release:1.2.1 (#9)

* chore: bump GH Actions, break steps down into smaller parts, and get on v2 integration-manifest



* chore: rename tests, optimize tests to reduce computational overhead for creating test certs, etc.



* chore: remove OTE references from documentation



* chore: update changelog



* Update generated docs

---------

Signed-off-by: Matthew H. Irby <matt.irby@keyfactor.com>
Co-authored-by: Matthew H. Irby <irby@users.noreply.github.com>
Co-authored-by: Macey <11599974+doebrowsk@users.noreply.github.com>
Co-authored-by: Keyfactor <keyfactor@keyfactor.github.io>

Author: 4 people

.github/workflows/keyfactor-bootstrap-workflow.yml

@@ -11,10 +11,13 @@ on:
 
 jobs:
   call-starter-workflow:
-    uses: keyfactor/actions/.github/workflows/starter.yml@v3
+    uses: keyfactor/actions/.github/workflows/starter.yml@v4
     secrets:
       token: ${{ secrets.V2BUILDTOKEN}}
-      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
       gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
       gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
       scan_token: ${{ secrets.SAST_TOKEN }}
+      entra_username: ${{ secrets.DOCTOOL_ENTRA_USERNAME }}
+      entra_password: ${{ secrets.DOCTOOL_ENTRA_PASSWD }}
+      command_client_id: ${{ secrets.DOCTOOL_COMMAND_CLIENT_ID }}
+      command_client_secret: ${{ secrets.DOCTOOL_COMMAND_CLIENT_SECRET }}

.github/workflows/tests.yml

@@ -9,21 +9,25 @@ jobs:
       # Checkout code
       # https://github.com/actions/checkout
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       # Setup dotnet 8.0
       # https://github.com/actions/setup-dotnet
-      - uses: actions/setup-dotnet@v3
+      - uses: actions/setup-dotnet@v5
         with:
           dotnet-version: '8.x'
 
       # Setup nuget
-      - name: Setup build environment
+      - name: Add Keyfactor NuGet Source
         run: |
           dotnet nuget add source https://nuget.pkg.github.com/Keyfactor/index.json -n github -u ${{ github.actor }} -p ${{ secrets.V2BUILDTOKEN }} --store-password-in-clear-text
-          dotnet restore
+
+      - name: Restore dependencies
+        run: dotnet restore
+
+      - name: Build solution
+        run: dotnet build --no-restore --configuration Release
 
       # Build and test dotnet project
       - name: Build and Test
-        run: dotnet test
-
+        run: dotnet test --no-build --configuration Release

.gitignore

@@ -350,3 +350,5 @@ healthchecksdb
 */C:
 
 logs
+
+.env

CHANGELOG.md

@@ -1,3 +1,7 @@
+# v1.2.1
+## Chores
+- Add note about OTE API keys not being supported with this integration due to shopper ID resolution requirements.
+
 # v1.2.0
   - Add special condition to handle status 409 when downloading certificates from GoDaddy. 409 indicates that the certificate state does not allow download.
 

GoDaddy.Tests/FakeCaConfigProvider.cs …addy.Tests/Fakes/FakeCaConfigProvider.csGoDaddy.Tests/FakeCaConfigProvider.cs renamed to GoDaddy.Tests/Fakes/FakeCaConfigProvider.cs GoDaddy.Tests/FakeCaConfigProvider.cs renamed to GoDaddy.Tests/Fakes/FakeCaConfigProvider.cs

@@ -1,4 +1,4 @@
-// Copyright 2024 Keyfactor
+// Copyright 2026 Keyfactor
 // 
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

…Daddy.Tests/FakeCertificateDataReader.cs …Tests/Fakes/FakeCertificateDataReader.csGoDaddy.Tests/FakeCertificateDataReader.cs renamed to GoDaddy.Tests/Fakes/FakeCertificateDataReader.cs GoDaddy.Tests/FakeCertificateDataReader.cs renamed to GoDaddy.Tests/Fakes/FakeCertificateDataReader.cs

@@ -1,4 +1,4 @@
-// Copyright 2024 Keyfactor
+// Copyright 2026 Keyfactor
 // 
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

GoDaddy.Tests/FakeGoDaddyClient.cs GoDaddy.Tests/Fakes/FakeGoDaddyClient.csGoDaddy.Tests/FakeGoDaddyClient.cs renamed to GoDaddy.Tests/Fakes/FakeGoDaddyClient.cs

@@ -1,4 +1,4 @@
-// Copyright 2024 Keyfactor
+// Copyright 2026 Keyfactor
 // 
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

