNG
images\cert-store-type-advanced.png = images\cert-store-type-advanced.png
images\cert_store_add_dialog.png = images\cert_store_add_dialog.png
images\cert_store_fields.png = images\cert_store_fields.png
CHANGELOG.md = CHANGELOG.md
images\discovery.PNG = images\discovery.PNG
integration-manifest.json = integration-manifest.json
LICENSE = LICENSE
images\PEM-vault-example-1.PNG = images\PEM-vault-example-1.PNG
images\PEM-vault-example-2.PNG = images\PEM-vault-example-2.PNG
images\PEM-vault-example-3.PNG = images\PEM-vault-example-3.PNG
images\pfx_enrollment_blank.png = images\pfx_enrollment_blank.png
images\pfx_enrollment_certstore.png = images\pfx_enrollment_certstore.png
images\pfx_enrollment_filled.png = images\pfx_enrollment_filled.png
README.md = README.md
readme_source.md = readme_source.md
images\store-type-kv.PNG = images\store-type-kv.PNG
images\store_type_1.PNG = images\store_type_1.PNG
images\store_type_add.png = images\store_type_add.png
images\store_type_fields.png = images\store_type_fields.png
images\store_type_pki.png = images\store_type_pki.png
images\vault_cli_list.png = images\vault_cli_list.png
images\vault_cli_read.png = images\vault_cli_read.png
EndProjectSection
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "readme-src", "readme-src", "{3266961F-0B1D-4DB6-9A58-C0DA958EB832}"
Expand Down
9 changes: 4 additions & 5 deletions hashicorp-vault-orchestrator/HcvKeyfactorClient.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,6 @@ namespace Keyfactor.Extensions.Orchestrator.HashicorpVault
{
public class HcvKeyfactorClient : IHashiClient
{
//private IVaultClient _vaultClient { get; set; }

private ILogger logger = LogHandler.GetClassLogger<HcvKeyfactorClient>();

private string _vaultUrl { get; set; }
Expand All @@ -36,9 +34,11 @@ public class HcvKeyfactorClient : IHashiClient
public HcvKeyfactorClient(string vaultToken, string serverUrl, string mountPoint, string storePath)
{
_vaultToken = vaultToken;
_mountPoint = mountPoint ?? "keyfactor";
_mountPoint = mountPoint ?? "keyfactor"; // the mount point, including the namespace.. the namespace cannot contain slashes; so it will be everything before the first slash
// example: KF/pki/pru uses the KF namespace and the mount point is pki/pru.

_storePath = !string.IsNullOrEmpty(storePath) ? "/" + storePath : storePath;
_vaultUrl = $"{ serverUrl }/v1/{ _mountPoint.Replace("/", string.Empty) }";
_vaultUrl = $"{ serverUrl }/v1/{ _mountPoint.Replace("//", "/") }";
}

public async Task<CurrentInventoryItem> GetCertificateFromPemStore(string key)
Expand Down Expand Up @@ -125,7 +125,6 @@ public async Task<CurrentInventoryItem> GetCertificateFromPemStore(string key)
var content = JsonConvert.DeserializeObject<ListResponse>(new StreamReader(res.GetResponseStream()).ReadToEnd());
string[] certKeys;


content.data.TryGetValue("keys", out certKeys);

certKeys.ToList().ForEach(k =>
Expand Down
17 changes: 2 additions & 15 deletions hashicorp-vault-orchestrator/Jobs/JobBase.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,21 +20,13 @@ public abstract class JobBase
public string ExtensionName => "HCV";

public string StorePath { get; set; }

public string VaultToken { get; set; }

public string ClientMachine { get; set; }

public string VaultServerUrl { get; set; }

public bool SubfolderInventory { get; set; }

public bool IncludeCertChain { get; set; }

public string MountPoint { get; set; } // the mount point of the KV secrets engine. defaults to kv-v2 if not provided.

