conjur-api 5.2.1 → 5.3.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.codeclimate.yml +10 -0
- data/.github/CODEOWNERS +10 -0
- data/.github/ISSUE_TEMPLATE/bug.md +42 -0
- data/.github/ISSUE_TEMPLATE/feature_request.md +27 -0
- data/.github/PULL_REQUEST_TEMPLATE.md +21 -0
- data/.gitignore +1 -0
- data/.gitleaks.toml +219 -0
- data/.overcommit.yml +16 -0
- data/.rubocop.yml +3 -0
- data/.rubocop_settings.yml +86 -0
- data/.rubocop_todo.yml +709 -0
- data/CHANGELOG.md +358 -177
- data/CONTRIBUTING.md +141 -0
- data/Gemfile +1 -1
- data/Jenkinsfile +27 -29
- data/LICENSE +202 -0
- data/README.md +19 -126
- data/SECURITY.md +42 -0
- data/bin/parse-changelog.sh +12 -0
- data/ci/codeclimate.dockerfile +6 -0
- data/conjur-api.gemspec +4 -1
- data/docker-compose.yml +2 -0
- data/features/authenticators.feature +33 -0
- data/features/host.feature +39 -9
- data/features/step_definitions/api_steps.rb +14 -3
- data/features/step_definitions/policy_steps.rb +40 -0
- data/features/support/env.rb +2 -0
- data/features/update_password.feature +2 -2
- data/features/user.feature +47 -6
- data/features_v4/support/env.rb +2 -0
- data/lib/conjur-api/version.rb +2 -2
- data/lib/conjur/acts_as_role.rb +15 -19
- data/lib/conjur/acts_as_user.rb +5 -1
- data/lib/conjur/api.rb +2 -0
- data/lib/conjur/api/authenticators.rb +35 -0
- data/lib/conjur/api/host_factories.rb +20 -19
- data/lib/conjur/{cast.rb → api/ldap_sync.rb} +14 -17
- data/lib/conjur/api/resources.rb +17 -21
- data/lib/conjur/api/router/v5.rb +39 -7
- data/lib/conjur/base.rb +19 -5
- data/lib/conjur/base_object.rb +31 -26
- data/lib/conjur/build_object.rb +13 -20
- data/lib/conjur/cert_utils.rb +14 -0
- data/lib/conjur/configuration.rb +1 -7
- data/lib/conjur/has_attributes.rb +6 -3
- data/lib/conjur/id.rb +22 -19
- data/lib/conjur/role_grant.rb +13 -18
- data/spec/api/host_factories_spec.rb +34 -0
- data/spec/api_spec.rb +55 -6
- data/spec/base_object_spec.rb +13 -0
- data/spec/cert_utils_spec.rb +92 -0
- data/spec/id_spec.rb +29 -0
- data/spec/ldap_sync_spec.rb +21 -0
- data/spec/spec_helper.rb +3 -0
- data/spec/uri_escape_spec.rb +14 -2
- data/test.sh +23 -1
- metadata +34 -12
- data/LICENSE.md +0 -195
- data/spec/cast_spec.rb +0 -21
data/SECURITY.md
ADDED
@@ -0,0 +1,42 @@
|
|
1
|
+
# Security Policies and Procedures
|
2
|
+
|
3
|
+
This document outlines security procedures and general policies for the CyberArk Conjur
|
4
|
+
suite of tools and products.
|
5
|
+
|
6
|
+
* [Reporting a Bug](#reporting-a-bug)
|
7
|
+
* [Disclosure Policy](#disclosure-policy)
|
8
|
+
* [Comments on this Policy](#comments-on-this-policy)
|
9
|
+
|
10
|
+
## Reporting a Bug
|
11
|
+
|
12
|
+
The CyberArk Conjur team and community take all security bugs in the Conjur suite seriously.
|
13
|
+
Thank you for improving the security of the Conjur suite. We appreciate your efforts and
|
14
|
+
responsible disclosure and will make every effort to acknowledge your
|
15
|
+
contributions.
