conjur-api 5.3.3 → 5.3.7.pre.167

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -24,7 +24,6 @@ require 'set'
24
24
  require 'conjur/cert_utils'
25
25
 
26
26
  module Conjur
27
-
28
27
  class << self
29
28
  # Saves the current thread local {Conjur::Configuration},
30
29
  # sets the thread local {Conjur::Configuration} to `config`, yields to the block, and ensures that
@@ -68,7 +67,7 @@ module Conjur
68
67
  ensure
69
68
  Thread.current[:conjur_configuration] = oldvalue
70
69
  end
71
-
70
+
72
71
  # Gets the current thread-local or global configuration.
73
72
  #
74
73
  # The thread-local Conjur configuration can only be set using the {Conjur.with_configuration}
@@ -79,7 +78,7 @@ module Conjur
79
78
  def configuration
80
79
  Thread.current[:conjur_configuration] || (@config ||= Configuration.new)
81
80
  end
82
-
81
+
83
82
  # Sets the global configuration.
84
83
  #
85
84
  # This method *has no effect* on the thread local configuration. Use {Conjur.with_configuration} instead if
@@ -191,25 +190,25 @@ module Conjur
191
190
  @supplied = options.dup
192
191
  @computed = Hash.new
193
192
  end
194
-
193
+
195
194
  class << self
196
195
  # @api private
197
196
  def accepted_options
198
197
  require 'set'
199
198
  @options ||= Set.new
200
199
  end
201
-
200
+
202
201
  # @param [Symbol] name
203
202
  # @param [Hash] options
204
- # @option options [Boolean] :boolean (false) whether this option should have a '?' accessor
203
+ # @option options [Boolean] :boolean (false) whether this option should have a '?' accessor
205
204
  # @option options [Boolean, String] :env Environment variable for this option. Set to false
206
205
  # to disallow environment based configuration. Default is CONJUR_<OPTION_NAME>.
207
206
  # @option options [Proc, *] :default Default value or proc to provide it
208
207
  # @option options [Boolean] :required (false) when true, raise an exception if the option is
209
208
  # not set
210
- # @option options [Proc, #to_proc] :convert proc-ish to convert environment
209
+ # @option options [Proc, #to_proc] :convert proc-ish to convert environment
211
210
  # values to appropriate types
212
- # @param [Proc] def_proc block to provide default values
211
+ # @param [Proc] def_proc block to provide default values
213
212
  # @api private
214
213
  def add_option name, options = {}, &def_proc
215
214
  accepted_options << name
@@ -217,7 +216,7 @@ module Conjur
217
216
  env_var = options[:env] || "CONJUR_#{name.to_s.upcase}"
218
217
  def_val = options[:default]
219
218
  opt_name = name
220
-
219
+
221
220
  def_proc ||= if def_val.respond_to?(:call)
222
221
  def_val
223
222
  elsif options[:required]
@@ -225,10 +224,10 @@ module Conjur
225
224
  else
226
225
  proc { def_val }
227
226
  end
228
-
227
+
229
228
  convert = options[:convert] || ->(x){ x }
230
229
  # Allow a Symbol, for example
231
- convert = convert.to_proc if convert.respond_to?(:to_proc)
230
+ convert = convert.to_proc if convert.respond_to?(:to_proc)
232
231
 