public string Namespace { get; set; } // for enterprise editions of vault that utilize namespaces; split from the passed in mount point. "namespace/mountpoint"

public string Namespace { get; set; } // for enterprise editions of vault that utilize namespaces; split from the passed in mount point if needed.
internal protected IHashiClient VaultClient { get; set; }
internal protected string _storeType { get; set; }
internal protected ILogger logger { get; set; }
Expand Down Expand Up @@ -103,7 +95,6 @@ public void Initialize(DiscoveryJobConfiguration config)

logger.LogTrace($"Directories to search (mount point): {MountPoint}");
logger.LogTrace($"Enterprise Namespace: {Namespace}");

logger.LogTrace($"Directories to ignore (subpath to search): {subPath}");
InitProps(config.JobProperties, config.Capability);
}
Expand All @@ -112,11 +103,8 @@ public void Initialize(ManagementJobConfiguration config)
logger = LogHandler.GetClassLogger(GetType());

ClientMachine = config.CertificateStoreDetails.ClientMachine;

VaultServerUrl = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server UserName", config.ServerUsername);

VaultToken = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server Password", config.ServerPassword);

StorePath = config.CertificateStoreDetails.StorePath;
ClientMachine = config.CertificateStoreDetails.ClientMachine;
dynamic props = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString());
Expand All @@ -141,8 +129,8 @@ private void InitProps(dynamic props, string capability)
}

var mp = props.ContainsKey("MountPoint") ? props["MountPoint"].ToString() : null;

MountPoint = !string.IsNullOrEmpty(mp) ? mp : MountPoint;

SubfolderInventory = props.ContainsKey("SubfolderInventory") ? bool.Parse(props["SubfolderInventory"].ToString()) : false;
IncludeCertChain = props.ContainsKey("IncludeCertChain") ? bool.Parse(props["IncludeCertChain"].ToString()) : false;

Expand All @@ -156,7 +144,6 @@ private void InitProps(dynamic props, string capability)
{
VaultClient = new HcvKeyfactorClient(VaultToken, VaultServerUrl, MountPoint, StorePath);
}

}
}
}
25 changes: 8 additions & 17 deletions hashicorp-vault-orchestrator/hashicorp-vault-orchestrator.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,10 @@
<Project Sdk="Microsoft.NET.Sdk">

<PropertyGroup>
<TargetFramework>netstandard2.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<RootNamespace>Keyfactor.Extensions.Orchestrator.HashicorpVault</RootNamespace>
<AssemblyName>Keyfactor.Extensions.Orchestrator.HCV</AssemblyName>
<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
<PackageLicenseExpression>Apache-2.0</PackageLicenseExpression>
<SignAssembly>false</SignAssembly>
<Copyright />
<AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
</PropertyGroup>

