From 754a9886a820bf40d0b6f4d8f28c5190c1b782bf Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:00:27 -0700 Subject: [PATCH 01/12] chore(docs): Add `migrate` sub CLI auto docs. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- docs/kfutil.md | 3 +- docs/kfutil_completion.md | 2 +- docs/kfutil_completion_bash.md | 2 +- docs/kfutil_completion_fish.md | 2 +- docs/kfutil_completion_powershell.md | 2 +- docs/kfutil_completion_zsh.md | 2 +- docs/kfutil_containers.md | 2 +- docs/kfutil_containers_get.md | 2 +- docs/kfutil_containers_list.md | 2 +- docs/kfutil_export.md | 2 +- docs/kfutil_helm.md | 2 +- docs/kfutil_helm_uo.md | 2 +- docs/kfutil_import.md | 2 +- docs/kfutil_login.md | 2 +- docs/kfutil_logout.md | 2 +- docs/kfutil_migrate.md | 47 +++++++++++++++++ docs/kfutil_migrate_check.md | 48 ++++++++++++++++++ docs/kfutil_migrate_pam.md | 50 +++++++++++++++++++ docs/kfutil_orchs.md | 2 +- docs/kfutil_orchs_approve.md | 2 +- docs/kfutil_orchs_disapprove.md | 2 +- docs/kfutil_orchs_ext.md | 2 +- docs/kfutil_orchs_get.md | 2 +- docs/kfutil_orchs_list.md | 2 +- docs/kfutil_orchs_logs.md | 2 +- docs/kfutil_orchs_reset.md | 2 +- docs/kfutil_pam.md | 2 +- docs/kfutil_pam_create.md | 2 +- docs/kfutil_pam_delete.md | 2 +- docs/kfutil_pam_get.md | 2 +- docs/kfutil_pam_list.md | 2 +- docs/kfutil_pam_types-create.md | 2 +- docs/kfutil_pam_types-list.md | 2 +- docs/kfutil_pam_update.md | 2 +- docs/kfutil_status.md | 2 +- docs/kfutil_store-types.md | 2 +- docs/kfutil_store-types_create.md | 4 +- docs/kfutil_store-types_delete.md | 2 +- docs/kfutil_store-types_get.md | 2 +- docs/kfutil_store-types_list.md | 2 +- docs/kfutil_store-types_templates-fetch.md | 2 +- docs/kfutil_stores.md | 2 +- docs/kfutil_stores_delete.md | 2 +- docs/kfutil_stores_export.md | 2 +- docs/kfutil_stores_get.md | 2 +- docs/kfutil_stores_import.md | 2 +- docs/kfutil_stores_import_csv.md | 2 +- .../kfutil_stores_import_generate-template.md | 2 +- docs/kfutil_stores_inventory.md | 2 +- docs/kfutil_stores_inventory_add.md | 2 +- docs/kfutil_stores_inventory_remove.md | 2 +- docs/kfutil_stores_inventory_show.md | 2 +- docs/kfutil_stores_list.md | 2 +- docs/kfutil_stores_rot.md | 2 +- docs/kfutil_stores_rot_audit.md | 2 +- docs/kfutil_stores_rot_generate-template.md | 2 +- docs/kfutil_stores_rot_reconcile.md | 2 +- docs/kfutil_version.md | 2 +- 58 files changed, 202 insertions(+), 56 deletions(-) create mode 100644 docs/kfutil_migrate.md create mode 100644 docs/kfutil_migrate_check.md create mode 100644 docs/kfutil_migrate_pam.md diff --git a/docs/kfutil.md b/docs/kfutil.md index d861138..4a61259 100644 --- a/docs/kfutil.md +++ b/docs/kfutil.md @@ -39,6 +39,7 @@ A CLI wrapper around the Keyfactor Platform API. * [kfutil import](kfutil_import.md) - Keyfactor instance import utilities. * [kfutil login](kfutil_login.md) - User interactive login to Keyfactor. Stores the credentials in the config file '$HOME/.keyfactor/command_config.json'. * [kfutil logout](kfutil_logout.md) - Unsets environment variables and removes the stored credentials file. +* [kfutil migrate](kfutil_migrate.md) - Keyfactor Migration Tools. * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. * [kfutil status](kfutil_status.md) - List the status of Keyfactor services. @@ -46,4 +47,4 @@ A CLI wrapper around the Keyfactor Platform API. * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. * [kfutil version](kfutil_version.md) - Shows version of kfutil -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion.md b/docs/kfutil_completion.md index e22e82b..a9ba81f 100644 --- a/docs/kfutil_completion.md +++ b/docs/kfutil_completion.md @@ -45,4 +45,4 @@ See each sub-command's help for details on how to use the generated script. * [kfutil completion powershell](kfutil_completion_powershell.md) - Generate the autocompletion script for powershell * [kfutil completion zsh](kfutil_completion_zsh.md) - Generate the autocompletion script for zsh -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion_bash.md b/docs/kfutil_completion_bash.md index e002d6d..95da43b 100644 --- a/docs/kfutil_completion_bash.md +++ b/docs/kfutil_completion_bash.md @@ -64,4 +64,4 @@ kfutil completion bash * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion_fish.md b/docs/kfutil_completion_fish.md index fd50972..17b37ce 100644 --- a/docs/kfutil_completion_fish.md +++ b/docs/kfutil_completion_fish.md @@ -55,4 +55,4 @@ kfutil completion fish [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion_powershell.md b/docs/kfutil_completion_powershell.md index 6ae54ea..168732f 100644 --- a/docs/kfutil_completion_powershell.md +++ b/docs/kfutil_completion_powershell.md @@ -52,4 +52,4 @@ kfutil completion powershell [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_completion_zsh.md b/docs/kfutil_completion_zsh.md index b3a0672..df997d4 100644 --- a/docs/kfutil_completion_zsh.md +++ b/docs/kfutil_completion_zsh.md @@ -66,4 +66,4 @@ kfutil completion zsh [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_containers.md b/docs/kfutil_containers.md index 667a635..a18a8c3 100644 --- a/docs/kfutil_containers.md +++ b/docs/kfutil_containers.md @@ -41,4 +41,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil containers get](kfutil_containers_get.md) - Get certificate store container by ID or name. * [kfutil containers list](kfutil_containers_list.md) - List certificate store containers. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_containers_get.md b/docs/kfutil_containers_get.md index 54bcb25..a19027a 100644 --- a/docs/kfutil_containers_get.md +++ b/docs/kfutil_containers_get.md @@ -44,4 +44,4 @@ kfutil containers get [flags] * [kfutil containers](kfutil_containers.md) - Keyfactor certificate store container API and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_containers_list.md b/docs/kfutil_containers_list.md index 496661b..62f17be 100644 --- a/docs/kfutil_containers_list.md +++ b/docs/kfutil_containers_list.md @@ -43,4 +43,4 @@ kfutil containers list [flags] * [kfutil containers](kfutil_containers.md) - Keyfactor certificate store container API and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_export.md b/docs/kfutil_export.md index 7b255a5..649f5f7 100644 --- a/docs/kfutil_export.md +++ b/docs/kfutil_export.md @@ -55,4 +55,4 @@ kfutil export [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_helm.md b/docs/kfutil_helm.md index c0facc8..a91ad69 100644 --- a/docs/kfutil_helm.md +++ b/docs/kfutil_helm.md @@ -46,4 +46,4 @@ kubectl helm uo | helm install -f - keyfactor-universal-orchestrator keyfactor/k * [kfutil](kfutil.md) - Keyfactor CLI utilities * [kfutil helm uo](kfutil_helm_uo.md) - Configure the Keyfactor Universal Orchestrator Helm Chart -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_helm_uo.md b/docs/kfutil_helm_uo.md index a5e2833..581a1af 100644 --- a/docs/kfutil_helm_uo.md +++ b/docs/kfutil_helm_uo.md @@ -50,4 +50,4 @@ kfutil helm uo [-t ] [-o ] [-f ] [-e -e @,@ -o ./app/extension * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_orchs_get.md b/docs/kfutil_orchs_get.md index 245e10a..9777377 100644 --- a/docs/kfutil_orchs_get.md +++ b/docs/kfutil_orchs_get.md @@ -44,4 +44,4 @@ kfutil orchs get [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_orchs_list.md b/docs/kfutil_orchs_list.md index bf55a9a..bc02d7c 100644 --- a/docs/kfutil_orchs_list.md +++ b/docs/kfutil_orchs_list.md @@ -43,4 +43,4 @@ kfutil orchs list [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_orchs_logs.md b/docs/kfutil_orchs_logs.md index 14d971e..0d535d4 100644 --- a/docs/kfutil_orchs_logs.md +++ b/docs/kfutil_orchs_logs.md @@ -44,4 +44,4 @@ kfutil orchs logs [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_orchs_reset.md b/docs/kfutil_orchs_reset.md index 032349a..af41268 100644 --- a/docs/kfutil_orchs_reset.md +++ b/docs/kfutil_orchs_reset.md @@ -44,4 +44,4 @@ kfutil orchs reset [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam.md b/docs/kfutil_pam.md index 6d22a6d..f5eddd0 100644 --- a/docs/kfutil_pam.md +++ b/docs/kfutil_pam.md @@ -48,4 +48,4 @@ programmatically create, delete, edit, and list PAM Providers. * [kfutil pam types-list](kfutil_pam_types-list.md) - Returns a list of all available PAM provider types. * [kfutil pam update](kfutil_pam_update.md) - Updates an existing PAM Provider, currently only supported from file. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_create.md b/docs/kfutil_pam_create.md index 1fd5f60..b0853eb 100644 --- a/docs/kfutil_pam_create.md +++ b/docs/kfutil_pam_create.md @@ -44,4 +44,4 @@ kfutil pam create [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_delete.md b/docs/kfutil_pam_delete.md index 28c16e1..8d4b267 100644 --- a/docs/kfutil_pam_delete.md +++ b/docs/kfutil_pam_delete.md @@ -44,4 +44,4 @@ kfutil pam delete [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_get.md b/docs/kfutil_pam_get.md index afc07d7..3823d67 100644 --- a/docs/kfutil_pam_get.md +++ b/docs/kfutil_pam_get.md @@ -44,4 +44,4 @@ kfutil pam get [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_list.md b/docs/kfutil_pam_list.md index 217b568..7eacae9 100644 --- a/docs/kfutil_pam_list.md +++ b/docs/kfutil_pam_list.md @@ -43,4 +43,4 @@ kfutil pam list [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_types-create.md b/docs/kfutil_pam_types-create.md index 9c0e244..eba0990 100644 --- a/docs/kfutil_pam_types-create.md +++ b/docs/kfutil_pam_types-create.md @@ -51,4 +51,4 @@ kfutil pam types-create [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_types-list.md b/docs/kfutil_pam_types-list.md index 8fe920d..0ccef4a 100644 --- a/docs/kfutil_pam_types-list.md +++ b/docs/kfutil_pam_types-list.md @@ -43,4 +43,4 @@ kfutil pam types-list [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_pam_update.md b/docs/kfutil_pam_update.md index 35ab4bb..8425624 100644 --- a/docs/kfutil_pam_update.md +++ b/docs/kfutil_pam_update.md @@ -44,4 +44,4 @@ kfutil pam update [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_status.md b/docs/kfutil_status.md index 193d051..349c72f 100644 --- a/docs/kfutil_status.md +++ b/docs/kfutil_status.md @@ -43,4 +43,4 @@ kfutil status [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types.md b/docs/kfutil_store-types.md index 05c3cac..2197ba0 100644 --- a/docs/kfutil_store-types.md +++ b/docs/kfutil_store-types.md @@ -44,4 +44,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil store-types list](kfutil_store-types_list.md) - List certificate store types. * [kfutil store-types templates-fetch](kfutil_store-types_templates-fetch.md) - Fetches store type templates from Keyfactor's Github. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_create.md b/docs/kfutil_store-types_create.md index ef02796..5bf8303 100644 --- a/docs/kfutil_store-types_create.md +++ b/docs/kfutil_store-types_create.md @@ -18,7 +18,7 @@ kfutil store-types create [flags] -b, --git-ref string The git branch or tag to reference when pulling store-types from the internet. (default "main") -h, --help help for create -l, --list List valid store types. - -n, --name string Short name of the certificate store type to get. Valid choices are: AKV, AWS-ACM, Akamai, AppGwBin, AzureApp, AzureApp2, AzureAppGw, AzureSP, AzureSP2, BIPCamera, CiscoAsa, CitrixAdc, DataPower, F5-BigIQ, F5-CA-REST, F5-SL-REST, F5-WS-REST, FortiWeb, Fortigate, GCPLoadBal, GcpCertMgr, HCVKV, HCVKVJKS, HCVKVP12, HCVKVPEM, HCVKVPFX, HCVPKI, IISU, Imperva, K8SCert, K8SCluster, K8SJKS, K8SNS, K8SPKCS12, K8SSecret, K8STLSSecr, MOST, Nmap, PaloAlto, RFDER, RFJKS, RFKDB, RFORA, RFPEM, RFPkcs12, SAMPLETYPE, Signum, VMware-NSX, WinCerMgmt, WinCert, WinSql, f5WafCa, f5WafTls, iDRAC + -n, --name string Short name of the certificate store type to get. Valid choices are: AKV, AWS-ACM, Akamai, AppGwBin, AzureApp, AzureApp2, AzureAppGw, AzureSP, AzureSP2, BIPCamera, CiscoAsa, CitrixAdc, DataPower, F5-BigIQ, F5-CA-REST, F5-SL-REST, F5-WS-REST, FortiWeb, Fortigate, GCPLoadBal, GcpApigee, GcpCertMgr, HCVKV, HCVKVJKS, HCVKVP12, HCVKVPEM, HCVKVPFX, HCVPKI, HPiLO, IISU, Imperva, K8SCert, K8SCluster, K8SJKS, K8SNS, K8SPKCS12, K8SSecret, K8STLSSecr, MOST, Nmap, PaloAlto, RFDER, RFJKS, RFKDB, RFORA, RFPEM, RFPkcs12, SAMPLETYPE, Signum, VMware-NSX, WinCerMgmt, WinCert, WinSql, f5WafCa, f5WafTls, iDRAC -r, --repo string The repository to pull store-types definitions from. (default "kfutil") ``` @@ -49,4 +49,4 @@ kfutil store-types create [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_delete.md b/docs/kfutil_store-types_delete.md index a8b9500..e4ffcc5 100644 --- a/docs/kfutil_store-types_delete.md +++ b/docs/kfutil_store-types_delete.md @@ -47,4 +47,4 @@ kfutil store-types delete [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_get.md b/docs/kfutil_store-types_get.md index 9a249cc..df11d41 100644 --- a/docs/kfutil_store-types_get.md +++ b/docs/kfutil_store-types_get.md @@ -48,4 +48,4 @@ kfutil store-types get [-i | -n ] [-b * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_list.md b/docs/kfutil_store-types_list.md index 4fb07e6..8318adb 100644 --- a/docs/kfutil_store-types_list.md +++ b/docs/kfutil_store-types_list.md @@ -43,4 +43,4 @@ kfutil store-types list [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_store-types_templates-fetch.md b/docs/kfutil_store-types_templates-fetch.md index 9df5d69..ad35f47 100644 --- a/docs/kfutil_store-types_templates-fetch.md +++ b/docs/kfutil_store-types_templates-fetch.md @@ -45,4 +45,4 @@ kfutil store-types templates-fetch [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores.md b/docs/kfutil_stores.md index c15f5c2..4a2e092 100644 --- a/docs/kfutil_stores.md +++ b/docs/kfutil_stores.md @@ -47,4 +47,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil stores list](kfutil_stores_list.md) - List certificate stores. * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_delete.md b/docs/kfutil_stores_delete.md index c8f68b9..53cc545 100644 --- a/docs/kfutil_stores_delete.md +++ b/docs/kfutil_stores_delete.md @@ -46,4 +46,4 @@ kfutil stores delete [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_export.md b/docs/kfutil_stores_export.md index 85fac2a..2594ae0 100644 --- a/docs/kfutil_stores_export.md +++ b/docs/kfutil_stores_export.md @@ -47,4 +47,4 @@ kfutil stores export [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_get.md b/docs/kfutil_stores_get.md index f2966da..65bc985 100644 --- a/docs/kfutil_stores_get.md +++ b/docs/kfutil_stores_get.md @@ -44,4 +44,4 @@ kfutil stores get [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_import.md b/docs/kfutil_stores_import.md index 6144088..1b7fb26 100644 --- a/docs/kfutil_stores_import.md +++ b/docs/kfutil_stores_import.md @@ -41,4 +41,4 @@ Tools for generating import templates and importing certificate stores * [kfutil stores import csv](kfutil_stores_import_csv.md) - Create certificate stores from CSV file. * [kfutil stores import generate-template](kfutil_stores_import_generate-template.md) - For generating a CSV template with headers for bulk store creation. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_import_csv.md b/docs/kfutil_stores_import_csv.md index c34731e..c3cc561 100644 --- a/docs/kfutil_stores_import_csv.md +++ b/docs/kfutil_stores_import_csv.md @@ -94,4 +94,4 @@ kfutil stores import csv --file --store-type-id --store-t * [kfutil stores import](kfutil_stores_import.md) - Import a file with certificate store definitions and create them in Keyfactor Command. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_inventory.md b/docs/kfutil_stores_inventory.md index bdfee73..8e1762c 100644 --- a/docs/kfutil_stores_inventory.md +++ b/docs/kfutil_stores_inventory.md @@ -42,4 +42,4 @@ Commands related to certificate store inventory management * [kfutil stores inventory remove](kfutil_stores_inventory_remove.md) - Removes a certificate from the certificate store inventory. * [kfutil stores inventory show](kfutil_stores_inventory_show.md) - Show the inventory of a certificate store. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_inventory_add.md b/docs/kfutil_stores_inventory_add.md index 3f2c38c..3c34339 100644 --- a/docs/kfutil_stores_inventory_add.md +++ b/docs/kfutil_stores_inventory_add.md @@ -57,4 +57,4 @@ kfutil stores inventory add [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_inventory_remove.md b/docs/kfutil_stores_inventory_remove.md index 06719df..c3eb6b2 100644 --- a/docs/kfutil_stores_inventory_remove.md +++ b/docs/kfutil_stores_inventory_remove.md @@ -53,4 +53,4 @@ kfutil stores inventory remove [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_inventory_show.md b/docs/kfutil_stores_inventory_show.md index e6d6bc2..dd3d232 100644 --- a/docs/kfutil_stores_inventory_show.md +++ b/docs/kfutil_stores_inventory_show.md @@ -47,4 +47,4 @@ kfutil stores inventory show [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_list.md b/docs/kfutil_stores_list.md index 9557d62..1efab07 100644 --- a/docs/kfutil_stores_list.md +++ b/docs/kfutil_stores_list.md @@ -43,4 +43,4 @@ kfutil stores list [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_rot.md b/docs/kfutil_stores_rot.md index d47038c..f575593 100644 --- a/docs/kfutil_stores_rot.md +++ b/docs/kfutil_stores_rot.md @@ -54,4 +54,4 @@ kfutil stores rot reconcile --import-csv * [kfutil stores rot generate-template](kfutil_stores_rot_generate-template.md) - For generating Root Of Trust template(s) * [kfutil stores rot reconcile](kfutil_stores_rot_reconcile.md) - Reconcile either takes in or will generate an audit report and then add/remove certs as needed. -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_rot_audit.md b/docs/kfutil_stores_rot_audit.md index 02af86c..35456bb 100644 --- a/docs/kfutil_stores_rot_audit.md +++ b/docs/kfutil_stores_rot_audit.md @@ -51,4 +51,4 @@ kfutil stores rot audit [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_rot_generate-template.md b/docs/kfutil_stores_rot_generate-template.md index 92f6180..80f831d 100644 --- a/docs/kfutil_stores_rot_generate-template.md +++ b/docs/kfutil_stores_rot_generate-template.md @@ -49,4 +49,4 @@ kfutil stores rot generate-template [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_stores_rot_reconcile.md b/docs/kfutil_stores_rot_reconcile.md index b50170d..2cd73a4 100644 --- a/docs/kfutil_stores_rot_reconcile.md +++ b/docs/kfutil_stores_rot_reconcile.md @@ -56,4 +56,4 @@ kfutil stores rot reconcile [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 diff --git a/docs/kfutil_version.md b/docs/kfutil_version.md index 43447ad..fb338e8 100644 --- a/docs/kfutil_version.md +++ b/docs/kfutil_version.md @@ -43,4 +43,4 @@ kfutil version [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 17-Jun-2025 +###### Auto generated on 15-Jul-2025 From 526e182685cd355c06ab68c5100a187440d62cf8 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:00:45 -0700 Subject: [PATCH 02/12] fix(pkg): Bump internal version to `1.8.1` Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- pkg/version/version.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/version/version.go b/pkg/version/version.go index 433d935..3ad2feb 100644 --- a/pkg/version/version.go +++ b/pkg/version/version.go @@ -15,7 +15,7 @@ package version var ( - VERSION = "1.7.0" + VERSION = "1.8.1" BUILD_DATE = "2025-05-20" COMMIT = "HEAD" ) From ad6122c945a9bbe716de39b06287af2f549ac9a0 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:23:03 -0700 Subject: [PATCH 03/12] fix(docs): Update internal store-type definitions w/ latest data. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- cmd/store_types.json | 864 +++++++++++++++++++++++++++---------------- store_types.json | 864 +++++++++++++++++++++++++++---------------- 2 files changed, 1096 insertions(+), 632 deletions(-) diff --git a/cmd/store_types.json b/cmd/store_types.json index 927642e..a964321 100644 --- a/cmd/store_types.json +++ b/cmd/store_types.json @@ -260,6 +260,195 @@ "ClientMachineDescription": "This is the AWS Account ID that will be used for access. This will dictate what certificates are usable by the orchestrator. Note: this does not have any effect on EC2 inferred credentials, which are limited to a specific role/account.", "StorePathDescription": "The AWS Region, or a comma-separated list of multiple regions, the store will operate in." }, + { + "Name": "AWS Certificate Manager v3", + "ShortName": "AWS-ACM-v3", + "Capability": "AWS-ACM-v3", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": false, + "Discovery": false, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "UseDefaultSdkAuth", + "DisplayName": "Use Default SDK Auth", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use Default SDK credentials" + }, + { + "Name": "DefaultSdkAssumeRole", + "DisplayName": "Assume new Role using Default SDK Auth", + "Type": "Bool", + "DependsOn": "UseDefaultSdkAuth", + "DefaultValue": "false", + "Required": false, + "IsPAMEligible": false, + "Description": "A switch to enable the store to assume a new Role when using Default SDK credentials" + }, + { + "Name": "UseOAuth", + "DisplayName": "Use OAuth 2.0 Provider", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use an OAuth provider workflow to authenticate with AWS" + }, + { + "Name": "OAuthScope", + "DisplayName": "OAuth Scope", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": false, + "Description": "This is the OAuth Scope needed for Okta OAuth, defined in Okta" + }, + { + "Name": "OAuthGrantType", + "DisplayName": "OAuth Grant Type", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "client_credentials", + "Required": false, + "IsPAMEligible": false, + "Description": "In OAuth 2.0, the term 'grant type' refers to the way an application gets an access token. In Okta this is `client_credentials`" + }, + { + "Name": "OAuthUrl", + "DisplayName": "OAuth Url", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "https://***/oauth2/default/v1/token", + "Required": false, + "IsPAMEligible": false, + "Description": "An optional parameter sts:ExternalId to pass with Assume Role calls" + }, + { + "Name": "OAuthClientId", + "DisplayName": "OAuth Client ID", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The Client ID for OAuth." + }, + { + "Name": "OAuthClientSecret", + "DisplayName": "OAuth Client Secret", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The Client Secret for OAuth." + }, + { + "Name": "UseIAM", + "DisplayName": "Use IAM User Auth", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use IAM User auth to assume a role when authenticating with AWS" + }, + { + "Name": "IAMUserAccessKey", + "DisplayName": "IAM User Access Key", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The AWS Access Key for an IAM User" + }, + { + "Name": "IAMUserAccessSecret", + "DisplayName": "IAM User Access Secret", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The AWS Access Secret for an IAM User." + }, + { + "Name": "ExternalId", + "DisplayName": "sts:ExternalId", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": false, + "Description": "An optional parameter sts:ExternalId to pass with Assume Role calls" + } + ], + "EntryParameters": [ + { + "Name": "ACM Tags", + "DisplayName": "ACM Tags", + "Type": "String", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + }, + "Description": "The optional ACM tags that should be assigned to the certificate. Multiple name/value pairs may be entered in the format of `Name1=Value1,Name2=Value2,...,NameN=ValueN`" + } + ], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "PrivateKeyAllowed": "Required", + "ServerRequired": false, + "PowerShell": false, + "BlueprintAllowed": true, + "CustomAliasAllowed": "Optional", + "ClientMachineDescription": "This is a full AWS ARN specifying a Role. This is the Role that will be assumed in any Auth scenario performing Assume Role. This will dictate what certificates are usable by the orchestrator. A preceding [profile] name should be included if a Credential Profile is to be used in Default Sdk Auth.", + "StorePathDescription": "A single specified AWS Region the store will operate in. Additional regions should get their own store defined." + }, + { + "Name": "Airlock Application Firewall Certificate", + "ShortName": "AirlockWAF", + "Capability": "AirlockWAF", + "LocalStore": false, + "SupportedOperations": { + "Add": false, + "Create": false, + "Discovery": true, + "Enrollment": false, + "Remove": false + }, + "Properties": [], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": true, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Required", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Allowed" + }, { "Name": "Akamai Certificate Provisioning Service", "ShortName": "Akamai", @@ -274,36 +463,38 @@ }, "Properties": [ { - "StoreTypeId;omitempty": 0, "Name": "access_token", "DisplayName": "Access Token", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai access_token for authentication." }, { - "StoreTypeId;omitempty": 0, "Name": "client_token", "DisplayName": "Client Token", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai client_token for authentication." }, { - "StoreTypeId;omitempty": 0, "Name": "client_secret", "DisplayName": "Client Secret", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai client_secret for authentication." } ], "EntryParameters": [ { - "StoreTypeId;omitempty": 0, "Name": "EnrollmentId", "DisplayName": "Enrollment ID", "Type": "String", @@ -312,10 +503,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Enrollment ID of a certificate enrollment in Akamai. This should only be supplied for ODKG when replacing an existing certificate." }, { - "StoreTypeId;omitempty": 0, "Name": "ContractId", "DisplayName": "Contract ID", "Type": "String", @@ -325,10 +516,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "The Contract ID of your account in Akamai." }, { - "StoreTypeId;omitempty": 0, "Name": "Sans", "DisplayName": "SANs", "Type": "String", @@ -337,10 +528,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": true - } + }, + "Description": "SANs for the new certificate. If multiple are supplied, they should be split with an ampersand character '&'" }, { - "StoreTypeId;omitempty": 0, "Name": "admin-addressLineOne", "DisplayName": "Admin - Address Line 1", "Type": "String", @@ -350,10 +541,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-addressLineTwo", "DisplayName": "Admin - Address Line 2", "Type": "String", @@ -362,10 +553,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-city", "DisplayName": "Admin - City", "Type": "String", @@ -375,10 +566,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-country", "DisplayName": "Admin - Country", "Type": "String", @@ -388,10 +579,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-email", "DisplayName": "Admin - Email", "Type": "String", @@ -401,10 +592,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-firstName", "DisplayName": "Admin - First Name", "Type": "String", @@ -414,10 +605,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-lastName", "DisplayName": "Admin - Last Name", "Type": "String", @@ -427,10 +618,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-organizationName", "DisplayName": "Admin - Organization Name", "Type": "String", @@ -440,10 +631,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-phone", "DisplayName": "Admin - Phone", "Type": "String", @@ -453,10 +644,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-postalCode", "DisplayName": "Admin - Postal Code", "Type": "String", @@ -466,10 +657,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-region", "DisplayName": "Admin - Region", "Type": "String", @@ -479,10 +670,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-title", "DisplayName": "Admin - Title", "Type": "String", @@ -492,10 +683,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-addressLineOne", "DisplayName": "Org - Address Line 1", "Type": "String", @@ -505,10 +696,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-addressLineTwo", "DisplayName": "Org - Address Line 2", "Type": "String", @@ -517,10 +708,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-city", "DisplayName": "Org - City", "Type": "String", @@ -530,10 +721,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-country", "DisplayName": "Org - Country", "Type": "String", @@ -543,10 +734,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-organizationName", "DisplayName": "Org - Organization Name", "Type": "String", @@ -556,10 +747,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-phone", "DisplayName": "Org - Phone", "Type": "String", @@ -569,10 +760,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-postalCode", "DisplayName": "Org - Postal Code", "Type": "String", @@ -582,10 +773,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-region", "DisplayName": "Org - Region", "Type": "String", @@ -595,10 +786,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-addressLineOne", "DisplayName": "Tech - Address Line 1", "Type": "String", @@ -608,10 +799,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-addressLineTwo", "DisplayName": "Tech - Address Line 2", "Type": "String", @@ -620,10 +811,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-city", "DisplayName": "Tech - City", "Type": "String", @@ -633,10 +824,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-country", "DisplayName": "Tech - Country", "Type": "String", @@ -646,10 +837,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-email", "DisplayName": "Tech - Email", "Type": "String", @@ -659,10 +850,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact. Must be an akamai.com email address." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-firstName", "DisplayName": "Tech - First Name", "Type": "String", @@ -672,10 +863,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-lastName", "DisplayName": "Tech - Last Name", "Type": "String", @@ -685,10 +876,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-organizationName", "DisplayName": "Tech - Organization Name", "Type": "String", @@ -698,10 +889,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "Akamai", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-phone", "DisplayName": "Tech - Phone", "Type": "String", @@ -711,10 +902,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-postalCode", "DisplayName": "Tech - Postal Code", "Type": "String", @@ -724,10 +915,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-region", "DisplayName": "Tech - Region", "Type": "String", @@ -737,10 +928,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-title", "DisplayName": "Tech - Title", "Type": "String", @@ -750,7 +941,8 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." } ], "PasswordOptions": { @@ -764,7 +956,9 @@ "ServerRequired": false, "PowerShell": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" + "CustomAliasAllowed": "Forbidden", + "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.", + "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"." }, { "Name": "Azure Application Gateway Certificate Binding", @@ -1158,38 +1352,50 @@ "Name": "Bosch IP Camera", "ShortName": "BIPCamera", "Capability": "BIPCamera", - "LocalStore": false, + "PrivateKeyAllowed": "Optional", + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": true, + "CustomAliasAllowed": "Required", "SupportedOperations": { - "Add": true, + "Add": false, "Create": false, "Discovery": false, "Enrollment": true, - "Remove": true + "Remove": false + }, + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" }, "Properties": [ { "Name": "ServerUsername", "DisplayName": "Server Username", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "Enter the username of the configured \"service\" user on the camera" }, { "Name": "ServerPassword", "DisplayName": "Server Password", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "Enter the password of the configured \"service\" user on the camera" }, { "Name": "ServerUseSsl", "DisplayName": "Use SSL", "Type": "Bool", - "DependsOn": null, + "DependsOn": "", "DefaultValue": "true", - "Required": true + "Required": true, + "Description": "Select True or False depending on if SSL (HTTPS) should be used to communicate with the camera." } ], "EntryParameters": [ @@ -1203,7 +1409,8 @@ "OnRemove": false, "OnReenrollment": false }, - "Options": ",HTTPS,EAP-TLS-client,TLS-DATE-client" + "Options": ",HTTPS,EAP-TLS-client,TLS-DATE-client", + "Description": "The Certificate Usage to assign to the cert after upload. Can be left blank to be assigned later." }, { "Name": "Name", @@ -1214,7 +1421,8 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": true - } + }, + "Description": "The certificate Alias, entered again." }, { "Name": "Overwrite", @@ -1226,19 +1434,12 @@ "OnRemove": false, "OnReenrollment": false }, - "DefaultValue": "false" + "DefaultValue": "false", + "Description": "Select `True` if using an existing Alias name to remove and replace an existing certificate." } ], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": true, - "CustomAliasAllowed": "Required" + "ClientMachineDescription": "The IP address of the Camera. Sample is \"192.167.231.174:44444\". Include the port if necessary.", + "StorePathDescription": "Enter the Serial Number of the camera e.g. `068745431065110085`" }, { "Name": "CiscoAsa", @@ -1633,7 +1834,7 @@ "Capability": "F5-CA-REST", "ServerRequired": true, "ClientMachineDescription": "The server name or IP Address for the F5 device.", - "StorePathDescription": "Enter the name of the partition on the F5 device you wish to manage. This value is case sensitive, so if the partition name is \"Common\", it must be entered as \"Common\" and not \"common\",", + "StorePathDescription": "Enter the name of the partition followed by the name of the bundle separated by a / (i.e. Common/BundleName). This value is case sensitive, so if the partition name is \"Common/BundleName\", it must be entered as \"Common/BundleName\" and not \"common/bundlename\",", "SupportedOperations": { "Add": true, "Create": false, @@ -1802,6 +2003,15 @@ "Required": true, "Description": "Select this if you wish to stop the orchestrator from adding, replacing or renewing certificates on nodes that are inactive. If this is not selected, adding, replacing and renewing certificates on inactive nodes will be allowed. If you choose not to add this custom field, the default value of False will be assumed." }, + { + "Name": "RemoveChain", + "DisplayName": "Remove Chain on Add", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "False", + "Required": false, + "Description": "Optional setting. Set this to true if you would like to remove the certificate chain before adding or replacing a certificate on your F5 device." + }, { "Name": "IgnoreSSLWarning", "DisplayName": "Ignore SSL Warning", @@ -1818,7 +2028,7 @@ "DependsOn": "", "DefaultValue": "false", "Required": true, - "Description": "Select this if you wish to use F5's token authentiation instead of basic authentication for all API requests. If you choose not to add this custom field, the default value of False will be assumed and basic authentication will be used for all API requests for all jobs. Setting this value to True will enable an initial basic authenticated request to acquire an authentication token, which will then be used for all subsequent API requests." + "Description": "Select this if you wish to use F5's token authentication instead of basic authentication for all API requests. If you choose not to add this custom field, the default value of False will be assumed and basic authentication will be used for all API requests for all jobs. Setting this value to True will enable an initial basic authenticated request to acquire an authentication token, which will then be used for all subsequent API requests." }, { "Name": "ServerUsername", @@ -2061,88 +2271,88 @@ "StorePathDescription": "This is not used in this integration, but is a required field in the UI. Just enter any value here" }, { - "Name": "Google Cloud Provider Apigee", - "ShortName": "GcpApigee", - "Capability": "GcpApigee", + "Name": "GCP Load Balancer", + "ShortName": "GCPLoadBal", + "Capability": "GCPLoadBal", "ServerRequired": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Required", + "CustomAliasAllowed": "Optional", "PowerShell": false, - "PrivateKeyAllowed": "Optional", + "PrivateKeyAllowed": "Required", "SupportedOperations": { "Add": true, - "Create": true, + "Create": false, "Discovery": false, "Enrollment": false, "Remove": true }, "PasswordOptions": { + "Style": "Default", "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" + "StoreRequired": false }, "Properties": [ { - "Name": "isTrustStore", - "DisplayName": "Is Trust Store?", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "false", + "Name": "jsonKey", + "DisplayName": "Service Account Key", "Required": true, "IsPAMEligible": false, - "Description": "Should be checked if the Apigee keystore being managed is a truststore." - }, - { - "Name": "jsonKey", - "DisplayName": "Google Json Key File", - "Type": "Secret", "DependsOn": "", + "Type": "Secret", "DefaultValue": "", - "Required": true, - "IsPAMEligible": false, - "Description": "The JSON key tied to the Apigee service account. You can copy and paste the entire Json key in the textbox when creating a certificate store in the Keyfactor Command UI." + "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value" } ], - "EntryParameters": [], - "ClientMachineDescription": "The Base URL for the GCP Apigee REST Api. Should be *apigee.googleapis.com*", - "StorePathDescription": "The Apigee keystore being managed. Must be provided in the following format: organizations/{org}/environments/{env}/keystores/{keystore}, where {org}, {env}, and {keystore} will be replaced with your environment-specific values." + "ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.", + "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).", + "EntryParameters": [] }, { - "Name": "GCP Load Balancer", - "ShortName": "GCPLoadBal", - "Capability": "GCPLoadBal", + "Name": "Google Cloud Provider Apigee", + "ShortName": "GcpApigee", + "Capability": "GcpApigee", "ServerRequired": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional", + "CustomAliasAllowed": "Required", "PowerShell": false, - "PrivateKeyAllowed": "Required", + "PrivateKeyAllowed": "Optional", "SupportedOperations": { "Add": true, - "Create": false, + "Create": true, "Discovery": false, "Enrollment": false, "Remove": true }, "PasswordOptions": { - "Style": "Default", "EntrySupported": false, - "StoreRequired": false + "StoreRequired": false, + "Style": "Default" }, "Properties": [ { - "Name": "jsonKey", - "DisplayName": "Service Account Key", + "Name": "isTrustStore", + "DisplayName": "Is Trust Store?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", "Required": true, "IsPAMEligible": false, - "DependsOn": "", + "Description": "Should be checked if the Apigee keystore being managed is a truststore." + }, + { + "Name": "jsonKey", + "DisplayName": "Google Json Key File", "Type": "Secret", + "DependsOn": "", "DefaultValue": "", - "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value" + "Required": true, + "IsPAMEligible": false, + "Description": "The JSON key tied to the Apigee service account. You can copy and paste the entire Json key in the textbox when creating a certificate store in the Keyfactor Command UI." } ], - "ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.", - "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).", - "EntryParameters": [] + "EntryParameters": [], + "ClientMachineDescription": "The Base URL for the GCP Apigee REST Api. Should be *apigee.googleapis.com*", + "StorePathDescription": "The Apigee keystore being managed. Must be provided in the following format: organizations/{org}/environments/{env}/keystores/{keystore}, where {org}, {env}, and {keystore} will be replaced with your environment-specific values." }, { "Name": "GCP Certificate Manager", @@ -2266,7 +2476,17 @@ "Name": "Hashicorp Vault Key-Value JKS", "ShortName": "HCVKVJKS", "Capability": "HCVKVJKS", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2276,16 +2496,29 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2294,42 +2527,31 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } + }, + { + "Name": "Hashicorp Vault Key-Value PKCS12", + "ShortName": "HCVKVP12", + "Capability": "HCVKVP12", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", + "LocalStore": false, "StorePathType": "", "StorePathValue": "", "PrivateKeyAllowed": "Optional", @@ -2337,13 +2559,7 @@ "ServerRequired": true, "PowerShell": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" - }, - { - "Name": "Hashicorp Vault Key-Value PKCS12", - "ShortName": "HCVKVP12", - "Capability": "HCVKVP12", - "LocalStore": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2353,74 +2569,68 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" }, { - "Name": "MountPoint", - "DisplayName": "Mount Point", - "Type": "String", + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", "DependsOn": "", "DefaultValue": "", - "Required": false + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", "Required": false }, { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault Key-Value PEM", "ShortName": "HCVKVPEM", "Capability": "HCVKVPEM", "LocalStore": false, + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path after mount point where the certificates will be stored.", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2429,9 +2639,30 @@ "Remove": true }, "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, { "Name": "SubfolderInventory", "DisplayName": "Subfolder Inventory", + "Description": "Should certificates found in sub-paths be included when performing an inventory?