Keyfactor Command Custom Workflow Steps

The manifest.json files for workflowClosed A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. define the steps for workflow. Edit these files if you need to register a new custom workflow step.

Windows Installations Under IIS

To add a custom workflow step to the manifest.json file:

  1. Navigate to the Extensions\WorkflowSteps folders on your server under each of the KeyfactorAPI, Services, WebAgentServices, and WebConsole folders. These are located by default at:

    C:\Program Files\Keyfactor\Keyfactor Platform\KeyfactorAPI\Extensions\WorkflowSteps
    C:\Program Files\Keyfactor\Keyfactor Platform\Services\Extensions\WorkflowSteps
    C:\Program Files\Keyfactor\Keyfactor Platform\WebAgentServices\Extensions\WorkflowSteps
    C:\Program Files\Keyfactor\Keyfactor Platform\WebConsole\Extensions\WorkflowSteps
  2. Browse to open the manifest.json file in a text editor (e.g. Notepad).
  3. At the bottom of the file within the Keyfactor.Workflows.Extensions.IWorkflowStep section, add a new section for your custom workflow step. The section should contain:

    • The unique name of the custom step you are registering (e.g. MyCustomStep). This value should not contain spaces.

    • The path to the DLL containing the custom step code. This can be a relative path (e.g. ../../Keyfactor.Command.Workflows.MyCustomSteps.dll would be a reference to the DLL in the \Services folder).

    • The fully qualified namespace of the class that implements the interface (e.g. Keyfactor.Command.Workflows.MyCustomStep).

    • The LoadInUpstreamContext Boolean indicates whether the supporting assemblies should be loaded from the application (true) or if they should be loaded from the folder containing the extension (false).

    Copy
    {
        "extensions": {
            "Keyfactor.Workflows.Extensions.IWorkflowStep": {
                "Email": {
                    "assemblypath": "../../Keyfactor.Command.Workflows.Implementations.dll",
                    "TypeFullName": "Keyfactor.Command.Workflows.Implementations.Steps.Email",
                    "LoadInUpstreamContext": "True"
                },

                [Section removed for ease of reading]

                "NOOPStep": {
                    "assemblypath": "../../Keyfactor.Command.Workflows.Engine.dll",
                    "TypeFullName": "Keyfactor.Command.Workflows.Engine.Steps.NOOPStep",
                    "LoadInUpstreamContext": "True"
                },
                "MyCustomStep": {
                    "assemblypath": "../../Keyfactor.Command.Workflows.MyCustomSteps.dll",
                    "TypeFullName": "Keyfactor.Command.Workflows.MyCustomStep",
                    "LoadInUpstreamContext": "True"
                }      
            }
        }
    }
  4. Save the file.
  5. Place your DLL in the specified location.
Note:  Repeat these steps for each of the four folders that contain workflow step extension manifests: KeyfactorAPI, Service, WebAgentServices, and WebConsole.
Container Installations Under Kubernetes

To add a custom workflow step:

  1. On your Kubernetes server, create a manifest.json file containing the step you are adding. For example:

    Copy
    {
      "extensions": {
        "Keyfactor.Workflows.Extensions.IWorkflowStep": {
          "MyCustomStep": {
            "assemblypath": "Keyfactor.Command.Workflows.MyCustomSteps.dll",
            "TypeFullName": "Keyfactor.Command.Workflows.MyCustomStep",
            "LoadInUpstreamContext": "True"
          }     
        }
      }
    }
  2. Create a PersistentVolume in Kubernetes to contain your manifest.json file, the dll it references, and any supporting files. The steps for this will vary depending on your Kubernetes implementation and the intended storage location used by your PersistentVolume.

    Tip:  You can create a PersistentVolume in the local file system for testing purposes as follows:
    1. Create a directory that your PersistentVolume will reference and which will contain the files to be mounted via the persistent volume. For example:

      mkdir /opt/files/workflow
    2. Create a YAML file to define the PersistentVolume similar to the following:

      apiVersion: v1
      kind: PersistentVolume
      metadata:
        name: workflow-pv
      spec:
        storageClassName: manual
        capacity:
          storage: 10Gi
      accessModes:
        - ReadWriteOnce
      hostPath:
        path: "/opt/files/workflow"
    3. Create the PersistentVolume based on the yaml file you created. For example:

      sudo kubectl apply --filename=/opt/files/workflow-pv.yaml

      PersistentVolumes are cluster-scoped resources, meaning they are not associated with a specific namespace.

    4. Create a YAML file to define a PersistentVolumeClaim associated with the PersistentVolume similar to the following:

      apiVersion: v1
      kind: PersistentVolumeClaim
      metadata:
        name: workflow-pvc
      spec:
        storageClassName: manual
        accessModes:
          - ReadWriteOnce
        resources:
          requests:
            storage: 10Gi
    5. Create the PersistentVolumeClaim based on the yaml file you created. For example:

      sudo kubectl apply --filename=/opt/files/workflow-pvc.yaml --namespace keyfactor-command

      Unlike PersistentVolumes, PersistentVolumeClaims are associated with a specific namespace.

    6. Place the files that should be mounted in the container into the directory you specified in the file system. For example:

      /opt/files/workflow/manifest.json
      /opt/files/workflow/MyCustomSteps.dll

    Important:  This method should not be used for a production PersistentVolume.

  3. Edit your values file to add a volume and volumeMount for the PersistentVolume containing manifest.json file, dll, and any supporting files. For example, the following values file section shows the example root trusts volume (see Install Keyfactor Command in Containers Under Kubernetes) and the workflow-customstep-volume. Your PersistentVolume claim name should match the claimName referenced here.

    volumes:
      - name: root-cas
        configMap:
          name: ca-roots
          items:
            - key: ca-certificates.crt
              path: ca-certificates.crt
      - name: workflow-customstep-volume
        persistentVolumeClaim:
          claimName: workflow-pvc
    volumeMounts:
      - name: root-cas
        mountPath: /etc/ssl/certs/ca-certificates.crt
        subPath: ca-certificates.crt
      - name: workflow-customstep-volume
        mountPath: /app/Extensions/my-custom-step
  4. Load the new values, referencing the deployment name, namespace, your customized values file, the helm chart, and version. For example:

    sudo helm upgrade Helm_Deployment_Name --namespace keyfactor-command --values values-local.yaml oci://repo.keyfactor.com/charts/command --version 2.0.0