Expand All @@ -33,25 +29,20 @@
</PropertyGroup>

<ItemGroup>
<PackageReference Include="BouncyCastle.Cryptography" Version="2.2.1" />
<PackageReference Include="Keyfactor.Logging" Version="1.1.1">
<IncludeAssets>all</IncludeAssets>
</PackageReference>
<PackageReference Include="BouncyCastle.Cryptography" Version="2.4.0" />
<PackageReference Include="Keyfactor.Logging" Version="1.1.1" />
<PackageReference Include="Keyfactor.Orchestrators.Common" Version="3.2.0">
<IncludeAssets>all</IncludeAssets>
</PackageReference>
<PackageReference Include="Keyfactor.Orchestrators.IOrchestratorJobExtensions" Version="0.7.0" />
<PackageReference Include="Keyfactor.Orchestrators.IOrchestratorJobExtensions" Version="1.0.0" />
<PackageReference Include="Keyfactor.Platform.IPAMProvider" Version="1.0.0" />
<PackageReference Include="Microsoft.CSharp" Version="4.7.0">
<IncludeAssets>all</IncludeAssets>
</PackageReference>
<PackageReference Include="NLog" Version="5.2.3" />
<PackageReference Include="NLog.Extensions.Logging" Version="5.3.3" />
<PackageReference Include="System.Linq" Version="4.3.0">
<IncludeAssets>all</IncludeAssets>
</PackageReference>
<PackageReference Include="System.Runtime.CompilerServices.Unsafe" Version="6.0.0" />
<PackageReference Include="VaultSharp" Version="1.13.0.1">
<PackageReference Include="NLog" Version="5.3.4" />
<PackageReference Include="System.Runtime.CompilerServices.Unsafe" Version="6.1.0" />
<PackageReference Include="System.Text.Json" Version="8.0.5" />
<PackageReference Include="VaultSharp" Version="1.17.5.1">
<IncludeAssets>all</IncludeAssets>
</PackageReference>
</ItemGroup>
Expand Down
Binary file added images/store_type_fields_pki.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified images/store_type_pki.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
54 changes: 19 additions & 35 deletions integration-manifest.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,23 +66,23 @@
"DisplayName": "Mount Point",
"Type": "String",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
"Name": "ServerUsername",
"DisplayName": "Server Username",
"Type": "Secret",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
"Name": "ServerPassword",
"DisplayName": "Server Password",
"Type": "Secret",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
Expand All @@ -94,7 +94,7 @@
"Required": true
}
],
"EntryParameters": null,
"EntryParameters": [],
"PasswordOptions": {
"EntrySupported": false,
"StoreRequired": false,
Expand Down Expand Up @@ -125,35 +125,19 @@
"DisplayName": "Mount Point",
"Type": "String",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": true
},
{
"Name": "VaultToken",
"DisplayName": "VaultToken",
"Type": "String",
"DependsOn": "",
"DefaultValue": null,
"Required": true
},
{
"Name": "VaultServerUrl",
"DisplayName": "Vault Server URL",
"Type": "String",
"DependsOn": "",
"DefaultValue": null,
"Required": false
}
],
"EntryParameters": null,
"EntryParameters": [],
"PasswordOptions": {
"EntrySupported": false,
"StoreRequired": false,
"Style": "Default"
},
"PrivateKeyAllowed": "Optional",
"JobProperties": [],
"ServerRequired": false,
"ServerRequired": true,
"PowerShell": false,
"BlueprintAllowed": false,
"CustomAliasAllowed": "Optional"
Expand Down Expand Up @@ -192,23 +176,23 @@
"DisplayName": "Mount Point",
"Type": "String",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
"Name": "ServerUsername",
"DisplayName": "Server Username",
"Type": "Secret",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
"Name": "ServerPassword",
"DisplayName": "Server Password",
"Type": "Secret",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
Expand All @@ -220,7 +204,7 @@
"Required": true
}
],
"EntryParameters": null,
"EntryParameters": [],
"PasswordOptions": {
"EntrySupported": false,
"StoreRequired": false,
Expand Down Expand Up @@ -261,7 +245,7 @@
"DisplayName": "Mount Point",
"Type": "String",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
Expand All @@ -277,15 +261,15 @@
"DisplayName": "Server Username",
"Type": "Secret",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
"Name": "ServerPassword",
"DisplayName": "Server Password",
"Type": "Secret",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
Expand All @@ -297,7 +281,7 @@
"Required": true
}
],
"EntryParameters": null,
"EntryParameters": [],
"PasswordOptions": {
"EntrySupported": false,
"StoreRequired": false,
Expand Down Expand Up @@ -346,23 +330,23 @@
"DisplayName": "Mount Point",
"Type": "String",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
"Name": "ServerUsername",
"DisplayName": "Server Username",
"Type": "Secret",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
"Name": "ServerPassword",
"DisplayName": "Server Password",
"Type": "Secret",
"DependsOn": "",
"DefaultValue": null,
"DefaultValue": "",
"Required": false
},
{
Expand All @@ -374,7 +358,7 @@
"Required": true
}
],
"EntryParameters": null,
"EntryParameters": [],
"PasswordOptions": {
"EntrySupported": false,
"StoreRequired": false,
Expand Down
Loading

0 comments on commit 97d863f

Please sign in to comment.