233
232
  define_method("#{name}=") do |value|
234
233
  set name, value
@@ -237,7 +236,7 @@ module Conjur
237
236
  define_method("#{name}_env_var") do
238
237
  allow_env ? env_var : nil
239
238
  end
240
-
239
+
241
240
  define_method(name) do
242
241
  value = computed[name]
243
242
  return value unless value.nil?
@@ -246,7 +245,7 @@ module Conjur
246
245
  supplied[name]
247
246
  elsif allow_env && ENV.member?(env_var)
248
247
  instance_exec(ENV[env_var], &convert)
249
- else
248
+ else
250
249
  instance_eval(&def_proc)
251
250
  end.tap do |value|
252
251
  computed[name] = value
@@ -256,7 +255,7 @@ module Conjur
256
255
  alias_method("#{name}?", name) if options[:boolean]
257
256
  end
258
257
  end
259
-
258
+
260
259
  # Return a copy of this {Conjur::Configuration} instance, optionally
261
260
  # updating the copy with options from the `override_options` hash.
262
261
  #
@@ -290,8 +289,8 @@ module Conjur
290
289
  #
291
290
  # The url for the {http://developer.conjur.net/reference/services/authentication Conjur authentication service}.
292
291
  #
293
- # By default, this will be built from the +appliance_url+. To use a custom authenticator,
294
- # set this option in code or set `CONJUR_AUTHN_URL`.
292
+ # By default, this will be built from the +appliance_url+. To use a custom authenticator,
293
+ # set this option in code or set `CONJUR_AUTHN_URL`.
295
294
  #
296
295
  #
297
296
  # @return [String] the authentication service url
@@ -369,10 +368,30 @@ module Conjur
369
368
  # @see cert_file
370
369
  add_option :ssl_certificate
371
370
 
371
+ # @!attribute rest_client_options
372
+ #
373
+ # Custom options for the underlying RestClient Requests. This defaults to:
374
+ # ```
375
+ # {
376
+ # ssl_cert_store: OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE
377
+ # }
378
+ # ``
379
+ #
380
+ # The `ssl_cert_store` value aligns with the default certificate store used by
381
+ # {#apply_cert_config!}.
382
+ #
383
+ # NOTE: When setting the value of rest_client_options the defaults are not retained,
384
+ # you must manually set them on the value you provide.
385
+ add_option :rest_client_options do
386
+ {
387
+ ssl_cert_store: OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE
388
+ }
389
+ end
390
+
372
391
  # @!attribute version
373
392
  #
374
393
  # Selects the major API version of the Conjur server. With this setting, the API
375
- # will use the routing scheme for API version `4` or `5`.
394
+ # will use the routing scheme for API version `4` or `5`.
376
395
  #
377
396
  # Methods which are not available in the selected version will raise NoMethodError.
378
397
  add_option :version, default: 5
@@ -383,6 +402,12 @@ module Conjur
383
402
  # This is only available when the API client is running on the Conjur server.
384
403
  add_option :authn_local_socket, default: "/run/authn-local/.socket"
385
404
 
405
+ # Create rest_client_options by merging the input with the
406
+ # rest_client_options present on the configuration object.
407
+ def create_rest_client_options options
408
+ rest_client_options.merge(options || {})
409
+ end
410
+
386
411
  # Calls a major-version-specific function.
387
412
  def version_logic v4_logic, v5_logic
388
413
  case version.to_s
@@ -398,6 +423,9 @@ module Conjur
398
423
  # Add the certificate configured by the {#ssl_certificate} and {#cert_file} options to the certificate
399
424
  # store used by Conjur clients.
400
425
  #
426
+ # NOTE: If you specify a non-default `store` value, you must manually set the
427
+ # `ssl_cert_store` value on {#rest_client_options} to the same value.
428
+ #
401
429
  # @param [OpenSSL::X509::Store] store the certificate store that the certificate will be installed in.
402
430
  # @return [Boolean] whether a certificate was added to the store.
403
431
  def apply_cert_config! store=OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE
data/lib/conjur/escape.rb CHANGED
@@ -80,9 +80,8 @@ module Conjur
80
80
  return "false" unless str
81
81
  str = str.id if str.respond_to?(:id)
82
82
  # Leave colons and forward slashes alone
83
- require 'uri'
84
- pattern = URI::PATTERN::UNRESERVED + ":\\/@"
85
- URI.escape(str.to_s, Regexp.new("[^#{pattern}]"))
83
+ require 'addressable/uri'
84
+ Addressable::URI.encode(str.to_s)
86
85
  end
87
86
  end
88
87
 