|
16
|
+
|
17
|
+
Report security bugs by emailing the lead maintainers at security@conjur.org.
|
18
|
+
|
19
|
+
The maintainers will acknowledge your email within 2 business days. Subsequently, we will
|
20
|
+
send a more detailed response within 2 business days of our acknowledgement indicating
|
21
|
+
the next steps in handling your report. After the initial reply to your report, the security
|
22
|
+
team will endeavor to keep you informed of the progress towards a fix and full
|
23
|
+
announcement, and may ask for additional information or guidance.
|
24
|
+
|
25
|
+
Report security bugs in third-party modules to the person or team maintaining
|
26
|
+
the module.
|
27
|
+
|
28
|
+
## Disclosure Policy
|
29
|
+
|
30
|
+
When the security team receives a security bug report, they will assign it to a
|
31
|
+
primary handler. This person will coordinate the fix and release process,
|
32
|
+
involving the following steps:
|
33
|
+
|
34
|
+
* Confirm the problem and determine the affected versions.
|
35
|
+
* Audit code to find any potential similar problems.
|
36
|
+
* Prepare fixes for all releases still under maintenance. These fixes will be
|
37
|
+
released as fast as possible.
|
38
|
+
|
39
|
+
## Comments on this Policy
|
40
|
+
|
41
|
+
If you have suggestions on how this process could be improved please submit a
|
42
|
+
pull request.
|
data/conjur-api.gemspec
CHANGED
@@ -18,10 +18,13 @@ Gem::Specification.new do |gem|
|
|
18
18
|
|
19
19
|
gem.required_ruby_version = '>= 1.9'
|
20
20
|
|
21
|
+
# Filter out development only executables
|
22
|
+
gem.executables -= %w{parse-changelog.sh}
|
23
|
+
|
21
24
|
gem.add_dependency 'rest-client'
|
22
25
|
gem.add_dependency 'activesupport'
|
23
26
|
|
24
|
-
gem.add_development_dependency 'rake', '
|
27
|
+
gem.add_development_dependency 'rake', '>= 12.3.3'
|
25
28
|
gem.add_development_dependency 'rspec', '~> 3'
|
26
29
|
gem.add_development_dependency 'rspec-expectations', '~> 3.4'
|
27
30
|
gem.add_development_dependency 'json_spec'
|
data/docker-compose.yml
CHANGED
@@ -27,6 +27,7 @@ services:
|
|
27
27
|
volumes:
|
28
28
|
- ./spec/reports:/src/conjur-api/spec/reports
|
29
29
|
- ./features/reports:/src/conjur-api/features/reports
|
30
|
+
- ./coverage:/src/conjur-api/coverage
|
30
31
|
- authn_local_5:/run/authn-local-5
|
31
32
|
environment:
|
32
33
|
CONJUR_APPLIANCE_URL: http://conjur_5
|
@@ -38,6 +39,7 @@ services:
|
|
38
39
|
volumes:
|
39
40
|
- ./features_v4/reports:/src/conjur-api/features_v4/reports
|
40
41
|
- ./tmp/conjur.pem:/src/conjur-api/tmp/conjur.pem
|
42
|
+
- ./coverage_v4:/src/conjur-api/coverage
|
41
43
|
- authn_local_4:/run/authn-local-4
|
42
44
|
environment:
|
43
45
|
CONJUR_APPLIANCE_URL: https://conjur_4/api
|
@@ -0,0 +1,33 @@
|
|
1
|
+
Feature: List and manage authenticators
|
2
|
+
|
3
|
+
Background:
|
4
|
+
Given I run the code:
|
5
|
+
"""
|
6
|
+
$conjur.load_policy 'root', <<-POLICY
|
7
|
+
- !webservice conjur/authn-k8s/my-auth
|
8
|
+
POLICY
|
9
|
+
"""
