From 754a9886a820bf40d0b6f4d8f28c5190c1b782bf Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:00:27 -0700 Subject: [PATCH 01/12] chore(docs): Add `migrate` sub CLI auto docs. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- docs/kfutil.md | 3 +- docs/kfutil_completion.md | 2 +- docs/kfutil_completion_bash.md | 2 +- docs/kfutil_completion_fish.md | 2 +- docs/kfutil_completion_powershell.md | 2 +- docs/kfutil_completion_zsh.md | 2 +- docs/kfutil_containers.md | 2 +- docs/kfutil_containers_get.md | 2 +- docs/kfutil_containers_list.md | 2 +- docs/kfutil_export.md | 2 +- docs/kfutil_helm.md | 2 +- docs/kfutil_helm_uo.md | 2 +- docs/kfutil_import.md | 2 +- docs/kfutil_login.md | 2 +- docs/kfutil_logout.md | 2 +- docs/kfutil_migrate.md | 47 +++++++++++++++++ docs/kfutil_migrate_check.md | 48 ++++++++++++++++++ docs/kfutil_migrate_pam.md | 50 +++++++++++++++++++ docs/kfutil_orchs.md | 2 +- docs/kfutil_orchs_approve.md | 2 +- docs/kfutil_orchs_disapprove.md | 2 +- docs/kfutil_orchs_ext.md | 2 +- docs/kfutil_orchs_get.md | 2 +- docs/kfutil_orchs_list.md | 2 +- docs/kfutil_orchs_logs.md | 2 +- docs/kfutil_orchs_reset.md | 2 +- docs/kfutil_pam.md | 2 +- docs/kfutil_pam_create.md | 2 +- docs/kfutil_pam_delete.md | 2 +- docs/kfutil_pam_get.md | 2 +- docs/kfutil_pam_list.md | 2 +- docs/kfutil_pam_types-create.md | 2 +- docs/kfutil_pam_types-list.md | 2 +- docs/kfutil_pam_update.md | 2 +- docs/kfutil_status.md | 2 +- docs/kfutil_store-types.md | 2 +- docs/kfutil_store-types_create.md | 4 +- docs/kfutil_store-types_delete.md | 2 +- docs/kfutil_store-types_get.md | 2 +- docs/kfutil_store-types_list.md | 2 +- docs/kfutil_store-types_templates-fetch.md | 2 +- docs/kfutil_stores.md | 2 +- docs/kfutil_stores_delete.md | 2 +- docs/kfutil_stores_export.md | 2 +- docs/kfutil_stores_get.md | 2 +- docs/kfutil_stores_import.md | 2 +- docs/kfutil_stores_import_csv.md | 2 +- .../kfutil_stores_import_generate-template.md | 2 +- docs/kfutil_stores_inventory.md | 2 +- docs/kfutil_stores_inventory_add.md | 2 +- docs/kfutil_stores_inventory_remove.md | 2 +- docs/kfutil_stores_inventory_show.md | 2 +- docs/kfutil_stores_list.md | 2 +- docs/kfutil_stores_rot.md | 2 +- docs/kfutil_stores_rot_audit.md | 2 +- docs/kfutil_stores_rot_generate-template.md | 2 +- docs/kfutil_stores_rot_reconcile.md | 2 +- docs/kfutil_version.md | 2 +- 58 files changed, 202 insertions(+), 56 deletions(-) create mode 100644 docs/kfutil_migrate.md create mode 100644 docs/kfutil_migrate_check.md create mode 100644 docs/kfutil_migrate_pam.md diff --git a/docs/kfutil.md b/docs/kfutil.md index d8611381..4a612594 100644 --- a/docs/kfutil.md +++ b/docs/kfutil.md @@ -39,6 +39,7 @@ A CLI wrapper around the Keyfactor Platform API. * [kfutil import](kfutil_import.md) - Keyfactor instance import utilities. * [kfutil login](kfutil_login.md) - User interactive login to Keyfactor. Stores the credentials in the config file '$HOME/.keyfactor/command_config.json'. * [kfutil logout](kfutil_logout.md) - Unsets environment variables and removes the stored credentials file. +* [kfutil migrate](kfutil_migrate.md) - Keyfactor Migration Tools. * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. * [kfutil status](kfutil_status.md) - List the status of Keyfactor services. @@ -46,4 +47,4 @@ A CLI wrapper around the Keyfactor Platform API. * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. * [kfutil version](kfutil_version.md) - Shows version of kfutil -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion.md b/docs/kfutil_completion.md index e22e82b1..a9ba81fe 100644 --- a/docs/kfutil_completion.md +++ b/docs/kfutil_completion.md @@ -45,4 +45,4 @@ See each sub-command's help for details on how to use the generated script. * [kfutil completion powershell](kfutil_completion_powershell.md) - Generate the autocompletion script for powershell * [kfutil completion zsh](kfutil_completion_zsh.md) - Generate the autocompletion script for zsh -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion_bash.md b/docs/kfutil_completion_bash.md index e002d6d7..95da43b2 100644 --- a/docs/kfutil_completion_bash.md +++ b/docs/kfutil_completion_bash.md @@ -64,4 +64,4 @@ kfutil completion bash * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion_fish.md b/docs/kfutil_completion_fish.md index fd509722..17b37cee 100644 --- a/docs/kfutil_completion_fish.md +++ b/docs/kfutil_completion_fish.md @@ -55,4 +55,4 @@ kfutil completion fish [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion_powershell.md b/docs/kfutil_completion_powershell.md index 6ae54eae..168732f6 100644 --- a/docs/kfutil_completion_powershell.md +++ b/docs/kfutil_completion_powershell.md @@ -52,4 +52,4 @@ kfutil completion powershell [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion_zsh.md b/docs/kfutil_completion_zsh.md index b3a0672f..df997d49 100644 --- a/docs/kfutil_completion_zsh.md +++ b/docs/kfutil_completion_zsh.md @@ -66,4 +66,4 @@ kfutil completion zsh [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_containers.md b/docs/kfutil_containers.md index 667a6355..a18a8c36 100644 --- a/docs/kfutil_containers.md +++ b/docs/kfutil_containers.md @@ -41,4 +41,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil containers get](kfutil_containers_get.md) - Get certificate store container by ID or name. * [kfutil containers list](kfutil_containers_list.md) - List certificate store containers. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_containers_get.md b/docs/kfutil_containers_get.md index 54bcb254..a19027a1 100644 --- a/docs/kfutil_containers_get.md +++ b/docs/kfutil_containers_get.md @@ -44,4 +44,4 @@ kfutil containers get [flags] * [kfutil containers](kfutil_containers.md) - Keyfactor certificate store container API and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_containers_list.md b/docs/kfutil_containers_list.md index 496661be..62f17be5 100644 --- a/docs/kfutil_containers_list.md +++ b/docs/kfutil_containers_list.md @@ -43,4 +43,4 @@ kfutil containers list [flags] * [kfutil containers](kfutil_containers.md) - Keyfactor certificate store container API and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_export.md b/docs/kfutil_export.md index 7b255a5e..649f5f7a 100644 --- a/docs/kfutil_export.md +++ b/docs/kfutil_export.md @@ -55,4 +55,4 @@ kfutil export [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_helm.md b/docs/kfutil_helm.md index c0facc86..a91ad691 100644 --- a/docs/kfutil_helm.md +++ b/docs/kfutil_helm.md @@ -46,4 +46,4 @@ kubectl helm uo | helm install -f - keyfactor-universal-orchestrator keyfactor/k * [kfutil](kfutil.md) - Keyfactor CLI utilities * [kfutil helm uo](kfutil_helm_uo.md) - Configure the Keyfactor Universal Orchestrator Helm Chart -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_helm_uo.md b/docs/kfutil_helm_uo.md index a5e2833f..581a1afa 100644 --- a/docs/kfutil_helm_uo.md +++ b/docs/kfutil_helm_uo.md @@ -50,4 +50,4 @@ kfutil helm uo [-t ] [-o ] [-f ] [-e -e @,@ -o ./app/extension * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_orchs_get.md b/docs/kfutil_orchs_get.md index 245e10a1..97773770 100644 --- a/docs/kfutil_orchs_get.md +++ b/docs/kfutil_orchs_get.md @@ -44,4 +44,4 @@ kfutil orchs get [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_orchs_list.md b/docs/kfutil_orchs_list.md index bf55a9a5..bc02d7c5 100644 --- a/docs/kfutil_orchs_list.md +++ b/docs/kfutil_orchs_list.md @@ -43,4 +43,4 @@ kfutil orchs list [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_orchs_logs.md b/docs/kfutil_orchs_logs.md index 14d971e0..0d535d44 100644 --- a/docs/kfutil_orchs_logs.md +++ b/docs/kfutil_orchs_logs.md @@ -44,4 +44,4 @@ kfutil orchs logs [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_orchs_reset.md b/docs/kfutil_orchs_reset.md index 032349a1..af412682 100644 --- a/docs/kfutil_orchs_reset.md +++ b/docs/kfutil_orchs_reset.md @@ -44,4 +44,4 @@ kfutil orchs reset [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam.md b/docs/kfutil_pam.md index 6d22a6db..f5eddd02 100644 --- a/docs/kfutil_pam.md +++ b/docs/kfutil_pam.md @@ -48,4 +48,4 @@ programmatically create, delete, edit, and list PAM Providers. * [kfutil pam types-list](kfutil_pam_types-list.md) - Returns a list of all available PAM provider types. * [kfutil pam update](kfutil_pam_update.md) - Updates an existing PAM Provider, currently only supported from file. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_create.md b/docs/kfutil_pam_create.md index 1fd5f602..b0853ebe 100644 --- a/docs/kfutil_pam_create.md +++ b/docs/kfutil_pam_create.md @@ -44,4 +44,4 @@ kfutil pam create [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_delete.md b/docs/kfutil_pam_delete.md index 28c16e1f..8d4b2673 100644 --- a/docs/kfutil_pam_delete.md +++ b/docs/kfutil_pam_delete.md @@ -44,4 +44,4 @@ kfutil pam delete [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_get.md b/docs/kfutil_pam_get.md index afc07d79..3823d677 100644 --- a/docs/kfutil_pam_get.md +++ b/docs/kfutil_pam_get.md @@ -44,4 +44,4 @@ kfutil pam get [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_list.md b/docs/kfutil_pam_list.md index 217b568f..7eacae98 100644 --- a/docs/kfutil_pam_list.md +++ b/docs/kfutil_pam_list.md @@ -43,4 +43,4 @@ kfutil pam list [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_types-create.md b/docs/kfutil_pam_types-create.md index 9c0e2440..eba0990f 100644 --- a/docs/kfutil_pam_types-create.md +++ b/docs/kfutil_pam_types-create.md @@ -51,4 +51,4 @@ kfutil pam types-create [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_types-list.md b/docs/kfutil_pam_types-list.md index 8fe920d3..0ccef4a7 100644 --- a/docs/kfutil_pam_types-list.md +++ b/docs/kfutil_pam_types-list.md @@ -43,4 +43,4 @@ kfutil pam types-list [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_update.md b/docs/kfutil_pam_update.md index 35ab4bb0..8425624b 100644 --- a/docs/kfutil_pam_update.md +++ b/docs/kfutil_pam_update.md @@ -44,4 +44,4 @@ kfutil pam update [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_status.md b/docs/kfutil_status.md index 193d0510..349c72fe 100644 --- a/docs/kfutil_status.md +++ b/docs/kfutil_status.md @@ -43,4 +43,4 @@ kfutil status [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types.md b/docs/kfutil_store-types.md index 05c3cacf..2197ba09 100644 --- a/docs/kfutil_store-types.md +++ b/docs/kfutil_store-types.md @@ -44,4 +44,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil store-types list](kfutil_store-types_list.md) - List certificate store types. * [kfutil store-types templates-fetch](kfutil_store-types_templates-fetch.md) - Fetches store type templates from Keyfactor's Github. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_create.md b/docs/kfutil_store-types_create.md index ef027967..5bf83030 100644 --- a/docs/kfutil_store-types_create.md +++ b/docs/kfutil_store-types_create.md @@ -18,7 +18,7 @@ kfutil store-types create [flags] -b, --git-ref string The git branch or tag to reference when pulling store-types from the internet. (default "main") -h, --help help for create -l, --list List valid store types. - -n, --name string Short name of the certificate store type to get. Valid choices are: AKV, AWS-ACM, Akamai, AppGwBin, AzureApp, AzureApp2, AzureAppGw, AzureSP, AzureSP2, BIPCamera, CiscoAsa, CitrixAdc, DataPower, F5-BigIQ, F5-CA-REST, F5-SL-REST, F5-WS-REST, FortiWeb, Fortigate, GCPLoadBal, GcpCertMgr, HCVKV, HCVKVJKS, HCVKVP12, HCVKVPEM, HCVKVPFX, HCVPKI, IISU, Imperva, K8SCert, K8SCluster, K8SJKS, K8SNS, K8SPKCS12, K8SSecret, K8STLSSecr, MOST, Nmap, PaloAlto, RFDER, RFJKS, RFKDB, RFORA, RFPEM, RFPkcs12, SAMPLETYPE, Signum, VMware-NSX, WinCerMgmt, WinCert, WinSql, f5WafCa, f5WafTls, iDRAC + -n, --name string Short name of the certificate store type to get. Valid choices are: AKV, AWS-ACM, Akamai, AppGwBin, AzureApp, AzureApp2, AzureAppGw, AzureSP, AzureSP2, BIPCamera, CiscoAsa, CitrixAdc, DataPower, F5-BigIQ, F5-CA-REST, F5-SL-REST, F5-WS-REST, FortiWeb, Fortigate, GCPLoadBal, GcpApigee, GcpCertMgr, HCVKV, HCVKVJKS, HCVKVP12, HCVKVPEM, HCVKVPFX, HCVPKI, HPiLO, IISU, Imperva, K8SCert, K8SCluster, K8SJKS, K8SNS, K8SPKCS12, K8SSecret, K8STLSSecr, MOST, Nmap, PaloAlto, RFDER, RFJKS, RFKDB, RFORA, RFPEM, RFPkcs12, SAMPLETYPE, Signum, VMware-NSX, WinCerMgmt, WinCert, WinSql, f5WafCa, f5WafTls, iDRAC -r, --repo string The repository to pull store-types definitions from. (default "kfutil") ``` @@ -49,4 +49,4 @@ kfutil store-types create [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_delete.md b/docs/kfutil_store-types_delete.md index a8b9500b..e4ffcc56 100644 --- a/docs/kfutil_store-types_delete.md +++ b/docs/kfutil_store-types_delete.md @@ -47,4 +47,4 @@ kfutil store-types delete [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_get.md b/docs/kfutil_store-types_get.md index 9a249cc3..df11d41b 100644 --- a/docs/kfutil_store-types_get.md +++ b/docs/kfutil_store-types_get.md @@ -48,4 +48,4 @@ kfutil store-types get [-i | -n ] [-b * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_list.md b/docs/kfutil_store-types_list.md index 4fb07e67..8318adb9 100644 --- a/docs/kfutil_store-types_list.md +++ b/docs/kfutil_store-types_list.md @@ -43,4 +43,4 @@ kfutil store-types list [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_templates-fetch.md b/docs/kfutil_store-types_templates-fetch.md index 9df5d69a..ad35f470 100644 --- a/docs/kfutil_store-types_templates-fetch.md +++ b/docs/kfutil_store-types_templates-fetch.md @@ -45,4 +45,4 @@ kfutil store-types templates-fetch [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores.md b/docs/kfutil_stores.md index c15f5c22..4a2e0923 100644 --- a/docs/kfutil_stores.md +++ b/docs/kfutil_stores.md @@ -47,4 +47,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil stores list](kfutil_stores_list.md) - List certificate stores. * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_delete.md b/docs/kfutil_stores_delete.md index c8f68b91..53cc5450 100644 --- a/docs/kfutil_stores_delete.md +++ b/docs/kfutil_stores_delete.md @@ -46,4 +46,4 @@ kfutil stores delete [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_export.md b/docs/kfutil_stores_export.md index 85fac2aa..2594ae08 100644 --- a/docs/kfutil_stores_export.md +++ b/docs/kfutil_stores_export.md @@ -47,4 +47,4 @@ kfutil stores export [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_get.md b/docs/kfutil_stores_get.md index f2966dae..65bc985e 100644 --- a/docs/kfutil_stores_get.md +++ b/docs/kfutil_stores_get.md @@ -44,4 +44,4 @@ kfutil stores get [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_import.md b/docs/kfutil_stores_import.md index 61440881..1b7fb268 100644 --- a/docs/kfutil_stores_import.md +++ b/docs/kfutil_stores_import.md @@ -41,4 +41,4 @@ Tools for generating import templates and importing certificate stores * [kfutil stores import csv](kfutil_stores_import_csv.md) - Create certificate stores from CSV file. * [kfutil stores import generate-template](kfutil_stores_import_generate-template.md) - For generating a CSV template with headers for bulk store creation. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_import_csv.md b/docs/kfutil_stores_import_csv.md index c34731e4..c3cc5611 100644 --- a/docs/kfutil_stores_import_csv.md +++ b/docs/kfutil_stores_import_csv.md @@ -94,4 +94,4 @@ kfutil stores import csv --file --store-type-id --store-t * [kfutil stores import](kfutil_stores_import.md) - Import a file with certificate store definitions and create them in Keyfactor Command. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_inventory.md b/docs/kfutil_stores_inventory.md index bdfee73b..8e1762ce 100644 --- a/docs/kfutil_stores_inventory.md +++ b/docs/kfutil_stores_inventory.md @@ -42,4 +42,4 @@ Commands related to certificate store inventory management * [kfutil stores inventory remove](kfutil_stores_inventory_remove.md) - Removes a certificate from the certificate store inventory. * [kfutil stores inventory show](kfutil_stores_inventory_show.md) - Show the inventory of a certificate store. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_inventory_add.md b/docs/kfutil_stores_inventory_add.md index 3f2c38c7..3c343396 100644 --- a/docs/kfutil_stores_inventory_add.md +++ b/docs/kfutil_stores_inventory_add.md @@ -57,4 +57,4 @@ kfutil stores inventory add [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_inventory_remove.md b/docs/kfutil_stores_inventory_remove.md index 06719df3..c3eb6b20 100644 --- a/docs/kfutil_stores_inventory_remove.md +++ b/docs/kfutil_stores_inventory_remove.md @@ -53,4 +53,4 @@ kfutil stores inventory remove [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_inventory_show.md b/docs/kfutil_stores_inventory_show.md index e6d6bc23..dd3d2324 100644 --- a/docs/kfutil_stores_inventory_show.md +++ b/docs/kfutil_stores_inventory_show.md @@ -47,4 +47,4 @@ kfutil stores inventory show [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_list.md b/docs/kfutil_stores_list.md index 9557d629..1efab07e 100644 --- a/docs/kfutil_stores_list.md +++ b/docs/kfutil_stores_list.md @@ -43,4 +43,4 @@ kfutil stores list [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_rot.md b/docs/kfutil_stores_rot.md index d47038c8..f5755934 100644 --- a/docs/kfutil_stores_rot.md +++ b/docs/kfutil_stores_rot.md @@ -54,4 +54,4 @@ kfutil stores rot reconcile --import-csv * [kfutil stores rot generate-template](kfutil_stores_rot_generate-template.md) - For generating Root Of Trust template(s) * [kfutil stores rot reconcile](kfutil_stores_rot_reconcile.md) - Reconcile either takes in or will generate an audit report and then add/remove certs as needed. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_rot_audit.md b/docs/kfutil_stores_rot_audit.md index 02af86c3..35456bb2 100644 --- a/docs/kfutil_stores_rot_audit.md +++ b/docs/kfutil_stores_rot_audit.md @@ -51,4 +51,4 @@ kfutil stores rot audit [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_rot_generate-template.md b/docs/kfutil_stores_rot_generate-template.md index 92f61807..80f831dc 100644 --- a/docs/kfutil_stores_rot_generate-template.md +++ b/docs/kfutil_stores_rot_generate-template.md @@ -49,4 +49,4 @@ kfutil stores rot generate-template [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_rot_reconcile.md b/docs/kfutil_stores_rot_reconcile.md index b50170dc..2cd73a42 100644 --- a/docs/kfutil_stores_rot_reconcile.md +++ b/docs/kfutil_stores_rot_reconcile.md @@ -56,4 +56,4 @@ kfutil stores rot reconcile [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_version.md b/docs/kfutil_version.md index 43447ad5..fb338e80 100644 --- a/docs/kfutil_version.md +++ b/docs/kfutil_version.md @@ -43,4 +43,4 @@ kfutil version [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 From 526e182685cd355c06ab68c5100a187440d62cf8 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:00:45 -0700 Subject: [PATCH 02/12] fix(pkg): Bump internal version to `1.8.1` Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- pkg/version/version.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/version/version.go b/pkg/version/version.go index 433d935d..3ad2feba 100644 --- a/pkg/version/version.go +++ b/pkg/version/version.go @@ -15,7 +15,7 @@ package version var ( - VERSION = "1.7.0" + VERSION = "1.8.1" BUILD_DATE = "2025-05-20" COMMIT = "HEAD" ) From ad6122c945a9bbe716de39b06287af2f549ac9a0 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:23:03 -0700 Subject: [PATCH 03/12] fix(docs): Update internal store-type definitions w/ latest data. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- cmd/store_types.json | 864 +++++++++++++++++++++++++++---------------- store_types.json | 864 +++++++++++++++++++++++++++---------------- 2 files changed, 1096 insertions(+), 632 deletions(-) diff --git a/cmd/store_types.json b/cmd/store_types.json index 927642e0..a9643216 100644 --- a/cmd/store_types.json +++ b/cmd/store_types.json @@ -260,6 +260,195 @@ "ClientMachineDescription": "This is the AWS Account ID that will be used for access. This will dictate what certificates are usable by the orchestrator. Note: this does not have any effect on EC2 inferred credentials, which are limited to a specific role/account.", "StorePathDescription": "The AWS Region, or a comma-separated list of multiple regions, the store will operate in." }, + { + "Name": "AWS Certificate Manager v3", + "ShortName": "AWS-ACM-v3", + "Capability": "AWS-ACM-v3", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": false, + "Discovery": false, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "UseDefaultSdkAuth", + "DisplayName": "Use Default SDK Auth", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use Default SDK credentials" + }, + { + "Name": "DefaultSdkAssumeRole", + "DisplayName": "Assume new Role using Default SDK Auth", + "Type": "Bool", + "DependsOn": "UseDefaultSdkAuth", + "DefaultValue": "false", + "Required": false, + "IsPAMEligible": false, + "Description": "A switch to enable the store to assume a new Role when using Default SDK credentials" + }, + { + "Name": "UseOAuth", + "DisplayName": "Use OAuth 2.0 Provider", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use an OAuth provider workflow to authenticate with AWS" + }, + { + "Name": "OAuthScope", + "DisplayName": "OAuth Scope", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": false, + "Description": "This is the OAuth Scope needed for Okta OAuth, defined in Okta" + }, + { + "Name": "OAuthGrantType", + "DisplayName": "OAuth Grant Type", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "client_credentials", + "Required": false, + "IsPAMEligible": false, + "Description": "In OAuth 2.0, the term 'grant type' refers to the way an application gets an access token. In Okta this is `client_credentials`" + }, + { + "Name": "OAuthUrl", + "DisplayName": "OAuth Url", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "https://***/oauth2/default/v1/token", + "Required": false, + "IsPAMEligible": false, + "Description": "An optional parameter sts:ExternalId to pass with Assume Role calls" + }, + { + "Name": "OAuthClientId", + "DisplayName": "OAuth Client ID", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The Client ID for OAuth." + }, + { + "Name": "OAuthClientSecret", + "DisplayName": "OAuth Client Secret", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The Client Secret for OAuth." + }, + { + "Name": "UseIAM", + "DisplayName": "Use IAM User Auth", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use IAM User auth to assume a role when authenticating with AWS" + }, + { + "Name": "IAMUserAccessKey", + "DisplayName": "IAM User Access Key", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The AWS Access Key for an IAM User" + }, + { + "Name": "IAMUserAccessSecret", + "DisplayName": "IAM User Access Secret", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The AWS Access Secret for an IAM User." + }, + { + "Name": "ExternalId", + "DisplayName": "sts:ExternalId", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": false, + "Description": "An optional parameter sts:ExternalId to pass with Assume Role calls" + } + ], + "EntryParameters": [ + { + "Name": "ACM Tags", + "DisplayName": "ACM Tags", + "Type": "String", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + }, + "Description": "The optional ACM tags that should be assigned to the certificate. Multiple name/value pairs may be entered in the format of `Name1=Value1,Name2=Value2,...,NameN=ValueN`" + } + ], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "PrivateKeyAllowed": "Required", + "ServerRequired": false, + "PowerShell": false, + "BlueprintAllowed": true, + "CustomAliasAllowed": "Optional", + "ClientMachineDescription": "This is a full AWS ARN specifying a Role. This is the Role that will be assumed in any Auth scenario performing Assume Role. This will dictate what certificates are usable by the orchestrator. A preceding [profile] name should be included if a Credential Profile is to be used in Default Sdk Auth.", + "StorePathDescription": "A single specified AWS Region the store will operate in. Additional regions should get their own store defined." + }, + { + "Name": "Airlock Application Firewall Certificate", + "ShortName": "AirlockWAF", + "Capability": "AirlockWAF", + "LocalStore": false, + "SupportedOperations": { + "Add": false, + "Create": false, + "Discovery": true, + "Enrollment": false, + "Remove": false + }, + "Properties": [], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": true, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Required", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Allowed" + }, { "Name": "Akamai Certificate Provisioning Service", "ShortName": "Akamai", @@ -274,36 +463,38 @@ }, "Properties": [ { - "StoreTypeId;omitempty": 0, "Name": "access_token", "DisplayName": "Access Token", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai access_token for authentication." }, { - "StoreTypeId;omitempty": 0, "Name": "client_token", "DisplayName": "Client Token", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai client_token for authentication." }, { - "StoreTypeId;omitempty": 0, "Name": "client_secret", "DisplayName": "Client Secret", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai client_secret for authentication." } ], "EntryParameters": [ { - "StoreTypeId;omitempty": 0, "Name": "EnrollmentId", "DisplayName": "Enrollment ID", "Type": "String", @@ -312,10 +503,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Enrollment ID of a certificate enrollment in Akamai. This should only be supplied for ODKG when replacing an existing certificate." }, { - "StoreTypeId;omitempty": 0, "Name": "ContractId", "DisplayName": "Contract ID", "Type": "String", @@ -325,10 +516,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "The Contract ID of your account in Akamai." }, { - "StoreTypeId;omitempty": 0, "Name": "Sans", "DisplayName": "SANs", "Type": "String", @@ -337,10 +528,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": true - } + }, + "Description": "SANs for the new certificate. If multiple are supplied, they should be split with an ampersand character '&'" }, { - "StoreTypeId;omitempty": 0, "Name": "admin-addressLineOne", "DisplayName": "Admin - Address Line 1", "Type": "String", @@ -350,10 +541,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-addressLineTwo", "DisplayName": "Admin - Address Line 2", "Type": "String", @@ -362,10 +553,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-city", "DisplayName": "Admin - City", "Type": "String", @@ -375,10 +566,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-country", "DisplayName": "Admin - Country", "Type": "String", @@ -388,10 +579,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-email", "DisplayName": "Admin - Email", "Type": "String", @@ -401,10 +592,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-firstName", "DisplayName": "Admin - First Name", "Type": "String", @@ -414,10 +605,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-lastName", "DisplayName": "Admin - Last