/// <summary> /// Perform validation for a specific deployment task configuration /// </summary> /// <param name="managedCertificate"></param> /// <param name="taskConfig"></param> /// <returns></returns> public async Task <List <ActionResult> > ValidateDeploymentTask(ManagedCertificate managedCertificate, DeploymentTaskConfig taskConfig) { var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders); Dictionary <string, string> credentials = null; if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey)) { credentials = await _credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey); } try { var execParams = new DeploymentTaskExecutionParams(null, _credentialsManager, managedCertificate, taskConfig, credentials, true, provider.GetDefinition(), CancellationToken.None, new DeploymentContext { PowershellExecutionPolicy = _serverConfig.PowershellExecutionPolicy }); var validationResult = await provider.Validate(execParams); return(validationResult); } catch (Exception exp) { return(new List <ActionResult> { new ActionResult("Failed to validate task: " + exp.ToString(), false) }); } }
public async Task <List <ActionResult> > ValidateDeploymentTask(ManagedCertificate managedCertificate, DeploymentTaskConfig taskConfig) { var credentialsManager = new CredentialsManager(); var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders); Dictionary <string, string> credentials = null; if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey)) { credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey); } try { var validationResult = await provider.Validate(managedCertificate, taskConfig, credentials, provider.GetDefinition()); return(validationResult); } catch (Exception exp) { return(new List <ActionResult> { new ActionResult("Failed to validate task: " + exp.ToString(), false) }); } }
public async Task TestGetAllDeploymentTaskProviders() { var allProviders = await DeploymentTaskProviderFactory.GetDeploymentTaskProviders(_pluginManager.DeploymentTaskProviders); // all providers have a unique title Assert.IsTrue(allProviders.Select(p => p.Title).Distinct().Count() == allProviders.Count); // all providers have a unique id Assert.IsTrue(allProviders.Select(p => p.Id).Distinct().Count() == allProviders.Count); // all providers have a unique description Assert.IsTrue(allProviders.Select(p => p.Description).Distinct().Count() == allProviders.Count); }
public async Task <List <ActionResult> > ValidateDeploymentTask(ManagedCertificate managedCertificate, DeploymentTaskConfig taskConfig) { var credentialsManager = new CredentialsManager(); var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders); Dictionary <string, string> credentials = null; if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey)) { credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey); } return(await provider.Validate(managedCertificate, taskConfig, credentials, provider.GetDefinition())); }
public async Task TestDeployToKeyVault() { var deploymentTasks = new List <DeploymentTask>(); var azureKeyVaultUri = ConfigSettings["Azure_TestKeyVaultUri"]; var inputFile = ConfigSettings["TestLocalPath"] + "\\testcert.pfx"; var tasktypeId = Plugin.DeploymentTasks.Azure.AzureKeyVault.Definition.Id.ToLower(); var config = new DeploymentTaskConfig { TaskTypeId = tasktypeId, TaskName = "A test pfx export task", ChallengeProvider = StandardAuthTypes.STANDARD_AUTH_LOCAL, Parameters = new List <ProviderParameterSetting> { new ProviderParameterSetting("vault_uri", azureKeyVaultUri) } }; var credentialsManager = new CredentialsManager(); var credentials = await credentialsManager.GetUnlockedCredentialsDictionary(ConfigSettings["TestCredentialsKey_AzureKeyVault"]); var provider = DeploymentTaskProviderFactory.Create(tasktypeId, _pluginManager.DeploymentTaskProviders); var t = new DeploymentTask(provider, config, credentials); deploymentTasks.Add(t); // perform preview deployments var managedCert = GetMockManagedCertificate("DeploymentTest", "123", PrimaryTestDomain, PrimaryIISRoot); managedCert.CertificatePath = inputFile; foreach (var task in deploymentTasks) { var results = await task.Execute(_log, null, managedCert, CancellationToken.None, new DeploymentContext { }, isPreviewOnly : false); // assert new valid pfx exists in destination Assert.IsTrue(results.All(r => r.IsSuccess)); } }
