Merge 1.0.3 to main#12
Open
indrora wants to merge 1 commit into
Open
Conversation
* updated integration manifest to reflect prod release * fix: correct JSON serialization and error handling in VaultHttp AddJsonBody(string) in RestSharp re-serializes the argument, wrapping a pre-serialized JSON string in quotes and escaping it. Vault receives a JSON string literal instead of a JSON object and returns HTTP 400. Fixed by using AddStringBody(string, ContentType.Json) which sends the raw body without re-encoding. ThrowOnAnyError = true caused RestSharp to throw before the explicit BadRequest handler ran, hiding the Vault error body from logs. Removed ThrowOnAnyError and added response.ThrowIfError() after the BadRequest block so all other non-2xx responses still surface as exceptions. Also drops the EOL net6.0 target; project now multi-targets net8.0 and net10.0. * chore: target v1.0.3 in CHANGELOG * fix: replace unsafe dictionary indexers in ValidateCAConnectionInfo and ValidateProductInfo Direct Dictionary.get_Item calls throw KeyNotFoundException when the gateway does not populate all parameter keys before calling validation (observed on PUT/POST config/configuration). Replace with TryGetValue throughout. Also relaxes the ValidateProductInfo RoleName check: RoleName is optional since the Enroll path already falls back to ProductID when RoleName is absent, so the validator no longer rejects configs that omit it. * chore: document dictionary indexer fix in CHANGELOG * fix(ci): `AppendTargetFrameworkToOutputPath=true` --------- Co-authored-by: Mikey Henderson <4452096+fiddlermikey@users.noreply.github.com> Co-authored-by: Joe VanWanzeele <jvanwanzeele@keyfactor.com>
There was a problem hiding this comment.
Pull request overview
This automated merge brings the 1.0.3 release line into main, promoting the integration to production support and incorporating fixes around Vault REST calls, validation robustness, and framework targeting.
Changes:
- Marked the integration as
production/kf-supportedin the integration manifest. - Fixed Vault REST client behavior around POST body encoding and error handling.
- Updated validation logic to use safer dictionary access patterns and adjusted RoleName validation behavior.
- Switched the plugin to multi-target (
net8.0;net10.0) and updated output-path behavior accordingly. - Added a detailed 1.0.3 changelog entry.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| integration-manifest.json | Promotes the integration’s status/support level. |
| hashicorp-vault-cagateway/HashicorpVaultCAConnector.cs | Improves config validation safety and adjusts RoleName validation. |
| hashicorp-vault-cagateway/hashicorp-vault-caplugin.csproj | Moves to multi-targeting and changes output path layout. |
| hashicorp-vault-cagateway/Client/VaultHttp.cs | Fixes POST JSON body handling and RestSharp error propagation. |
| CHANGELOG.md | Documents 1.0.3 fixes and framework targeting changes. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
399
to
+403
| // make sure an authentication mechanism is defined (either certificate or token) | ||
| var token = connectionInfo[Constants.CAConfig.TOKEN] as string; | ||
|
|
||
| //var cert = connectionInfo[Constants.CAConfig.CLIENTCERT] as string; | ||
|
|
||
| var cert = string.Empty; // temporary until client cert auth into vault is implemented | ||
| connectionInfo.TryGetValue(Constants.CAConfig.TOKEN, out var tokenVal); | ||
| connectionInfo.TryGetValue(Constants.CAConfig.CLIENTCERT, out var certVal); | ||
| var token = tokenVal as string; | ||
| var cert = certVal as string; |
| logger.LogError(LogHandler.FlattenException(ex)); | ||
| throw; | ||
| } | ||
| // RoleName is optional — if absent or empty, ProductID is used as the role name (see Enroll). |
Comment on lines
123
to
+127
| if (parameters != null) | ||
| { | ||
| string serializedParams = JsonSerializer.Serialize(parameters); | ||
| logger.LogTrace($"serialized parameters (from {parameters.GetType()?.Name}): {serializedParams}"); | ||
| request.AddJsonBody(serializedParams); | ||
| request.AddStringBody(serializedParams, ContentType.Json); |
Comment on lines
384
to
386
| List<string> errors = new List<string>(); | ||
|
|
||
| // then, we make sure required fields are defined.. |
Comment on lines
11
to
13
| <LangVersion>12.0</LangVersion> | ||
| <AppendTargetFrameworkToOutputPath>False</AppendTargetFrameworkToOutputPath> | ||
| <AppendTargetFrameworkToOutputPath>True</AppendTargetFrameworkToOutputPath> | ||
| <AppendRuntimeIdentifierToOutputPath>False</AppendRuntimeIdentifierToOutputPath> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merge release-1.0 to main - Automated PR