GoDaddy.Tests/GoDaddy.Tests.csproj

@@ -21,12 +21,12 @@
     <Using Include="Xunit" />
   </ItemGroup>
 
-  <ItemGroup>
-    <ProjectReference Include="..\GoDaddy\GoDaddy.csproj" />
+  <ItemGroup>
+    <ProjectReference Include="..\GoDaddy\GoDaddy.csproj" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Content Include="xunit.runner.json" CopyToOutputDirectory="PreserveNewest" />
   </ItemGroup>
-
-  <ItemGroup>
-    <Content Include="xunit.runner.json" CopyToOutputDirectory="PreserveNewest" />
-  </ItemGroup>
 
 </Project>

GoDaddy.Tests/GoDaddyCAPlugin.cs GoDaddy.Tests/GoDaddyCAPluginTests.csGoDaddy.Tests/GoDaddyCAPlugin.cs renamed to GoDaddy.Tests/GoDaddyCAPluginTests.cs

@@ -1,4 +1,4 @@
-// Copyright 2024 Keyfactor
+// Copyright 2026 Keyfactor
 // 
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -28,6 +28,15 @@ namespace Keyfactor.Extensions.CAPlugin.GoDaddyTests;
 
 public class GoDaddyCAPluginTests
 {
+    private static readonly DateTimeOffset NotBefore = DateTimeOffset.Now.AddDays(-100);
+    private static readonly DateTimeOffset ReissueNotAfter = DateTimeOffset.Now.AddDays(365);
+    private static readonly DateTimeOffset RenewalNotAfter = DateTimeOffset.Now.AddDays(59);
+    
+    private const string TestSubject = "CN=Test Subject";
+    private static readonly string TestCsr = GenerateCSR(TestSubject);
+    private static readonly X509Certificate2 FakeReissueCertificate = FakeGoDaddyClient.GenerateSelfSignedCertificate(RSA.Create(2048), "CN=Test Cert", NotBefore, ReissueNotAfter);
+    private static readonly X509Certificate2 FakeRenewalCertificate = FakeGoDaddyClient.GenerateSelfSignedCertificate(RSA.Create(2048), "CN=Test Cert", NotBefore, RenewalNotAfter);
+    
     ILogger _logger { get; set;}
 
     public GoDaddyCAPluginTests()
@@ -253,7 +262,7 @@ public void GoDaddyCAPlugin_ValidateProductInfo_EV_InvalidParameters_ReturnFailu
     [InlineData("UCC_DV_SSL")]
     [InlineData("UCC_EV_SSL")]
     [InlineData("UCC_OV_SSL")]
-    public void GoDaddyCAPlugin_Enroll_ReturnSuccess(string productID)
+    public async Task GoDaddyCAPlugin_Enroll_ReturnSuccess(string productID)
     {
         // Arrange
         FakeGoDaddyClient fakeClient = new FakeGoDaddyClient();
@@ -267,10 +276,6 @@ public void GoDaddyCAPlugin_Enroll_ReturnSuccess(string productID)
             Client = fakeClient
         };
         plugin.Initialize(configProvider, certificateDataReader);
-        
-        // CSR
-        string subject = "CN=Test Subject";
-        string csrString = GenerateCSR(subject);
 
         Dictionary<string, string[]> sans = new();
 
@@ -307,10 +312,10 @@ public void GoDaddyCAPlugin_Enroll_ReturnSuccess(string productID)
         EnrollmentType type = EnrollmentType.New;
 
         // Act
-        EnrollmentResult result = plugin.Enroll(csrString, subject, sans, productInfo, format, type).Result;
+        EnrollmentResult result = await plugin.Enroll(TestCsr, TestSubject, sans, productInfo, format, type);
 
         // Assert
-        Assert.Equal(result.Status, (int)EndEntityStatus.GENERATED);
+        Assert.Equal((int)EndEntityStatus.GENERATED, result.Status);
     }
 
     [Theory]
@@ -324,12 +329,13 @@ public void GoDaddyCAPlugin_Enroll_ReturnSuccess(string productID)
     [InlineData("UCC_DV_SSL")]
     [InlineData("UCC_EV_SSL")]
     [InlineData("UCC_OV_SSL")]
-    public void GoDaddyCAPlugin_Renew_ReturnSuccess(string productID)
+    public async Task GoDaddyCAPlugin_Renew_ReturnSuccess(string productID)
     {
         // Arrange
-        DateTime enrollmentNotBefore = DateTime.UtcNow.AddDays(-5);
-        DateTime enrollmentNotAfter = DateTime.UtcNow.AddDays(20);
-        X509Certificate2 fakeCertificate = FakeGoDaddyClient.GenerateSelfSignedCertificate(RSA.Create(2048), "CN=Test Cert", enrollmentNotBefore, enrollmentNotAfter);
+        
+        // Renewal is only available 60 days prior to expiration of the previous certificate and 30 days after the 
+        // expiration of the previous certificate. 
+        
         string fakeCaRequestId = Guid.NewGuid().ToString();
 
