Merge 0728683 into 9ef853c

Author: leefine02

.github/workflows/keyfactor-starter-workflow.yml

@@ -11,9 +11,10 @@ on:
 
 jobs:
   call-starter-workflow:
-    uses: keyfactor/actions/.github/workflows/starter.yml@v2
+    uses: keyfactor/actions/.github/workflows/starter.yml@3.1.2
     secrets:
       token: ${{ secrets.V2BUILDTOKEN}}
       APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
       gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
       gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
+      scan_token: ${{ secrets.SAST_TOKEN }}

CHANGELOG.md

@@ -1,3 +1,7 @@
+v2.2.0
+- Update to generate dual build for .net6/.net8 configurations
+- Update to use doctool for README generation.
+
 v2.1.2
 - Bug Fix: Private key entry return value - set to True
 

GCPLoadBalancer/GCPLoadBalancer.csproj

@@ -1,8 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netcoreapp3.1</TargetFramework>
+    <AppendTargetFrameworkToOutputPath>true</AppendTargetFrameworkToOutputPath>
+    <TargetFrameworks>net6.0;net8.0</TargetFrameworks>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
+    <ImplicitUsings>disable</ImplicitUsings>
   </PropertyGroup>
 
   <ItemGroup>
@@ -14,10 +16,10 @@
     <PackageReference Include="Keyfactor.Logging" Version="1.1.1" />
     <PackageReference Include="Keyfactor.Orchestrators.IOrchestratorJobExtensions" Version="0.6.0" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
-  </ItemGroup>
 
-  <Target Name="PostBuild" AfterTargets="PostBuildEvent">
-    <Exec Command="echo F | xcopy &quot;$(SolutionDir)manifest.json&quot; &quot;$(TargetDir)\manifest.json&quot; /Y" />
-  </Target>
+    <None Update="manifest.json">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </None>
+  </ItemGroup>
 
 </Project>

manifest.json renamed to GCPLoadBalancer/manifest.json

@@ -0,0 +1,20 @@
+## Overview
+
+The Google Cloud Platform (GCP) Load Balancer Orchestrator allows for the management of Google Cloud Platform Load Balancer certificate stores. Inventory, Management-Add, and Management-Remove functions are supported. Also, re-binding to endpoints IS supported for certificate renewals (but NOT adding new certificates). The orchestrator uses the Google Cloud Compute Engine API (https://cloud.google.com/compute/docs/reference/rest/v1) to manage stores.
+
+
+## Requirements
+
+The orchestrator extension supports having credentials provided by the environment, environment variable, or passed manually from Keyfactor Command.  You can read more about the first two options [here](https://cloud.google.com/docs/authentication/production#automatically).
+
+To pass credentials from Keyfactor Command you need to first create a service account within GCP and then download a [service account key](https://cloud.google.com/docs/authentication/set-up-adc-local-dev-environment#local-key)  Remember to assign the appropriate role/permissions for the service account (see below).  Afterwards inside Keyfactor Command copy and paste the contents of the service account key in the password field for the GCP Certificate Store you create.
+
+The following are the required permissions for the GCP service account:
+- compute.sslCertificates.create
+- compute.sslCertificates.delete
+- compute.sslCertificates.list
+- compute.sslCertificates.get
+- compute.targetHttpsProxies.list
+- compute.targetHttpsProxies.setSslCertificates
+- compute.regionSslCertificates.list
+

README.md

@@ -0,0 +1 @@
+## Overview

docsource/content.md

@@ -6,33 +6,16 @@
   "update_catalog": true,
   "link_github": true,
   "support_level": "kf-supported",
-  "release_dir": "GCPLoadBalancer/bin/Release/netcoreapp3.1",
+  "release_dir": "GCPLoadBalancer/bin/Release",
+  "release_project": "GCPLoadBalancer/GCPLoadBalancer.csproj",
   "description": "The Google Cloud Platform (GCP) Load Balancer Orchestrator allows for the management of Google Cloud Platform Load Balancer certificate stores.  Inventory, Management-Add, and Management-Remove functions are supported.  Also, re-binding to endpoints IS supported for certificate renewals (but NOT adding new certificates).  The orchestrator uses the Google Cloud Compute Engine API (https://cloud.google.com/compute/docs/reference/rest/v1) to manage stores.",
   "about": {
     "orchestrator": {
       "UOFramework": "10.1",
       "keyfactor_platform_version": "9.10",
       "pam_support": false,
-      "win": {
-        "supportsCreateStore": false,
-        "supportsDiscovery": false,
-        "supportsManagementAdd": true,
-        "supportsManagementRemove": true,
-        "supportsReenrollment": false,
-        "supportsInventory": true,
-        "platformSupport": "Unused"
-      },
-      "linux": {
-        "supportsCreateStore": false,
-        "supportsDiscovery": false,
-        "supportsManagementAdd": false,
-        "supportsManagementRemove": false,
-        "supportsReenrollment": false,
-        "supportsInventory": false,
-        "platformSupport": "Unused"
-      },
-      "store_types": {
-        "GCPLoadBal": {
+      "store_types": [
+        {
           "Name": "GCP Load Balancer",
           "ShortName": "GCPLoadBal",
           "Capability": "GCPLoadBal",
@@ -58,14 +41,18 @@
               "Name": "jsonKey",
               "DisplayName": "Service Account Key",
               "Required": true,
+              "IsPAMEligible": false,
               "DependsOn": "",
               "Type": "Secret",
-              "DefaultValue": ""
+              "DefaultValue": "",
+              "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud.  If authenticating via Application Default Credentials (ADC), select No Value"
             }
           ],
+          "ClientMachineDescription": "Not used, but required when creating a store.  Just enter any value.",
+          "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources.  Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).",
           "EntryParameters": []
         }
-      }
+      ]
     }
   }
- }
+}