diff --git a/.circleci/config.yml b/.circleci/config.yml index 7bab140c96..894f6cdeb1 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -182,6 +182,7 @@ jobs: steps: - browser-tools/install-chrome - browser-tools/install-chromedriver + - run: rm -f LICENSE.chromedriver # ls -lR /home/circleci/project revealed this file after checkout step was failing due to a non-empty directory - checkout - sfdx/install: *sfdx_version - jq/install diff --git a/sfdx/bin/extract-private-key b/sfdx/bin/extract-private-key index b08ffae34b..654f038d01 100755 --- a/sfdx/bin/extract-private-key +++ b/sfdx/bin/extract-private-key @@ -15,5 +15,5 @@ fi # the certificate associated with this key is uploaded to our SF application on the billing PBO org # this is the closest thing we have to a platform key in salesforce -# set `SF_JWT_KEY` on CI to `cat sfdx/jwt-cert/private_key.pem | base64` +# set `SF_JWT_KEY` on CI to the output of `cat sfdx/jwt-cert/private_key.pem | base64` echo $SF_JWT_KEY | base64 --decode --ignore-garbage > $SF_JWT_PRIVATE_KEY_PATH diff --git a/sfdx/jwt-cert/certificate.pem b/sfdx/jwt-cert/certificate.pem index cae4b5ad73..7dad45e673 100644 --- a/sfdx/jwt-cert/certificate.pem +++ b/sfdx/jwt-cert/certificate.pem @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICwDCCAagCCQCg7k4RDpskODANBgkqhkiG9w0BAQsFADAiMQswCQYDVQQGEwJV -UzETMBEGA1UEAwwKSnd0VWlMb2dpbjAeFw0yMjAzMTAwMDEzNDhaFw0yMzAzMTAw -MDEzNDhaMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQDDApKd3RVaUxvZ2luMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdtKKxnqvUuR9/24n0hMjqBseb2C -sL8++xUG93M3MjYnfE3XZ2vNS2KJU6jEmJlQvs7MlWQIbdhSwVjLKIhwPh7LbAS1 -t4RKezGC9AgxiE138506vS1qrzf2QBjU0y+DHGFwRkUWBvhW1hfW00DnHlS5C9g0 -uWZs4TTAnfmSMS6bjkiB8/LWUvxA7g+vF6R2/bmtDDaQZdQxXWUDJANG5YgYmH9K -29pxTbHBkCc0/n1wjroBCQ8L8VHHnsFQAYMqoD0yHQkOERsMGZzHfLQugG4kRNUX -J1XFL8KOebWxWfofdfvzUQqgtlRmkTLlEPcDhWlfUcZLrEA6O/y3U83OpQIDAQAB -MA0GCSqGSIb3DQEBCwUAA4IBAQB/12B2kt2ZwXZBxsmp5RogzhBsROEqt1w2Xv0F -QRRTrKItDTcs1sGJGdSzjFTbJrkML3+iH7ZVtNYNvr3WlJi/h+dyQyO7WLnxUN4n -T+A8u+XoEMnHQqWax2KAf3Ypbh2x0RHSEVFO4Pgd5gNPv48/bvm3lTLabeGKZPPs -1Y9idT6uHax8XPDt8Zw28VM31CGJkddnglvAgOgt+Cy+tnb0+UIbno7McE2EXoN/ -bXsHisogK1Ux27B1YgtnClIZX5fV6IyFENTpj0XhNOFhsqWKRj1Tt+axJjsGhY0O -K3oeUJRjweU0Uh4SJcKWmiYRKzYW3o/DzCXws2M8Cg6EyYQT +MIICwDCCAagCCQCFfL3a7VxiRTANBgkqhkiG9w0BAQsFADAiMQswCQYDVQQGEwJV +UzETMBEGA1UEAwwKSnd0Q0lMb2dpbjAeFw0yMzAxMTAyMTIzMTJaFw0yNDAxMTAy +MTIzMTJaMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQDDApKd3RDSUxvZ2luMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHWNoKIfSuRtcRlV+WR8KXK5v65H +0nhrX0bwWgQQni7NUr7hUbBeBEYarR6m1zNc1HnyCVZnY7wLtsvxY6hTOAVXM/d8 +asD5thh1TCMQjH0KrmZerpCq3dQq4GgfPr5L+31akIfVC7BDlgdHa9+eMo48QDRe +mIuyPSpLWggEULLgvEWcAzzeXxdzlt9yNrSPmYtCONADC4K535fMw4fR+T+xSehc +Eoqvi01eqJq5So1Rm433AYPloP3BdC9P8nTw+waIWMlphgIM+lCRXMs2bAXHV2Cb +J/MUgb/nyic1HToZeTIrJjwaklc9vENgMDvdL/ukkDhGjeqeQJHvspnDhQIDAQAB +MA0GCSqGSIb3DQEBCwUAA4IBAQAVmfs74kmeq3UyzrkBQrYd0Ol0hdSCKILyuguO +oyPxFqKebmnr77kg4YFqGNSB6lp4tDDFNxl+SMXNUTmL6DG8faelpdRGkuFxW/Hd +5+VqIx3bdBLg/aU8Yq8FX6AmqXMuFtSOJaYW1+2PFhZEQv1EcUb49C72rVkkf+Xd +lqyJ/ETCen1mpkWrAnlhLrp/0aXakwKyUqY8zrl0iyYUWn8FZ2AkI3yDMHP5omMU +6apEdefu5jpFEbvQbIqUWHKJofDGqoX2HVn2brTz6yTuJgU/EzxYBnJdbv7Yq4QI +L2fVu6U7Vk+m3C6X0c1iHyJBNoyRMuf4BblSDjcasqKKY2hN -----END CERTIFICATE----- diff --git a/sfdx/jwt-cert/public_key.cer b/sfdx/jwt-cert/public_key.cer index 652ed7dc02..aac2fe5f7e 100644 Binary files a/sfdx/jwt-cert/public_key.cer and b/sfdx/jwt-cert/public_key.cer differ diff --git a/sfdx/jwt-cert/public_key.pem b/sfdx/jwt-cert/public_key.pem index 8fd56defbd..af585f9e00 100644 --- a/sfdx/jwt-cert/public_key.pem +++ b/sfdx/jwt-cert/public_key.pem @@ -1,26 +1,26 @@ -----BEGIN PUBLIC KEY----- -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdtKKxnqvUuR9/24n0hM -jqBseb2CsL8++xUG93M3MjYnfE3XZ2vNS2KJU6jEmJlQvs7MlWQIbdhSwVjLKIhw -Ph7LbAS1t4RKezGC9AgxiE138506vS1qrzf2QBjU0y+DHGFwRkUWBvhW1hfW00Dn -HlS5C9g0uWZs4TTAnfmSMS6bjkiB8/LWUvxA7g+vF6R2/bmtDDaQZdQxXWUDJANG -5YgYmH9K29pxTbHBkCc0/n1wjroBCQ8L8VHHnsFQAYMqoD0yHQkOERsMGZzHfLQu -gG4kRNUXJ1XFL8KOebWxWfofdfvzUQqgtlRmkTLlEPcDhWlfUcZLrEA6O/y3U83O -pQIDAQAB +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHWNoKIfSuRtcRlV+WR8 +KXK5v65H0nhrX0bwWgQQni7NUr7hUbBeBEYarR6m1zNc1HnyCVZnY7wLtsvxY6hT +OAVXM/d8asD5thh1TCMQjH0KrmZerpCq3dQq4GgfPr5L+31akIfVC7BDlgdHa9+e +Mo48QDRemIuyPSpLWggEULLgvEWcAzzeXxdzlt9yNrSPmYtCONADC4K535fMw4fR ++T+xSehcEoqvi01eqJq5So1Rm433AYPloP3BdC9P8nTw+waIWMlphgIM+lCRXMs2 +bAXHV2CbJ/MUgb/nyic1HToZeTIrJjwaklc9vENgMDvdL/ukkDhGjeqeQJHvspnD +hQIDAQAB -----END PUBLIC KEY----- -----BEGIN CERTIFICATE----- -MIICwDCCAagCCQCg7k4RDpskODANBgkqhkiG9w0BAQsFADAiMQswCQYDVQQGEwJV -UzETMBEGA1UEAwwKSnd0VWlMb2dpbjAeFw0yMjAzMTAwMDEzNDhaFw0yMzAzMTAw -MDEzNDhaMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQDDApKd3RVaUxvZ2luMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdtKKxnqvUuR9/24n0hMjqBseb2C -sL8++xUG93M3MjYnfE3XZ2vNS2KJU6jEmJlQvs7MlWQIbdhSwVjLKIhwPh7LbAS1 -t4RKezGC9AgxiE138506vS1qrzf2QBjU0y+DHGFwRkUWBvhW1hfW00DnHlS5C9g0 -uWZs4TTAnfmSMS6bjkiB8/LWUvxA7g+vF6R2/bmtDDaQZdQxXWUDJANG5YgYmH9K -29pxTbHBkCc0/n1wjroBCQ8L8VHHnsFQAYMqoD0yHQkOERsMGZzHfLQugG4kRNUX -J1XFL8KOebWxWfofdfvzUQqgtlRmkTLlEPcDhWlfUcZLrEA6O/y3U83OpQIDAQAB -MA0GCSqGSIb3DQEBCwUAA4IBAQB/12B2kt2ZwXZBxsmp5RogzhBsROEqt1w2Xv0F -QRRTrKItDTcs1sGJGdSzjFTbJrkML3+iH7ZVtNYNvr3WlJi/h+dyQyO7WLnxUN4n -T+A8u+XoEMnHQqWax2KAf3Ypbh2x0RHSEVFO4Pgd5gNPv48/bvm3lTLabeGKZPPs -1Y9idT6uHax8XPDt8Zw28VM31CGJkddnglvAgOgt+Cy+tnb0+UIbno7McE2EXoN/ -bXsHisogK1Ux27B1YgtnClIZX5fV6IyFENTpj0XhNOFhsqWKRj1Tt+axJjsGhY0O -K3oeUJRjweU0Uh4SJcKWmiYRKzYW3o/DzCXws2M8Cg6EyYQT +MIICwDCCAagCCQCFfL3a7VxiRTANBgkqhkiG9w0BAQsFADAiMQswCQYDVQQGEwJV +UzETMBEGA1UEAwwKSnd0Q0lMb2dpbjAeFw0yMzAxMTAyMTIzMTJaFw0yNDAxMTAy +MTIzMTJaMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQDDApKd3RDSUxvZ2luMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHWNoKIfSuRtcRlV+WR8KXK5v65H +0nhrX0bwWgQQni7NUr7hUbBeBEYarR6m1zNc1HnyCVZnY7wLtsvxY6hTOAVXM/d8 +asD5thh1TCMQjH0KrmZerpCq3dQq4GgfPr5L+31akIfVC7BDlgdHa9+eMo48QDRe +mIuyPSpLWggEULLgvEWcAzzeXxdzlt9yNrSPmYtCONADC4K535fMw4fR+T+xSehc +Eoqvi01eqJq5So1Rm433AYPloP3BdC9P8nTw+waIWMlphgIM+lCRXMs2bAXHV2Cb +J/MUgb/nyic1HToZeTIrJjwaklc9vENgMDvdL/ukkDhGjeqeQJHvspnDhQIDAQAB +MA0GCSqGSIb3DQEBCwUAA4IBAQAVmfs74kmeq3UyzrkBQrYd0Ol0hdSCKILyuguO +oyPxFqKebmnr77kg4YFqGNSB6lp4tDDFNxl+SMXNUTmL6DG8faelpdRGkuFxW/Hd +5+VqIx3bdBLg/aU8Yq8FX6AmqXMuFtSOJaYW1+2PFhZEQv1EcUb49C72rVkkf+Xd +lqyJ/ETCen1mpkWrAnlhLrp/0aXakwKyUqY8zrl0iyYUWn8FZ2AkI3yDMHP5omMU +6apEdefu5jpFEbvQbIqUWHKJofDGqoX2HVn2brTz6yTuJgU/EzxYBnJdbv7Yq4QI +L2fVu6U7Vk+m3C6X0c1iHyJBNoyRMuf4BblSDjcasqKKY2hN -----END CERTIFICATE----- diff --git a/sfdx/jwt-cert/readme.md b/sfdx/jwt-cert/readme.md index 9b0450f8e7..2b1e95583c 100644 --- a/sfdx/jwt-cert/readme.md +++ b/sfdx/jwt-cert/readme.md @@ -6,9 +6,9 @@ Generate a certificate and add it to the SF app: -1. `jwt-cert/generate` +1. `./jwt-cert/generate-jwt-cert` 2. Upload public_key.cer to the SF org managing the app. This is the Billing BPO. - - Salesforce > Setup > Manage Connected apps > View > Edit + - Log in to PBO Org -> Setup -> App Manager -> Stripe Connector for Salesforce (StripeConnector) -> Edit - Use Digital Signature: true - Upload jwt-cert/public_key.cer - There are some unique permissions that need to be added to the app even if "full access" is requested.