@@ -1,4 +1,4 @@
1
- # Copyright 2013-2017 Conjur Inc.
1
+ # Copyright 2013-2021 Conjur Inc.
2
2
  #
3
3
  # Permission is hereby granted, free of charge, to any person obtaining a copy of
4
4
  # this software and associated documentation files (the "Software"), to deal in
@@ -19,6 +19,6 @@
19
19
 
20
20
  module Conjur
21
21
  class API
22
- VERSION = "5.3.3"
22
+ VERSION = File.read(File.expand_path('../../VERSION', __dir__))
23
23
  end
24
24
  end
data/spec/api_spec.rb CHANGED
@@ -4,29 +4,26 @@ require 'fakefs/spec_helpers'
4
4
  describe Conjur::API do
5
5
 
6
6
  let(:account) { 'api-spec-acount' }
7
+ let(:remote_ip) { nil }
7
8
  before { allow(Conjur.configuration).to receive_messages account: account }
8
9
 
9
10
  shared_context "logged in", logged_in: true do
10
11
  let(:login) { "bob" }
11
12
  let(:token) { { 'data' => login, 'timestamp' => Time.now.to_s } }
12
- let(:remote_ip) { nil }
13
- let(:api_args) { [ token, { remote_ip: remote_ip } ] }
14
- subject(:api) { Conjur::API.new_from_token(*api_args) }
13
+ subject(:api) { Conjur::API.new_from_token(token, remote_ip: remote_ip) }
15
14
  end
16
15
 
17
16
  shared_context "logged in with an API key", logged_in: :api_key do
18
17
  include_context "logged in"
19
18
  let(:api_key) { "theapikey" }
20
- let(:api_args) { [ login, api_key, { remote_ip: remote_ip, account: account } ] }
21
- subject(:api) { Conjur::API.new_from_key(*api_args) }
19
+ subject(:api) { Conjur::API.new_from_key(login, api_key, account: account ,remote_ip: remote_ip) }
22
20
  end
23
21
 
24
22
  shared_context "logged in with a token file", logged_in: :token_file do
25
23
  include FakeFS::SpecHelpers
26
24
  include_context "logged in"
27
25
  let(:token_file) { "token_file" }
28
- let(:api_args) { [ token_file, { remote_ip: remote_ip } ] }
29
- subject(:api) { Conjur::API.new_from_token_file(*api_args) }
26
+ subject(:api) { Conjur::API.new_from_token_file(token_file, remote_ip: remote_ip) }
30
27
  end
31
28
 
32
29
  def time_travel delta
@@ -60,11 +57,11 @@ describe Conjur::API do
60
57
  context "after expiration" do
61
58
  it 'it reads a new token' do
62
59
  expect(Time.parse(api.token['timestamp'])).to be_within(5.seconds).of(Time.now)
63
-
60
+
64
61
  time_travel 6.minutes
65
62
  new_token = token.merge "timestamp" => Time.now.to_s
66
63
  write_token new_token
67
-
64
+
68
65
  expect(api.token).to eq(new_token)
69
66
  end
70
67
  end
@@ -85,10 +82,10 @@ describe Conjur::API do
85
82
  it 'by refreshing' do
86
83
  allow(Conjur::API).to receive(:authenticate).with(login, api_key, account: account).and_return token
87
84
  expect(Time.parse(api.token['timestamp'])).to be_within(5.seconds).of(Time.now)
88
-
85
+
89
86
  time_travel 6.minutes
90
87
  new_token = token.merge "timestamp" => Time.now.to_s
91
-
88
+
92
89
  expect(Conjur::API).to receive(:authenticate).with(login, api_key, account: account).and_return new_token
93
90
  expect(api.token).to eq(new_token)
94
91
  end
@@ -118,7 +115,7 @@ describe Conjur::API do
118
115
  subject { super().credentials }
119
116
  it { is_expected.to eq({ headers: { authorization: "Token token=\"#{Base64.strict_encode64(token.to_json)}\"" }, username: login }) }
120
117
  end
121
-
118
+
122
119
  context "with remote_ip" do
123
120
  let(:remote_ip) { "66.0.0.1" }
124
121
  describe '#credentials' do
@@ -153,7 +150,7 @@ describe Conjur::API do
153
150
  context 'basic functioning' do
154
151
  it_behaves_like 'it can clone itself'
155
152
  end
156
-
153
+
157
154
  context "forwarded for" do
158
155
  let(:forwarded_for_header) { "66.0.0.1" }
159
156
  let(:headers) { base_headers.merge(x_forwarded_for: forwarded_for_header) }
@@ -172,6 +169,55 @@ describe Conjur::API do
172
169
  end
173
170
  end
174
171
 