|
10
|
+
|
11
|
+
Scenario: Authenticator list includes the authenticator status
|
12
|
+
When I run the code:
|
13
|
+
"""
|
14
|
+
$conjur.authenticator_list
|
15
|
+
"""
|
16
|
+
Then the JSON should have "installed"
|
17
|
+
And the JSON should have "configured"
|
18
|
+
And the JSON should have "enabled"
|
19
|
+
And the JSON at "enabled" should be ["authn"]
|
20
|
+
|
21
|
+
Scenario: Enable and disable authenticator
|
22
|
+
When I run the code:
|
23
|
+
"""
|
24
|
+
$conjur.authenticator_enable("authn-k8s", "my-auth")
|
25
|
+
$conjur.authenticator_list
|
26
|
+
"""
|
27
|
+
Then the JSON at "enabled" should be ["authn", "authn-k8s/my-auth"]
|
28
|
+
When I run the code:
|
29
|
+
"""
|
30
|
+
$conjur.authenticator_disable("authn-k8s", "my-auth")
|
31
|
+
$conjur.authenticator_list
|
32
|
+
"""
|
33
|
+
Then the JSON at "enabled" should be ["authn"]
|
data/features/host.feature
CHANGED
@@ -1,20 +1,50 @@
|
|
1
|
-
Feature:
|
1
|
+
Feature: Host object
|
2
2
|
|
3
|
-
|
3
|
+
Scenario: API key of a newly created host is available and valid
|
4
4
|
Given a new host
|
5
|
-
|
6
|
-
Scenario: API key of a newly created host is available and valid.
|
7
|
-
Then I run the code:
|
5
|
+
Then I can run the code:
|
8
6
|
"""
|
9
7
|
expect(@host.exists?).to be(true)
|
10
8
|
expect(@host.api_key).to be
|
11
9
|
Conjur::API.new_from_key(@host.login, @host.api_key).token
|
12
10
|
"""
|
13
11
|
|
14
|
-
|
15
|
-
|
12
|
+
# Rotation of own API key should be done via `Conjur::API.rotate_api_key()`
|
13
|
+
Scenario: Host's own API key cannot be rotated with an API key
|
14
|
+
Given a new host
|
15
|
+
Then this code should fail with "You cannot rotate your own API key via this method"
|
16
16
|
"""
|
17
17
|
host = Conjur::API.new_from_key(@host.login, @host.api_key).resource(@host.id)
|
18
|
-
|
19
|
-
|
18
|
+
host.rotate_api_key
|
19
|
+
"""
|
20
|
+
|
21
|
+
# Rotation of own API key should be done via `Conjur::API.rotate_api_key()`
|
22
|
+
Scenario: Host's own API key cannot be rotated with a token
|
23
|
+
Given a new host
|
24
|
+
Then this code should fail with "You cannot rotate your own API key via this method"
|
25
|
+
"""
|
26
|
+
token = Conjur::API.new_from_key(@host.login, @host.api_key).token
|
27
|
+
|
28
|
+
host = Conjur::API.new_from_token(token).resource(@host.id)
|
29
|
+
host.rotate_api_key
|
30
|
+
"""
|
31
|
+
|
32
|
+
Scenario: Delegated host's API key can be rotated with an API key
|
33
|
+
Given a new delegated host
|
34
|
+
Then I can run the code:
|
35
|
+
"""
|
36
|
+
delegated_host_resource = Conjur::API.new_from_key(@host_owner.login, @host_owner_api_key).resource(@host.id)
|
37
|
+
api_key = delegated_host_resource.rotate_api_key
|
38
|
+
Conjur::API.new_from_key(delegated_host_resource.login, api_key).token
|
39
|
+
"""
|
40
|
+
|
41
|
+
Scenario: Delegated host's API key can be rotated with a token
|
42
|
+
Given a new delegated host
|
43
|
+
Then I can run the code:
|
44
|
+
"""
|
45
|
+