         FakeGoDaddyClient fakeClient = new FakeGoDaddyClient()
@@ -339,20 +345,14 @@ public void GoDaddyCAPlugin_Renew_ReturnSuccess(string productID)
                 { fakeCaRequestId, new AnyCAPluginCertificate
                     {
                         CARequestID = fakeCaRequestId,
-                        Certificate = fakeCertificate.ExportCertificatePem(),
+                        Certificate = FakeRenewalCertificate.ExportCertificatePem(),
                         Status = 123,
                         ProductID = productID,
                     }
                 }
             }
         };
 
-        // Renewal is only available 60 days prior to expiration of the previous certificate and 30 days after the 
-        // expiration of the previous certificate. 
-
-        fakeClient.EnrollmentNotBefore = enrollmentNotBefore;
-        fakeClient.EnrollmentNotAfter = enrollmentNotAfter;
-
         BlockingCollection<AnyCAPluginCertificate> certificates = new BlockingCollection<AnyCAPluginCertificate>();
 
         IAnyCAPluginConfigProvider configProvider = new FakeCaConfigProvider(new Config());
@@ -364,10 +364,6 @@ public void GoDaddyCAPlugin_Renew_ReturnSuccess(string productID)
         };
         plugin.Initialize(configProvider, certificateDataReader);
 
-        // CSR
-        string subject = "CN=Test Subject";
-        string csrString = GenerateCSR(subject);
-
         Dictionary<string, string[]> sans = new();
 
         EnrollmentProductInfo productInfo = new EnrollmentProductInfo
@@ -394,7 +390,7 @@ public void GoDaddyCAPlugin_Renew_ReturnSuccess(string productID)
                 { EnrollmentConfigConstants.JobTitle, "Software Engineer" },
                 { EnrollmentConfigConstants.RegistrationAgent, "Agent" },
                 { EnrollmentConfigConstants.RegistrationNumber, "REG-12345" },
-                { "PriorCertSN", fakeCertificate.SerialNumber }
+                { "PriorCertSN", FakeRenewalCertificate.SerialNumber }
             }
         };
 
@@ -404,12 +400,12 @@ public void GoDaddyCAPlugin_Renew_ReturnSuccess(string productID)
         EnrollmentType type = EnrollmentType.Renew;
 
         // Act
-        EnrollmentResult result = plugin.Enroll(csrString, subject, sans, productInfo, format, type).Result;
+        EnrollmentResult result = await plugin.Enroll(TestCsr, TestSubject, sans, productInfo, format, type);
 
         // Assert
-        Assert.Equal(result.Status, (int)EndEntityStatus.GENERATED);
-        Assert.Equal(result.StatusMessage, $"Certificate with ID {fakeCaRequestId} has been renewed");
-        Assert.Equal(result.CARequestID, fakeCaRequestId);
+        Assert.Equal((int)EndEntityStatus.GENERATED, result.Status);
+        Assert.Equal($"Certificate with ID {fakeCaRequestId} has been renewed", result.StatusMessage);
+        Assert.Equal(fakeCaRequestId, result.CARequestID);
     }
 
     [Theory]
@@ -423,12 +419,12 @@ public void GoDaddyCAPlugin_Renew_ReturnSuccess(string productID)
     [InlineData("UCC_DV_SSL")]
     [InlineData("UCC_EV_SSL")]
     [InlineData("UCC_OV_SSL")]
-    public void GoDaddyCAPlugin_Reissue_ReturnSuccess(string productID)
+    public async Task GoDaddyCAPlugin_Reissue_ReturnSuccess(string productID)
     {
         // Arrange
-        DateTime enrollmentNotBefore = DateTime.UtcNow.AddDays(-100);
-        DateTime enrollmentNotAfter = DateTime.UtcNow.AddDays(365);
-        X509Certificate2 fakeCertificate = FakeGoDaddyClient.GenerateSelfSignedCertificate(RSA.Create(2048), "CN=Test Cert", enrollmentNotBefore, enrollmentNotAfter);
+        // DateTime enrollmentNotBefore = DateTime.UtcNow.AddDays(-100);
+        // DateTime enrollmentNotAfter = DateTime.UtcNow.AddDays(365);
+        // X509Certificate2 fakeCertificate = FakeGoDaddyClient.GenerateSelfSignedCertificate(RSA.Create(2048), "CN=Test Cert", enrollmentNotBefore, enrollmentNotAfter);
         string fakeCaRequestId = Guid.NewGuid().ToString();
 
