From 20714a10b8c829fd4074a06cb5ba696faa00fee4 Mon Sep 17 00:00:00 2001 From: Matthew Dobrowsky Date: Thu, 25 May 2023 12:59:32 -0400 Subject: [PATCH 1/8] fix overwrite logic to not attempt duplicate cert add --- .../AnyAgent/Jobs/Management.cs | 37 ++++++++++++++----- 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/AviVantageAnyAgent/AnyAgent/Jobs/Management.cs b/AviVantageAnyAgent/AnyAgent/Jobs/Management.cs index 3eb5a4d..69502b7 100644 --- a/AviVantageAnyAgent/AnyAgent/Jobs/Management.cs +++ b/AviVantageAnyAgent/AnyAgent/Jobs/Management.cs @@ -1,4 +1,4 @@ -// Copyright 2021 Keyfactor +// Copyright 2023 Keyfactor // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -58,7 +58,9 @@ private async Task AddCertificateAsync(AnyJobJobInfo jobInfo string uuid = null; try { + Logger.Trace($"Looking for existing certificate with name '{jobInfo.Alias}'"); SSLKeyAndCertificate foundCert = await Client.GetCertificateByName(jobInfo.Alias); + Logger.Trace($"Found existing certificate with name '{jobInfo.Alias}' and UUID '{foundCert.uuid}'"); uuid = foundCert.uuid; } catch (Exception ex) @@ -73,6 +75,7 @@ private async Task AddCertificateAsync(AnyJobJobInfo jobInfo // replace found cert with cert to add try { + Logger.Debug($"Attempting to update existing certificate with name '{jobInfo.Alias}'"); await Client.UpdateCertificate(uuid, cert); } catch (Exception ex) @@ -82,20 +85,34 @@ private async Task AddCertificateAsync(AnyJobJobInfo jobInfo } else { - // no cert found + // no cert found to overwrite Logger.Info($"No cert found to overwrite with name '{jobInfo.Alias}'"); + // add overwrite certificate as normal + try + { + Logger.Debug($"Adding certificate after finding no existing certificate with name '{jobInfo.Alias}'"); + await Client.AddCertificate(cert); + } + catch (Exception ex) + { + return ThrowError(ex, "addition of certificate (with none to overwrite) to Avi Vantage"); + } } } - - // add new certificate - try - { - await Client.AddCertificate(cert); - } - catch (Exception ex) + else { - return ThrowError(ex, "addition of new certificate to Avi Vantage"); + // add new certificate + try + { + Logger.Debug($"Adding new certificate with name '{jobInfo.Alias}'"); + await Client.AddCertificate(cert); + } + catch (Exception ex) + { + return ThrowError(ex, "addition of new certificate to Avi Vantage"); + } } + return Success(); } From 9df2e6bea1eca44714783b79dbf7b6cd60b1d27e Mon Sep 17 00:00:00 2001 From: Michael Henderson Date: Thu, 25 May 2023 10:39:23 -0700 Subject: [PATCH 2/8] Update manifest * Add update_catalog and support_level --- integration-manifest.json | 2 ++ 1 file changed, 2 insertions(+) diff --git a/integration-manifest.json b/integration-manifest.json index 1e31422..858f7bd 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -4,5 +4,7 @@ "name": "Avi Vantage", "status": "production", "link_github": true, + "update_catalog": true, + "support_level": "kf-supported", "description": "The Avi Vantage Orchestrator allows for the management of certificates stored in the Avi Vantage ADC solution. Application, System, and CA cert types are supported. Inventory, Management, and Renewal functions are supported." } From f2abb1098395f38bae0bfbf9022daf21f3ec48f6 Mon Sep 17 00:00:00 2001 From: Michael Henderson Date: Thu, 25 May 2023 10:40:27 -0700 Subject: [PATCH 3/8] Update starter workflow with token/secret needed to update readme --- .../workflows/keyfactor-starter-workflow.yml | 31 +++++++++++++++++-- 1 file changed, 29 insertions(+), 2 deletions(-) diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml index 46373a9..d0905b7 100644 --- a/.github/workflows/keyfactor-starter-workflow.yml +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -5,22 +5,49 @@ jobs: call-create-github-release-workflow: uses: Keyfactor/actions/.github/workflows/github-release.yml@main + get-manifest-properties: + runs-on: windows-latest + outputs: + update_catalog: ${{ steps.read-json.outputs.update_catalog }} + integration_type: ${{ steps.read-json.outputs.integration_type }} + steps: + - uses: actions/checkout@v3 + - name: Store json + id: read-json + shell: pwsh + run: | + $json = Get-Content integration-manifest.json | ConvertFrom-Json + $myvar = $json.update_catalog + echo "update_catalog=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append + $myvar = $json.integration_type + echo "integration_type=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append + call-dotnet-build-and-release-workflow: needs: [call-create-github-release-workflow] uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main with: release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }} - release_dir: AviVantageAnyAgent/AnyAgent/bin/Release # TODO: set build output directory to upload as a release, relative to checkout workspace + release_dir: AviVantageAnyAgent/AnyAgent/bin/Release secrets: token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }} call-generate-readme-workflow: if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main + secrets: + token: ${{ secrets.APPROVE_README_PUSH }} call-update-catalog-workflow: - if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' + needs: get-manifest-properties + if: needs.get-manifest-properties.outputs.update_catalog == 'True' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main secrets: token: ${{ secrets.SDK_SYNC_PAT }} + + call-update-store-types-workflow: + needs: get-manifest-properties + if: needs.get-manifest-properties.outputs.integration_type == 'orchestrator' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') + uses: Keyfactor/actions/.github/workflows/update-store-types.yml@main + secrets: + token: ${{ secrets.UPDATE_STORE_TYPES }} From ec7db6c937954e52dfc9fb7fe0e0647469254792 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Thu, 25 May 2023 17:41:08 +0000 Subject: [PATCH 4/8] Update generated README --- README.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index fd79656..3c3faa6 100644 --- a/README.md +++ b/README.md @@ -12,12 +12,16 @@ The Windows Orchestrator is part of the Keyfactor software distribution and is a Note that in Keyfactor Version 9, the Windows Orchestrator have been replaced by the Universal Orchestrator. While this AnyAgent continues to work with the Windows Orchestrator, and the Windows Orchestrator is supported alongside the Universal Orchestrator talking to Keyfactor version 9, AnyAgent plugins cannot be used with the Universal Orchestrator. ---- +## Support for Avi Vantage + +Avi Vantage is supported by Keyfactor for Keyfactor customers. If you have a support issue, please open a support ticket with your Keyfactor representative. + +###### To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab. + ----  # Introduction From e698da0f36025209ce3f826e44020a3c06d680dc Mon Sep 17 00:00:00 2001 From: Michael Henderson Date: Thu, 25 May 2023 11:08:11 -0700 Subject: [PATCH 5/8] use updated github-release action --- .github/workflows/keyfactor-starter-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml index d0905b7..e4cf8a0 100644 --- a/.github/workflows/keyfactor-starter-workflow.yml +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -3,7 +3,7 @@ on: [workflow_dispatch, push, pull_request] jobs: call-create-github-release-workflow: - uses: Keyfactor/actions/.github/workflows/github-release.yml@main + uses: Keyfactor/actions/.github/workflows/github-release.yml@support-v-tags get-manifest-properties: runs-on: windows-latest From a90c9226c47529517046cd181d8e9f36b47789fe Mon Sep 17 00:00:00 2001 From: Matthew Dobrowsky Date: Thu, 1 Jun 2023 12:58:55 -0400 Subject: [PATCH 6/8] add changelog --- CHANGELOG.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..eddabd8 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,9 @@ +1.0.2 +- Fixes a bug in the renewal overwrite process that would fail after overwriting the existing certificate by attempting to add the certificate again + +1.0.1 +- Mark explicitly as Windows Orchestrator capability +- Readme documentation updates for clarity + +1.0.0 +- Initial release of orchestrator capability \ No newline at end of file From 50c9dd3979f34c784705f603a1f4f5f2d972e680 Mon Sep 17 00:00:00 2001 From: Mikey Henderson Date: Wed, 5 Jul 2023 14:42:07 -0700 Subject: [PATCH 7/8] use main branch of create-release --- .github/workflows/keyfactor-starter-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml index e4cf8a0..d0905b7 100644 --- a/.github/workflows/keyfactor-starter-workflow.yml +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -3,7 +3,7 @@ on: [workflow_dispatch, push, pull_request] jobs: call-create-github-release-workflow: - uses: Keyfactor/actions/.github/workflows/github-release.yml@support-v-tags + uses: Keyfactor/actions/.github/workflows/github-release.yml@main get-manifest-properties: runs-on: windows-latest From 2e48273a00719f4c6ed18d29aeaada3e00ca7d17 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Wed, 5 Jul 2023 21:42:43 +0000 Subject: [PATCH 8/8] Update generated README --- README.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/README.md b/README.md index 3c3faa6..6be434c 100644 --- a/README.md +++ b/README.md @@ -4,13 +4,7 @@ The Avi Vantage Orchestrator allows for the management of certificates stored in #### Integration status: Production - Ready for use in production environments. -## About the Keyfactor Windows Orchestrator AnyAgent -This repository contains a Windows Orchestrator AnyAgent, which is a plugin to the Keyfactor Windows Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” — collections of certificates and roots of trust that are found within and used by various applications. - -The Windows Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing AnyAgents, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific AnyAgent, see below in this readme. - -Note that in Keyfactor Version 9, the Windows Orchestrator have been replaced by the Universal Orchestrator. While this AnyAgent continues to work with the Windows Orchestrator, and the Windows Orchestrator is supported alongside the Universal Orchestrator talking to Keyfactor version 9, AnyAgent plugins cannot be used with the Universal Orchestrator.