public async Task TestServiceManagerValidation() { var taskTypeId = Certify.Providers.DeploymentTasks.ServiceManager.Definition.Id.ToLower(); var provider = DeploymentTaskProviderFactory.Create(taskTypeId, _pluginManager.DeploymentTaskProviders); var svcName = "aspnet_state"; var restartTaskConfig = new DeploymentTaskConfig { TaskTypeId = taskTypeId, TaskName = "A test service manager task restart", ChallengeProvider = StandardAuthTypes.STANDARD_AUTH_LOCAL, Parameters = new List <ProviderParameterSetting> { new ProviderParameterSetting("servicename", svcName), new ProviderParameterSetting("action", "restart"), new ProviderParameterSetting("maxwait", "20") } }; var managedCert = GetMockManagedCertificate("Test", "123", PrimaryTestDomain, PrimaryIISRoot); List <ActionResult> results = new List <ActionResult>(); var task = new DeploymentTask(provider, restartTaskConfig, null); var validationResult = await task.TaskProvider.Validate( new DeploymentTaskExecutionParams( _log, null, managedCert, task.TaskConfig, null, isPreviewOnly : false, task.TaskProvider.GetDefinition(), CancellationToken.None, new DeploymentContext { } ) ); Assert.IsFalse(validationResult.Any()); }
public async Task TestPemApacheExport() { var deploymentTasks = new List <DeploymentTask>(); var outputPath = ConfigSettings["TestLocalPath"] + "\\test_pfx_export"; var config = new DeploymentTaskConfig { TaskTypeId = Certify.Providers.DeploymentTasks.Apache.Definition.Id.ToLower(), TaskName = "A test Apache export task", ChallengeProvider = StandardAuthTypes.STANDARD_AUTH_LOCAL, Parameters = new List <ProviderParameterSetting> { new ProviderParameterSetting("path_cert", outputPath + ".crt"), new ProviderParameterSetting("path_key", outputPath + ".key"), new ProviderParameterSetting("path_chain", outputPath + ".chain") } }; var provider = DeploymentTaskProviderFactory.Create(Certify.Providers.DeploymentTasks.Apache.Definition.Id.ToLower(), _pluginManager.DeploymentTaskProviders); var t = new DeploymentTask(provider, config, null); deploymentTasks.Add(t); // perform preview deployments var managedCert = GetMockManagedCertificate("LocalApacheDeploymentTest", "123", PrimaryTestDomain, PrimaryIISRoot); foreach (var task in deploymentTasks) { var result = await task.Execute(_log, null, managedCert, CancellationToken.None, new DeploymentContext { }, isPreviewOnly : false); } // assert output exists in destination Assert.IsTrue(File.Exists(outputPath + ".crt")); Assert.IsTrue(File.Exists(outputPath + ".key")); Assert.IsTrue(File.Exists(outputPath + ".chain")); File.Delete(outputPath + ".crt"); File.Delete(outputPath + ".key"); File.Delete(outputPath + ".chain"); }
public async Task TestServiceManager() { var deploymentTasks = new List <DeploymentTask>(); var taskTypeId = Certify.Providers.DeploymentTasks.ServiceManager.Definition.Id.ToLower(); var provider = DeploymentTaskProviderFactory.Create(taskTypeId, _pluginManager.DeploymentTaskProviders); var svcName = "aspnet_state"; var restartTaskConfig = new DeploymentTaskConfig { TaskTypeId = taskTypeId, TaskName = "A test service manager task restart", ChallengeProvider = StandardAuthTypes.STANDARD_AUTH_LOCAL, Parameters = new List <ProviderParameterSetting> { new ProviderParameterSetting("servicename", svcName), new ProviderParameterSetting("action", "restart"), new ProviderParameterSetting("maxwait", "20") } }; deploymentTasks.Add(new DeploymentTask(provider, restartTaskConfig, null)); var stopTaskConfig = new DeploymentTaskConfig { TaskTypeId = taskTypeId, TaskName = "A test service manager task stop", ChallengeProvider = StandardAuthTypes.STANDARD_AUTH_LOCAL, Parameters = new List <ProviderParameterSetting> { new ProviderParameterSetting("servicename", svcName), new ProviderParameterSetting("action", "stop"), new ProviderParameterSetting("maxwait", "20") } }; deploymentTasks.Add(new DeploymentTask(provider, stopTaskConfig, null)); var startTaskConfig = new DeploymentTaskConfig { TaskTypeId = taskTypeId, TaskName = "A test service manager task start", ChallengeProvider = StandardAuthTypes.STANDARD_AUTH_LOCAL, Parameters = new List <ProviderParameterSetting> { new ProviderParameterSetting("servicename", svcName), new ProviderParameterSetting("action", "start"), new ProviderParameterSetting("maxwait", "20") } }; deploymentTasks.Add(new DeploymentTask(provider, startTaskConfig, null)); // perform preview deployments var managedCert = GetMockManagedCertificate("Test", "123", PrimaryTestDomain, PrimaryIISRoot); List <ActionResult> results = new List <ActionResult>(); foreach (var task in deploymentTasks) { results.AddRange(await task.Execute(_log, null, managedCert, CancellationToken.None, new DeploymentContext { }, isPreviewOnly: false)); } // assert output exists in destination Assert.IsTrue(results.All(r => r.IsSuccess == true)); }
