Skip to content

Commit

Permalink
Merge 5b948ef into b0b34a2
Browse files Browse the repository at this point in the history
  • Loading branch information
@bhillkeyfactor
bhillkeyfactor authored Jan 9, 2025
2 parents b0b34a2 + 5b948ef commit 592b22d
Show file tree
Hide file tree
Showing 8 changed files with 427 additions and 156 deletions.
3 changes: 2 additions & 1 deletion ...orkflows/keyfactor-bootstrap-workflow.yml → .../workflows/keyfactor-starter-workflow.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,10 @@ on:

jobs:
call-starter-workflow:
uses: keyfactor/actions/.github/workflows/starter.yml@v2
uses: keyfactor/actions/.github/workflows/starter.yml@3.1.2
secrets:
token: ${{ secrets.V2BUILDTOKEN}}
APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
scan_token: ${{ secrets.SAST_TOKEN }}
15 changes: 8 additions & 7 deletions PaloAlto/PaloAlto.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,21 @@
<Project Sdk="Microsoft.NET.Sdk">

<PropertyGroup>
<TargetFramework>netcoreapp3.1</TargetFramework>
<RootNamespace>Keyfactor.Extensions.Orchestrator.PaloAlto</RootNamespace>
<AppendTargetFrameworkToOutputPath>true</AppendTargetFrameworkToOutputPath>
<TargetFrameworks>net6.0;net8.0</TargetFrameworks>
<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
<ImplicitUsings>disable</ImplicitUsings>
</PropertyGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">
<DebugType>none</DebugType>
<DebugSymbols>false</DebugSymbols>
</PropertyGroup>

<ItemGroup>
<Compile Remove="Interfaces\**" />
<EmbeddedResource Remove="Interfaces\**" />
<None Remove="Interfaces\**" />
<ItemGroup>
<Compile Remove="Interfaces\**" />
<EmbeddedResource Remove="Interfaces\**" />
<None Remove="Interfaces\**" />
</ItemGroup>

<ItemGroup>
Expand All @@ -27,7 +28,7 @@
<PackageReference Include="Keyfactor.Logging" Version="1.1.1" />
<PackageReference Include="Keyfactor.Orchestrators.IOrchestratorJobExtensions" Version="0.7.0" />
<PackageReference Include="Keyfactor.PKI" Version="3.4.8" />
<PackageReference Include="RestSharp" Version="107.2.1" />
<PackageReference Include="RestSharp" Version="112.1.0" />
<PackageReference Include="System.Management.Automation" Version="7.0.5" />
</ItemGroup>

Expand Down
5 changes: 4 additions & 1 deletion PaloAltoTestConsole/PaloAltoTestConsole.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,10 @@

<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>netcoreapp3.1</TargetFramework>
<AppendTargetFrameworkToOutputPath>true</AppendTargetFrameworkToOutputPath>
<TargetFrameworks>net6.0;net8.0</TargetFrameworks>
<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
<ImplicitUsings>disable</ImplicitUsings>
</PropertyGroup>

<ItemGroup>
Expand Down
299 changes: 176 additions & 123 deletions README.md
View file

Large diffs are not rendered by default.

182 changes: 182 additions & 0 deletions docsource/content.md
View file

Large diffs are not rendered by default.

20 changes: 20 additions & 0 deletions docsource/paloalto.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
## Overview

TODO Overview is a required section

## Requirements

TODO Requirements is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info

## Discovery Job Configuration

TODO Discovery Job Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info

## Certificate Store Configuration

TODO Certificate Store Configuration is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info

## Global Store Type Section

TODO Global Store Type Section is an optional section. If this section doesn't seem necessary on initial glance, please delete it. Refer to the docs on [Confluence](https://keyfactor.atlassian.net/wiki/x/SAAyHg) for more info

55 changes: 35 additions & 20 deletions integration-manifest.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,15 @@
"update_catalog": true,
"link_github": true,
"support_level": "kf-supported",
"release_dir": "PaloAlto/bin/Release/netcoreapp3.1",
"release_project": "PaloAlto/PaloAlto.csproj",
"release_dir": "PaloAlto/bin/Release",
"description": "The Palo Alto Orchestrator remotely manages certificates on either the Palo Alto PA-VM Firewall Device or the Panorama. If using Panorama, it will push changes to all the devices from Panorama. It supports adding certificates with or without private keys. Palo Alto does not support incremental certificate inventory. If you have large numbers of certificates in your environment it is recommended to limit the frequency of inventory jobs to 30 minutes or more.",
"about": {
"orchestrator": {
"UOFramework": "10.1",
"keyfactor_platform_version": "9.10",
"UOFramework": "10.4",
"keyfactor_platform_version": "10.4",
"pam_support": true,
"keyfactor_platform_version": "9.10",
"keyfactor_platform_version": "10.4",
"win": {
"supportsCreateStore": false,
"supportsDiscovery": false,
Expand Down Expand Up @@ -50,54 +51,68 @@
"Name": "ServerUsername",
"DisplayName": "Server Username",
"Type": "Secret",
"DependsOn": null,
"DefaultValue": null,
"Required": false
"DependsOn": "",
"DefaultValue": "",
"Required": false,
"IsPAMEligible": true,
"Description": "Palo Alto or Panorama Api User. (or valid PAM key if the username is stored in a KF Command configured PAM integration)."
},
{
"Name": "ServerPassword",
"DisplayName": "Server Password",
"Type": "Secret",
"DependsOn": null,
"DefaultValue": null,
"Required": false
"DependsOn": "",
"DefaultValue": "",
"Required": false,
"IsPAMEligible": true,
"Description": "Palo Alto or Panorama Api Password. (or valid PAM key if the username is stored in a KF Command configured PAM integration)."
},
{
"Name": "ServerUseSsl",
"DisplayName": "Use SSL",
"Type": "Bool",
"DependsOn": null,
"DependsOn": "",
"DefaultValue": "true",
"Required": true
"Required": true,
"IsPAMEligible": false,
"Description": "Should be true, http is not supported."
},
{
"Name": "DeviceGroup",
"DisplayName": "Device Group",
"Type": "String",
"DependsOn": null,
"DefaultValue": null,
"Required": false
"DependsOn": "",
"DefaultValue": "",
"Required": false,
"IsPAMEligible": false,
"Description": "Device Group on Panorama that changes will be pushed to."
},
{
"Name": "InventoryTrustedCerts",
"DisplayName": "Inventory Trusted Certs",
"Type": "Bool",
"DependsOn": null,
"DependsOn": "",
"DefaultValue": "false",
"Required": true
"Required": true,
"IsPAMEligible": false,
"Description": "If false, will not inventory default trusted certs, saves time."
},
{
"Name": "TemplateStack",
"DisplayName": "Template Stack",
"Type": "String",
"DependsOn": null,
"DefaultValue": null,
"Required": false
"DependsOn": "",
"DefaultValue": "",
"Required": false,
"IsPAMEligible": false,
"Description": "Template stack used for device push of certificates via Template."
}
],
"EntryParameters": [

],
"ClientMachineDescription": "Either the Panorama or Palo Alto Firewall URI or IP address.",
"StorePathDescription": "The Store Path field should be reviewed in the store path explanation section. It varies depending on configuration.",
"PasswordOptions": {
"EntrySupported": false,
"StoreRequired": false,
Expand Down
4 changes: 0 additions & 4 deletions readme-src/readme-pam-support.md
View file

This file was deleted.

0 comments on commit 592b22d

Please sign in to comment.