Skip to content

Commit d858814

Browse files
authored
Merge 0728683 into 9ef853c
2 parents 9ef853c + 0728683 commit d858814

File tree

12 files changed

+216
-116
lines changed

12 files changed

+216
-116
lines changed

.github/workflows/keyfactor-starter-workflow.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,9 +11,10 @@ on:
1111

1212
jobs:
1313
call-starter-workflow:
14-
uses: keyfactor/actions/.github/workflows/starter.yml@v2
14+
uses: keyfactor/actions/.github/workflows/starter.yml@3.1.2
1515
secrets:
1616
token: ${{ secrets.V2BUILDTOKEN}}
1717
APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
1818
gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
1919
gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
20+
scan_token: ${{ secrets.SAST_TOKEN }}

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
v2.2.0
2+
- Update to generate dual build for .net6/.net8 configurations
3+
- Update to use doctool for README generation.
4+
15
v2.1.2
26
- Bug Fix: Private key entry return value - set to True
37

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,10 @@
11
<Project Sdk="Microsoft.NET.Sdk">
22

33
<PropertyGroup>
4-
<TargetFramework>netcoreapp3.1</TargetFramework>
4+
<AppendTargetFrameworkToOutputPath>true</AppendTargetFrameworkToOutputPath>
5+
<TargetFrameworks>net6.0;net8.0</TargetFrameworks>
56
<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
7+
<ImplicitUsings>disable</ImplicitUsings>
68
</PropertyGroup>
79

810
<ItemGroup>
@@ -14,10 +16,10 @@
1416
<PackageReference Include="Keyfactor.Logging" Version="1.1.1" />
1517
<PackageReference Include="Keyfactor.Orchestrators.IOrchestratorJobExtensions" Version="0.6.0" />
1618
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
17-
</ItemGroup>
1819

19-
<Target Name="PostBuild" AfterTargets="PostBuildEvent">
20-
<Exec Command="echo F | xcopy &quot;$(SolutionDir)manifest.json&quot; &quot;$(TargetDir)\manifest.json&quot; /Y" />
21-
</Target>
20+
<None Update="manifest.json">
21+
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
22+
</None>
23+
</ItemGroup>
2224

2325
</Project>
File renamed without changes.

README.md

Lines changed: 171 additions & 86 deletions
Large diffs are not rendered by default.

docsource/content.md

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
## Overview
2+
3+
The Google Cloud Platform (GCP) Load Balancer Orchestrator allows for the management of Google Cloud Platform Load Balancer certificate stores. Inventory, Management-Add, and Management-Remove functions are supported. Also, re-binding to endpoints IS supported for certificate renewals (but NOT adding new certificates). The orchestrator uses the Google Cloud Compute Engine API (https://cloud.google.com/compute/docs/reference/rest/v1) to manage stores.
4+
5+
6+
## Requirements
7+
8+
The orchestrator extension supports having credentials provided by the environment, environment variable, or passed manually from Keyfactor Command. You can read more about the first two options [here](https://cloud.google.com/docs/authentication/production#automatically).
9+
10+
To pass credentials from Keyfactor Command you need to first create a service account within GCP and then download a [service account key](https://cloud.google.com/docs/authentication/set-up-adc-local-dev-environment#local-key) Remember to assign the appropriate role/permissions for the service account (see below). Afterwards inside Keyfactor Command copy and paste the contents of the service account key in the password field for the GCP Certificate Store you create.
11+
12+
The following are the required permissions for the GCP service account:
13+
- compute.sslCertificates.create
14+
- compute.sslCertificates.delete
15+
- compute.sslCertificates.list
16+
- compute.sslCertificates.get
17+
- compute.targetHttpsProxies.list
18+
- compute.targetHttpsProxies.setSslCertificates
19+
- compute.regionSslCertificates.list
20+

docsource/gcploadbal.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
## Overview

images/image1.png

-30.1 KB
Binary file not shown.

images/image2.png

-24.7 KB
Binary file not shown.

images/image3.png

-12 KB
Binary file not shown.

images/image4.png

-18.1 KB
Binary file not shown.

integration-manifest.json

Lines changed: 11 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -6,33 +6,16 @@
66
"update_catalog": true,
77
"link_github": true,
88
"support_level": "kf-supported",
9-
"release_dir": "GCPLoadBalancer/bin/Release/netcoreapp3.1",
9+
"release_dir": "GCPLoadBalancer/bin/Release",
10+
"release_project": "GCPLoadBalancer/GCPLoadBalancer.csproj",
1011
"description": "The Google Cloud Platform (GCP) Load Balancer Orchestrator allows for the management of Google Cloud Platform Load Balancer certificate stores. Inventory, Management-Add, and Management-Remove functions are supported. Also, re-binding to endpoints IS supported for certificate renewals (but NOT adding new certificates). The orchestrator uses the Google Cloud Compute Engine API (https://cloud.google.com/compute/docs/reference/rest/v1) to manage stores.",
1112
"about": {
1213
"orchestrator": {
1314
"UOFramework": "10.1",
1415
"keyfactor_platform_version": "9.10",
1516
"pam_support": false,
16-
"win": {
17-
"supportsCreateStore": false,
18-
"supportsDiscovery": false,
19-
"supportsManagementAdd": true,
20-
"supportsManagementRemove": true,
21-
"supportsReenrollment": false,
22-
"supportsInventory": true,
23-
"platformSupport": "Unused"
24-
},
25-
"linux": {
26-
"supportsCreateStore": false,
27-
"supportsDiscovery": false,
28-
"supportsManagementAdd": false,
29-
"supportsManagementRemove": false,
30-
"supportsReenrollment": false,
31-
"supportsInventory": false,
32-
"platformSupport": "Unused"
33-
},
34-
"store_types": {
35-
"GCPLoadBal": {
17+
"store_types": [
18+
{
3619
"Name": "GCP Load Balancer",
3720
"ShortName": "GCPLoadBal",
3821
"Capability": "GCPLoadBal",
@@ -58,14 +41,18 @@
5841
"Name": "jsonKey",
5942
"DisplayName": "Service Account Key",
6043
"Required": true,
44+
"IsPAMEligible": false,
6145
"DependsOn": "",
6246
"Type": "Secret",
63-
"DefaultValue": ""
47+
"DefaultValue": "",
48+
"Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value"
6449
}
6550
],
51+
"ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.",
52+
"StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).",
6653
"EntryParameters": []
6754
}
68-
}
55+
]
6956
}
7057
}
71-
}
58+
}

0 commit comments

Comments
 (0)