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2440,6 +2671,7 @@ { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2448,54 +2680,39 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault Key-Value PFX", "ShortName": "HCVKVPFX", "Capability": "HCVKVPFX", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2505,16 +2722,29 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2523,56 +2753,39 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault PKI", "ShortName": "HCVPKI", "Capability": "HCVPKI", "LocalStore": false, + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "For HCVPKI, this will be '/'", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "PrivateKeyAllowed": "Forbidden", + "CustomAliasAllowed": "Forbidden", + "StorePathType": "Fixed", + "StorePathValue": "/", "SupportedOperations": { "Add": false, "Create": false, @@ -2581,9 +2794,30 @@ "Remove": false }, "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: /", "Type": "String", "DependsOn": "", "DefaultValue": "", @@ -2594,14 +2828,12 @@ "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "HP iLO Cert Store", @@ -2681,9 +2913,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -2692,7 +2924,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -2710,7 +2942,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", @@ -4438,9 +4670,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -4449,7 +4681,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -4467,7 +4699,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", @@ -4552,9 +4784,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -4563,7 +4795,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -4581,7 +4813,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", diff --git a/store_types.json b/store_types.json index 927642e..a964321 100644 --- a/store_types.json +++ b/store_types.json @@ -260,6 +260,195 @@ "ClientMachineDescription": "This is the AWS Account ID that will be used for access. This will dictate what certificates are usable by the orchestrator. Note: this does not have any effect on EC2 inferred credentials, which are limited to a specific role/account.", "StorePathDescription": "The AWS Region, or a comma-separated list of multiple regions, the store will operate in." }, + { + "Name": "AWS Certificate Manager v3", + "ShortName": "AWS-ACM-v3", + "Capability": "AWS-ACM-v3", + "LocalStore": false, + "SupportedOperations": { + "Add": true, + "Create": false, + "Discovery": false, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "UseDefaultSdkAuth", + "DisplayName": "Use Default SDK Auth", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use Default SDK credentials" + }, + { + "Name": "DefaultSdkAssumeRole", + "DisplayName": "Assume new Role using Default SDK Auth", + "Type": "Bool", + "DependsOn": "UseDefaultSdkAuth", + "DefaultValue": "false", + "Required": false, + "IsPAMEligible": false, + "Description": "A switch to enable the store to assume a new Role when using Default SDK credentials" + }, + { + "Name": "UseOAuth", + "DisplayName": "Use OAuth 2.0 Provider", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use an OAuth provider workflow to authenticate with AWS" + }, + { + "Name": "OAuthScope", + "DisplayName": "OAuth Scope", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": false, + "Description": "This is the OAuth Scope needed for Okta OAuth, defined in Okta" + }, + { + "Name": "OAuthGrantType", + "DisplayName": "OAuth Grant Type", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "client_credentials", + "Required": false, + "IsPAMEligible": false, + "Description": "In OAuth 2.0, the term 'grant type' refers to the way an application gets an access token. In Okta this is `client_credentials`" + }, + { + "Name": "OAuthUrl", + "DisplayName": "OAuth Url", + "Type": "String", + "DependsOn": "UseOAuth", + "DefaultValue": "https://***/oauth2/default/v1/token", + "Required": false, + "IsPAMEligible": false, + "Description": "An optional parameter sts:ExternalId to pass with Assume Role calls" + }, + { + "Name": "OAuthClientId", + "DisplayName": "OAuth Client ID", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The Client ID for OAuth." + }, + { + "Name": "OAuthClientSecret", + "DisplayName": "OAuth Client Secret", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The Client Secret for OAuth." + }, + { + "Name": "UseIAM", + "DisplayName": "Use IAM User Auth", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": true, + "IsPAMEligible": false, + "Description": "A switch to enable the store to use IAM User auth to assume a role when authenticating with AWS" + }, + { + "Name": "IAMUserAccessKey", + "DisplayName": "IAM User Access Key", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The AWS Access Key for an IAM User" + }, + { + "Name": "IAMUserAccessSecret", + "DisplayName": "IAM User Access Secret", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": true, + "Description": "The AWS Access Secret for an IAM User." + }, + { + "Name": "ExternalId", + "DisplayName": "sts:ExternalId", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "IsPAMEligible": false, + "Description": "An optional parameter sts:ExternalId to pass with Assume Role calls" + } + ], + "EntryParameters": [ + { + "Name": "ACM Tags", + "DisplayName": "ACM Tags", + "Type": "String", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + }, + "Description": "The optional ACM tags that should be assigned to the certificate. Multiple name/value pairs may be entered in the format of `Name1=Value1,Name2=Value2,...,NameN=ValueN`" + } + ], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "PrivateKeyAllowed": "Required", + "ServerRequired": false, + "PowerShell": false, + "BlueprintAllowed": true, + "CustomAliasAllowed": "Optional", + "ClientMachineDescription": "This is a full AWS ARN specifying a Role. This is the Role that will be assumed in any Auth scenario performing Assume Role. This will dictate what certificates are usable by the orchestrator. A preceding [profile] name should be included if a Credential Profile is to be used in Default Sdk Auth.", + "StorePathDescription": "A single specified AWS Region the store will operate in. Additional regions should get their own store defined." + }, + { + "Name": "Airlock Application Firewall Certificate", + "ShortName": "AirlockWAF", + "Capability": "AirlockWAF", + "LocalStore": false, + "SupportedOperations": { + "Add": false, + "Create": false, + "Discovery": true, + "Enrollment": false, + "Remove": false + }, + "Properties": [], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": true, + "Style": "Default" + }, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Required", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Allowed" + }, { "Name": "Akamai Certificate Provisioning Service", "ShortName": "Akamai", @@ -274,36 +463,38 @@ }, "Properties": [ { - "StoreTypeId;omitempty": 0, "Name": "access_token", "DisplayName": "Access Token", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai access_token for authentication." }, { - "StoreTypeId;omitempty": 0, "Name": "client_token", "DisplayName": "Client Token", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai client_token for authentication." }, { - "StoreTypeId;omitempty": 0, "Name": "client_secret", "DisplayName": "Client Secret", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": true + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": false, + "Description": "The Akamai client_secret for authentication." } ], "EntryParameters": [ { - "StoreTypeId;omitempty": 0, "Name": "EnrollmentId", "DisplayName": "Enrollment ID", "Type": "String", @@ -312,10 +503,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Enrollment ID of a certificate enrollment in Akamai. This should only be supplied for ODKG when replacing an existing certificate." }, { - "StoreTypeId;omitempty": 0, "Name": "ContractId", "DisplayName": "Contract ID", "Type": "String", @@ -325,10 +516,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "The Contract ID of your account in Akamai." }, { - "StoreTypeId;omitempty": 0, "Name": "Sans", "DisplayName": "SANs", "Type": "String", @@ -337,10 +528,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": true - } + }, + "Description": "SANs for the new certificate. If multiple are supplied, they should be split with an ampersand character '&'" }, { - "StoreTypeId;omitempty": 0, "Name": "admin-addressLineOne", "DisplayName": "Admin - Address Line 1", "Type": "String", @@ -350,10 +541,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-addressLineTwo", "DisplayName": "Admin - Address Line 2", "Type": "String", @@ -362,10 +553,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-city", "DisplayName": "Admin - City", "Type": "String", @@ -375,10 +566,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-country", "DisplayName": "Admin - Country", "Type": "String", @@ -388,10 +579,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-email", "DisplayName": "Admin - Email", "Type": "String", @@ -401,10 +592,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-firstName", "DisplayName": "Admin - First Name", "Type": "String", @@ -414,10 +605,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-lastName", "DisplayName": "Admin - Last Name", "Type": "String", @@ -427,10 +618,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-organizationName", "DisplayName": "Admin - Organization Name", "Type": "String", @@ -440,10 +631,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-phone", "DisplayName": "Admin - Phone", "Type": "String", @@ -453,10 +644,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-postalCode", "DisplayName": "Admin - Postal Code", "Type": "String", @@ -466,10 +657,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-region", "DisplayName": "Admin - Region", "Type": "String", @@ -479,10 +670,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "admin-title", "DisplayName": "Admin - Title", "Type": "String", @@ -492,10 +683,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Administrator contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-addressLineOne", "DisplayName": "Org - Address Line 1", "Type": "String", @@ -505,10 +696,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-addressLineTwo", "DisplayName": "Org - Address Line 2", "Type": "String", @@ -517,10 +708,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-city", "DisplayName": "Org - City", "Type": "String", @@ -530,10 +721,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-country", "DisplayName": "Org - Country", "Type": "String", @@ -543,10 +734,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-organizationName", "DisplayName": "Org - Organization Name", "Type": "String", @@ -556,10 +747,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-phone", "DisplayName": "Org - Phone", "Type": "String", @@ -569,10 +760,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-postalCode", "DisplayName": "Org - Postal Code", "Type": "String", @@ -582,10 +773,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "org-region", "DisplayName": "Org - Region", "Type": "String", @@ -595,10 +786,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Organization contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-addressLineOne", "DisplayName": "Tech - Address Line 1", "Type": "String", @@ -608,10 +799,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-addressLineTwo", "DisplayName": "Tech - Address Line 2", "Type": "String", @@ -620,10 +811,10 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": false - } + }, + "Description": "Optional field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-city", "DisplayName": "Tech - City", "Type": "String", @@ -633,10 +824,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-country", "DisplayName": "Tech - Country", "Type": "String", @@ -646,10 +837,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-email", "DisplayName": "Tech - Email", "Type": "String", @@ -659,10 +850,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact. Must be an akamai.com email address." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-firstName", "DisplayName": "Tech - First Name", "Type": "String", @@ -672,10 +863,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-lastName", "DisplayName": "Tech - Last Name", "Type": "String", @@ -685,10 +876,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-organizationName", "DisplayName": "Tech - Organization Name", "Type": "String", @@ -698,10 +889,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "Akamai", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-phone", "DisplayName": "Tech - Phone", "Type": "String", @@ -711,10 +902,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-postalCode", "DisplayName": "Tech - Postal Code", "Type": "String", @@ -724,10 +915,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-region", "DisplayName": "Tech - Region", "Type": "String", @@ -737,10 +928,10 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." }, { - "StoreTypeId;omitempty": 0, "Name": "tech-title", "DisplayName": "Tech - Title", "Type": "String", @@ -750,7 +941,8 @@ "OnRemove": false, "OnReenrollment": true }, - "DefaultValue": null + "DefaultValue": "SET-DEFAULT", + "Description": "Required field for Akamai Tech contact." } ], "PasswordOptions": { @@ -764,7 +956,9 @@ "ServerRequired": false, "PowerShell": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" + "CustomAliasAllowed": "Forbidden", + "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.", + "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"." }, { "Name": "Azure Application Gateway Certificate Binding", @@ -1158,38 +1352,50 @@ "Name": "Bosch IP Camera", "ShortName": "BIPCamera", "Capability": "BIPCamera", - "LocalStore": false, + "PrivateKeyAllowed": "Optional", + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": true, + "CustomAliasAllowed": "Required", "SupportedOperations": { - "Add": true, + "Add": false, "Create": false, "Discovery": false, "Enrollment": true, - "Remove": true + "Remove": false + }, + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" }, "Properties": [ { "Name": "ServerUsername", "DisplayName": "Server Username", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "Enter the username of the configured \"service\" user on the camera" }, { "Name": "ServerPassword", "DisplayName": "Server Password", "Type": "Secret", - "DependsOn": null, - "DefaultValue": null, - "Required": false + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "Enter the password of the configured \"service\" user on the camera" }, { "Name": "ServerUseSsl", "DisplayName": "Use SSL", "Type": "Bool", - "DependsOn": null, + "DependsOn": "", "DefaultValue": "true", - "Required": true + "Required": true, + "Description": "Select True or False depending on if SSL (HTTPS) should be used to communicate with the camera." } ], "EntryParameters": [ @@ -1203,7 +1409,8 @@ "OnRemove": false, "OnReenrollment": false }, - "Options": ",HTTPS,EAP-TLS-client,TLS-DATE-client" + "Options": ",HTTPS,EAP-TLS-client,TLS-DATE-client", + "Description": "The