Chore/fix starter workflow

.github/workflows/keyfactor-bootstrap-workflow.yml

@@ -11,9 +11,19 @@ on:
 
 jobs:
   call-starter-workflow:
-    uses: keyfactor/actions/.github/workflows/starter.yml@v3
+    uses: keyfactor/actions/.github/workflows/starter.yml@v4
+    permissions:
+      contents: write
+    with:
+      command_token_url: ${{ vars.COMMAND_TOKEN_URL }}
+      command_hostname: ${{ vars.COMMAND_HOSTNAME }}
+      command_base_api_path: ${{ vars.COMMAND_API_PATH }}
     secrets:
-      token: ${{ secrets.V2BUILDTOKEN}}
-      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      token: ${{ secrets.V2BUILDTOKEN }}
       gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
       gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
+      scan_token: ${{ secrets.SAST_TOKEN }}
+      entra_username: ${{ secrets.DOCTOOL_ENTRA_USERNAME }}
+      entra_password: ${{ secrets.DOCTOOL_ENTRA_PASSWD }}
+      command_client_id: ${{ secrets.COMMAND_CLIENT_ID }}
+      command_client_secret: ${{ secrets.COMMAND_CLIENT_SECRET }}

CHANGELOG.md

@@ -1,2 +1,2 @@
-### 1.0.0
-* initial release
+## 1.0.0
+* Initial release

README.md

@@ -0,0 +1,111 @@
+<h1 align="center" style="border-bottom: none">
+    Nexus Certificate Manager   Gateway AnyCA Gateway REST Plugin
+</h1>
+
+<p align="center">
+  <!-- Badges -->
+<img src="https://img.shields.io/badge/integration_status-prototype-3D1973?style=flat-square" alt="Integration Status: prototype" />
+<a href="https://github.com/Keyfactor/nexus-certificate-manager-caplugin/releases"><img src="https://img.shields.io/github/v/release/Keyfactor/nexus-certificate-manager-caplugin?style=flat-square" alt="Release" /></a>
+<img src="https://img.shields.io/github/issues/Keyfactor/nexus-certificate-manager-caplugin?style=flat-square" alt="Issues" />
+<img src="https://img.shields.io/github/downloads/Keyfactor/nexus-certificate-manager-caplugin/total?style=flat-square&label=downloads&color=28B905" alt="GitHub Downloads (all assets, all releases)" />
+</p>
+
+<p align="center">
+  <!-- TOC -->
+  <a href="#support">
+    <b>Support</b>
+  </a> 
+  ·
+  <a href="#requirements">
+    <b>Requirements</b>
+  </a>
+  ·
+  <a href="#installation">
+    <b>Installation</b>
+  </a>
+  ·
+  <a href="#license">
+    <b>License</b>
+  </a>
+  ·
+  <a href="https://github.com/orgs/Keyfactor/repositories?q=anycagateway">
+    <b>Related Integrations</b>
+  </a>
+</p>
+
+
+The Nexus Certificate Manager AnyCA REST plugin connects Nexus Certificate Manager to Keyfactor Command via the AnyCA Gateway REST. It supports the following capabilities:
+* Certificate Synchronization
+* Certificate Enrollment
+* Certificate Revocation
+
+## Compatibility
+
+The Nexus Certificate Manager   Gateway AnyCA Gateway REST plugin is compatible with the Keyfactor AnyCA Gateway REST 25.2.0 and later.
+
+## Support
+The Nexus Certificate Manager   Gateway AnyCA Gateway REST plugin is open source and there is **no SLA**. Keyfactor will address issues as resources become available. Keyfactor customers may request escalation by opening up a support ticket through their Keyfactor representative. 
+
+> To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.
+
+## Requirements
+
+- The host URL for the instance of Nexus Certificate Manager
+- A certificate in the pfx format to use for authentication into Nexus Certificate Manager, located on the Gateway Host
+- The passphrase for the pfx certificate
+
+## Installation
+
+1. Install the AnyCA Gateway REST per the [official Keyfactor documentation](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/InstallIntroduction.htm).
+
+2. On the server hosting the AnyCA Gateway REST, download and unzip the latest [Nexus Certificate Manager   Gateway AnyCA Gateway REST plugin](https://github.com/Keyfactor/nexus-certificate-manager-caplugin/releases/latest) from GitHub.
+
+3. Copy the unzipped directory (usually called `net6.0` or `net8.0`) to the Extensions directory:
+
+
+    ```shell
+    Depending on your AnyCA Gateway REST version, copy the unzipped directory to one of the following locations:
+    Program Files\Keyfactor\AnyCA Gateway\AnyGatewayREST\net6.0\Extensions
+    Program Files\Keyfactor\AnyCA Gateway\AnyGatewayREST\net8.0\Extensions
+    ```
+
+    > The directory containing the Nexus Certificate Manager   Gateway AnyCA Gateway REST plugin DLLs (`net6.0` or `net8.0`) can be named anything, as long as it is unique within the `Extensions` directory.
+
+4. Restart the AnyCA Gateway REST service.
+
+5. Navigate to the AnyCA Gateway REST portal and verify that the Gateway recognizes the Nexus Certificate Manager   Gateway plugin by hovering over the ⓘ symbol to the right of the Gateway on the top left of the portal.
+
+## Configuration
+
+1. Follow the [official AnyCA Gateway REST documentation](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCA-Gateway.htm) to define a new Certificate Authority, and use the notes below to configure the **Gateway Registration** and **CA Connection** tabs:
+
+    * **Gateway Registration**
+
+        To enroll certificates, the Keyfactor Command server must trust the CA chain. Identify the Root and/or Subordinate CA used by Nexus Certificate Manager, then download and import the certificate chain into the Command Server certificate store.
+
+    * **CA Connection**
+
+        Populate using the configuration fields collected in the [requirements](#requirements) section.
+
+        * **Host** - The path to the Nexus CM server, including port 
+        * **AuthCertificatePath** - The path to the PFX certificate for authenticating into Nexus CM 
+        * **AuthCertPassword** - The password for the authentication certificate 
+        * **Enabled** - Flag to Enable or Disable gateway functionality. Disabling is primarily used to allow creation of the CA prior to configuration information being available. 
+
+2. For this AnyCA Gateway, there is a single product type named "NexusCM".
+
+3. Follow the [official Keyfactor documentation](https://software.keyfactor.com/Guides/AnyCAGatewayREST/Content/AnyCAGatewayREST/AddCA-Keyfactor.htm) to add each defined Certificate Authority to Keyfactor Command and import the newly defined Certificate Templates.
+
+
+## CA Connection
+
+The certificate used by the gateway to authenticate into Nexus Certificate Manager must be copied to a location on the Gateway Host accessible by the gateway service.
+
+
+## License
+
+Apache License 2.0, see [LICENSE](LICENSE).
+
+## Related Integrations
+
+See all [Keyfactor Any CA Gateways (REST)](https://github.com/orgs/Keyfactor/repositories?q=anycagateway).

docsource/configuration.md

@@ -1,6 +1,6 @@
 ## Overview
 
-The Nexus Certificate Manager AnyCA REST plugin extends the capabilities of the Nexus Certificate Manager product to Keyfactor Command via the Keyfactor AnyCA Gateway REST. The plugin represents a fully featured AnyCA REST Plugin with the following capabilies:
+The Nexus Certificate Manager AnyCA REST plugin connects Nexus Certificate Manager to Keyfactor Command via the AnyCA Gateway REST. It supports the following capabilities:
 * Certificate Synchronization
 * Certificate Enrollment
 * Certificate Revocation
@@ -13,11 +13,11 @@ The Nexus Certificate Manager AnyCA REST plugin extends the capabilities of the
 
 ## Gateway Registration
 
-In order to enroll certificates the Keyfactor Command server must trust the CA chain. Once you identify your Root and/or Subordinate CA used by the Nexus Certificate Manager platform, make sure to download and import the certificate chain into the Command Server certificate store
+To enroll certificates, the Keyfactor Command server must trust the CA chain. Identify the Root and/or Subordinate CA used by Nexus Certificate Manager, then download and import the certificate chain into the Command Server certificate store.
 
