Ab#71912

.github/workflows/keyfactor-starter-workflow.yml

@@ -1,41 +1,29 @@
-name: Starter Workflow
-on: [workflow_dispatch, push, pull_request]
+name: Keyfactor Bootstrap Workflow
 
-jobs:
-  call-create-github-release-workflow:
-    uses: Keyfactor/actions/.github/workflows/github-release.yml@main
-  get-manifest-properties:
-    runs-on: windows-latest
-    outputs:
-      update_catalog: ${{ steps.read-json.outputs.prop }}
-    steps:
-      - uses: actions/checkout@v3
-      - name: Read json
-        id: read-json
-        shell: pwsh
-        run: |
-          $json = Get-Content integration-manifest.json | ConvertFrom-Json
-          echo "::set-output name=prop::$(echo $json.update_catalog)"
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, closed, synchronize, edited, reopened]
+  push:
+  create:
+    branches:
+      - 'release-*.*'
 
-  call-dotnet-build-and-release-workflow:
-    needs: [call-create-github-release-workflow]
-    uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main
+jobs:
+  call-starter-workflow:
+    uses: keyfactor/actions/.github/workflows/starter.yml@screenshots
     with:
-      release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }}
-      release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }}
-      release_dir: alteon-orchestrator\bin\Release # TODO: set build output directory to upload as a release, relative to checkout workspace
-    secrets: 
-      token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }}
-
-  call-generate-readme-workflow:
-    if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
-    uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main
+      command_token_url: ${{ vars.DOCTOOL_COMMAND_TOKEN_URL }}
+      command_hostname: ${{ vars.DOCTOOL_COMMAND_HOSTNAME }}
+      command_base_api_path: ${{ vars.DOCTOOL_COMMAND_BASE_API_PATH }}
     secrets:
-      token: ${{ secrets.APPROVE_README_PUSH }}
-
-  call-update-catalog-workflow:
-    needs: get-manifest-properties
-    if: needs.get-manifest-properties.outputs.update_catalog == 'True' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
-    uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main
-    secrets: 
-      token: ${{ secrets.SDK_SYNC_PAT }}
+      token: ${{ secrets.V2BUILDTOKEN}}
+      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
+      gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
+      scan_token: ${{ secrets.SAST_TOKEN }}
+      entra_username: ${{ secrets.DOCTOOL_ENTRA_USERNAME }}
+      entra_password: ${{ secrets.DOCTOOL_ENTRA_PASSWD }}
+      command_client_id: ${{ secrets.DOCTOOL_COMMAND_CLIENT_ID }}
+      command_client_secret: ${{ secrets.DOCTOOL_COMMAND_CLIENT_SECRET }}
+

CHANGELOG.md

@@ -0,0 +1,5 @@
+1.1.0
+- Add doctool and dual build for .net6/8
+
+1.0.0
+- Initial Version

alteon-orchestrator/Jobs/Inventory.cs

@@ -18,17 +18,23 @@
 using Keyfactor.Logging;
 using Keyfactor.Orchestrators.Common.Enums;
 using Keyfactor.Orchestrators.Extensions;
+using Keyfactor.Orchestrators.Extensions.Interfaces;
 using Microsoft.Extensions.Logging;
 
 namespace Keyfactor.Extensions.Orchestrator.AlteonLoadBalancer.Jobs
 {
     public class Inventory : JobBase, IInventoryJobExtension
     {
-        ILogger logger = LogHandler.GetClassLogger<Inventory>();              
+        ILogger logger = LogHandler.GetClassLogger<Inventory>();
+
+        public Inventory(IPAMSecretResolver resolver)
+        {
+            _resolver = resolver;
+        }
 
         public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpdate submitInventoryUpdate)
         {
-            InitializeStore(config);
+            InitializeStore(config, logger);
 
             List<CurrentInventoryItem> certs = new List<CurrentInventoryItem>();
             try

alteon-orchestrator/Jobs/JobBase.cs

@@ -13,34 +13,38 @@
 // limitations under the License.
 