token = Conjur::API.new_from_key(@host_owner.login, @host_owner_api_key).token
|
46
|
+
|
47
|
+
delegated_host_resource = Conjur::API.new_from_token(token).resource(@host.id)
|
48
|
+
api_key = delegated_host_resource.rotate_api_key
|
49
|
+
Conjur::API.new_from_key(delegated_host_resource.login, api_key).token
|
20
50
|
"""
|
@@ -1,7 +1,18 @@
|
|
1
|
-
|
1
|
+
Then(/^I(?: can)? run the code:$/) do |code|
|
2
2
|
@result = eval(code).tap do |result|
|
3
|
-
if ENV['DEBUG']
|
4
|
-
|
3
|
+
puts result if ENV['DEBUG']
|
4
|
+
end
|
5
|
+
end
|
6
|
+
|
7
|
+
Then(/^this code should fail with "([^"]*)"$/) do |error_msg, code|
|
8
|
+
begin
|
9
|
+
@result = eval(code)
|
10
|
+
rescue Exception => exc
|
11
|
+
if not exc.message =~ %r{#{error_msg}}
|
12
|
+
fail "'#{error_msg}' was not found in '#{exc.message}'"
|
5
13
|
end
|
14
|
+
else
|
15
|
+
puts @result if ENV['DEBUG']
|
16
|
+
fail "The provided block did not raise an error"
|
6
17
|
end
|
7
18
|
end
|
@@ -13,6 +13,25 @@ Given(/^a new user$/) do
|
|
13
13
|
expect(@user_api_key).to be
|
14
14
|
end
|
15
15
|
|
16
|
+
Given(/^a new delegated user$/) do
|
17
|
+
# Create a new host that is owned by that user
|
18
|
+
step 'a new user'
|
19
|
+
@user_owner = @user
|
20
|
+
@user_owner_id = @user_id
|
21
|
+
@user_owner_api_key = @user_api_key
|
22
|
+
|
23
|
+
# Create a new user that is owned by the user created earlier
|
24
|
+
@user_id = "user-#{random_hex}"
|
25
|
+
response = $conjur.load_policy 'root', <<-POLICY
|
26
|
+
- !user
|
27
|
+
id: #{@user_id}
|
28
|
+
owner: !user #{@user_owner_id}
|
29
|
+
POLICY
|
30
|
+
@user = $conjur.resource("cucumber:user:#{@user_id}")
|
31
|
+
@user_api_key = response.created_roles["cucumber:user:#{@user_id}"]['api_key']
|
32
|
+
expect(@user_api_key).to be
|
33
|
+
end
|
34
|
+
|
16
35
|
Given(/^a new group$/) do
|
17
36
|
@group_id = "group-#{random_hex}"
|
18
37
|
response = $conjur.load_policy 'root', <<-POLICY
|
@@ -33,3 +52,24 @@ Given(/^a new host$/) do
|
|
33
52
|
@host = $conjur.resource("cucumber:host:#{@host_id}")
|
34
53
|
@host.attributes['api_key'] = @host_api_key
|
35
54
|
end
|
55
|
+
|
56
|
+
Given(/^a new delegated host$/) do
|
57
|
+
# Create an owner user
|
58
|
+
step 'a new user'
|
59
|
+
@host_owner = @user
|
60
|
+
@host_owner_id = @user_id
|
61
|
+
@host_owner_api_key = @user_api_key
|
62
|
+
|
63
|
+
# Create a new host that is owned by that user
|
64
|
+
@host_id = "app-#{random_hex}"
|
65
|
+
response = $conjur.load_policy 'root', <<-POLICY
|
66
|
+
- !host
|
67
|
+
id: #{@host_id}
|
68
|
+
owner: !user #{@host_owner_id}
|
69
|
+
POLICY
|
70
|
+
|
71
|
+
@host_api_key = response.created_roles["cucumber:host:#{@host_id}"]['api_key']
|
72
|
+
expect(@host_api_key).to be
|
73
|
+
@host = $conjur.resource("cucumber:host:#{@host_id}")
|
74
|
+
@host.attributes['api_key'] = @host_api_key
|
75
|
+
end
|
data/features/support/env.rb
CHANGED
@@ -5,8 +5,8 @@ Feature: Change a user's password.
|
|
5
5
|
Scenario: A user can set/change her password using the current API key.