 ## CA Connection
 
-The certificate used by the gateway for authenticating into the Nexus Certificate Manager will need to be copied to a location on the Gateway Host that is accessible by the gateway service.  The Certificate Path 
+The certificate used by the gateway to authenticate into Nexus Certificate Manager must be copied to a location on the Gateway Host accessible by the gateway service.
 
 ## Certificate Template Creation Step
 

integration-manifest.json

@@ -1,37 +1,39 @@
 {
-  "$schema": "https://keyfactor.github.io/v2/integration-manifest-schema.json",
-  "integration_type": "anyca-plugin",
-  "name": "Nexus Certificate Maanager AnyCA REST Gateway Plugin",
-  "status": "prototype",
-  "support_level": "kf-community",
-  "link_github": false,
-  "update_catalog": false,
-  "description": "Nexus Certificate Manager plugin for the AnyCA REST Gateway framework",
-  "gateway_framework": "25.2.0",
-  "release_dir": "nexus-certificate-manager-caplugin/bin/Release",
-  "release_project": "nexus-certificate-manager-caplugin/NexusCertManagerCAPlugin.csproj",
-  "about": {
-    "carest": {
-      "product_ids": [ "NexusCM" ],
-      "ca_plugin_config": [
-        {
-          "name": "Host",
-          "description": "The URI of the instance of the Nexus Certificate Manager API, including port.  example: https://127.0.0.1:8444"
-        },
-        {
-          "name": "AuthCertificatePath",
-          "description": "The path on the AnyCA Gateway host where the PFX certificate that will be used for authentication can be found. example: 'C:\\Program Files\\Keyfactor\\Keyfactor AnyCA Gateway\\AnyGatewayREST\\net8.0\\my_auth_cert.pfx'"
-        },
-        {
-          "name": "AuthCertPassword",
-          "description": "The password for the PFX certificate located on the AnyCA Gateway Host that will be used for authentication into Nexus Certificate Manager"
-        },
-        {
-          "name": "Enabled",
-          "description": "Flag to enable or disable gateway functionality. Disabling is primarily used to allow creation of the CA prior to configuration information being available."
+    "$schema": "https://keyfactor.github.io/v2/integration-manifest-schema.json",
+    "integration_type": "anyca-plugin",
+    "name": "Nexus Certificate Manager AnyCA REST Gateway Plugin",
+    "status": "prototype",
+    "support_level": "kf-community",
+    "link_github": false,
+    "update_catalog": false,
+    "description": "Nexus Certificate Manager plugin for the AnyCA REST Gateway framework",
+    "gateway_framework": "25.2.0",
+    "release_dir": "nexus-certificate-manager-caplugin/bin/Release",
+    "release_project": "nexus-certificate-manager-caplugin/NexusCertManagerCAPlugin.csproj",
+    "about": {
+        "carest": {
+            "product_ids": [
+                "NexusCM"
+            ],
+            "ca_plugin_config": [
+                {
+                    "name": "Host",
+                    "description": "The path to the Nexus CM server, including port"
+                },
+                {
+                    "name": "AuthCertificatePath",
+                    "description": "The path to the PFX certificate for authenticating into Nexus CM"
+                },
+                {
+                    "name": "AuthCertPassword",
+                    "description": "The password for the authentication certificate"
+                },
+                {
+                    "name": "Enabled",
+                    "description": "Flag to Enable or Disable gateway functionality. Disabling is primarily used to allow creation of the CA prior to configuration information being available."
+                }
+            ],
+            "enrollment_config": []
         }
-      ],
-      "enrollment_config": []
     }
-  }
-}
+}