 using Keyfactor.Orchestrators.Extensions;
+using Keyfactor.Orchestrators.Extensions.Interfaces;
+using Microsoft.Extensions.Logging;
 
 namespace Keyfactor.Extensions.Orchestrator.AlteonLoadBalancer.Jobs
 {
     public abstract class JobBase
     {
-        public string ExtensionName => "AlteonLB";
+        public string ExtensionName => "";
 
         public string Username { get; set; }
 
         public string Password { get; set; }
 
         public string ServerUrl { get; set; }
 
+        public IPAMSecretResolver _resolver;
+
         internal protected AlteonLoadBalancerClient aClient { get; set; }
 
 
-        public void InitializeStore(InventoryJobConfiguration config)
+        public void InitializeStore(InventoryJobConfiguration config, ILogger logger)
         {            
             ServerUrl = config.CertificateStoreDetails.ClientMachine;
-            Username = config.ServerUsername;
-            Password = config.ServerPassword;
+            Username = PAMUtilities.ResolvePAMField(_resolver, logger, "Server User Name", config.ServerUsername);
+            Password = PAMUtilities.ResolvePAMField(_resolver, logger, "Server Password", config.ServerPassword);
             aClient = new AlteonLoadBalancerClient(ServerUrl, Username, Password);
         }
 
-        public void InitializeStore(ManagementJobConfiguration config) {
+        public void InitializeStore(ManagementJobConfiguration config, ILogger logger) {
             ServerUrl = config.CertificateStoreDetails.ClientMachine;
-            Username = config.ServerUsername;
-            Password = config.ServerPassword;
+            Username = PAMUtilities.ResolvePAMField(_resolver, logger, "Server User Name", config.ServerUsername); 
+            Password = PAMUtilities.ResolvePAMField(_resolver, logger, "Server Password", config.ServerPassword);
             aClient = new AlteonLoadBalancerClient(ServerUrl, Username, Password);
         }
     }

alteon-orchestrator/Jobs/Management.cs

@@ -21,6 +21,7 @@
 using Keyfactor.Logging;
 using Keyfactor.Orchestrators.Common.Enums;
 using Keyfactor.Orchestrators.Extensions;
+using Keyfactor.Orchestrators.Extensions.Interfaces;
 using Microsoft.Extensions.Logging;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.OpenSsl;
@@ -33,9 +34,14 @@
     {
         readonly ILogger logger = LogHandler.GetClassLogger<Management>();
 
+        public Management(IPAMSecretResolver resolver)
+        {
+            _resolver = resolver;
+        }
+
         public JobResult ProcessJob(ManagementJobConfiguration config)
         {
-            InitializeStore(config);
+            InitializeStore(config, logger);
 
             JobResult complete = new JobResult()
             {
@@ -79,13 +85,13 @@
             }
             catch (Exception ex)
             {
                 logger.LogError("error decoding certificate", ex);
                 throw;
             }
 
             var certType = AlteonCertTypes.INTERMEDIATE_CA;
 
             if (x509.PrivateKey != null)
             {
                 certType = AlteonCertTypes.CERTIFICATE_AND_KEY; // we import as a pair
             }
@@ -155,7 +161,7 @@
 
             catch (Exception ex)
             {
                 logger.LogError("Error deleting cert from device.", ex);
                 complete.FailureMessage = $"An error occured while removing {alias} from {ExtensionName}: " + ex.Message;
             }
             return complete;

alteon-orchestrator/PAMUtilities.cs

@@ -0,0 +1,21 @@
+// Copyright 2021 Keyfactor
+// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
+// and limitations under the License.
+
+using Keyfactor.Orchestrators.Extensions.Interfaces;
+using Microsoft.Extensions.Logging;
+
+namespace Keyfactor.Extensions.Orchestrator.AlteonLoadBalancer
+{
+    internal class PAMUtilities
+    {
+        internal static string ResolvePAMField(IPAMSecretResolver resolver, ILogger logger, string name, string key)
+        {
+            logger.LogDebug($"Attempting to resolve PAM eligible field {name}");
+            return string.IsNullOrEmpty(key) ? key : resolver.Resolve(key);
+        }
+    }
+}

alteon-orchestrator/alteon-orchestrator.csproj

@@ -1,22 +1,23 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-		<TargetFramework>netstandard2.0</TargetFramework>
+    <TargetFrameworks>net6.0;net8.0</TargetFrameworks>
     <RootNamespace>Keyfactor.Extensions.Orchestrator.AlteonLoadBalancer</RootNamespace>
     <AssemblyName>Keyfactor.Extensions.Orchestrator.AlteonLB</AssemblyName>
 		<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
 		<PackageLicenseExpression>Apache-2.0</PackageLicenseExpression>
 		<SignAssembly>false</SignAssembly>
 		<Copyright />
-		<AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
-		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
+    <ImplicitUsings>disable</ImplicitUsings>
+    <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
+		<AppendTargetFrameworkToOutputPath>true</AppendTargetFrameworkToOutputPath>
   </PropertyGroup>
 
