Merge pull request #2 from Keyfactor/ab#17762

Ab#17762

.github/workflows/keyfactor-merge-store-types.yml

@@ -0,0 +1,27 @@
+name: Keyfactor Merge Cert Store Types
+on: [workflow_dispatch]
+
+jobs:
+  get-manifest-properties:
+    runs-on: windows-latest
+    outputs:
+      update_catalog: ${{ steps.read-json.outputs.update_catalog }}
+      integration_type:  ${{ steps.read-json.outputs.integration_type }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: Store json
+        id: read-json
+        shell: pwsh
+        run: |
+          $json = Get-Content integration-manifest.json | ConvertFrom-Json
+          $myvar = $json.update_catalog
+          echo "update_catalog=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append
+          $myvar = $json.integration_type
+          echo "integration_type=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append
+
+  call-update-store-types-workflow:
+    needs: get-manifest-properties
+    if: needs.get-manifest-properties.outputs.integration_type == 'orchestrator' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
+    uses: Keyfactor/actions/.github/workflows/update-store-types.yml@main
+    secrets: 
+      token: ${{ secrets.UPDATE_STORE_TYPES }}

.github/workflows/keyfactor-starter-workflow.yml

@@ -0,0 +1,20 @@
+name: Keyfactor Bootstrap Workflow
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, closed, synchronize, edited, reopened]
+  push:
+  create:
+    branches:
+      - 'release-*.*'
+
+jobs:
+  call-starter-workflow:
+    uses: keyfactor/actions/.github/workflows/[email protected]
+    secrets:
+      token: ${{ secrets.V2BUILDTOKEN}}
+      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
+      gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
+      scan_token: ${{ secrets.SAST_TOKEN }}

CHANGELOG.md

@@ -0,0 +1,2 @@
+v1.0.0
+- Initial Version

GCPSecretManager/GCPClient.cs

@@ -121,7 +121,7 @@ public void AddSecret(string alias, string secretContent, bool entryExists)
             }
             catch (Exception ex)
             {
-                _logger.LogError(GCPException.FlattenExceptionMessages(ex, "Error adding/replacing certificate"));
+                _logger.LogError(GCPException.FlattenExceptionMessages(ex, "Error adding/replacing certificate.  "));
                 throw;
             }
             finally

GCPSecretManager/Inventory.cs

@@ -85,7 +85,7 @@ public JobResult ProcessJob(InventoryJobConfiguration config, SubmitInventoryUpd
             }
             catch (Exception ex)
             {
-                return new JobResult() { Result = Keyfactor.Orchestrators.Common.Enums.OrchestratorJobStatusJobResult.Failure, JobHistoryId = config.JobHistoryId, FailureMessage = GCPException.FlattenExceptionMessages(ex, $"Site {config.CertificateStoreDetails.StorePath} on server {config.CertificateStoreDetails.ClientMachine}: Error performing Inventory.") };
+                return new JobResult() { Result = Keyfactor.Orchestrators.Common.Enums.OrchestratorJobStatusJobResult.Failure, JobHistoryId = config.JobHistoryId, FailureMessage = GCPException.FlattenExceptionMessages(ex, $"Site {config.CertificateStoreDetails.StorePath} on server {config.CertificateStoreDetails.ClientMachine}: Error performing Inventory.  ") };
             }
         }
     }

GCPSecretManager/Management.cs

@@ -52,7 +52,7 @@ public JobResult ProcessJob(ManagementJobConfiguration config)
             }
             catch (Exception ex)
             {
-                return new JobResult() { Result = Keyfactor.Orchestrators.Common.Enums.OrchestratorJobStatusJobResult.Failure, JobHistoryId = config.JobHistoryId, FailureMessage = GCPException.FlattenExceptionMessages(ex, $"Site {config.CertificateStoreDetails.StorePath} on server {config.CertificateStoreDetails.ClientMachine}: Error adding certificate for {config.JobCertificate.Alias}") };
+                return new JobResult() { Result = Keyfactor.Orchestrators.Common.Enums.OrchestratorJobStatusJobResult.Failure, JobHistoryId = config.JobHistoryId, FailureMessage = GCPException.FlattenExceptionMessages(ex, $"Site {config.CertificateStoreDetails.StorePath} on server {config.CertificateStoreDetails.ClientMachine}: Error adding certificate for {config.JobCertificate.Alias}.  ") };
             }
 
             return new JobResult() { Result = Keyfactor.Orchestrators.Common.Enums.OrchestratorJobStatusJobResult.Success, JobHistoryId = config.JobHistoryId };
@@ -68,8 +68,10 @@ private void PerformAdd(ManagementJobConfiguration config, GCPClient client)
 
             if (!config.Overwrite && entryExists)
             {
+                string errMsg = $"Secret {alias} already exists but Overwrite set to False.  Set Overwrite to True to replace the certificate.";
+                Logger.LogError(errMsg);
                 Logger.MethodExit(LogLevel.Debug);
-                throw new GCPException($"Secret {alias} already exists but Overwrite set to False.  Set Overwrite to True to replace the certificate.");
+                throw new GCPException(errMsg);
             }
 
             if (string.IsNullOrEmpty(StorePassword))
@@ -85,7 +87,10 @@ private void PerformAdd(ManagementJobConfiguration config, GCPClient client)
                 string secret = CertificateFormatter.ConvertCertificateEntryToSecret(config.JobCertificate.Contents, config.JobCertificate.PrivateKeyPassword, IncludeChain, newPassword);
                 client.AddSecret(alias, secret, entryExists);
                 if (!string.IsNullOrEmpty(newPassword) && string.IsNullOrEmpty(StorePassword))
-                    client.AddSecret(alias + PasswordSecretSuffix, newPassword, entryExists);
+                {
+                    bool passwordEntryExists = client.Exists(alias + PasswordSecretSuffix);
+                    client.AddSecret(alias + PasswordSecretSuffix, newPassword, passwordEntryExists);
+                }
             }
             catch { throw; }
             finally