Name", "Type": "String", @@ -427,10 +618,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-organizationName", "DisplayName": "Admin - Organization Name", "Type": "String", @@ -440,10 +631,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-phone", "DisplayName": "Admin - Phone", "Type": "String", @@ -453,10 +644,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-postalCode", "DisplayName": "Admin - Postal Code", "Type": "String", @@ -466,10 +657,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-region", "DisplayName": "Admin - Region", "Type": "String", @@ -479,10 +670,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-title", "DisplayName": "Admin - Title", "Type": "String", @@ -492,10 +683,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-addressLineOne", "DisplayName": "Org - Address Line 1", "Type": "String", @@ -505,10 +696,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-addressLineTwo", "DisplayName": "Org - Address Line 2", "Type": "String", @@ -517,10 +708,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-city", "DisplayName": "Org - City", "Type": "String", @@ -530,10 +721,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-country", "DisplayName": "Org - Country", "Type": "String", @@ -543,10 +734,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-organizationName", "DisplayName": "Org - Organization Name", "Type": "String", @@ -556,10 +747,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-phone", "DisplayName": "Org - Phone", "Type": "String", @@ -569,10 +760,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-postalCode", "DisplayName": "Org - Postal Code", "Type": "String", @@ -582,10 +773,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-region", "DisplayName": "Org - Region", "Type": "String", @@ -595,10 +786,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-addressLineOne", "DisplayName": "Tech - Address Line 1", "Type": "String", @@ -608,10 +799,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-addressLineTwo", "DisplayName": "Tech - Address Line 2", "Type": "String", @@ -620,10 +811,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-city", "DisplayName": "Tech - City", "Type": "String", @@ -633,10 +824,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-country", "DisplayName": "Tech - Country", "Type": "String", @@ -646,10 +837,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-email", "DisplayName": "Tech - Email", "Type": "String", @@ -659,10 +850,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact. Must be an akamai.com email address." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-firstName", "DisplayName": "Tech - First Name", "Type": "String", @@ -672,10 +863,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-lastName", "DisplayName": "Tech - Last Name", "Type": "String", @@ -685,10 +876,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-organizationName", "DisplayName": "Tech - Organization Name", "Type": "String", @@ -698,10 +889,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "Akamai", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-phone", "DisplayName": "Tech - Phone", "Type": "String", @@ -711,10 +902,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-postalCode", "DisplayName": "Tech - Postal Code", "Type": "String", @@ -724,10 +915,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-region", "DisplayName": "Tech - Region", "Type": "String", @@ -737,10 +928,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-title", "DisplayName": "Tech - Title", "Type": "String", @@ -750,7 +941,8 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." } ], "PasswordOptions": { @@ -764,7 +956,9 @@ "ServerRequired": false, "PowerShell": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" + "CustomAliasAllowed": "Forbidden", + "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.", + "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"." }, { "Name": "Azure Application Gateway Certificate Binding", @@ -1158,38 +1352,50 @@ "Name": "Bosch IP Camera", "ShortName": "BIPCamera", "Capability": "BIPCamera", - "LocalStore": false, + "PrivateKeyAllowed": "Optional", + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": true, + "CustomAliasAllowed": "Required", "SupportedOperations": { - "Add": true, + "Add": false, "Create": false, "Discovery": false, "Enrollment": true, - "Remove": true + "Remove": false + }, + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" }, "Properties": [ { "Name": "ServerUsername", "DisplayName": "Server Username", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "Enter the username of the configured \"service\" user on the camera" }, { "Name": "ServerPassword", "DisplayName": "Server Password", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "Enter the password of the configured \"service\" user on the camera" }, { "Name": "ServerUseSsl", "DisplayName": "Use SSL", "Type": "Bool", - "DependsOn": null, + "DependsOn": "", "DefaultValue": "true", - "Required": true + "Required": true, + "Description": "Select True or False depending on if SSL (HTTPS) should be used to communicate with the camera." } ], "EntryParameters": [ @@ -1203,7 +1409,8 @@ "OnRemove": false, "OnReenrollment": false }, - "Options": ",HTTPS,EAP-TLS-client,TLS-DATE-client" + "Options": ",HTTPS,EAP-TLS-client,TLS-DATE-client", + "Description": "The Certificate Usage to assign to the cert after upload. Can be left blank to be assigned later." }, { "Name": "Name", @@ -1214,7 +1421,8 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": true - } + }, + "Description": "The certificate Alias, entered again." }, { "Name": "Overwrite", @@ -1226,19 +1434,12 @@ "OnRemove": false, "OnReenrollment": false }, - "DefaultValue": "false" + "DefaultValue": "false", + "Description": "Select `True` if using an existing Alias name to remove and replace an existing certificate." } ], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": true, - "CustomAliasAllowed": "Required" + "ClientMachineDescription": "The IP address of the Camera. Sample is \"192.167.231.174:44444\". Include the port if necessary.", + "StorePathDescription": "Enter the Serial Number of the camera e.g. `068745431065110085`" }, { "Name": "CiscoAsa", @@ -1633,7 +1834,7 @@ "Capability": "F5-CA-REST", "ServerRequired": true, "ClientMachineDescription": "The server name or IP Address for the F5 device.", - "StorePathDescription": "Enter the name of the partition on the F5 device you wish to manage. This value is case sensitive, so if the partition name is \"Common\", it must be entered as \"Common\" and not \"common\",", + "StorePathDescription": "Enter the name of the partition followed by the name of the bundle separated by a / (i.e. Common/BundleName). This value is case sensitive, so if the partition name is \"Common/BundleName\", it must be entered as \"Common/BundleName\" and not \"common/bundlename\",", "SupportedOperations": { "Add": true, "Create": false, @@ -1802,6 +2003,15 @@ "Required": true, "Description": "Select this if you wish to stop the orchestrator from adding, replacing or renewing certificates on nodes that are inactive. If this is not selected, adding, replacing and renewing certificates on inactive nodes will be allowed. If you choose not to add this custom field, the default value of False will be assumed." }, + { + "Name": "RemoveChain", + "DisplayName": "Remove Chain on Add", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "False", + "Required": false, + "Description": "Optional setting. Set this to true if you would like to remove the certificate chain before adding or replacing a certificate on your F5 device." + }, { "Name": "IgnoreSSLWarning", "DisplayName": "Ignore SSL Warning", @@ -1818,7 +2028,7 @@ "DependsOn": "", "DefaultValue": "false", "Required": true, - "Description": "Select this if you wish to use F5's token authentiation instead of basic authentication for all API requests. If you choose not to add this custom field, the default value of False will be assumed and basic authentication will be used for all API requests for all jobs. Setting this value to True will enable an initial basic authenticated request to acquire an authentication token, which will then be used for all subsequent API requests." + "Description": "Select this if you wish to use F5's token authentication instead of basic authentication for all API requests. If you choose not to add this custom field, the default value of False will be assumed and basic authentication will be used for all API requests for all jobs. Setting this value to True will enable an initial basic authenticated request to acquire an authentication token, which will then be used for all subsequent API requests." }, { "Name": "ServerUsername", @@ -2061,88 +2271,88 @@ "StorePathDescription": "This is not used in this integration, but is a required field in the UI. Just enter any value here" }, { - "Name": "Google Cloud Provider Apigee", - "ShortName": "GcpApigee", - "Capability": "GcpApigee", + "Name": "GCP Load Balancer", + "ShortName": "GCPLoadBal", + "Capability": "GCPLoadBal", "ServerRequired": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Required", + "CustomAliasAllowed": "Optional", "PowerShell": false, - "PrivateKeyAllowed": "Optional", + "PrivateKeyAllowed": "Required", "SupportedOperations": { "Add": true, - "Create": true, + "Create": false, "Discovery": false, "Enrollment": false, "Remove": true }, "PasswordOptions": { + "Style": "Default", "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" + "StoreRequired": false }, "Properties": [ { - "Name": "isTrustStore", - "DisplayName": "Is Trust Store?", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "false", + "Name": "jsonKey", + "DisplayName": "Service Account Key", "Required": true, "IsPAMEligible": false, - "Description": "Should be checked if the Apigee keystore being managed is a truststore." - }, - { - "Name": "jsonKey", - "DisplayName": "Google Json Key File", - "Type": "Secret", "DependsOn": "", + "Type": "Secret", "DefaultValue": "", - "Required": true, - "IsPAMEligible": false, - "Description": "The JSON key tied to the Apigee service account. You can copy and paste the entire Json key in the textbox when creating a certificate store in the Keyfactor Command UI." + "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value" } ], - "EntryParameters": [], - "ClientMachineDescription": "The Base URL for the GCP Apigee REST Api. Should be *apigee.googleapis.com*", - "StorePathDescription": "The Apigee keystore being managed. Must be provided in the following format: organizations/{org}/environments/{env}/keystores/{keystore}, where {org}, {env}, and {keystore} will be replaced with your environment-specific values." + "ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.", + "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).", + "EntryParameters": [] }, { - "Name": "GCP Load Balancer", - "ShortName": "GCPLoadBal", - "Capability": "GCPLoadBal", + "Name": "Google Cloud Provider Apigee", + "ShortName": "GcpApigee", + "Capability": "GcpApigee", "ServerRequired": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional", + "CustomAliasAllowed": "Required", "PowerShell": false, - "PrivateKeyAllowed": "Required", + "PrivateKeyAllowed": "Optional", "SupportedOperations": { "Add": true, - "Create": false, + "Create": true, "Discovery": false, "Enrollment": false, "Remove": true }, "PasswordOptions": { - "Style": "Default", "EntrySupported": false, - "StoreRequired": false + "StoreRequired": false, + "Style": "Default" }, "Properties": [ { - "Name": "jsonKey", - "DisplayName": "Service Account Key", + "Name": "isTrustStore", + "DisplayName": "Is Trust Store?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", "Required": true, "IsPAMEligible": false, - "DependsOn": "", + "Description": "Should be checked if the Apigee keystore being managed is a truststore." + }, + { + "Name": "jsonKey", + "DisplayName": "Google Json Key File", "Type": "Secret", + "DependsOn": "", "DefaultValue": "", - "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value" + "Required": true, + "IsPAMEligible": false, + "Description": "The JSON key tied to the Apigee service account. You can copy and paste the entire Json key in the textbox when creating a certificate store in the Keyfactor Command UI." } ], - "ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.", - "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).", - "EntryParameters": [] + "EntryParameters": [], + "ClientMachineDescription": "The Base URL for the GCP Apigee REST Api. Should be *apigee.googleapis.com*", + "StorePathDescription": "The Apigee keystore being managed. Must be provided in the following format: organizations/{org}/environments/{env}/keystores/{keystore}, where {org}, {env}, and {keystore} will be replaced with your environment-specific values." }, { "Name": "GCP Certificate Manager", @@ -2266,7 +2476,17 @@ "Name": "Hashicorp Vault Key-Value JKS", "ShortName": "HCVKVJKS", "Capability": "HCVKVJKS", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2276,16 +2496,29 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2294,42 +2527,31 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } + }, + { + "Name": "Hashicorp Vault Key-Value PKCS12", + "ShortName": "HCVKVP12", + "Capability": "HCVKVP12", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", + "LocalStore": false, "StorePathType": "", "StorePathValue": "", "PrivateKeyAllowed": "Optional", @@ -2337,13 +2559,7 @@ "ServerRequired": true, "PowerShell": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" - }, - { - "Name": "Hashicorp Vault Key-Value PKCS12", - "ShortName": "HCVKVP12", - "Capability": "HCVKVP12", - "LocalStore": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2353,74 +2569,68 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" }, { - "Name": "MountPoint", - "DisplayName": "Mount Point", - "Type": "String", + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", "DependsOn": "", "DefaultValue": "", - "Required": false + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", "Required": false }, { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault Key-Value PEM", "ShortName": "HCVKVPEM", "Capability": "HCVKVPEM", "LocalStore": false, + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path after mount point where the certificates will be stored.", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2429,9 +2639,30 @@ "Remove": true }, "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, { "Name": "SubfolderInventory", "DisplayName": "Subfolder Inventory", + "Description": "Should certificates found in sub-paths be included when performing an inventory?