private async Task <List <ActionStep> > PerformTaskList(ILog log, bool isPreviewOnly, bool skipDeferredTasks, CertificateRequestResult result, IEnumerable <DeploymentTaskConfig> taskList, bool forceTaskExecute = false) { if (taskList == null || !taskList.Any()) { // nothing to do return(new List <ActionStep>()); } if (log == null) { log = ManagedCertificateLog.GetLogger(result.ManagedItem.Id, _loggingLevelSwitch); } // perform or preview each task var deploymentTasks = new List <DeploymentTask>(); var steps = new List <ActionStep>(); foreach (var taskConfig in taskList) { // add task to execution list unless the task is deferred/manual and we are currently skipping deferred tasks if (taskConfig.TaskTrigger != TaskTriggerType.MANUAL || (taskConfig.TaskTrigger == TaskTriggerType.MANUAL && !skipDeferredTasks)) { try { var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders); Dictionary <string, string> credentials = null; if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey)) { credentials = await _credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey); } var deploymentTask = new DeploymentTask(provider, taskConfig, credentials); deploymentTasks.Add(deploymentTask); } catch (Exception exp) { steps.Add(new ActionStep { HasError = true, Title = "Task: " + taskConfig.TaskName, Description = "Cannot create task provider for deployment task: " + exp.ToString() }); } } } ActionStep previousActionStep = null; bool shouldRunCurrentTask = true; string taskTriggerReason = "Task will run for any status"; foreach (var task in deploymentTasks) { if (previousActionStep != null && (previousActionStep.HasError && !task.TaskConfig.RunIfLastStepFailed)) { shouldRunCurrentTask = false; taskTriggerReason = "Task will not run because previous task failed."; } else { if (task.TaskConfig.TaskTrigger == TaskTriggerType.ANY_STATUS) { shouldRunCurrentTask = true; taskTriggerReason = "Task will run for any status"; } else if (task.TaskConfig.TaskTrigger == TaskTriggerType.NOT_ENABLED) { shouldRunCurrentTask = false; taskTriggerReason = "Task is not enabled and will be skipped."; } else if (task.TaskConfig.TaskTrigger == TaskTriggerType.ON_SUCCESS) { if (result != null && (!result.Abort && result.IsSuccess)) { shouldRunCurrentTask = true; taskTriggerReason = "Task is enabled and primary request was successful."; } else { shouldRunCurrentTask = false; taskTriggerReason = "Task is enabled but will not run because primary request unsuccessful."; } } else if (task.TaskConfig.TaskTrigger == TaskTriggerType.ON_ERROR) { if (result != null && (!result.Abort && result.IsSuccess)) { shouldRunCurrentTask = false; taskTriggerReason = "Task is enabled but will not run because primary request was successful."; } else { shouldRunCurrentTask = true; taskTriggerReason = "Task is enabled and will run because primary request was unsuccessful."; } } else if (task.TaskConfig.TaskTrigger == TaskTriggerType.MANUAL) { if (skipDeferredTasks) { shouldRunCurrentTask = false; taskTriggerReason = "Task is enabled but will not run because execution is deferred/manual."; } else { shouldRunCurrentTask = true; taskTriggerReason = "Task is enabled and will run because deferred/manual tasks are not being skipped."; } } } if (forceTaskExecute == true) { if (!shouldRunCurrentTask) { shouldRunCurrentTask = true; taskTriggerReason = $"Task is being has been forced to run. Normal status would be [{taskTriggerReason}]"; } } var taskResults = new List <ActionResult>(); if (shouldRunCurrentTask) { log.Information($"Task [{task.TaskConfig.TaskName}] :: {taskTriggerReason}"); task.TaskConfig.DateLastExecuted = DateTime.Now; taskResults = await task.Execute(log, result, CancellationToken.None, isPreviewOnly : isPreviewOnly); if (!isPreviewOnly) { if (taskResults?.All(t => t.IsSuccess) == true) { _tc?.TrackEvent("TaskCompleted", new Dictionary <string, string> { { "TaskType", task.TaskConfig.TaskTypeId } }); } else { if (!forceTaskExecute) { _tc?.TrackEvent("TaskFailed", new Dictionary <string, string> { { "TaskType", task.TaskConfig.TaskTypeId } }); } } } } else { taskResults.Add(new ActionResult($"Task [{task.TaskConfig.TaskName}] :: {taskTriggerReason}", true)); } var subSteps = new List <ActionStep>(); var stepIndex = 1; foreach (var r in taskResults) { subSteps.Add(new ActionStep { HasError = !r.IsSuccess, Description = r.Message, Title = $"Task Step {stepIndex} of {task.TaskConfig.TaskName}", Key = task.TaskConfig.Id + "_" + stepIndex, Category = "Task Step" }); if (r.IsSuccess) { log?.Information(r.Message); } else { log?.Error(r.Message); } stepIndex++; } var overallTaskResult = "Unknown"; if (taskResults != null && taskResults.Any(t => t.IsSuccess == false)) { overallTaskResult = taskResults.First(t => t.IsSuccess == false).Message; } else { if (isPreviewOnly) { overallTaskResult = taskTriggerReason; } else { if (shouldRunCurrentTask) { overallTaskResult = "Task Completed OK"; } else { overallTaskResult = taskTriggerReason; } } } var hasError = (taskResults != null && taskResults.Any(t => t.IsSuccess == false) ? true : false); var currentStep = new ActionStep { Key = task.TaskConfig.Id, Title = task.TaskConfig.TaskName, Category = "Task", HasError = hasError, Description = overallTaskResult, HasWarning = !shouldRunCurrentTask, Substeps = subSteps }; task.TaskConfig.LastRunStatus = hasError ? RequestState.Error : RequestState.Success; task.TaskConfig.LastResult = overallTaskResult; steps.Add(currentStep); previousActionStep = currentStep; } return(steps); }
/// <summary> /// Get the current definition for a provider including dynamic elements affected by the given config /// </summary> /// <param name="id"></param> /// <param name="config"></param> /// <returns></returns> public async Task <DeploymentProviderDefinition> GetDeploymentProviderDefinition(string id, DeploymentTaskConfig config = null) { var provider = DeploymentTaskProviderFactory.Create(id, _pluginManager.DeploymentTaskProviders); return(provider.GetDefinition()); }
public async Task <List <ActionStep> > PerformDeploymentTask(ILog log, string managedCertificateId, string taskId, bool isPreviewOnly, bool skipDeferredTasks) { var steps = new List <ActionStep>(); var managedCert = await GetManagedCertificate(managedCertificateId); if (managedCert == null) { steps.Add(new ActionStep { HasError = true, Title = "Deployment", Description = "Managed certificate not found. Could not deploy." }); } if (log == null) { log = ManagedCertificateLog.GetLogger(managedCert.Id, _loggingLevelSwitch); } // perform or preview each task var credentialsManager = new CredentialsManager(); var deploymentTasks = new List <DeploymentTask>(); var taskList = managedCert.DeploymentTasks?.Where(t => string.IsNullOrEmpty(taskId) || taskId == t.Id); foreach (var taskConfig in taskList) { // add task to execution list unless the task is deferred and we are currently skipping deferred tasks if (!taskConfig.IsDeferred || (taskConfig.IsDeferred && !skipDeferredTasks)) { try { var provider = DeploymentTaskProviderFactory.Create(taskConfig.TaskTypeId.ToLower(), _pluginManager.DeploymentTaskProviders); Dictionary <string, string> credentials = null; if (!string.IsNullOrEmpty(taskConfig.ChallengeCredentialKey)) { credentials = await credentialsManager.GetUnlockedCredentialsDictionary(taskConfig.ChallengeCredentialKey); } var deploymentTask = new DeploymentTask(provider, taskConfig, credentials); deploymentTasks.Add(deploymentTask); } catch (Exception exp) { steps.Add(new ActionStep { HasError = true, Title = "Deployment Task: " + taskConfig.TaskName, Description = "Cannot create task provider for deployment task: " + exp.ToString() }); } } } foreach (var task in deploymentTasks) { var results = await task.Execute(log, managedCert, isPreviewOnly : isPreviewOnly); foreach (var r in results) { steps.Add(new ActionStep { HasError = !r.IsSuccess, Description = r.Message }); } } return(steps); }