   <ItemGroup>
     <PackageReference Include="BouncyCastle" Version="1.8.9" />
     <PackageReference Include="Keyfactor.Logging" Version="1.1.1" />
     <PackageReference Include="Keyfactor.Orchestrators.Common" Version="3.1.2" />
-    <PackageReference Include="Keyfactor.Orchestrators.IOrchestratorJobExtensions" Version="0.6.0" />
+    <PackageReference Include="Keyfactor.Orchestrators.IOrchestratorJobExtensions" Version="0.7.0" />
     <PackageReference Include="Keyfactor.Orchestrators.IOrchestratorRegistrationUpdater" Version="1.0.3" />
     <PackageReference Include="NLog" Version="5.0.1" />
     <PackageReference Include="NLog.Extensions.Logging" Version="5.0.0" />

docsource/alteonlb.md

@@ -0,0 +1 @@
+## Overview

docsource/content.md

@@ -0,0 +1,3 @@
+## Overview
+
+The Alteon Load Balancer integration allows you to manage certificates within the Alteon Load Balancer device.  It facilitates management of both the Alteon Device SSL certificate as well as entries in the trusted root store of the Alteon Load Balancer appliance.

integration-manifest.json

@@ -5,28 +5,57 @@
   "status": "production",
   "support_level": "kf-supported",
   "update_catalog": true,
+  "release_dir": "alteon-orchestrator/bin/Release",
+  "release_project": "alteon-orchestrator/alteon-orchestrator.csproj",
   "link_github": true,
   "description": "The Alteon Load Balancer integration allows you to manage certificates within the Alteon Load Balancer device.",
   "about": {
     "orchestrator": {
-      "win": {
-        "supportsCreateStore": false,
-        "supportsDiscovery": false,
-        "supportsManagementAdd": true,
-        "supportsManagementRemove": true,
-        "supportsReenrollment": false,
-        "supportsInventory": true,
-        "platformSupport": "Unused"
-      },
-      "linux": {
-        "supportsCreateStore": false,
-        "supportsDiscovery": false,
-        "supportsManagementAdd": true,
-        "supportsManagementRemove": true,
-        "supportsReenrollment": false,
-        "supportsInventory": true,
-        "platformSupport": "Unused"
-      }
+      "UOFramework": "10.4",
+      "pam_support": true,
+      "keyfactor_platform_version": "10.4",
+      "store_types": [
+        {
+          "Name": "Alteon Load Balancer",
+          "ShortName": "AlteonLB",
+          "Capability": "AlteonLB",
+          "ClientMachineDescription": "The Alteon Load Balancer Server and port",
+          "StorePathDescription": "This value isn't used for this integration (other than to uniquely identify the cert store in certificate searches).",
+          "SupportedOperations": {
+            "Add": true,
+            "Remove": true,
+            "Enrollment": false,
+            "Discovery": false,
+            "Inventory": true
+          },
+          "Properties": [
+            {
+              "Name": "ServerUsername",
+              "DisplayName": "Server Username",
+              "Type": "Secret",
+              "Description": "Alteon user ID with sufficient permissions to manage certs in the Alteon Load Balancer.",
+              "Required": true
+            },
+            {
+              "Name": "ServerPassword",
+              "DisplayName": "Server Password",
+              "Type": "Secret",
+              "Description": "Password associated with Alteon user ID entered above.",
+              "Required": true
+            }
+          ],
+          "PasswordOptions": {
+            "EntrySupported": false,
+            "StoreRequired": false,
+            "Style": "Default"
+          },
+          "PrivateKeyAllowed": "Optional",
+          "ServerRequired": true,
+          "PowerShell": false,
+          "BlueprintAllowed": false,
+          "CustomAliasAllowed": "Optional"
+        }
+      ]
     }
   }
 }