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2440,6 +2671,7 @@ { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2448,54 +2680,39 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault Key-Value PFX", "ShortName": "HCVKVPFX", "Capability": "HCVKVPFX", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2505,16 +2722,29 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2523,56 +2753,39 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault PKI", "ShortName": "HCVPKI", "Capability": "HCVPKI", "LocalStore": false, + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "For HCVPKI, this will be '/'", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "PrivateKeyAllowed": "Forbidden", + "CustomAliasAllowed": "Forbidden", + "StorePathType": "Fixed", + "StorePathValue": "/", "SupportedOperations": { "Add": false, "Create": false, @@ -2581,9 +2794,30 @@ "Remove": false }, "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: /", "Type": "String", "DependsOn": "", "DefaultValue": "", @@ -2594,14 +2828,12 @@ "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "HP iLO Cert Store", @@ -2681,9 +2913,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -2692,7 +2924,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -2710,7 +2942,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", @@ -4438,9 +4670,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -4449,7 +4681,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -4467,7 +4699,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", @@ -4552,9 +4784,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -4563,7 +4795,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -4581,7 +4813,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", diff --git a/store_types.json b/store_types.json index 927642e0..a9643216 100644 --- a/store_types.json +++ b/store_types.json @@ -260,6 +260,195 @@ "ClientMachineDescription": "This is the AWS Account ID that will be used for access. This will dictate what certificates are usable by the orchestrator. Note: this does not have any effect on EC2 inferred credentials, which are limited to a specific role/account.", "StorePathDescription": "The AWS Region, or a comma-separated list of multiple regions, the store will operate in." }, + { + "Name": "AWS Certificate Manager v3", + "ShortName": "AWS-ACM-v3", + "Capability": "AWS-ACM-v3", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": false, + "Discovery": false, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "UseDefaultSdkAuth", + "DisplayName": "Use Default SDK Auth", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use Default SDK credentials" + }, + { + "Name": "DefaultSdkAssumeRole", + "DisplayName": "Assume new Role using Default SDK Auth", + "Type": "Bool", + "DependsOn": "UseDefaultSdkAuth", + "DefaultValue": "false", + "Required": false, + "IsPAMEligible": false, + "Description": "A switch to enable the store to assume a new Role when using Default SDK credentials" + }, + { + "Name": "UseOAuth", + "DisplayName": "Use OAuth 2.0 Provider", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use an OAuth provider workflow to authenticate with AWS" + }, + { + "Name": "OAuthScope", + "DisplayName": "OAuth Scope", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": false, + "Description": "This is the OAuth Scope needed for Okta OAuth, defined in Okta" + }, + { + "Name": "OAuthGrantType", + "DisplayName": "OAuth Grant Type", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "client_credentials", + "Required": false, + "IsPAMEligible": false, + "Description": "In OAuth 2.0, the term 'grant type' refers to the way an application gets an access token. In Okta this is `client_credentials`" + }, + { + "Name": "OAuthUrl", + "DisplayName": "OAuth Url", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "https://***/oauth2/default/v1/token", + "Required": false, + "IsPAMEligible": false, + "Description": "An optional parameter sts:ExternalId to pass with Assume Role calls" + }, + { + "Name": "OAuthClientId", + "DisplayName": "OAuth Client ID", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The Client ID for OAuth." + }, + { + "Name": "OAuthClientSecret", + "DisplayName": "OAuth Client Secret", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The Client Secret for OAuth." + }, + { + "Name": "UseIAM", + "DisplayName": "Use IAM User Auth", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use IAM User auth to assume a role when authenticating with AWS" + }, + { + "Name": "IAMUserAccessKey", + "DisplayName": "IAM User Access Key", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The AWS Access Key for an IAM User" + }, + { + "Name": "IAMUserAccessSecret", + "DisplayName": "IAM User Access Secret", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The AWS Access Secret for an IAM User." + }, + { + "Name": "ExternalId", + "DisplayName": "sts:ExternalId", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": false, + "Description": "An optional parameter sts:ExternalId to pass with Assume Role calls" + } + ], + "EntryParameters": [ + { + "Name": "ACM Tags", + "DisplayName": "ACM Tags", + "Type": "String", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + }, + "Description": "The optional ACM tags that should be assigned to the certificate. Multiple name/value pairs may be entered in the format of `Name1=Value1,Name2=Value2,...,NameN=ValueN`" + } + ], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "PrivateKeyAllowed": "Required", + "ServerRequired": false, + "PowerShell": false, + "BlueprintAllowed": true, + "CustomAliasAllowed": "Optional", + "ClientMachineDescription": "This is a full AWS ARN specifying a Role. This is the Role that will be assumed in any Auth scenario performing Assume Role. This will dictate what certificates are usable by the orchestrator. A preceding [profile] name should be included if a Credential Profile is to be used in Default Sdk Auth.", + "StorePathDescription": "A single specified AWS Region the store will operate in. Additional regions should get their own store defined." + }, + { + "Name": "Airlock Application Firewall Certificate", + "ShortName": "AirlockWAF", + "Capability": "AirlockWAF", + "LocalStore": false, + "SupportedOperations": { + "Add": false, + "Create": false, + "Discovery": true, + "Enrollment": false, + "Remove": false + }, + "Properties": [], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": true, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Required", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Allowed" + }, { "Name": "Akamai Certificate Provisioning Service", "ShortName": "Akamai", @@ -274,36 +463,38 @@ }, "Properties": [ { - "StoreTypeId;omitempty": 0, "Name": "access_token", "DisplayName": "Access Token", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai access_token for authentication." }, { - "StoreTypeId;omitempty": 0, "Name": "client_token", "DisplayName": "Client Token", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai client_token for authentication." }, { - "StoreTypeId;omitempty": 0, "Name": "client_secret", "DisplayName": "Client Secret", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai client_secret for authentication." } ], "EntryParameters": [ { - "StoreTypeId;omitempty": 0, "Name": "EnrollmentId", "DisplayName": "Enrollment ID", "Type": "String", @@ -312,10 +503,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Enrollment ID of a certificate enrollment in Akamai. This should only be supplied for ODKG when replacing an existing certificate." }, { - "StoreTypeId;omitempty": 0, "Name": "ContractId", "DisplayName": "Contract ID", "Type": "String", @@ -325,10 +516,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "The Contract ID of your account in Akamai." }, { - "StoreTypeId;omitempty": 0, "Name": "Sans", "DisplayName": "SANs", "Type": "String", @@ -337,10 +528,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": true - } + }, + "Description": "SANs for the new certificate. If multiple are supplied, they should be split with an ampersand character '&'" }, { - "StoreTypeId;omitempty": 0, "Name": "admin-addressLineOne", "DisplayName": "Admin - Address Line 1", "Type": "String", @@ -350,10 +541,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-addressLineTwo", "DisplayName": "Admin - Address Line 2", "Type": "String", @@ -362,10 +553,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-city", "DisplayName": "Admin - City", "Type": "String", @@ -375,10 +566,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-country", "DisplayName": "Admin - Country", "Type": "String", @@ -388,10 +579,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-email", "DisplayName": "Admin - Email", "Type": "String", @@ -401,10 +592,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-firstName", "DisplayName": "Admin - First Name", "Type": "String", @@ -414,10 +605,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-lastName", "DisplayName": "Admin - Last Name", "Type": "String", @@ -427,10 +618,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-organizationName", "DisplayName": "Admin - Organization Name", "Type": "String", @@ -440,10 +631,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-phone", "DisplayName": "Admin - Phone", "Type": "String", @@ -453,10 +644,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-postalCode", "DisplayName": "Admin - Postal Code", "Type": "String", @@ -466,10 +657,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-region", "DisplayName": "Admin - Region", "Type": "String", @@ -479,10 +670,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-title", "DisplayName": "Admin - Title", "Type": "String", @@ -492,10 +683,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-addressLineOne", "DisplayName": "Org - Address Line 1", "Type": "String", @@ -505,10 +696,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-addressLineTwo", "DisplayName": "Org - Address Line 2", "Type": "String", @@ -517,10 +708,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-city", "DisplayName": "Org - City", "Type": "String", @@ -530,10 +721,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-country", "DisplayName": "Org - Country", "Type": "String", @@ -543,10 +734,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-organizationName", "DisplayName": "Org - Organization Name", "Type": "String", @@ -556,10 +747,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-phone", "DisplayName": "Org - Phone", "Type": "String", @@ -569,10 +760,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-postalCode", "DisplayName": "Org - Postal Code", "Type": "String", @@ -582,10 +773,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-region", "DisplayName": "Org - Region", "Type": "String", @@ -595,10 +786,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-addressLineOne", "DisplayName": "Tech - Address Line 1", "Type": "String", @@ -608,10 +799,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-addressLineTwo", "DisplayName": "Tech - Address Line 2", "Type": "String", @@ -620,10 +811,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-city", "DisplayName": "Tech - City", "Type": "String", @@ -633,10 +824,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-country", "DisplayName": "Tech - Country", "Type": "String", @@ -646,10 +837,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-email", "DisplayName": "Tech - Email", "Type": "String", @@ -659,10 +850,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact. Must be an akamai.com email address." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-firstName", "DisplayName": "Tech - First Name", "Type": "String", @@ -672,10 +863,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-lastName", "DisplayName": "Tech - Last Name", "Type": "String", @@ -685,10 +876,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-organizationName", "DisplayName": "Tech - Organization Name", "Type": "String", @@ -698,10 +889,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "Akamai", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-phone", "DisplayName": "Tech - Phone", "Type": "String", @@ -711,10 +902,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-postalCode", "DisplayName": "Tech - Postal Code", "Type": "String", @@ -724,10 +915,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-region", "DisplayName": "Tech - Region", "Type": "String", @@ -737,10 +928,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-title", "DisplayName": "Tech - Title", "Type": "String", @@ -750,7 +941,8 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." } ], "PasswordOptions": { @@ -764,7 +956,9 @@ "ServerRequired": false, "PowerShell": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" + "CustomAliasAllowed": "Forbidden", + "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.", + "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"." }, { "Name": "Azure Application Gateway Certificate Binding", @@ -1158,38 +1352,50 @@ "Name": "Bosch IP Camera", "ShortName": "BIPCamera", "Capability": "BIPCamera", - "LocalStore": false, + "PrivateKeyAllowed": "Optional", + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": true, + "CustomAliasAllowed": "Required", "SupportedOperations": { - "Add": true, + "Add": false, "Create": false, "Discovery": false, "Enrollment": true, - "Remove": true + "Remove": false + }, + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" }, "Properties": [ { "Name": "ServerUsername", "DisplayName": "Server Username", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "Enter the username of the configured \"service\" user on the camera" }, { "Name": "ServerPassword", "DisplayName": "Server Password", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "Enter the password of the configured \"service\" user on the camera" }, { "Name": "ServerUseSsl", "DisplayName": "Use SSL", "Type": "Bool", - "DependsOn": null, + "DependsOn": "", "DefaultValue": "true", - "Required": true + "Required": true, + "Description": "Select True or False depending on if SSL (HTTPS) should be used to communicate with the camera." } ], "EntryParameters": [ @@ -1203,7 +1409,8 @@ "OnRemove": false, "OnReenrollment": false }, - "Options": ",HTTPS,EAP-TLS-client,TLS-DATE-client" + "Options": ",HTTPS,EAP-TLS-client,TLS-DATE-client", + "Description": "The Certificate Usage to assign to the cert after upload. Can be left blank to be assigned later." }, { "Name": "Name", @@ -1214,7 +1421,8 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": true - } + }, + "Description": "The certificate Alias, entered again." }, { "Name": "Overwrite", @@ -1226,19 +1434,12 @@ "OnRemove": false, "OnReenrollment": false }, - "DefaultValue": "false" + "DefaultValue": "false", + "Description": "Select `True` if using an existing Alias name to remove and replace an existing certificate." } ], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": true, - "CustomAliasAllowed": "Required" + "ClientMachineDescription": "The IP address of the Camera. Sample is \"192.167.231.174:44444\". Include the port if necessary.", + "StorePathDescription": "Enter the Serial Number of the camera e.g. `068745431065110085`" }, { "Name": "CiscoAsa", @@ -1633,7 +1834,7 @@ "Capability": "F5-CA-REST", "ServerRequired": true, "ClientMachineDescription": "The server name or IP Address for the F5 device.", - "StorePathDescription": "Enter the name of the partition on the F5 device you wish to manage. This value is case sensitive, so if the partition name is \"Common\", it must be entered as \"Common\" and not \"common\",", + "StorePathDescription": "Enter the name of the partition followed by the name of the bundle separated by a / (i.e. Common/BundleName). This value is case sensitive, so if the partition name is \"Common/BundleName\", it must be entered as \"Common/BundleName\" and not \"common/bundlename\",", "SupportedOperations": { "Add": true, "Create": false, @@ -1802,6 +2003,15 @@ "Required": true, "Description": "Select this if you wish to stop the orchestrator from adding, replacing or renewing certificates on nodes that are inactive. If this is not selected, adding, replacing and renewing certificates on inactive nodes will be allowed. If you choose not to add this custom field, the default value of False will be assumed." }, + { + "Name": "RemoveChain", + "DisplayName": "Remove Chain on Add", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "False", + "Required": false, + "Description": "Optional setting. Set this to true if you would like to remove the certificate chain before adding or replacing a certificate on your F5 device." + }, { "Name": "IgnoreSSLWarning", "DisplayName": "Ignore SSL Warning", @@ -1818,7 +2028,7 @@ "DependsOn": "", "DefaultValue": "false", "Required": true, - "Description": "Select this if you wish to use F5's token authentiation instead of basic authentication for all API requests. If you choose not to add this custom field, the default value of False will be assumed and basic authentication will be used for all API requests for all jobs. Setting this value to True will enable an initial basic authenticated request to acquire an authentication token, which will then be used for all subsequent API requests." + "Description": "Select this if you wish to use F5's token authentication instead of basic authentication for all API requests. If you choose not to add this custom field, the default value of False will be assumed and basic authentication will be used for all API requests for all jobs. Setting this value to True will enable an initial basic authenticated request to acquire an authentication token, which will then be used for all subsequent API requests." }, { "Name": "ServerUsername", @@ -2061,88 +2271,88 @@ "StorePathDescription": "This is not used in this integration, but is a required field in the UI. Just enter any value here" }, { - "Name": "Google Cloud Provider Apigee", - "ShortName": "GcpApigee", - "Capability": "GcpApigee", + "Name": "GCP Load Balancer", + "ShortName": "GCPLoadBal", + "Capability": "GCPLoadBal", "ServerRequired": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Required", + "CustomAliasAllowed": "Optional", "PowerShell": false, - "PrivateKeyAllowed": "Optional", + "PrivateKeyAllowed": "Required", "SupportedOperations": { "Add": true, - "Create": true, + "Create": false, "Discovery": false, "Enrollment": false, "Remove": true }, "PasswordOptions": { + "Style": "Default", "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" + "StoreRequired": false }, "Properties": [ { - "Name": "isTrustStore", - "DisplayName": "Is Trust Store?", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "false", + "Name": "jsonKey", + "DisplayName": "Service Account Key", "Required": true, "IsPAMEligible": false, - "Description": "Should be checked if the Apigee keystore being managed is a truststore." - }, - { - "Name": "jsonKey", - "DisplayName": "Google Json Key File", - "Type": "Secret", "DependsOn": "", + "Type": "Secret", "DefaultValue": "", - "Required": true, - "IsPAMEligible": false, - "Description": "The JSON key tied to the Apigee service account. You can copy and paste the entire Json key in the textbox when creating a certificate store in the Keyfactor Command UI." + "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value" } ], - "EntryParameters": [], - "ClientMachineDescription": "The Base URL for the GCP Apigee REST Api. Should be *apigee.googleapis.com*", - "StorePathDescription": "The Apigee keystore being managed. Must be provided in the following format: organizations/{org}/environments/{env}/keystores/{keystore}, where {org}, {env}, and {keystore} will be replaced with your environment-specific values." + "ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.", + "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).", + "EntryParameters": [] }, { - "Name": "GCP Load Balancer", - "ShortName": "GCPLoadBal", - "Capability": "GCPLoadBal", + "Name": "Google Cloud Provider Apigee", + "ShortName": "GcpApigee", + "Capability": "GcpApigee", "ServerRequired": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional", + "CustomAliasAllowed": "Required", "PowerShell": false, - "PrivateKeyAllowed": "Required", + "PrivateKeyAllowed": "Optional", "SupportedOperations": { "Add": true, - "Create": false, + "Create": true, "Discovery": false, "Enrollment": false, "Remove": true }, "PasswordOptions": { - "Style": "Default", "EntrySupported": false, - "StoreRequired": false + "StoreRequired": false, + "Style": "Default" }, "Properties": [ { - "Name": "jsonKey", - "DisplayName": "Service Account Key", + "Name": "isTrustStore", + "DisplayName": "Is Trust Store?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", "Required": true, "IsPAMEligible": false, - "DependsOn": "", + "Description": "Should be checked if the Apigee keystore being managed is a truststore." + }, + { + "Name": "jsonKey", + "DisplayName": "Google Json Key File", "Type": "Secret", + "DependsOn": "", "DefaultValue": "", - "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value" + "Required": true, + "IsPAMEligible": false, + "Description": "The JSON key tied to the Apigee service account. You can copy and paste the entire Json key in the textbox when creating a certificate store in the Keyfactor Command UI." } ], - "ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.", - "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).", - "EntryParameters": [] + "EntryParameters": [], + "ClientMachineDescription": "The Base URL for the GCP Apigee REST Api. Should be *apigee.googleapis.com*", + "StorePathDescription": "The Apigee keystore being managed. Must be provided in the following format: organizations/{org}/environments/{env}/keystores/{keystore}, where {org}, {env}, and {keystore} will be replaced with your environment-specific values." }, { "Name": "GCP Certificate Manager", @@ -2266,7 +2476,17 @@ "Name": "Hashicorp Vault Key-Value JKS", "ShortName": "HCVKVJKS", "Capability": "HCVKVJKS", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2276,16 +2496,29 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2294,42 +2527,31 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } + }, + { + "Name": "Hashicorp Vault Key-Value PKCS12", + "ShortName": "HCVKVP12", + "Capability": "HCVKVP12", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", + "LocalStore": false, "StorePathType": "", "StorePathValue": "", "PrivateKeyAllowed": "Optional", @@ -2337,13 +2559,7 @@ "ServerRequired": true, "PowerShell": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" - }, - { - "Name": "Hashicorp Vault Key-Value PKCS12", - "ShortName": "HCVKVP12", - "Capability": "HCVKVP12", - "LocalStore": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2353,74 +2569,68 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" }, { - "Name": "MountPoint", - "DisplayName": "Mount Point", - "Type": "String", + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", "DependsOn": "", "DefaultValue": "", - "Required": false + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", "Required": false }, { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault Key-Value PEM", "ShortName": "HCVKVPEM", "Capability": "HCVKVPEM", "LocalStore": false, + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path after mount point where the certificates will be stored.", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2429,9 +2639,30 @@ "Remove": true }, "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, { "Name": "SubfolderInventory", "DisplayName": "Subfolder Inventory", + "Description": "Should certificates found in sub-paths be included when performing an inventory?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2440,6 +2671,7 @@ { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2448,54 +2680,39 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault Key-Value PFX", "ShortName": "HCVKVPFX", "Capability": "HCVKVPFX", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2505,16 +2722,29 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2523,56 +2753,39 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault PKI", "ShortName": "HCVPKI", "Capability": "HCVPKI", "LocalStore": false, + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "For HCVPKI, this will be '/'", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "PrivateKeyAllowed": "Forbidden", + "CustomAliasAllowed": "Forbidden", + "StorePathType": "Fixed", + "StorePathValue": "/", "SupportedOperations": { "Add": false, "Create": false, @@ -2581,9 +2794,30 @@ "Remove": false }, "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: /", "Type": "String", "DependsOn": "", "DefaultValue": "", @@ -2594,14 +2828,12 @@ "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "HP iLO Cert Store", @@ -2681,9 +2913,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -2692,7 +2924,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -2710,7 +2942,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", @@ -4438,9 +4670,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -4449,7 +4681,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -4467,7 +4699,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", @@ -4552,9 +4784,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -4563,7 +4795,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -4581,7 +4813,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", From b3b77a891d859e1f44705e51c46f30c5776a9f10 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:23:38 -0700 Subject: [PATCH 04/12] chore(ci): Bump `actions/upload-artifact` to `v4` due to deprecation of `v3` Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- .github/workflows/update-stores.