Certificate Usage to assign to the cert after upload. Can be left blank to be assigned later." }, { "Name": "Name", @@ -1214,7 +1421,8 @@ "OnAdd": false, "OnRemove": false, "OnReenrollment": true - } + }, + "Description": "The certificate Alias, entered again." }, { "Name": "Overwrite", @@ -1226,19 +1434,12 @@ "OnRemove": false, "OnReenrollment": false }, - "DefaultValue": "false" + "DefaultValue": "false", + "Description": "Select `True` if using an existing Alias name to remove and replace an existing certificate." } ], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": true, - "CustomAliasAllowed": "Required" + "ClientMachineDescription": "The IP address of the Camera. Sample is \"192.167.231.174:44444\". Include the port if necessary.", + "StorePathDescription": "Enter the Serial Number of the camera e.g. `068745431065110085`" }, { "Name": "CiscoAsa", @@ -1633,7 +1834,7 @@ "Capability": "F5-CA-REST", "ServerRequired": true, "ClientMachineDescription": "The server name or IP Address for the F5 device.", - "StorePathDescription": "Enter the name of the partition on the F5 device you wish to manage. This value is case sensitive, so if the partition name is \"Common\", it must be entered as \"Common\" and not \"common\",", + "StorePathDescription": "Enter the name of the partition followed by the name of the bundle separated by a / (i.e. Common/BundleName). This value is case sensitive, so if the partition name is \"Common/BundleName\", it must be entered as \"Common/BundleName\" and not \"common/bundlename\",", "SupportedOperations": { "Add": true, "Create": false, @@ -1802,6 +2003,15 @@ "Required": true, "Description": "Select this if you wish to stop the orchestrator from adding, replacing or renewing certificates on nodes that are inactive. If this is not selected, adding, replacing and renewing certificates on inactive nodes will be allowed. If you choose not to add this custom field, the default value of False will be assumed." }, + { + "Name": "RemoveChain", + "DisplayName": "Remove Chain on Add", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "False", + "Required": false, + "Description": "Optional setting. Set this to true if you would like to remove the certificate chain before adding or replacing a certificate on your F5 device." + }, { "Name": "IgnoreSSLWarning", "DisplayName": "Ignore SSL Warning", @@ -1818,7 +2028,7 @@ "DependsOn": "", "DefaultValue": "false", "Required": true, - "Description": "Select this if you wish to use F5's token authentiation instead of basic authentication for all API requests. If you choose not to add this custom field, the default value of False will be assumed and basic authentication will be used for all API requests for all jobs. Setting this value to True will enable an initial basic authenticated request to acquire an authentication token, which will then be used for all subsequent API requests." + "Description": "Select this if you wish to use F5's token authentication instead of basic authentication for all API requests. If you choose not to add this custom field, the default value of False will be assumed and basic authentication will be used for all API requests for all jobs. Setting this value to True will enable an initial basic authenticated request to acquire an authentication token, which will then be used for all subsequent API requests." }, { "Name": "ServerUsername", @@ -2061,88 +2271,88 @@ "StorePathDescription": "This is not used in this integration, but is a required field in the UI. Just enter any value here" }, { - "Name": "Google Cloud Provider Apigee", - "ShortName": "GcpApigee", - "Capability": "GcpApigee", + "Name": "GCP Load Balancer", + "ShortName": "GCPLoadBal", + "Capability": "GCPLoadBal", "ServerRequired": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Required", + "CustomAliasAllowed": "Optional", "PowerShell": false, - "PrivateKeyAllowed": "Optional", + "PrivateKeyAllowed": "Required", "SupportedOperations": { "Add": true, - "Create": true, + "Create": false, "Discovery": false, "Enrollment": false, "Remove": true }, "PasswordOptions": { + "Style": "Default", "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" + "StoreRequired": false }, "Properties": [ { - "Name": "isTrustStore", - "DisplayName": "Is Trust Store?", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "false", + "Name": "jsonKey", + "DisplayName": "Service Account Key", "Required": true, "IsPAMEligible": false, - "Description": "Should be checked if the Apigee keystore being managed is a truststore." - }, - { - "Name": "jsonKey", - "DisplayName": "Google Json Key File", - "Type": "Secret", "DependsOn": "", + "Type": "Secret", "DefaultValue": "", - "Required": true, - "IsPAMEligible": false, - "Description": "The JSON key tied to the Apigee service account. You can copy and paste the entire Json key in the textbox when creating a certificate store in the Keyfactor Command UI." + "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value" } ], - "EntryParameters": [], - "ClientMachineDescription": "The Base URL for the GCP Apigee REST Api. Should be *apigee.googleapis.com*", - "StorePathDescription": "The Apigee keystore being managed. Must be provided in the following format: organizations/{org}/environments/{env}/keystores/{keystore}, where {org}, {env}, and {keystore} will be replaced with your environment-specific values." + "ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.", + "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).", + "EntryParameters": [] }, { - "Name": "GCP Load Balancer", - "ShortName": "GCPLoadBal", - "Capability": "GCPLoadBal", + "Name": "Google Cloud Provider Apigee", + "ShortName": "GcpApigee", + "Capability": "GcpApigee", "ServerRequired": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional", + "CustomAliasAllowed": "Required", "PowerShell": false, - "PrivateKeyAllowed": "Required", + "PrivateKeyAllowed": "Optional", "SupportedOperations": { "Add": true, - "Create": false, + "Create": true, "Discovery": false, "Enrollment": false, "Remove": true }, "PasswordOptions": { - "Style": "Default", "EntrySupported": false, - "StoreRequired": false + "StoreRequired": false, + "Style": "Default" }, "Properties": [ { - "Name": "jsonKey", - "DisplayName": "Service Account Key", + "Name": "isTrustStore", + "DisplayName": "Is Trust Store?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", "Required": true, "IsPAMEligible": false, - "DependsOn": "", + "Description": "Should be checked if the Apigee keystore being managed is a truststore." + }, + { + "Name": "jsonKey", + "DisplayName": "Google Json Key File", "Type": "Secret", + "DependsOn": "", "DefaultValue": "", - "Description": "If authenticating by passing credentials from Keyfactor Command, this is the JSON-based service account key created from within Google Cloud. If authenticating via Application Default Credentials (ADC), select No Value" + "Required": true, + "IsPAMEligible": false, + "Description": "The JSON key tied to the Apigee service account. You can copy and paste the entire Json key in the textbox when creating a certificate store in the Keyfactor Command UI." } ], - "ClientMachineDescription": "Not used, but required when creating a store. Just enter any value.", - "StorePathDescription": "Your Google Cloud Project ID only if you choose to use global resources. Append a forward slash '/' and valid GCP region to process against a specific [GCP region](https://gist.github.com/rpkim/084046e02fd8c452ba6ddef3a61d5d59).", - "EntryParameters": [] + "EntryParameters": [], + "ClientMachineDescription": "The Base URL for the GCP Apigee REST Api. Should be *apigee.googleapis.com*", + "StorePathDescription": "The Apigee keystore being managed. Must be provided in the following format: organizations/{org}/environments/{env}/keystores/{keystore}, where {org}, {env}, and {keystore} will be replaced with your environment-specific values." }, { "Name": "GCP Certificate Manager", @@ -2266,7 +2476,17 @@ "Name": "Hashicorp Vault Key-Value JKS", "ShortName": "HCVKVJKS", "Capability": "HCVKVJKS", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2276,16 +2496,29 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2294,42 +2527,31 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } + }, + { + "Name": "Hashicorp Vault Key-Value PKCS12", + "ShortName": "HCVKVP12", + "Capability": "HCVKVP12", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", + "LocalStore": false, "StorePathType": "", "StorePathValue": "", "PrivateKeyAllowed": "Optional", @@ -2337,13 +2559,7 @@ "ServerRequired": true, "PowerShell": false, "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" - }, - { - "Name": "Hashicorp Vault Key-Value PKCS12", - "ShortName": "HCVKVP12", - "Capability": "HCVKVP12", - "LocalStore": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2353,74 +2569,68 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" }, { - "Name": "MountPoint", - "DisplayName": "Mount Point", - "Type": "String", + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", "DependsOn": "", "DefaultValue": "", - "Required": false + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", "Required": false }, { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault Key-Value PEM", "ShortName": "HCVKVPEM", "Capability": "HCVKVPEM", "LocalStore": false, + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path after mount point where the certificates will be stored.", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2429,9 +2639,30 @@ "Remove": true }, "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, { "Name": "SubfolderInventory", "DisplayName": "Subfolder Inventory", + "Description": "Should certificates found in sub-paths be included when performing an inventory?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2440,6 +2671,7 @@ { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2448,54 +2680,39 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault Key-Value PFX", "ShortName": "HCVKVPFX", "Capability": "HCVKVPFX", + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, + "StorePathType": "", + "StorePathValue": "", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", "SupportedOperations": { "Add": true, "Create": true, @@ -2505,16 +2722,29 @@ }, "Properties": [ { - "Name": "SubfolderInventory", - "DisplayName": "Sub-folder Inventory", - "Type": "Bool", + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", "DependsOn": "", - "DefaultValue": "false", - "Required": false + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" }, { "Name": "IncludeCertChain", "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", "Type": "Bool", "DependsOn": "", "DefaultValue": "false", @@ -2523,56 +2753,39 @@ { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", "Type": "String", "DependsOn": "", "DefaultValue": "", "Required": false - }, - { - "Name": "ServerUsername", - "DisplayName": "Server Username", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerPassword", - "DisplayName": "Server Password", - "Type": "Secret", - "DependsOn": "", - "DefaultValue": "", - "Required": false - }, - { - "Name": "ServerUseSsl", - "DisplayName": "Use SSL", - "Type": "Bool", - "DependsOn": "", - "DefaultValue": "true", - "Required": true } ], "EntryParameters": [], "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "Hashicorp Vault PKI", "ShortName": "HCVPKI", "Capability": "HCVPKI", "LocalStore": false, + "ClientMachineDescription": "This can be any value to help uniquely identify the store. It is not used by this integration.", + "StorePathDescription": "For HCVPKI, this will be '/'", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "PrivateKeyAllowed": "Forbidden", + "CustomAliasAllowed": "Forbidden", + "StorePathType": "Fixed", + "StorePathValue": "/", "SupportedOperations": { "Add": false, "Create": false, @@ -2581,9 +2794,30 @@ "Remove": false }, "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, { "Name": "MountPoint", "DisplayName": "Mount Point", + "Description": "This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: /", "Type": "String", "DependsOn": "", "DefaultValue": "", @@ -2594,14 +2828,12 @@ "PasswordOptions": { "EntrySupported": false, "StoreRequired": false, - "Style": "Default" - }, - "PrivateKeyAllowed": "Optional", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Optional" + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } }, { "Name": "HP iLO Cert Store", @@ -2681,9 +2913,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -2692,7 +2924,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -2710,7 +2942,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", @@ -4438,9 +4670,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -4449,7 +4681,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -4467,7 +4699,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", @@ -4552,9 +4784,9 @@ "DisplayName": "WinRM Protocol", "Type": "MultipleChoice", "DependsOn": "", - "DefaultValue": "https,http", + "DefaultValue": "https,http,ssh", "Required": true, - "Description": "Multiple choice value specifying the protocol (https or http) that the target server's WinRM listener is using. Example: 'https' to use secure communication." + "Description": "Multiple choice value specifying which protocol to use. Protocols https or http use WinRM to connect from Windows to Windows Servers. Using ssh is only supported when running the orchestrator in a Linux environment." }, { "Name": "WinRM Port", @@ -4563,7 +4795,7 @@ "DependsOn": "", "DefaultValue": "5986", "Required": true, - "Description": "String value specifying the port number that the target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP." + "Description": "String value specifying the port number that the Windows target server's WinRM listener is configured to use. Example: '5986' for HTTPS or '5985' for HTTP. By default, when using ssh in a Linux environment, the default port number is 22." }, { "Name": "ServerUsername", @@ -4581,7 +4813,7 @@ "DependsOn": "", "DefaultValue": "", "Required": false, - "Description": "Password corresponding to the Server Username used to log into the target server for establishing the WinRM session. Example: 'P@ssw0rd123'." + "Description": "Password corresponding to the Server Username used to log into the target server. When establishing a SSH session from a Linux environment, the password must include the full SSH Private key." }, { "Name": "ServerUseSsl", From b3b77a891d859e1f44705e51c46f30c5776a9f10 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:23:38 -0700 Subject: [PATCH 04/12] chore(ci): Bump `actions/upload-artifact` to `v4` due to deprecation of `v3` Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- .github/workflows/update-stores.