|
6
6
|
When I run the code:
|
7
7
|
"""
|
8
|
-
Conjur::API.update_password @user_id, @user_api_key, '
|
9
|
-
@new_api_key = Conjur::API.login @user_id, '
|
8
|
+
Conjur::API.update_password @user_id, @user_api_key, 'SEcret12!!!!'
|
9
|
+
@new_api_key = Conjur::API.login @user_id, 'SEcret12!!!!'
|
10
10
|
"""
|
11
11
|
Then I can run the code:
|
12
12
|
"""
|
data/features/user.feature
CHANGED
@@ -1,17 +1,58 @@
|
|
1
|
-
Feature:
|
1
|
+
Feature: User object
|
2
2
|
|
3
3
|
Background:
|
4
|
-
Given a new user
|
5
4
|
|
6
|
-
Scenario: User has a uidnumber
|
7
|
-
|
5
|
+
Scenario: User has a uidnumber
|
6
|
+
Given a new user
|
7
|
+
Then I can run the code:
|
8
8
|
"""
|
9
9
|
@user.uidnumber
|
10
10
|
"""
|
11
11
|
Then the result should be "1000"
|
12
12
|
|
13
|
-
Scenario: Logged-in user is the current_role
|
14
|
-
|
13
|
+
Scenario: Logged-in user is the current_role
|
14
|
+
Given a new user
|
15
|
+
Then I can run the code:
|
15
16
|
"""
|
16
17
|
expect($conjur.current_role(Conjur.configuration.account).id.to_s).to eq("cucumber:user:admin")
|
17
18
|
"""
|
19
|
+
|
20
|
+
# Rotation of own API key should be done via `Conjur::API.rotate_api_key()`
|
21
|
+
Scenario: User's own API key cannot be rotated with an API key
|
22
|
+
Given a new user
|
23
|
+
Then this code should fail with "You cannot rotate your own API key via this method"
|
24
|
+
"""
|
25
|
+
user = Conjur::API.new_from_key(@user.login, @user_api_key).resource(@user.id)
|
26
|
+
user.rotate_api_key
|
27
|
+
"""
|
28
|
+
|
29
|
+
# Rotation of own API key should be done via `Conjur::API.rotate_api_key()`
|
30
|
+
Scenario: User's own API key cannot be rotated with a token
|
31
|
+
Given a new user
|
32
|
+
Then this code should fail with "You cannot rotate your own API key via this method"
|
33
|
+
"""
|
34
|
+
token = Conjur::API.new_from_key(@user.login, @user_api_key).token
|
35
|
+
|
36
|
+
user = Conjur::API.new_from_token(token).resource(@user.id)
|
37
|
+
user.rotate_api_key
|
38
|
+
"""
|
39
|
+
|
40
|
+
Scenario: Delegated user's API key can be rotated with an API key
|
41
|
+
Given a new delegated user
|
42
|
+
Then I can run the code:
|
43
|
+
"""
|
44
|
+
delegated_user_resource = Conjur::API.new_from_key(@user_owner.login, @user_owner_api_key).resource(@user.id)
|
45
|
+
api_key = delegated_user_resource.rotate_api_key
|
46
|
+
Conjur::API.new_from_key(delegated_user_resource.login, api_key).token
|
47
|
+
"""
|
48
|
+
|
49
|
+
Scenario: Delegated user's API key can be rotated with a token
|
50
|
+
Given a new delegated user
|
51
|
+
Then I can run the code:
|
52
|
+
"""
|
53
|
+
token = Conjur::API.new_from_key(@user_owner.login, @user_owner_api_key).token
|
54
|
+
|
55
|
+
delegated_user_resource = Conjur::API.new_from_token(token).resource(@user.id)
|
56
|
+
api_key = delegated_user_resource.rotate_api_key
|
57
|
+
Conjur::API.new_from_key(delegated_user_resource.login, api_key).token
|
58
|
+
"""
|
data/features_v4/support/env.rb
CHANGED
data/lib/conjur-api/version.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright 2013-
|
1
|
+
# Copyright 2013-2020 Conjur Inc.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy of
|
4
4
|
# this software and associated documentation files (the "Software"), to deal in
|
@@ -19,6 +19,6 @@
|
|
19
19
|
|
20
20
|
module Conjur
|
21
21
|
class API
|
22
|
-
VERSION = "5.