         FakeGoDaddyClient fakeClient = new FakeGoDaddyClient()
@@ -438,20 +434,14 @@ public void GoDaddyCAPlugin_Reissue_ReturnSuccess(string productID)
                 { fakeCaRequestId, new AnyCAPluginCertificate
                     {
                         CARequestID = fakeCaRequestId,
-                        Certificate = fakeCertificate.ExportCertificatePem(),
+                        Certificate = FakeReissueCertificate.ExportCertificatePem(),
                         Status = 123,
                         ProductID = productID,
                     }
                 }
             }
         };
 
-        // Renewal is only available 60 days prior to expiration of the previous certificate and 30 days after the 
-        // expiration of the previous certificate. 
-
-        fakeClient.EnrollmentNotBefore = enrollmentNotBefore;
-        fakeClient.EnrollmentNotAfter = enrollmentNotAfter;
-
         BlockingCollection<AnyCAPluginCertificate> certificates = new BlockingCollection<AnyCAPluginCertificate>();
 
         IAnyCAPluginConfigProvider configProvider = new FakeCaConfigProvider(new Config());
@@ -463,10 +453,6 @@ public void GoDaddyCAPlugin_Reissue_ReturnSuccess(string productID)
         };
         plugin.Initialize(configProvider, certificateDataReader);
 
-        // CSR
-        string subject = "CN=Test Subject";
-        string csrString = GenerateCSR(subject);
-
         Dictionary<string, string[]> sans = new();
 
         EnrollmentProductInfo productInfo = new EnrollmentProductInfo
@@ -493,7 +479,7 @@ public void GoDaddyCAPlugin_Reissue_ReturnSuccess(string productID)
                 { EnrollmentConfigConstants.JobTitle, "Software Engineer" },
                 { EnrollmentConfigConstants.RegistrationAgent, "Agent" },
                 { EnrollmentConfigConstants.RegistrationNumber, "REG-12345" },
-                { "PriorCertSN", fakeCertificate.SerialNumber }
+                { "PriorCertSN", FakeReissueCertificate.SerialNumber }
             }
         };
 
@@ -503,12 +489,12 @@ public void GoDaddyCAPlugin_Reissue_ReturnSuccess(string productID)
         EnrollmentType type = EnrollmentType.Renew;
 
         // Act
-        EnrollmentResult result = plugin.Enroll(csrString, subject, sans, productInfo, format, type).Result;
+        EnrollmentResult result = await plugin.Enroll(TestCsr, TestSubject, sans, productInfo, format, type);
 
         // Assert
-        Assert.Equal(result.Status, (int)EndEntityStatus.GENERATED);
-        Assert.Equal(result.StatusMessage, $"Certificate with ID {fakeCaRequestId} has been reissued");
-        Assert.Equal(result.CARequestID, fakeCaRequestId);
+        Assert.Equal((int)EndEntityStatus.GENERATED, result.Status);
+        Assert.Equal($"Certificate with ID {fakeCaRequestId} has been reissued", result.StatusMessage);
+        Assert.Equal(fakeCaRequestId, result.CARequestID);
     }
 
     [IntegrationTestingFact]

GoDaddy.Tests/GoDaddyClient.cs GoDaddy.Tests/GoDaddyClientTests.csGoDaddy.Tests/GoDaddyClient.cs renamed to GoDaddy.Tests/GoDaddyClientTests.cs

@@ -1,4 +1,4 @@
-// Copyright 2024 Keyfactor
+// Copyright 2026 Keyfactor
 // 
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -21,15 +21,15 @@
 
 namespace Keyfactor.Extensions.CAPlugin.GoDaddyTests;
 
-public class ClientTests
+public class GoDaddyClientTests
 {
     ILogger _logger { get; set;}
 
-    public ClientTests()
+    public GoDaddyClientTests()
     {
         ConfigureLogging();
 
-        _logger = LogHandler.GetClassLogger<ClientTests>();
+        _logger = LogHandler.GetClassLogger<GoDaddyClientTests>();
     }
 
     [IntegrationTestingFact]