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-stores.yml b/.github/workflows/update-stores.yml index 0e42dfc..63d3834 100644 --- a/.github/workflows/update-stores.yml +++ b/.github/workflows/update-stores.yml @@ -108,7 +108,7 @@ jobs: - name: Save Store Types JSON Artifact if: success() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: store-types path: | @@ -117,14 +117,14 @@ jobs: - name: Save Invalid Store Types JSON Artifact if: success() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: invalid-repos path: ./tools/store-type-merge/invalid_repos.json - name: Save logs directory if: success() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: logs path: ./tools/store-type-merge/log From 0f7c61718f087fde721e77a5100ae999953eb3b9 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:24:21 -0700 Subject: [PATCH 05/12] fix(cli): Don't log initial, silent `store-type` definition fetch. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- cmd/helpers.go | 5 ++++- cmd/storeTypes.go | 5 +++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/cmd/helpers.go b/cmd/helpers.go index b5086c7..7fcbf1b 100644 --- a/cmd/helpers.go +++ b/cmd/helpers.go @@ -186,7 +186,10 @@ func informDebug(debugFlag bool) { if debugModeEnabled { //zerolog.SetGlobalLevel(zerolog.InfoLevel) zerolog.SetGlobalLevel(zerolog.DebugLevel) + return } + // Else no logs should be emitted + zerolog.SetGlobalLevel(zerolog.ErrorLevel) } func initLogger() { @@ -359,7 +362,7 @@ func outputResult(result interface{}, format string) { fmt.Println(fmt.Sprintf("%s", result)) } log.Debug(). - Interface("result", result). + Str("result", fmt.Sprintf("%s", result)). Str("format", format). Msg(fmt.Sprintf("%s outputResult", DebugFuncExit)) } diff --git a/cmd/storeTypes.go b/cmd/storeTypes.go index ca2be2b..bc681e8 100644 --- a/cmd/storeTypes.go +++ b/cmd/storeTypes.go @@ -636,10 +636,11 @@ func readStoreTypesConfig(fp, gitRef string, gitRepo string, offline bool) (map[ } func init() { - offline = true // temporarily set to true as it runs before the flag is set - debugFlag = false // temporarily set to false as it runs before the flag is set + offline = true // temporarily set to true as it runs before the flag is set var gitRef string var gitRepo string + + informDebug(false) // Do not output debug information for initial setup of store-types command validTypesString := strings.Join(getValidStoreTypes("", DefaultGitRef, DefaultGitRepo), ", ") offline = false //revert this so that flag is not set to true by default RootCmd.AddCommand(storeTypesCmd) From f9e94789c06dbb6481e64a56cfb7d6b6b41f4113 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:45:51 -0700 Subject: [PATCH 06/12] chore(deps): Bump all deps to latest. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- go.mod | 20 ++++++++++---------- go.sum | 37 ++++++++++++++++++++----------------- 2 files changed, 30 insertions(+), 27 deletions(-) diff --git a/go.mod b/go.mod index a424d59..6fe0c92 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ toolchain go1.24.3 require ( github.com/AlecAivazis/survey/v2 v2.3.7 - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 github.com/Jeffail/gabs v1.4.0 github.com/Keyfactor/keyfactor-auth-client-go v1.3.0 @@ -22,21 +22,21 @@ require ( github.com/spf13/cobra v1.9.1 github.com/spf13/pflag v1.0.6 github.com/stretchr/testify v1.10.0 - golang.org/x/crypto v0.39.0 - golang.org/x/term v0.32.0 + golang.org/x/crypto v0.40.0 + golang.org/x/term v0.33.0 gopkg.in/yaml.v3 v3.0.1 //github.com/google/go-cmp/cmp v0.5.9 ) require ( github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.18.0 // indirect - github.com/golang-jwt/jwt/v5 v5.2.2 // indirect + github.com/golang-jwt/jwt/v5 v5.2.3 // indirect github.com/hashicorp/go-hclog v1.6.3 // indirect github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect @@ -50,9 +50,9 @@ require ( github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/spbsoluble/go-pkcs12 v0.3.3 // indirect go.mozilla.org/pkcs7 v0.9.0 // indirect - golang.org/x/net v0.41.0 // indirect + golang.org/x/net v0.42.0 // indirect golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sys v0.33.0 // indirect - golang.org/x/text v0.26.0 // indirect + golang.org/x/sys v0.34.0 // indirect + golang.org/x/text v0.27.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect ) diff --git a/go.sum b/go.sum index ea69bb4..f2cd2bd 100644 --- a/go.sum +++ b/go.sum @@ -2,16 +2,18 @@ github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkk github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1 h1:Wc1ml6QlJs2BHQ/9Bqu1jiyggbsSjramq2oUmp5WeIo= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 h1:B+blDbyVIG3WaikNxPnhPiJ1MThR03b3vKGtER95TP4= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4= github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY= github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8= github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4= github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1 h1:mrkDCdkMsD4l9wjFGhofFHFrV43Y3c53RSLKOCJ5+Ow= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1/go.mod h1:hPv41DbqMmnxcGralanA/kVlfdH5jv3T4LxGku2E1BY= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 h1:bFWuoEKg+gImo7pvkiQEFAc8ocibADgXeiLAxWhWmkI= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1/go.mod h1:Vih/3yc6yac2JzU4hzpaDupBJP0Flaia9rXXrU8xyww= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0 h1:/g8S6wk65vfC6m3FIxJ+i5QDyN9JWwXI8Hb0Img10hU= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0/go.mod h1:gpl+q95AzZlKVI3xSoseF9QPrypk0hQqBiJYeB/cR/I= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 h1:nCYfgcSyHZXJI8J0IWE5MsCGlb2xp9fJiXyxWgmOFg4= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0/go.mod h1:ucUjca2JtSZboY8IoUqyQyuuXvwbMBVwFOm0vdQPNhA= github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM= github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE= github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 h1:oygO0locgZJe7PpYPXT5A29ZkwJaPqcva7BVeemZOZs= @@ -29,8 +31,9 @@ github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDe github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/cpuguy83/go-md2man/v2 v2.0.6 h1:XJtiaUW6dEEqVuZiMTn1ldk455QWwEIsMIJlo5vtkx0= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= +github.com/cpuguy83/go-md2man/v2 v2.0.7 h1:zbFlGlXEAKlwXpmvle3d8Oe3YnkKIK4xSRTd3sHPnBo= +github.com/cpuguy83/go-md2man/v2 v2.0.7/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s= github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE= @@ -43,8 +46,8 @@ github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYF github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= -github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.2.3 h1:kkGXqQOBSDDWRhWNXTFpqGSCMyh/PLnqUvMGJPDJDs0= +github.com/golang-jwt/jwt/v5 v5.2.3/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -118,14 +121,14 @@ go.mozilla.org/pkcs7 v0.9.0 h1:yM4/HS9dYv7ri2biPtxt8ikvB37a980dg69/pKmS+eI= go.mozilla.org/pkcs7 v0.9.0/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM= -golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U= +golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM= +golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw= -golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA= +golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs= +golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8= golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -145,18 +148,18 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= -golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA= +golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= -golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= +golang.org/x/term v0.33.0 h1:NuFncQrRcaRvVmgRkvM3j/F00gWIAlcmlB8ACEKmGIg= +golang.org/x/term v0.33.0/go.mod h1:s18+ql9tYWp1IfpV9DmCtQDDSRBUjKaw9M1eAv5UeF0= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M= -golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA= +golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4= +golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= From 3424a73139ea9f3920f3fc50fc7ded977657c669 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:46:13 -0700 Subject: [PATCH 07/12] fix(cli): Silence logging if `--debug` isn't passed. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- cmd/helpers.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/helpers.go b/cmd/helpers.go index 7fcbf1b..e82dc5b 100644 --- a/cmd/helpers.go +++ b/cmd/helpers.go @@ -189,7 +189,7 @@ func informDebug(debugFlag bool) { return } // Else no logs should be emitted - zerolog.SetGlobalLevel(zerolog.ErrorLevel) + zerolog.SetGlobalLevel(zerolog.Disabled) } func initLogger() { From 14d6b946012fe6443d1ae6af2c9056d9ca122c0f Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Tue, 15 Jul 2025 16:46:29 -0700 Subject: [PATCH 08/12] chore(docs): Update CHANGELOG.md Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- CHANGELOG.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ee9b56e..6ab7ec4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,19 @@ +# v1.8.1 + +## Fixes + +### CLI + +- Silence logging of initial `store-type` fetch +- `store-types`: Update internal definitions to latest from Keyfactor GitHub repos. +- `version` update internal version to `1.8.1` + +### Chores + +- `docs`: Add `migration` auto docs +- `docs`: Refresh auto docs +- `deps`: Update all deps to latest versions + # v1.8.0 ## Features From 1b40d8382e514d7546f927afbffb46d95c537a7c Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 31 Jul 2025 07:16:41 -0700 Subject: [PATCH 09/12] chore(pkg): Bump internal version to 1.8.2 Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- pkg/version/version.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/version/version.go b/pkg/version/version.go index 3ad2feb..df4df05 100644 --- a/pkg/version/version.go +++ b/pkg/version/version.go @@ -15,7 +15,7 @@ package version var ( - VERSION = "1.8.1" - BUILD_DATE = "2025-05-20" + VERSION = "1.8.2" + BUILD_DATE = "2025-07-31" COMMIT = "HEAD" ) From 44d984d8045f83e88afd549eee8987fbc18cf37d Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 31 Jul 2025 07:39:45 -0700 Subject: [PATCH 10/12] chore(docs): Regenerate auto docs Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- docs/kfutil.md | 2 +- docs/kfutil_completion.md | 2 +- docs/kfutil_completion_bash.md | 2 +- docs/kfutil_completion_fish.md | 2 +- docs/kfutil_completion_powershell.md | 2 +- docs/kfutil_completion_zsh.md | 2 +- docs/kfutil_containers.md | 2 +- docs/kfutil_containers_get.md | 2 +- docs/kfutil_containers_list.md | 2 +- docs/kfutil_export.md | 2 +- docs/kfutil_helm.md | 2 +- docs/kfutil_helm_uo.md | 2 +- docs/kfutil_import.md | 2 +- docs/kfutil_login.md | 2 +- docs/kfutil_logout.md | 2 +- docs/kfutil_migrate.md | 2 +- docs/kfutil_migrate_check.md | 2 +- docs/kfutil_migrate_pam.md | 2 +- docs/kfutil_orchs.md | 2 +- docs/kfutil_orchs_approve.md | 2 +- docs/kfutil_orchs_disapprove.md | 2 +- docs/kfutil_orchs_ext.md | 2 +- docs/kfutil_orchs_get.md | 2 +- docs/kfutil_orchs_list.md | 2 +- docs/kfutil_orchs_logs.md | 2 +- docs/kfutil_orchs_reset.md | 2 +- docs/kfutil_pam.md | 2 +- docs/kfutil_pam_create.md | 2 +- docs/kfutil_pam_delete.md | 2 +- docs/kfutil_pam_get.md | 2 +- docs/kfutil_pam_list.md | 2 +- docs/kfutil_pam_types-create.md | 2 +- docs/kfutil_pam_types-list.md | 2 +- docs/kfutil_pam_update.md | 2 +- docs/kfutil_status.md | 2 +- docs/kfutil_store-types.md | 2 +- docs/kfutil_store-types_create.md | 4 ++-- docs/kfutil_store-types_delete.md | 2 +- docs/kfutil_store-types_get.md | 2 +- docs/kfutil_store-types_list.md | 2 +- docs/kfutil_store-types_templates-fetch.md | 2 +- docs/kfutil_stores.md | 2 +- docs/kfutil_stores_delete.md | 2 +- docs/kfutil_stores_export.md | 2 +- docs/kfutil_stores_get.md | 2 +- docs/kfutil_stores_import.md | 2 +- docs/kfutil_stores_import_csv.md | 2 +- docs/kfutil_stores_import_generate-template.md | 2 +- docs/kfutil_stores_inventory.md | 2 +- docs/kfutil_stores_inventory_add.md | 2 +- docs/kfutil_stores_inventory_remove.md | 2 +- docs/kfutil_stores_inventory_show.md | 2 +- docs/kfutil_stores_list.md | 2 +- docs/kfutil_stores_rot.md | 2 +- docs/kfutil_stores_rot_audit.md | 2 +- docs/kfutil_stores_rot_generate-template.md | 2 +- docs/kfutil_stores_rot_reconcile.md | 2 +- docs/kfutil_version.md | 2 +- 58 files changed, 59 insertions(+), 59 deletions(-) diff --git a/docs/kfutil.md b/docs/kfutil.md index 4a61259..c85b77f 100644 --- a/docs/kfutil.md +++ b/docs/kfutil.md @@ -47,4 +47,4 @@ A CLI wrapper around the Keyfactor Platform API. * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. * [kfutil version](kfutil_version.md) - Shows version of kfutil -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion.md b/docs/kfutil_completion.md index a9ba81f..af775cf 100644 --- a/docs/kfutil_completion.md +++ b/docs/kfutil_completion.md @@ -45,4 +45,4 @@ See each sub-command's help for details on how to use the generated script. * [kfutil completion powershell](kfutil_completion_powershell.md) - Generate the autocompletion script for powershell * [kfutil completion zsh](kfutil_completion_zsh.md) - Generate the autocompletion script for zsh -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion_bash.md b/docs/kfutil_completion_bash.md index 95da43b..29aacba 100644 --- a/docs/kfutil_completion_bash.md +++ b/docs/kfutil_completion_bash.md @@ -64,4 +64,4 @@ kfutil completion bash * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion_fish.md b/docs/kfutil_completion_fish.md index 17b37ce..64c8ffe 100644 --- a/docs/kfutil_completion_fish.md +++ b/docs/kfutil_completion_fish.md @@ -55,4 +55,4 @@ kfutil completion fish [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion_powershell.md b/docs/kfutil_completion_powershell.md index 168732f..1929002 100644 --- a/docs/kfutil_completion_powershell.md +++ b/docs/kfutil_completion_powershell.md @@ -52,4 +52,4 @@ kfutil completion powershell [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_completion_zsh.md b/docs/kfutil_completion_zsh.md index df997d4..3724a41 100644 --- a/docs/kfutil_completion_zsh.md +++ b/docs/kfutil_completion_zsh.md @@ -66,4 +66,4 @@ kfutil completion zsh [flags] * [kfutil completion](kfutil_completion.md) - Generate the autocompletion script for the specified shell -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_containers.md b/docs/kfutil_containers.md index a18a8c3..267194a 100644 --- a/docs/kfutil_containers.md +++ b/docs/kfutil_containers.md @@ -41,4 +41,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil containers get](kfutil_containers_get.md) - Get certificate store container by ID or name. * [kfutil containers list](kfutil_containers_list.md) - List certificate store containers. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_containers_get.md b/docs/kfutil_containers_get.md index a19027a..917e25f 100644 --- a/docs/kfutil_containers_get.md +++ b/docs/kfutil_containers_get.md @@ -44,4 +44,4 @@ kfutil containers get [flags] * [kfutil containers](kfutil_containers.md) - Keyfactor certificate store container API and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_containers_list.md b/docs/kfutil_containers_list.md index 62f17be..d376d98 100644 --- a/docs/kfutil_containers_list.md +++ b/docs/kfutil_containers_list.md @@ -43,4 +43,4 @@ kfutil containers list [flags] * [kfutil containers](kfutil_containers.md) - Keyfactor certificate store container API and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_export.md b/docs/kfutil_export.md index 649f5f7..7ba64e6 100644 --- a/docs/kfutil_export.md +++ b/docs/kfutil_export.md @@ -55,4 +55,4 @@ kfutil export [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_helm.md b/docs/kfutil_helm.md index a91ad69..f3a795e 100644 --- a/docs/kfutil_helm.md +++ b/docs/kfutil_helm.md @@ -46,4 +46,4 @@ kubectl helm uo | helm install -f - keyfactor-universal-orchestrator keyfactor/k * [kfutil](kfutil.md) - Keyfactor CLI utilities * [kfutil helm uo](kfutil_helm_uo.md) - Configure the Keyfactor Universal Orchestrator Helm Chart -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_helm_uo.md b/docs/kfutil_helm_uo.md index 581a1af..7c12c98 100644 --- a/docs/kfutil_helm_uo.md +++ b/docs/kfutil_helm_uo.md @@ -50,4 +50,4 @@ kfutil helm uo [-t ] [-o ] [-f ] [-e -e @,@ -o ./app/extension * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_orchs_get.md b/docs/kfutil_orchs_get.md index 9777377..e0f29aa 100644 --- a/docs/kfutil_orchs_get.md +++ b/docs/kfutil_orchs_get.md @@ -44,4 +44,4 @@ kfutil orchs get [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_orchs_list.md b/docs/kfutil_orchs_list.md index bc02d7c..6741c38 100644 --- a/docs/kfutil_orchs_list.md +++ b/docs/kfutil_orchs_list.md @@ -43,4 +43,4 @@ kfutil orchs list [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_orchs_logs.md b/docs/kfutil_orchs_logs.md index 0d535d4..a249edb 100644 --- a/docs/kfutil_orchs_logs.md +++ b/docs/kfutil_orchs_logs.md @@ -44,4 +44,4 @@ kfutil orchs logs [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_orchs_reset.md b/docs/kfutil_orchs_reset.md index af41268..dac473b 100644 --- a/docs/kfutil_orchs_reset.md +++ b/docs/kfutil_orchs_reset.md @@ -44,4 +44,4 @@ kfutil orchs reset [flags] * [kfutil orchs](kfutil_orchs.md) - Keyfactor agents/orchestrators APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam.md b/docs/kfutil_pam.md index f5eddd0..0d3b4b5 100644 --- a/docs/kfutil_pam.md +++ b/docs/kfutil_pam.md @@ -48,4 +48,4 @@ programmatically create, delete, edit, and list PAM Providers. * [kfutil pam types-list](kfutil_pam_types-list.md) - Returns a list of all available PAM provider types. * [kfutil pam update](kfutil_pam_update.md) - Updates an existing PAM Provider, currently only supported from file. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_create.md b/docs/kfutil_pam_create.md index b0853eb..00d732e 100644 --- a/docs/kfutil_pam_create.md +++ b/docs/kfutil_pam_create.md @@ -44,4 +44,4 @@ kfutil pam create [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_delete.md b/docs/kfutil_pam_delete.md index 8d4b267..adf3eb6 100644 --- a/docs/kfutil_pam_delete.md +++ b/docs/kfutil_pam_delete.md @@ -44,4 +44,4 @@ kfutil pam delete [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_get.md b/docs/kfutil_pam_get.md index 3823d67..72caee7 100644 --- a/docs/kfutil_pam_get.md +++ b/docs/kfutil_pam_get.md @@ -44,4 +44,4 @@ kfutil pam get [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_list.md b/docs/kfutil_pam_list.md index 7eacae9..cebb548 100644 --- a/docs/kfutil_pam_list.md +++ b/docs/kfutil_pam_list.md @@ -43,4 +43,4 @@ kfutil pam list [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_types-create.md b/docs/kfutil_pam_types-create.md index eba0990..694c808 100644 --- a/docs/kfutil_pam_types-create.md +++ b/docs/kfutil_pam_types-create.md @@ -51,4 +51,4 @@ kfutil pam types-create [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_types-list.md b/docs/kfutil_pam_types-list.md index 0ccef4a..1aa8b45 100644 --- a/docs/kfutil_pam_types-list.md +++ b/docs/kfutil_pam_types-list.md @@ -43,4 +43,4 @@ kfutil pam types-list [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_pam_update.md b/docs/kfutil_pam_update.md index 8425624..1507892 100644 --- a/docs/kfutil_pam_update.md +++ b/docs/kfutil_pam_update.md @@ -44,4 +44,4 @@ kfutil pam update [flags] * [kfutil pam](kfutil_pam.md) - Keyfactor PAM Provider APIs. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_status.md b/docs/kfutil_status.md index 349c72f..cc9ce3e 100644 --- a/docs/kfutil_status.md +++ b/docs/kfutil_status.md @@ -43,4 +43,4 @@ kfutil status [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types.md b/docs/kfutil_store-types.md index 2197ba0..afcc830 100644 --- a/docs/kfutil_store-types.md +++ b/docs/kfutil_store-types.md @@ -44,4 +44,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil store-types list](kfutil_store-types_list.md) - List certificate store types. * [kfutil store-types templates-fetch](kfutil_store-types_templates-fetch.md) - Fetches store type templates from Keyfactor's Github. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_create.md b/docs/kfutil_store-types_create.md index 5bf8303..f819391 100644 --- a/docs/kfutil_store-types_create.md +++ b/docs/kfutil_store-types_create.md @@ -18,7 +18,7 @@ kfutil store-types create [flags] -b, --git-ref string The git branch or tag to reference when pulling store-types from the internet. (default "main") -h, --help help for create -l, --list List valid store types. - -n, --name string Short name of the certificate store type to get. Valid choices are: AKV, AWS-ACM, Akamai, AppGwBin, AzureApp, AzureApp2, AzureAppGw, AzureSP, AzureSP2, BIPCamera, CiscoAsa, CitrixAdc, DataPower, F5-BigIQ, F5-CA-REST, F5-SL-REST, F5-WS-REST, FortiWeb, Fortigate, GCPLoadBal, GcpApigee, GcpCertMgr, HCVKV, HCVKVJKS, HCVKVP12, HCVKVPEM, HCVKVPFX, HCVPKI, HPiLO, IISU, Imperva, K8SCert, K8SCluster, K8SJKS, K8SNS, K8SPKCS12, K8SSecret, K8STLSSecr, MOST, Nmap, PaloAlto, RFDER, RFJKS, RFKDB, RFORA, RFPEM, RFPkcs12, SAMPLETYPE, Signum, VMware-NSX, WinCerMgmt, WinCert, WinSql, f5WafCa, f5WafTls, iDRAC + -n, --name string Short name of the certificate store type to get. Valid choices are: AKV, AWS-ACM, AWS-ACM-v3, Akamai, AlteonLB, AppGwBin, AzureApp, AzureApp2, AzureAppGw, AzureSP, AzureSP2, BIPCamera, CiscoAsa, CitrixAdc, DataPower, F5-BigIQ, F5-CA-REST, F5-SL-REST, F5-WS-REST, FortiWeb, Fortigate, GCPLoadBal, GcpApigee, GcpCertMgr, HCVKV, HCVKVJKS, HCVKVP12, HCVKVPEM, HCVKVPFX, HCVPKI, HPiLO, IISU, Imperva, K8SCert, K8SCluster, K8SJKS, K8SNS, K8SPKCS12, K8SSecret, K8STLSSecr, Nmap, PaloAlto, RFDER, RFJKS, RFKDB, RFORA, RFPEM, RFPkcs12, SAMPLETYPE, Signum, VMware-NSX, WinCerMgmt, WinCert, WinSql, f5WafCa, f5WafTls, iDRAC -r, --repo string The repository to pull store-types definitions from. (default "kfutil") ``` @@ -49,4 +49,4 @@ kfutil store-types create [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_delete.md b/docs/kfutil_store-types_delete.md index e4ffcc5..f645535 100644 --- a/docs/kfutil_store-types_delete.md +++ b/docs/kfutil_store-types_delete.md @@ -47,4 +47,4 @@ kfutil store-types delete [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_get.md b/docs/kfutil_store-types_get.md index df11d41..02ffe4c 100644 --- a/docs/kfutil_store-types_get.md +++ b/docs/kfutil_store-types_get.md @@ -48,4 +48,4 @@ kfutil store-types get [-i | -n ] [-b * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_list.md b/docs/kfutil_store-types_list.md index 8318adb..325580e 100644 --- a/docs/kfutil_store-types_list.md +++ b/docs/kfutil_store-types_list.md @@ -43,4 +43,4 @@ kfutil store-types list [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_store-types_templates-fetch.md b/docs/kfutil_store-types_templates-fetch.md index ad35f47..1dcbe1d 100644 --- a/docs/kfutil_store-types_templates-fetch.md +++ b/docs/kfutil_store-types_templates-fetch.md @@ -45,4 +45,4 @@ kfutil store-types templates-fetch [flags] * [kfutil store-types](kfutil_store-types.md) - Keyfactor certificate store types APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores.md b/docs/kfutil_stores.md index 4a2e092..832522b 100644 --- a/docs/kfutil_stores.md +++ b/docs/kfutil_stores.md @@ -47,4 +47,4 @@ A collections of APIs and utilities for interacting with Keyfactor certificate s * [kfutil stores list](kfutil_stores_list.md) - List certificate stores. * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_delete.md b/docs/kfutil_stores_delete.md index 53cc545..321e388 100644 --- a/docs/kfutil_stores_delete.md +++ b/docs/kfutil_stores_delete.md @@ -46,4 +46,4 @@ kfutil stores delete [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_export.md b/docs/kfutil_stores_export.md index 2594ae0..72d577e 100644 --- a/docs/kfutil_stores_export.md +++ b/docs/kfutil_stores_export.md @@ -47,4 +47,4 @@ kfutil stores export [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_get.md b/docs/kfutil_stores_get.md index 65bc985..4f04e9c 100644 --- a/docs/kfutil_stores_get.md +++ b/docs/kfutil_stores_get.md @@ -44,4 +44,4 @@ kfutil stores get [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_import.md b/docs/kfutil_stores_import.md index 1b7fb26..9f776df 100644 --- a/docs/kfutil_stores_import.md +++ b/docs/kfutil_stores_import.md @@ -41,4 +41,4 @@ Tools for generating import templates and importing certificate stores * [kfutil stores import csv](kfutil_stores_import_csv.md) - Create certificate stores from CSV file. * [kfutil stores import generate-template](kfutil_stores_import_generate-template.md) - For generating a CSV template with headers for bulk store creation. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_import_csv.md b/docs/kfutil_stores_import_csv.md index c3cc561..e6e8162 100644 --- a/docs/kfutil_stores_import_csv.md +++ b/docs/kfutil_stores_import_csv.md @@ -94,4 +94,4 @@ kfutil stores import csv --file --store-type-id --store-t * [kfutil stores import](kfutil_stores_import.md) - Import a file with certificate store definitions and create them in Keyfactor Command. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_inventory.md b/docs/kfutil_stores_inventory.md index 8e1762c..39ab51d 100644 --- a/docs/kfutil_stores_inventory.md +++ b/docs/kfutil_stores_inventory.md @@ -42,4 +42,4 @@ Commands related to certificate store inventory management * [kfutil stores inventory remove](kfutil_stores_inventory_remove.md) - Removes a certificate from the certificate store inventory. * [kfutil stores inventory show](kfutil_stores_inventory_show.md) - Show the inventory of a certificate store. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_inventory_add.md b/docs/kfutil_stores_inventory_add.md index 3c34339..b72b6df 100644 --- a/docs/kfutil_stores_inventory_add.md +++ b/docs/kfutil_stores_inventory_add.md @@ -57,4 +57,4 @@ kfutil stores inventory add [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_inventory_remove.md b/docs/kfutil_stores_inventory_remove.md index c3eb6b2..6815300 100644 --- a/docs/kfutil_stores_inventory_remove.md +++ b/docs/kfutil_stores_inventory_remove.md @@ -53,4 +53,4 @@ kfutil stores inventory remove [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_inventory_show.md b/docs/kfutil_stores_inventory_show.md index dd3d232..4157d92 100644 --- a/docs/kfutil_stores_inventory_show.md +++ b/docs/kfutil_stores_inventory_show.md @@ -47,4 +47,4 @@ kfutil stores inventory show [flags] * [kfutil stores inventory](kfutil_stores_inventory.md) - Commands related to certificate store inventory management -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_list.md b/docs/kfutil_stores_list.md index 1efab07..113729a 100644 --- a/docs/kfutil_stores_list.md +++ b/docs/kfutil_stores_list.md @@ -43,4 +43,4 @@ kfutil stores list [flags] * [kfutil stores](kfutil_stores.md) - Keyfactor certificate stores APIs and utilities. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_rot.md b/docs/kfutil_stores_rot.md index f575593..2a10d82 100644 --- a/docs/kfutil_stores_rot.md +++ b/docs/kfutil_stores_rot.md @@ -54,4 +54,4 @@ kfutil stores rot reconcile --import-csv * [kfutil stores rot generate-template](kfutil_stores_rot_generate-template.md) - For generating Root Of Trust template(s) * [kfutil stores rot reconcile](kfutil_stores_rot_reconcile.md) - Reconcile either takes in or will generate an audit report and then add/remove certs as needed. -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_rot_audit.md b/docs/kfutil_stores_rot_audit.md index 35456bb..61216df 100644 --- a/docs/kfutil_stores_rot_audit.md +++ b/docs/kfutil_stores_rot_audit.md @@ -51,4 +51,4 @@ kfutil stores rot audit [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_rot_generate-template.md b/docs/kfutil_stores_rot_generate-template.md index 80f831d..716355b 100644 --- a/docs/kfutil_stores_rot_generate-template.md +++ b/docs/kfutil_stores_rot_generate-template.md @@ -49,4 +49,4 @@ kfutil stores rot generate-template [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_stores_rot_reconcile.md b/docs/kfutil_stores_rot_reconcile.md index 2cd73a4..c8ba7ac 100644 --- a/docs/kfutil_stores_rot_reconcile.md +++ b/docs/kfutil_stores_rot_reconcile.md @@ -56,4 +56,4 @@ kfutil stores rot reconcile [flags] * [kfutil stores rot](kfutil_stores_rot.md) - Root of trust utility -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 diff --git a/docs/kfutil_version.md b/docs/kfutil_version.md index fb338e8..7357c58 100644 --- a/docs/kfutil_version.md +++ b/docs/kfutil_version.md @@ -43,4 +43,4 @@ kfutil version [flags] * [kfutil](kfutil.md) - Keyfactor CLI utilities -###### Auto generated on 15-Jul-2025 +###### Auto generated on 31-Jul-2025 From 2f25d79e0fe869a44d52f0e31cab19d5b258996e Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 31 Jul 2025 07:40:06 -0700 Subject: [PATCH 11/12] chore(store-types): Update internal store-type definitions to latest. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- cmd/store_types.json | 160 ++++++++++++++++--------------------------- main.go | 16 ++--- store_types.json | 160 ++++++++++++++++--------------------------- 3 files changed, 123 insertions(+), 213 deletions(-) diff --git a/cmd/store_types.json b/cmd/store_types.json index a964321..d79022a 100644 --- a/cmd/store_types.json +++ b/cmd/store_types.json @@ -421,34 +421,6 @@ "ClientMachineDescription": "This is a full AWS ARN specifying a Role. This is the Role that will be assumed in any Auth scenario performing Assume Role. This will dictate what certificates are usable by the orchestrator. A preceding [profile] name should be included if a Credential Profile is to be used in Default Sdk Auth.", "StorePathDescription": "A single specified AWS Region the store will operate in. Additional regions should get their own store defined." }, - { - "Name": "Airlock Application Firewall Certificate", - "ShortName": "AirlockWAF", - "Capability": "AirlockWAF", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": true, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Required", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Allowed" - }, { "Name": "Akamai Certificate Provisioning Service", "ShortName": "Akamai", @@ -960,6 +932,46 @@ "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.", "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"." }, + { + "Name": "Alteon Load Balancer", + "ShortName": "AlteonLB", + "Capability": "AlteonLB", + "ClientMachineDescription": "The Alteon Load Balancer Server and port", + "StorePathDescription": "This value isn't used for this integration (other than to uniquely identify the cert store in certificate searches).", + "SupportedOperations": { + "Add": true, + "Remove": true, + "Enrollment": false, + "Discovery": false, + "Inventory": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "Description": "Alteon user ID with sufficient permissions to manage certs in the Alteon Load Balancer.", + "Required": true + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "Description": "Password associated with Alteon user ID entered above.", + "Required": true + } + ], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "PrivateKeyAllowed": "Optional", + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Optional" + }, { "Name": "Azure Application Gateway Certificate Binding", "ShortName": "AppGwBin", @@ -2060,7 +2072,23 @@ "Description": "True if using https to access the F5 device. False if using http." } ], - "EntryParameters": [] + "EntryParameters": [ + { + "Name": "SSLProfiles", + "DisplayName": "SSL Profiles", + "Type": "String", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + }, + "DependsOn": "", + "DefaultValue": "", + "Options": "", + "Description": "One to many comma delimited F5 SSL Profile names the certificate is bound to" + } + ] }, { "Name": "F5 WS Profiles REST", @@ -3571,51 +3599,6 @@ "BlueprintAllowed": false, "CustomAliasAllowed": "Forbidden" }, - { - "Name": "MyOrchestratorStoreType", - "ShortName": "MOST", - "Capability": "MOST", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [ - { - "Name": "CustomField1", - "DisplayName": "CustomField1", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "Name": "CustomField2", - "DisplayName": "CustomField2", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - }, { "Name": "Nmap Orchestrator", "ShortName": "Nmap", @@ -3696,7 +3679,7 @@ "DefaultValue": "", "Required": false, "IsPAMEligible": false, - "Description": "Device Group on Panorama that changes will be pushed to." + "Description": "A semicolon delimited list of Device Groups that Panorama will push changes to (i.e. 'Group 1', 'Group 1;Group 2', or 'Group 1; Group 2', etc.)." }, { "Name": "InventoryTrustedCerts", @@ -4472,33 +4455,6 @@ "ClientMachineDescription": "The Client Machine field should contain the DNS name or IP address of the remote orchestrated server for Linux orchestrated servers, formatted as a URL (protocol://dns-or-ip:port) for Windows orchestrated servers, or '1.1.1.1|LocalMachine' for local agents. Example: 'https://myserver.mydomain.com:5986' or '1.1.1.1|LocalMachine' for local access.", "StorePathDescription": "The Store Path field should contain the full path and file name, including file extension if applicable, beginning with a forward slash (/) for Linux orchestrated servers or a drive letter (i.e., c:\\folder\\path\\storename.p12) for Windows orchestrated servers. Example: '/folder/path/storename.p12' or 'c:\\folder\\path\\storename.p12'." }, - { - "Name": "SampleStoreType", - "ShortName": "SAMPLETYPE", - "Capability": "SAMPLETYPE", - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": false, - "Enrollment": false, - "Remove": false - }, - "Properties": [], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - }, { "Name": "Signum", "ShortName": "Signum", diff --git a/main.go b/main.go index 68cf1d6..15e0228 100644 --- a/main.go +++ b/main.go @@ -16,21 +16,19 @@ package main import ( _ "embed" - "flag" - "os" "github.com/spf13/cobra/doc" "kfutil/cmd" ) func main() { - var docsFlag bool - flag.BoolVar(&docsFlag, "makedocs", false, "Create markdown docs.") - flag.Parse() - if docsFlag { - docs() - os.Exit(0) - } + //var docsFlag bool + //flag.BoolVar(&docsFlag, "makedocs", false, "Create markdown docs.") + //flag.Parse() + //if docsFlag { + // docs() + // os.Exit(0) + //} cmd.Execute() } diff --git a/store_types.json b/store_types.json index a964321..d79022a 100644 --- a/store_types.json +++ b/store_types.json @@ -421,34 +421,6 @@ "ClientMachineDescription": "This is a full AWS ARN specifying a Role. This is the Role that will be assumed in any Auth scenario performing Assume Role. This will dictate what certificates are usable by the orchestrator. A preceding [profile] name should be included if a Credential Profile is to be used in Default Sdk Auth.", "StorePathDescription": "A single specified AWS Region the store will operate in. Additional regions should get their own store defined." }, - { - "Name": "Airlock Application Firewall Certificate", - "ShortName": "AirlockWAF", - "Capability": "AirlockWAF", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": true, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Required", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Allowed" - }, { "Name": "Akamai Certificate Provisioning Service", "ShortName": "Akamai", @@ -960,6 +932,46 @@ "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.", "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"." }, + { + "Name": "Alteon Load Balancer", + "ShortName": "AlteonLB", + "Capability": "AlteonLB", + "ClientMachineDescription": "The Alteon Load Balancer Server and port", + "StorePathDescription": "This value isn't used for this integration (other than to uniquely identify the cert store in certificate searches).", + "SupportedOperations": { + "Add": true, + "Remove": true, + "Enrollment": false, + "Discovery": false, + "Inventory": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "Description": "Alteon user ID with sufficient permissions to manage certs in the Alteon Load Balancer.", + "Required": true + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "Description": "Password associated with Alteon user ID entered above.", + "Required": true + } + ], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default" + }, + "PrivateKeyAllowed": "Optional", + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Optional" + }, { "Name": "Azure Application Gateway Certificate Binding", "ShortName": "AppGwBin", @@ -2060,7 +2072,23 @@ "Description": "True if using https to access the F5 device. False if using http." } ], - "EntryParameters": [] + "EntryParameters": [ + { + "Name": "SSLProfiles", + "DisplayName": "SSL Profiles", + "Type": "String", + "RequiredWhen": { + "HasPrivateKey": false, + "OnAdd": false, + "OnRemove": false, + "OnReenrollment": false + }, + "DependsOn": "", + "DefaultValue": "", + "Options": "", + "Description": "One to many comma delimited F5 SSL Profile names the certificate is bound to" + } + ] }, { "Name": "F5 WS Profiles REST", @@ -3571,51 +3599,6 @@ "BlueprintAllowed": false, "CustomAliasAllowed": "Forbidden" }, - { - "Name": "MyOrchestratorStoreType", - "ShortName": "MOST", - "Capability": "MOST", - "LocalStore": false, - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": true, - "Enrollment": false, - "Remove": false - }, - "Properties": [ - { - "Name": "CustomField1", - "DisplayName": "CustomField1", - "Type": "String", - "DependsOn": "", - "DefaultValue": "default", - "Required": true - }, - { - "Name": "CustomField2", - "DisplayName": "CustomField2", - "Type": "String", - "DependsOn": "", - "DefaultValue": null, - "Required": true - } - ], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": true, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - }, { "Name": "Nmap Orchestrator", "ShortName": "Nmap", @@ -3696,7 +3679,7 @@ "DefaultValue": "", "Required": false, "IsPAMEligible": false, - "Description": "Device Group on Panorama that changes will be pushed to." + "Description": "A semicolon delimited list of Device Groups that Panorama will push changes to (i.e. 'Group 1', 'Group 1;Group 2', or 'Group 1; Group 2', etc.)." }, { "Name": "InventoryTrustedCerts", @@ -4472,33 +4455,6 @@ "ClientMachineDescription": "The Client Machine field should contain the DNS name or IP address of the remote orchestrated server for Linux orchestrated servers, formatted as a URL (protocol://dns-or-ip:port) for Windows orchestrated servers, or '1.1.1.1|LocalMachine' for local agents. Example: 'https://myserver.mydomain.com:5986' or '1.1.1.1|LocalMachine' for local access.", "StorePathDescription": "The Store Path field should contain the full path and file name, including file extension if applicable, beginning with a forward slash (/) for Linux orchestrated servers or a drive letter (i.e., c:\\folder\\path\\storename.p12) for Windows orchestrated servers. Example: '/folder/path/storename.p12' or 'c:\\folder\\path\\storename.p12'." }, - { - "Name": "SampleStoreType", - "ShortName": "SAMPLETYPE", - "Capability": "SAMPLETYPE", - "SupportedOperations": { - "Add": false, - "Create": false, - "Discovery": false, - "Enrollment": false, - "Remove": false - }, - "Properties": [], - "EntryParameters": [], - "PasswordOptions": { - "EntrySupported": false, - "StoreRequired": false, - "Style": "Default" - }, - "StorePathType": "", - "StorePathValue": "", - "PrivateKeyAllowed": "Forbidden", - "JobProperties": [], - "ServerRequired": false, - "PowerShell": false, - "BlueprintAllowed": false, - "CustomAliasAllowed": "Forbidden" - }, { "Name": "Signum", "ShortName": "Signum", From 9f1af71d014adbddb1651cfce7842e42d4b711e9 Mon Sep 17 00:00:00 2001 From: spbsoluble <1661003+spbsoluble@users.noreply.github.com> Date: Thu, 31 Jul 2025 07:57:23 -0700 Subject: [PATCH 12/12] chore(deps): Bump deps to latest. Signed-off-by: spbsoluble <1661003+spbsoluble@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 9 ++++----- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index e5ce821..9e13682 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/joho/godotenv v1.5.1 github.com/rs/zerolog v1.34.0 github.com/spf13/cobra v1.9.1 - github.com/spf13/pflag v1.0.6 + github.com/spf13/pflag v1.0.7 github.com/stretchr/testify v1.10.0 golang.org/x/crypto v0.40.0 golang.org/x/term v0.33.0 @@ -29,7 +29,7 @@ require ( ) require ( - github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 // indirect github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect diff --git a/go.sum b/go.sum index 5807de5..0a9bcc8 100644 --- a/go.sum +++ b/go.sum @@ -1,15 +1,13 @@ github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ= github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1 h1:Wc1ml6QlJs2BHQ/9Bqu1jiyggbsSjramq2oUmp5WeIo= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.1/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 h1:B+blDbyVIG3WaikNxPnhPiJ1MThR03b3vKGtER95TP4= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4= github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY= github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 h1:9iefClla7iYpfYWdzPCRDozdmndjTm8DXdpCzPajMgA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2/go.mod h1:XtLgD3ZD34DAaVIIAyG3objl5DynM3CQ/vMcbBNJZGI= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0 h1:/g8S6wk65vfC6m3FIxJ+i5QDyN9JWwXI8Hb0Img10hU= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.4.0/go.mod h1:gpl+q95AzZlKVI3xSoseF9QPrypk0hQqBiJYeB/cR/I= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0 h1:nCYfgcSyHZXJI8J0IWE5MsCGlb2xp9fJiXyxWgmOFg4= @@ -109,8 +107,9 @@ github.com/spbsoluble/go-pkcs12 v0.3.3 h1:3nh7IKn16RDpmrSMtOu1JvbB0XHYq1j+IsICdU github.com/spbsoluble/go-pkcs12 v0.3.3/go.mod h1:MAxKIUEIl/QVcua/I1L4Otyxl9UvLCCIktce2Tjz6Nw= github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.7 h1:vN6T9TfwStFPFM5XzjsvmzZkLuaLX+HS+0SeFLRgU6M= +github.com/spf13/pflag v1.0.7/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=