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-stores.yml b/.github/workflows/update-stores.yml index 0e42dfc6..63d38343 100644 --- a/.github/workflows/update-stores.yml +++ b/.github/workflows/update-stores.yml @@ -108,7 +108,7 @@ jobs: - name: Save Store Types JSON Artifact if: success() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: store-types path: | @@ -117,14 +117,14 @@ jobs: - name: Save Invalid Store Types JSON Artifact if: success() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: invalid-repos path: ./tools/store-type-merge/invalid_repos.json - name: Save logs directory if: success() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: logs path: ./tools/store-type-merge/log From 0f7c61718f087fde721e77a5100ae999953eb3b9 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:24:21 -0700 Subject: [PATCH 05/12] fix(cli): Don't log initial, silent `store-type` definition fetch. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- cmd/helpers.go | 5 ++++- cmd/storeTypes.go | 5 +++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/cmd/helpers.go b/cmd/helpers.go index b5086c70..7fcbf1bb 100644 --- a/cmd/helpers.go +++ b/cmd/helpers.go @@ -186,7 +186,10 @@ func informDebug(debugFlag bool) { if debugModeEnabled { //zerolog.SetGlobalLevel(zerolog.InfoLevel) zerolog.SetGlobalLevel(zerolog.DebugLevel) + return } + // Else no logs should be emitted + zerolog.SetGlobalLevel(zerolog.ErrorLevel) } func initLogger() { @@ -359,7 +362,7 @@ func outputResult(result interface{}, format string) { fmt.Println(fmt.Sprintf("%s", result)) } log.Debug(). - Interface("result", result). + Str("result", fmt.Sprintf("%s", result)). Str("format", format). Msg(fmt.Sprintf("%s outputResult", DebugFuncExit)) } diff --git a/cmd/storeTypes.go b/cmd/storeTypes.go index ca2be2b7..bc681e89 100644 --- a/cmd/storeTypes.go +++ b/cmd/storeTypes.go @@ -636,10 +636,11 @@ func readStoreTypesConfig(fp, gitRef string, gitRepo string, offline bool) (map[ } func init() { - offline = true // temporarily set to true as it runs before the flag is set - debugFlag = false // temporarily set to false as it runs before the flag is set + offline = true // temporarily set to true as it runs before the flag is set var gitRef string var gitRepo string + + informDebug(false) // Do not output debug information for initial setup of store-types command validTypesString := strings.Join(getValidStoreTypes("", DefaultGitRef, DefaultGitRepo), ", ") offline = false //revert this so that flag is not set to true by default RootCmd.AddCommand(storeTypesCmd) From f9e94789c06dbb6481e64a56cfb7d6b6b41f4113 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:45:51 -0700 Subject: [PATCH 06/12] chore(deps): Bump all deps to latest. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- go.mod | 20 ++++++++++---------- go.sum | 37 ++++++++++++++++++++----------------- 2 files changed, 30 insertions(+), 27 deletions(-) diff --git a/go.mod b/go.mod index a424d59f..6fe0c92f 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ toolchain go1.24.3 require ( github.com/AlecAivazis/survey/v2 v2.3.7 - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 github.com/Jeffail/gabs v1.4.0 github.com/Keyfactor/keyfactor-auth-client-go v1.3.0 @@ -22,21 +22,21 @@ require ( github.com/spf13/cobra v1.9.1 github.com/spf13/pflag v1.0.6 github.com/stretchr/testify v1.10.0 - golang.org/x/crypto v0.39.0 - golang.org/x/term v0.32.0 + golang.org/x/crypto v0.40.0 + golang.org/x/term v0.33.0 gopkg.in/yaml.v3 v3.0.1 //github.com/google/go-cmp/cmp v0.5.9 ) require ( github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.18.0 // indirect - github.com/golang-jwt/jwt/v5 v5.2.2 // indirect + github.com/golang-jwt/jwt/v5 v5.2.3 // indirect github.com/hashicorp/go-hclog v1.6.3 // indirect github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect @@ -50,9 +50,9 @@ require ( github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/spbsoluble/go-pkcs12 v0.3.3 // indirect go.mozilla.org/pkcs7 v0.9.0 // indirect - golang.org/x/net v0.41.0 // indirect + golang.org/x/net v0.42.0 // indirect golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sys v0.33.0 // indirect - golang.org/x/text v0.26.0 // indirect + golang.org/x/sys v0.34.0 // indirect + golang.org/x/text v0.27.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect ) diff --git a/go.sum b/go.sum index ea69bb40..f2cd2bd0 100644 --- a/go.sum +++ b/go.sum @@ -2,16 +2,18 @@ github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkk github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1 h1:Wc1ml6QlJs2BHQ/9Bqu1jiyggbsSjramq2oUmp5WeIo= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 h1:B+blDbyVIG3WaikNxPnhPiJ1MThR03b3vKGtER95TP4= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4= github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY= github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8= github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4= github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1 h1:mrkDCdkMsD4l9wjFGhofFHFrV43Y3c53RSLKOCJ5+Ow= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1/go.mod h1:hPv41DbqMmnxcGralanA/kVlfdH5jv3T4LxGku2E1BY= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 h1:bFWuoEKg+gImo7pvkiQEFAc8ocibADgXeiLAxWhWmkI= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1/go.mod h1:Vih/3yc6yac2JzU4hzpaDupBJP0Flaia9rXXrU8xyww= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0 h1:/g8S6wk65vfC6m3FIxJ+i5QDyN9JWwXI8Hb0Img10hU= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0/go.mod h1:gpl+q95AzZlKVI3xSoseF9QPrypk0hQqBiJYeB/cR/I= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 h1:nCYfgcSyHZXJI8J0IWE5MsCGlb2xp9fJiXyxWgmOFg4= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0/go.mod h1:ucUjca2JtSZboY8IoUqyQyuuXvwbMBVwFOm0vdQPNhA= github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM= github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE= github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 h1:oygO0locgZJe7PpYPXT5A29ZkwJaPqcva7BVeemZOZs= @@ -29,8 +31,9 @@ github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDe github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/cpuguy83/go-md2man/v2 v2.0.6 h1:XJtiaUW6dEEqVuZiMTn1ldk455QWwEIsMIJlo5vtkx0= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= +github.com/cpuguy83/go-md2man/v2 v2.0.7 h1:zbFlGlXEAKlwXpmvle3d8Oe3YnkKIK4xSRTd3sHPnBo= +github.com/cpuguy83/go-md2man/v2 v2.0.7/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s= github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE= @@ -43,8 +46,8 @@ github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYF github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= -github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.2.3 h1:kkGXqQOBSDDWRhWNXTFpqGSCMyh/PLnqUvMGJPDJDs0= +github.com/golang-jwt/jwt/v5 v5.2.3/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -118,14 +121,14 @@ go.mozilla.org/pkcs7 v0.9.0 h1:yM4/HS9dYv7ri2biPtxt8ikvB37a980dg69/pKmS+eI= go.mozilla.org/pkcs7 v0.9.0/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM= -golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U= +golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM= +golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw= -golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA= +golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs= +golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8= golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -145,18 +148,18 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= -golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA= +golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= -golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= +golang.org/x/term v0.33.0 h1:NuFncQrRcaRvVmgRkvM3j/F00gWIAlcmlB8ACEKmGIg= +golang.org/x/term v0.33.0/go.mod h1:s18+ql9tYWp1IfpV9DmCtQDDSRBUjKaw9M1eAv5UeF0= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M= -golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA= +golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4= +golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= From 3424a73139ea9f3920f3fc50fc7ded977657c669 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:46:13 -0700 Subject: [PATCH 07/12] fix(cli): Silence logging if `--debug` isn't passed. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- cmd/helpers.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/helpers.go b/cmd/helpers.go index 7fcbf1bb..e82dc5bc 100644 --- a/cmd/helpers.go +++ b/cmd/helpers.go @@ -189,7 +189,7 @@ func informDebug(debugFlag bool) { return } // Else no logs should be emitted - zerolog.SetGlobalLevel(zerolog.ErrorLevel) + zerolog.SetGlobalLevel(zerolog.Disabled) } func initLogger() { From 14d6b946012fe6443d1ae6af2c9056d9ca122c0f Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:46:29 -0700 Subject: [PATCH 08/12] chore(docs): Update CHANGELOG.md Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- CHANGELOG.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ee9b56e6..6ab7ec48 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,19 @@ +# v1.8.1 + +## Fixes + +### CLI + +- Silence logging of initial `store-type` fetch +- `store-types`: Update internal definitions to latest from Keyfactor GitHub repos. +- `version` update internal version to `1.8.1` + +### Chores + +- `docs`: Add `migration` auto docs +- `docs`: Refresh auto docs +- `deps`: Update all deps to latest versions + # v1.8.0 ## Features From 1b40d8382e514d7546f927afbffb46d95c537a7c Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 31 Jul 2025 07:16:41 -0700 Subject: [PATCH 09/12] chore(pkg): Bump internal version to 1.8.2 Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- pkg/version/version.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/version/version.go b/pkg/version/version.go index 3ad2feba..df4df051 100644 --- a/pkg/version/version.go +++ b/pkg/version/version.go @@ -15,7 +15,7 @@ package version var ( - VERSION = "1.8.1" - BUILD_DATE = "2025-05-20" + VERSION = "1.8.2" + BUILD_DATE = "2025-07-31" COMMIT = "HEAD" ) From 44d984d8045f83e88afd549eee8987fbc18cf37d Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 31 Jul 2025 07:39:45 -0700 Subject: [PATCH 10/12] chore(docs): Regenerate auto docs Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- docs/kfutil.md | 2 +- docs/kfutil_completion.md | 2 +- docs/kfutil_completion_bash.md | 2 +- docs/kfutil_completion_fish.md | 2 +- docs/kfutil_completion_powershell.md | 2 +- docs/kfutil_completion_zsh.md | 2 +- docs/kfutil_containers.md | 2 +- docs/kfutil_containers_get.md | 2 +- docs/kfutil_containers_list.md | 2 +- docs/kfutil_export.md | 2 +- docs/kfutil_helm.md | 2 +- docs/kfutil_helm_uo.md | 2 +- docs/kfutil_import.md | 2 +- docs/kfutil_login.md | 2 +- docs/kfutil_logout.md | 2 +- docs/kfutil_migrate.md | 2 +- docs/kfutil_migrate_check.md | 2 +- docs/kfutil_migrate_pam.md | 2 +- docs/kfutil_orchs.md | 2 +- docs/kfutil_orchs_approve.md | 2 +- docs/kfutil_orchs_disapprove.md | 2 +- docs/kfutil_orchs_ext.md | 2 +- docs/kfutil_orchs_get.md | 2 +- docs/kfutil_orchs_list.md | 2 +- docs/kfutil_orchs_logs.md | 2 +- docs/kfutil_orchs_reset.md | 2 +- docs/kfutil_pam.md | 2 +- docs/kfutil_pam_create.md | 2 +- docs/kfutil_pam_delete.md | 2 +- docs/kfutil_pam_get.md | 2 +- docs/kfutil_pam_list.md | 2 +- docs/kfutil_pam_types-create.md | 2 +- docs/kfutil_pam_types-list.md | 2 +- docs/kfutil_pam_update.md | 2 +- docs/kfutil_status.md | 2 +- docs/kfutil_store-types.md | 2 +- docs/kfutil_store-types_create.md | 4 ++-- docs/kfutil_store-types_delete.md | 2 +- docs/kfutil_store-types_get.md | 2 +- docs/kfutil_store-types_list.md | 2 +- docs/kfutil_store-types_templates-fetch.md | 2 +- docs/kfutil_stores.md | 2 +- docs/kfutil_stores_delete.md | 2 +- docs/kfutil_stores_export.md | 2 +- docs/kfutil_stores_get.md | 2 +- docs/kfutil_stores_import.md | 2 +- docs/kfutil_stores_import_csv.md | 2 +- docs/kfutil_stores_import_generate-template.md | 2 +- docs/kfutil_stores_inventory.md | 2 +- docs/kfutil_stores_inventory_add.md | 2 +- docs/kfutil_stores_inventory_remove.md | 2 +- docs/kfutil_stores_inventory_show.md | 2 +- docs/kfutil_stores_list.md | 2 +- docs/kfutil_stores_rot.md | 2 +- docs/kfutil_stores_rot_audit.md | 2 +- docs/kfutil_stores_rot_generate-template.md | 2 +- docs/kfutil_stores_rot_reconcile.md | 2 +- docs/kfutil_version.md | 2 +- 58 files changed, 59 insertions(+), 59 deletions(-) diff --git a/docs/kfutil.md b/docs/kfutil.md index 4a612594..c85b77f4 100644 --- a/docs/kfutil.md +++ b/docs/kfutil.md @@ -47,4 +47,4 @@ A CLI wrapper around the Keyfactor Platform API. * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. * [kfutil version](kfutil_version.md) - Shows version of kfutil -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion.md b/docs/kfutil_completion.md index a9ba81fe..af775cff 100644 --- a/docs/kfutil_completion.md +++ b/docs/kfutil_completion.md @@ -45,4 +45,4 @@ See each sub-command's help for details on how to use the generated script. * [kfutil completion powershell](kfutil_completion_powershell.md) - Generate the autocompletion script for powershell * [kfutil completion zsh](kfutil_completion_zsh.md) - Generate the autocompletion script for zsh -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion_bash.md b/docs/kfutil_completion_bash.md index 95da43b2..29aacba5 100644 --- a/docs/kfutil_completion_bash.md +++ b/docs/kfutil_completion_bash.md @@ -64,4 +64,4 @@ kfutil completion bash * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion_fish.md b/docs/kfutil_completion_fish.md index 17b37cee..64c8ffe2 100644 --- a/docs/kfutil_completion_fish.md +++ b/docs/kfutil_completion_fish.md @@ -55,4 +55,4 @@ kfutil completion fish [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion_powershell.md b/docs/kfutil_completion_powershell.md index 168732f6..1929002f 100644 --- a/docs/kfutil_completion_powershell.md +++ b/docs/kfutil_completion_powershell.md @@ -52,4 +52,4 @@ kfutil completion powershell [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion_zsh.md b/docs/kfutil_completion_zsh.md index df997d49..3724a415 100644 --- a/docs/kfutil_completion_zsh.md +++ b/docs/kfutil_completion_zsh.md @@ -66,4 +66,4 @@ kfutil completion zsh [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_containers.md b/docs/kfutil_containers.md index a18a8c36..267194a2 100644 --- a/docs/kfutil_containers.md +++ b/docs/kfutil_containers.md @@ -41,4 +41,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil containers get](kfutil_containers_get.md) - Get certificate store container by ID or name. * [kfutil containers list](kfutil_containers_list.md) - List certificate store containers. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_containers_get.md b/docs/kfutil_containers_get.md index a19027a1..917e25fb 100644 --- a/docs/kfutil_containers_get.md +++ b/docs/kfutil_containers_get.md @@ -44,4 +44,4 @@ kfutil containers get [flags] * [kfutil containers](kfutil_containers.md) - Keyfactor certificate store container API and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_containers_list.md b/docs/kfutil_containers_list.md index 62f17be5..d376d98c 100644 --- a/docs/kfutil_containers_list.md +++ b/docs/kfutil_containers_list.md @@ -43,4 +43,4 @@ kfutil containers list [flags] * [kfutil containers](kfutil_containers.md) - Keyfactor certificate store container API and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_export.md b/docs/kfutil_export.md index 649f5f7a..7ba64e62 100644 --- a/docs/kfutil_export.md +++ b/docs/kfutil_export.md @@ -55,4 +55,4 @@ kfutil export [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_helm.md b/docs/kfutil_helm.md index a91ad691..f3a795e9 100644 --- a/docs/kfutil_helm.md +++ b/docs/kfutil_helm.md @@ -46,4 +46,4 @@ kubectl helm uo | helm install -f - keyfactor-universal-orchestrator keyfactor/k * [kfutil](kfutil.md) - Keyfactor CLI utilities * [kfutil helm uo](kfutil_helm_uo.md) - Configure the Keyfactor Universal Orchestrator Helm Chart -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_helm_uo.md b/docs/kfutil_helm_uo.md index 581a1afa..7c12c984 100644 --- a/docs/kfutil_helm_uo.md +++ b/docs/kfutil_helm_uo.md @@ -50,4 +50,4 @@ kfutil helm uo [-t ] [-o ] [-f ] [-e -e @,@ -o ./app/extension * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_orchs_get.md b/docs/kfutil_orchs_get.md index 97773770..e0f29aa2 100644 --- a/docs/kfutil_orchs_get.md +++ b/docs/kfutil_orchs_get.md @@ -44,4 +44,4 @@ kfutil orchs get [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_orchs_list.md b/docs/kfutil_orchs_list.md index bc02d7c5..6741c380 100644 --- a/docs/kfutil_orchs_list.md +++ b/docs/kfutil_orchs_list.md @@ -43,4 +43,4 @@ kfutil orchs list [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_orchs_logs.md b/docs/kfutil_orchs_logs.md index 0d535d44..a249edba 100644 --- a/docs/kfutil_orchs_logs.md +++ b/docs/kfutil_orchs_logs.md @@ -44,4 +44,4 @@ kfutil orchs logs [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_orchs_reset.md b/docs/kfutil_orchs_reset.md index af412682..dac473b8 100644 --- a/docs/kfutil_orchs_reset.md +++ b/docs/kfutil_orchs_reset.md @@ -44,4 +44,4 @@ kfutil orchs reset [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam.md b/docs/kfutil_pam.md index f5eddd02..0d3b4b54 100644 --- a/docs/kfutil_pam.md +++ b/docs/kfutil_pam.md @@ -48,4 +48,4 @@ programmatically create, delete, edit, and list PAM Providers. * [kfutil pam types-list](kfutil_pam_types-list.md) - Returns a list of all available PAM provider types. * [kfutil pam update](kfutil_pam_update.md) - Updates an existing PAM Provider, currently only supported from file. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_create.md b/docs/kfutil_pam_create.md index b0853ebe..00d732e8 100644 --- a/docs/kfutil_pam_create.md +++ b/docs/kfutil_pam_create.md @@ -44,4 +44,4 @@ kfutil pam create [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_delete.md b/docs/kfutil_pam_delete.md index 8d4b2673..adf3eb68 100644 --- a/docs/kfutil_pam_delete.md +++ b/docs/kfutil_pam_delete.md @@ -44,4 +44,4 @@ kfutil pam delete [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_get.md b/docs/kfutil_pam_get.md index 3823d677..72caee74 100644 --- a/docs/kfutil_pam_get.md +++ b/docs/kfutil_pam_get.md @@ -44,4 +44,4 @@ kfutil pam get [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_list.md b/docs/kfutil_pam_list.md index 7eacae98..cebb5483 100644 --- a/docs/kfutil_pam_list.md +++ b/docs/kfutil_pam_list.md @@ -43,4 +43,4 @@ kfutil pam list [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_types-create.md b/docs/kfutil_pam_types-create.md index eba0990f..694c808f 100644 --- a/docs/kfutil_pam_types-create.md +++ b/docs/kfutil_pam_types-create.md @@ -51,4 +51,4 @@ kfutil pam types-create [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_types-list.md b/docs/kfutil_pam_types-list.md index 0ccef4a7..1aa8b457 100644 --- a/docs/kfutil_pam_types-list.md +++ b/docs/kfutil_pam_types-list.md @@ -43,4 +43,4 @@ kfutil pam types-list [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_update.md b/docs/kfutil_pam_update.md index 8425624b..15078920 100644 --- a/docs/kfutil_pam_update.md +++ b/docs/kfutil_pam_update.md @@ -44,4 +44,4 @@ kfutil pam update [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_status.md b/docs/kfutil_status.md index 349c72fe..cc9ce3e6 100644 --- a/docs/kfutil_status.md +++ b/docs/kfutil_status.md @@ -43,4 +43,4 @@ kfutil status [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types.md b/docs/kfutil_store-types.md index 2197ba09..afcc8303 100644 --- a/docs/kfutil_store-types.md +++ b/docs/kfutil_store-types.md @@ -44,4 +44,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil store-types list](kfutil_store-types_list.md) - List certificate store types. * [kfutil store-types templates-fetch](kfutil_store-types_templates-fetch.md) - Fetches store type templates from Keyfactor's Github. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_create.md b/docs/kfutil_store-types_create.md index 5bf83030..f819391f 100644 --- a/docs/kfutil_store-types_create.md +++ b/docs/kfutil_store-types_create.md @@ -18,7 +18,7 @@ kfutil store-types create [flags] -b, --git-ref string The git branch or tag to reference when pulling store-types from the internet. (default "main") -h, --help help for create -l, --list List valid store types. - -n, --name string Short name of the certificate store type to get. Valid choices are: AKV, AWS-ACM, Akamai, AppGwBin, AzureApp, AzureApp2, AzureAppGw, AzureSP, AzureSP2, BIPCamera, CiscoAsa, CitrixAdc, DataPower, F5-BigIQ, F5-CA-REST, F5-SL-REST, F5-WS-REST, FortiWeb, Fortigate, GCPLoadBal, GcpApigee, GcpCertMgr, HCVKV, HCVKVJKS, HCVKVP12, HCVKVPEM, HCVKVPFX, HCVPKI, HPiLO, IISU, Imperva, K8SCert, K8SCluster, K8SJKS, K8SNS, K8SPKCS12, K8SSecret, K8STLSSecr, MOST, Nmap, PaloAlto, RFDER, RFJKS, RFKDB, RFORA, RFPEM, RFPkcs12, SAMPLETYPE, Signum, VMware-NSX, WinCerMgmt, WinCert, WinSql, f5WafCa, f5WafTls, iDRAC + -n, --name string Short name of the certificate store type to get. Valid choices are: AKV, AWS-ACM, AWS-ACM-v3, Akamai, AlteonLB, AppGwBin, AzureApp, AzureApp2, AzureAppGw, AzureSP, AzureSP2, BIPCamera, CiscoAsa, CitrixAdc, DataPower, F5-BigIQ, F5-CA-REST, F5-SL-REST, F5-WS-REST, FortiWeb, Fortigate, GCPLoadBal, GcpApigee, GcpCertMgr, HCVKV, HCVKVJKS, HCVKVP12, HCVKVPEM, HCVKVPFX, HCVPKI, HPiLO, IISU, Imperva, K8SCert, K8SCluster, K8SJKS, K8SNS, K8SPKCS12, K8SSecret, K8STLSSecr, Nmap, PaloAlto, RFDER, RFJKS, RFKDB, RFORA, RFPEM, RFPkcs12, SAMPLETYPE, Signum, VMware-NSX, WinCerMgmt, WinCert, WinSql, f5WafCa, f5WafTls, iDRAC -r, --repo string The repository to pull store-types definitions from. (default "kfutil") ``` @@ -49,4 +49,4 @@ kfutil store-types create [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_delete.md b/docs/kfutil_store-types_delete.md index e4ffcc56..f6455355 100644 --- a/docs/kfutil_store-types_delete.md +++ b/docs/kfutil_store-types_delete.md @@ -47,4 +47,4 @@ kfutil store-types delete [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_get.md b/docs/kfutil_store-types_get.md index df11d41b..02ffe4c0 100644 --- a/docs/kfutil_store-types_get.md +++ b/docs/kfutil_store-types_get.md @@ -48,4 +48,4 @@ kfutil store-types get [-i | -n ] [-b * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_list.md b/docs/kfutil_store-types_list.md index 8318adb9..325580e3 100644 --- a/docs/kfutil_store-types_list.md +++ b/docs/kfutil_store-types_list.md @@ -43,4 +43,4 @@ kfutil store-types list [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_templates-fetch.md b/docs/kfutil_store-types_templates-fetch.md index ad35f470..1dcbe1dc 100644 --- a/docs/kfutil_store-types_templates-fetch.md +++ b/docs/kfutil_store-types_templates-fetch.md @@ -45,4 +45,4 @@ kfutil store-types templates-fetch [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores.md b/docs/kfutil_stores.md index 4a2e0923..832522b3 100644 --- a/docs/kfutil_stores.md +++ b/docs/kfutil_stores.md @@ -47,4 +47,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil stores list](kfutil_stores_list.md) - List certificate stores. * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_delete.md b/docs/kfutil_stores_delete.md index 53cc5450..321e388d 100644 --- a/docs/kfutil_stores_delete.md +++ b/docs/kfutil_stores_delete.md @@ -46,4 +46,4 @@ kfutil stores delete [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_export.md b/docs/kfutil_stores_export.md index 2594ae08..72d577e6 100644 --- a/docs/kfutil_stores_export.md +++ b/docs/kfutil_stores_export.md @@ -47,4 +47,4 @@ kfutil stores export [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_get.md b/docs/kfutil_stores_get.md index 65bc985e..4f04e9c2 100644 --- a/docs/kfutil_stores_get.md +++ b/docs/kfutil_stores_get.md @@ -44,4 +44,4 @@ kfutil stores get [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_import.md b/docs/kfutil_stores_import.md index 1b7fb268..9f776df9 100644 --- a/docs/kfutil_stores_import.md +++ b/docs/kfutil_stores_import.md @@ -41,4 +41,4 @@ Tools for generating import templates and importing certificate stores * [kfutil stores import csv](kfutil_stores_import_csv.md) - Create certificate stores from CSV file. * [kfutil stores import generate-template](kfutil_stores_import_generate-template.md) - For generating a CSV template with headers for bulk store creation. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_import_csv.md b/docs/kfutil_stores_import_csv.md index c3cc5611..e6e8162f 100644 --- a/docs/kfutil_stores_import_csv.md +++ b/docs/kfutil_stores_import_csv.md @@ -94,4 +94,4 @@ kfutil stores import csv --file --store-type-id --store-t * [kfutil stores import](kfutil_stores_import.md) - Import a file with certificate store definitions and create them in Keyfactor Command. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_inventory.md b/docs/kfutil_stores_inventory.md index 8e1762ce..39ab51d0 100644 --- a/docs/kfutil_stores_inventory.md +++ b/docs/kfutil_stores_inventory.md @@ -42,4 +42,4 @@ Commands related to certificate store inventory management * [kfutil stores inventory remove](kfutil_stores_inventory_remove.md) - Removes a certificate from the certificate store inventory. * [kfutil stores inventory show](kfutil_stores_inventory_show.md) - Show the inventory of a certificate store. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_inventory_add.md b/docs/kfutil_stores_inventory_add.md index 3c343396..b72b6df0 100644 --- a/docs/kfutil_stores_inventory_add.md +++ b/docs/kfutil_stores_inventory_add.md @@ -57,4 +57,4 @@ kfutil stores inventory add [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_inventory_remove.md b/docs/kfutil_stores_inventory_remove.md index c3eb6b20..68153001 100644 --- a/docs/kfutil_stores_inventory_remove.md +++ b/docs/kfutil_stores_inventory_remove.md @@ -53,4 +53,4 @@ kfutil stores inventory remove [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_inventory_show.md b/docs/kfutil_stores_inventory_show.md index dd3d2324..4157d92e 100644 --- a/docs/kfutil_stores_inventory_show.md +++ b/docs/kfutil_stores_inventory_show.md @@ -47,4 +47,4 @@ kfutil stores inventory show [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_list.md b/docs/kfutil_stores_list.md index 1efab07e..113729a1 100644 --- a/docs/kfutil_stores_list.md +++ b/docs/kfutil_stores_list.md @@ -43,4 +43,4 @@ kfutil stores list [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_rot.md b/docs/kfutil_stores_rot.md index f5755934..2a10d822 100644 --- a/docs/kfutil_stores_rot.md +++ b/docs/kfutil_stores_rot.md @@ -54,4 +54,4 @@ kfutil stores rot reconcile --import-csv * [kfutil stores rot generate-template](kfutil_stores_rot_generate-template.md) - For generating Root Of Trust template(s) * [kfutil stores rot reconcile](kfutil_stores_rot_reconcile.md) - Reconcile either takes in or will generate an audit report and then add/remove certs as needed. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_rot_audit.md b/docs/kfutil_stores_rot_audit.md index 35456bb2..61216df3 100644 --- a/docs/kfutil_stores_rot_audit.md +++ b/docs/kfutil_stores_rot_audit.md @@ -51,4 +51,4 @@ kfutil stores rot audit [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_rot_generate-template.md b/docs/kfutil_stores_rot_generate-template.md index 80f831dc..716355b9 100644 --- a/docs/kfutil_stores_rot_generate-template.md +++ b/docs/kfutil_stores_rot_generate-template.md @@ -49,4 +49,4 @@ kfutil stores rot generate-template [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_rot_reconcile.md b/docs/kfutil_stores_rot_reconcile.md index 2cd73a42..c8ba7ac7 100644 --- a/docs/kfutil_stores_rot_reconcile.md +++ b/docs/kfutil_stores_rot_reconcile.md @@ -56,4 +56,4 @@ kfutil stores rot reconcile [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_version.md b/docs/kfutil_version.md index fb338e80..7357c58c 100644 --- a/docs/kfutil_version.md +++ b/docs/kfutil_version.md @@ -43,4 +43,4 @@ kfutil version [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 From 2f25d79e0fe869a44d52f0e31cab19d5b258996e Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 31 Jul 2025 07:40:06 -0700 Subject: [PATCH 11/12] chore(store-types): Update internal store-type definitions to latest. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- cmd/store_types.json | 160 ++++++++++++++++--------------------------- main.go | 16 ++--- store_types.json | 160 ++++++++++++++++--------------------------- 3 files changed, 123 insertions(+), 213 deletions(-) diff --git a/cmd/store_types.json b/cmd/store_types.json index a9643216..d79022a0 100644 --- a/cmd/store_types.json +++ b/cmd/store_types.json @@ -421,34 +421,6 @@ "ClientMachineDescription": "This is a full AWS ARN specifying a Role. This is the Role that will be assumed in any Auth scenario performing Assume Role. This will dictate what certificates are usable by the orchestrator. A preceding [profile] name should be included if a Credential Profile is to be used in Default Sdk Auth.", "StorePathDescription": "A single specified AWS Region the store will operate in. Additional regions should get their own store defined." }, - { - "Name": "Airlock Application Firewall Certificate", - "ShortName": "AirlockWAF", - "Capability": "AirlockWAF", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": true, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Required", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Allowed" - }, { "Name": "Akamai Certificate Provisioning Service", "ShortName": "Akamai", @@ -960,6 +932,46 @@ "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.", "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"." }, + { + "Name": "Alteon Load Balancer", + "ShortName": "AlteonLB", + "Capability": "AlteonLB", + "ClientMachineDescription": "The Alteon Load Balancer Server and port", + "StorePathDescription": "This value isn't used for this integration (other than to uniquely identify the cert store in certificate searches).", + "SupportedOperations": { + "Add": true, + "Remove": true, + "Enrollment": false, + "Discovery": false, + "Inventory": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "Description": "Alteon user ID with sufficient permissions to manage certs in the Alteon Load Balancer.", + "Required": true + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "Description": "Password associated with Alteon user ID entered above.", + "Required": true + } + ], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "PrivateKeyAllowed": "Optional", + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Optional" + }, { "Name": "Azure Application Gateway Certificate Binding", "ShortName": "AppGwBin", @@ -2060,7 +2072,23 @@ "Description": "True if using https to access the F5 device. False if using http." } ], - "EntryParameters": [] + "EntryParameters": [ + { + "Name": "SSLProfiles", + "DisplayName": "SSL Profiles", + "Type": "String", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + }, + "DependsOn": "", + "DefaultValue": "", + "Options": "", + "Description": "One to many comma delimited F5 SSL Profile names the certificate is bound to" + } + ] }, { "Name": "F5 WS Profiles REST", @@ -3571,51 +3599,6 @@ "BlueprintAllowed": false, "CustomAliasAllowed": "Forbidden" }, - { - "Name": "MyOrchestratorStoreType", - "ShortName": "MOST", - "Capability": "MOST", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [ - { - "Name": "CustomField1", - "DisplayName": "CustomField1", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "Name": "CustomField2", - "DisplayName": "CustomField2", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - }, { "Name": "Nmap Orchestrator", "ShortName": "Nmap", @@ -3696,7 +3679,7 @@ "DefaultValue": "", "Required": false, "IsPAMEligible": false, - "Description": "Device Group on Panorama that changes will be pushed to." + "Description": "A semicolon delimited list of Device Groups that Panorama will push changes to (i.e. 'Group 1', 'Group 1;Group 2', or 'Group 1; Group 2', etc.)." }, { "Name": "InventoryTrustedCerts", @@ -4472,33 +4455,6 @@ "ClientMachineDescription": "The Client Machine field should contain the DNS name or IP address of the remote orchestrated server for Linux orchestrated servers, formatted as a URL (protocol://dns-or-ip:port) for Windows orchestrated servers, or '1.1.1.1|LocalMachine' for local agents. Example: 'https://myserver.mydomain.com:5986' or '1.1.1.1|LocalMachine' for local access.", "StorePathDescription": "The Store Path field should contain the full path and file name, including file extension if applicable, beginning with a forward slash (/) for Linux orchestrated servers or a drive letter (i.e., c:\\folder\\path\\storename.p12) for Windows orchestrated servers. Example: '/folder/path/storename.p12' or 'c:\\folder\\path\\storename.p12'." }, - { - "Name": "SampleStoreType", - "ShortName": "SAMPLETYPE", - "Capability": "SAMPLETYPE", - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": false, - "Enrollment": false, - "Remove": false - }, - "Properties": [], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - }, { "Name": "Signum", "ShortName": "Signum", diff --git a/main.go b/main.go index 68cf1d61..15e0228b 100644 --- a/main.go +++ b/main.go @@ -16,21 +16,19 @@ package main import ( _ "embed" - "flag" - "os" "github.com/spf13/cobra/doc" "kfutil/cmd" ) func main() { - var docsFlag bool - flag.BoolVar(&docsFlag, "makedocs", false, "Create markdown docs.") - flag.Parse() - if docsFlag { - docs() - os.Exit(0) - } + //var docsFlag bool + //flag.BoolVar(&docsFlag, "makedocs", false, "Create markdown docs.") + //flag.Parse() + //if docsFlag { + // docs() + // os.Exit(0) + //} cmd.Execute() } diff --git a/store_types.json b/store_types.json index a9643216..d79022a0 100644 --- a/store_types.json +++ b/store_types.json @@ -421,34 +421,6 @@ "ClientMachineDescription": "This is a full AWS ARN specifying a Role. This is the Role that will be assumed in any Auth scenario performing Assume Role. This will dictate what certificates are usable by the orchestrator. A preceding [profile] name should be included if a Credential Profile is to be used in Default Sdk Auth.", "StorePathDescription": "A single specified AWS Region the store will operate in. Additional regions should get their own store defined." }, - { - "Name": "Airlock Application Firewall Certificate", - "ShortName": "AirlockWAF", - "Capability": "AirlockWAF", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": true, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Required", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Allowed" - }, { "Name": "Akamai Certificate Provisioning Service", "ShortName": "Akamai", @@ -960,6 +932,46 @@ "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.", "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"." }, + { + "Name": "Alteon Load Balancer", + "ShortName": "AlteonLB", + "Capability": "AlteonLB", + "ClientMachineDescription": "The Alteon Load Balancer Server and port", + "StorePathDescription": "This value isn't used for this integration (other than to uniquely identify the cert store in certificate searches).", + "SupportedOperations": { + "Add": true, + "Remove": true, + "Enrollment": false, + "Discovery": false, + "Inventory": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "Description": "Alteon user ID with sufficient permissions to manage certs in the Alteon Load Balancer.", + "Required": true + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "Description": "Password associated with Alteon user ID entered above.", + "Required": true + } + ], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "PrivateKeyAllowed": "Optional", + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Optional" + }, { "Name": "Azure Application Gateway Certificate Binding", "ShortName": "AppGwBin", @@ -2060,7 +2072,23 @@ "Description": "True if using https to access the F5 device. False if using http." } ], - "EntryParameters": [] + "EntryParameters": [ + { + "Name": "SSLProfiles", + "DisplayName": "SSL Profiles", + "Type": "String", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + }, + "DependsOn": "", + "DefaultValue": "", + "Options": "", + "Description": "One to many comma delimited F5 SSL Profile names the certificate is bound to" + } + ] }, { "Name": "F5 WS Profiles REST", @@ -3571,51 +3599,6 @@ "BlueprintAllowed": false, "CustomAliasAllowed": "Forbidden" }, - { - "Name": "MyOrchestratorStoreType", - "ShortName": "MOST", - "Capability": "MOST", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [ - { - "Name": "CustomField1", - "DisplayName": "CustomField1", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "Name": "CustomField2", - "DisplayName": "CustomField2", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - }, { "Name": "Nmap Orchestrator", "ShortName": "Nmap", @@ -3696,7 +3679,7 @@ "DefaultValue": "", "Required": false, "IsPAMEligible": false, - "Description": "Device Group on Panorama that changes will be pushed to." + "Description": "A semicolon delimited list of Device Groups that Panorama will push changes to (i.e. 'Group 1', 'Group 1;Group 2', or 'Group 1; Group 2', etc.)." }, { "Name": "InventoryTrustedCerts", @@ -4472,33 +4455,6 @@ "ClientMachineDescription": "The Client Machine field should contain the DNS name or IP address of the remote orchestrated server for Linux orchestrated servers, formatted as a URL (protocol://dns-or-ip:port) for Windows orchestrated servers, or '1.1.1.1|LocalMachine' for local agents. Example: 'https://myserver.mydomain.com:5986' or '1.1.1.1|LocalMachine' for local access.", "StorePathDescription": "The Store Path field should contain the full path and file name, including file extension if applicable, beginning with a forward slash (/) for Linux orchestrated servers or a drive letter (i.e., c:\\folder\\path\\storename.p12) for Windows orchestrated servers. Example: '/folder/path/storename.p12' or 'c:\\folder\\path\\storename.p12'." }, - { - "Name": "SampleStoreType", - "ShortName": "SAMPLETYPE", - "Capability": "SAMPLETYPE", - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": false, - "Enrollment": false, - "Remove": false - }, - "Properties": [], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - }, { "Name": "Signum", "ShortName": "Signum", From 9f1af71d014adbddb1651cfce7842e42d4b711e9 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 31 Jul 2025 07:57:23 -0700 Subject: [PATCH 12/12] chore(deps): Bump deps to latest. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 9 ++++----- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index e5ce8215..9e136826 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/joho/godotenv v1.5.1 github.com/rs/zerolog v1.34.0 github.com/spf13/cobra v1.9.1 - github.com/spf13/pflag v1.0.6 + github.com/spf13/pflag v1.0.7 github.com/stretchr/testify v1.10.0 golang.org/x/crypto v0.40.0 golang.org/x/term v0.33.0 @@ -29,7 +29,7 @@ require ( ) require ( - github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 // indirect github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect diff --git a/go.sum b/go.sum index 5807de57..0a9bcc8d 100644 --- a/go.sum +++ b/go.sum @@ -1,15 +1,13 @@ github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ= github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1 h1:Wc1ml6QlJs2BHQ/9Bqu1jiyggbsSjramq2oUmp5WeIo= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 h1:B+blDbyVIG3WaikNxPnhPiJ1MThR03b3vKGtER95TP4= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4= github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY= github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 h1:9iefClla7iYpfYWdzPCRDozdmndjTm8DXdpCzPajMgA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2/go.mod h1:XtLgD3ZD34DAaVIIAyG3objl5DynM3CQ/vMcbBNJZGI= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0 h1:/g8S6wk65vfC6m3FIxJ+i5QDyN9JWwXI8Hb0Img10hU= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0/go.mod h1:gpl+q95AzZlKVI3xSoseF9QPrypk0hQqBiJYeB/cR/I= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 h1:nCYfgcSyHZXJI8J0IWE5MsCGlb2xp9fJiXyxWgmOFg4= @@ -109,8 +107,9 @@ github.com/spbsoluble/go-pkcs12 v0.3.3 h1:3nh7IKn16RDpmrSMtOu1JvbB0XHYq1j+IsICdU github.com/spbsoluble/go-pkcs12 v0.3.3/go.mod h1:MAxKIUEIl/QVcua/I1L4Otyxl9UvLCCIktce2Tjz6Nw= github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.7 h1:vN6T9TfwStFPFM5XzjsvmzZkLuaLX+HS+0SeFLRgU6M= +github.com/spf13/pflag v1.0.7/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=