|
22
|
+
VERSION = "5.3.4"
|
23
23
|
end
|
24
24
|
end
|
data/lib/conjur/acts_as_role.rb
CHANGED
@@ -1,23 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2013-2018 CyberArk Ltd.
|
1
4
|
#
|
2
|
-
#
|
3
|
-
#
|
4
|
-
#
|
5
|
-
# this software and associated documentation files (the "Software"), to deal in
|
6
|
-
# the Software without restriction, including without limitation the rights to
|
7
|
-
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
8
|
-
# the Software, and to permit persons to whom the Software is furnished to do so,
|
9
|
-
# subject to the following conditions:
|
10
|
-
#
|
11
|
-
# The above copyright notice and this permission notice shall be included in all
|
12
|
-
# copies or substantial portions of the Software.
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
13
8
|
#
|
14
|
-
#
|
15
|
-
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
16
|
-
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
17
|
-
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
18
|
-
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
19
|
-
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
20
10
|
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
21
17
|
module Conjur
|
22
18
|
|
23
19
|
# This module provides methods for things that have an associated {Conjur::Role}.
|
@@ -100,7 +96,7 @@ module Conjur
|
|
100
96
|
end
|
101
97
|
if filter = options.delete(:filter)
|
102
98
|
filter = [filter] unless filter.is_a?(Array)
|
103
|
-
options["filter"] = filter.map
|
99
|
+
options["filter"] = filter.map(&Id.method(:new))
|
104
100
|
end
|
105
101
|
|
106
102
|
result = JSON.parse(rbac_role_resource[options_querystring options].get)
|
@@ -143,4 +139,4 @@ module Conjur
|
|
143
139
|
url_for(:roles_role, credentials, id)
|
144
140
|
end
|
145
141
|
end
|
146
|
-
end
|
142
|
+
end
|
data/lib/conjur/acts_as_user.rb
CHANGED
@@ -52,12 +52,16 @@ module Conjur
|
|
52
52
|
# @note You will not be able to access the API key returned by this method later, so you should
|
53
53
|
# probably hang onto it it.
|
54
54
|
#
|
55
|
-
# @note You cannot rotate your own API key with this method. To do so, use `Conjur::API.rotate_api_key
|
55
|
+
# @note You cannot rotate your own API key with this method. To do so, use `Conjur::API.rotate_api_key`.
|
56
56
|
#
|
57
57
|
# @note This feature requires a Conjur appliance running version 4.6 or higher.
|
58
58
|
#
|
59
59
|
# @return [String] the new API key for this user.
|
60
60
|
def rotate_api_key
|
61
|
+
if login == username
|
62
|
+
raise 'You cannot rotate your own API key via this method. To do so, use `Conjur::API.rotate_api_key`'
|
63
|
+
end
|
64
|
+
|
61
65
|
url_for(:authn_rotate_api_key, credentials, account, id).put("").body
|
62
66
|
end
|
63
67
|
end
|
data/lib/conjur/api.rb
CHANGED
@@ -34,6 +34,7 @@ require 'conjur/acts_as_rolsource'
|
|
34
34
|
require 'conjur/acts_as_user'
|
35
35
|
require 'conjur/log_source'
|
36
36
|
require 'conjur/has_attributes'
|
37
|
+
require 'conjur/api/authenticators'
|
37
38
|
require 'conjur/api/authn'
|
38
39
|
require 'conjur/api/roles'
|
39
40
|
require 'conjur/api/resources'
|
@@ -41,6 +42,7 @@ require 'conjur/api/pubkeys'
|
|
41
42
|
require 'conjur/api/variables'
|
42
43
|
require 'conjur/api/policies'
|
43
44
|
require 'conjur/api/host_factories'
|
45
|
+
require 'conjur/api/ldap_sync'
|
44
46
|
require 'conjur/host'
|
45
47
|
require 'conjur/group'
|
46
48
|
require 'conjur/variable'
|