172
+ describe "#username" do
173
+ let(:jwt_payload) do
174
+ 'eyJzdWIiOiJ1c2VyLTlhYjBiYmZiOWJlNjA5Yzk2ZjUyN2Y1YiIsImlhdCI6MTYwMzQ5MDA4MH0='
175
+ end
176
+
177
+ let(:jwt_header) do
178
+ 'eyJhbGciOiJjb25qdXIub3JnL3Nsb3NpbG8vdjIiLCJraWQiOiI2MWZjOGRiZDM4MjA4NDll' \
179
+ 'ZDI4YTZhYTAwMzFjNjM5MjkxZjJmMDQzNDVjYTU0MWI5NzUxMGQ5NjkyM2I3NDlmIn0='
180
+ end
181
+
182
+ let(:conjur_token) do
183
+ {
184
+ 'data' => 'conjur-user-1234',
185
+ 'timestamp' => Time.now.to_s
186
+ }
187
+ end
188
+
189
+ let(:jwt_token) do
190
+ {
191
+ 'protected' => jwt_header,
192
+ 'payload' => jwt_payload,
193
+ }
194
+ end
195
+
196
+ it "can correctly extract the username from old Conjur token" do
197
+ expect(Conjur::API.new_from_token(conjur_token).username).to(
198
+ eq('conjur-user-1234')
199
+ )
200
+ end
201
+
202
+ context 'when using JWT token' do
203
+ it "can correctly extract username" do
204
+ expect(Conjur::API.new_from_token(jwt_token).username).to(
205
+ eq('user-9ab0bbfb9be609c96f527f5b')
206
+ )
207
+ end
208
+
209
+ it "returns nil when JWT token has no payload field" do
210
+ no_payload_jwt_token = { 'protected' => jwt_header }
211
+ expect(Conjur::API.new_from_token(no_payload_jwt_token).username).to be_nil
212
+ end
213
+
214
+ it "returns nil when JWT token has no 'sub' field in payload" do
215
+ no_sub_token = { 'payload' => 'eyJpYXQiOjE2MDM0OTAwODB9' }
216
+ expect(Conjur::API.new_from_token(no_sub_token).username).to be_nil
217
+ end
218
+ end
219
+ end
220
+
175
221
  describe "#current_role", logged_in: true do
176
222
  context "when logged in as user" do
177
223
  let(:login) { 'joerandom' }
@@ -10,5 +10,4 @@ describe Conjur::BaseObject do
10
10
  expect(base_obj.inspect).to include("id='#{id_str}'")
11
11
  expect(base_obj.inspect).to include(Conjur::BaseObject.name)
12
12
  end
13
-
14
13
  end
@@ -29,6 +29,28 @@ describe Conjur::Configuration do
29
29
  configuration.account = "the-account"
30
30
  configuration.appliance_url = "https://conjur/api"
31
31
  }
32
+
33
+ it "rest_client_options defaults" do
34
+ expected = {
35
+ ssl_cert_store: OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE
36
+ }
37
+ expect(configuration.rest_client_options).to eq(expected)
38
+ end
39
+
40
+ it "rest_client_options propagate to RestClient::Resource" do
41
+ expected = {
42
+ ssl_ca_file: "ca_certificate.pem",
43
+ proxy: "http://proxy.example.com/"
44
+ }
45
+ configuration.rest_client_options = {
46
+ ssl_ca_file: "ca_certificate.pem",
47
+ proxy: "http://proxy.example.com/"
48
+ }
49
+
50
+ resource = Conjur::API.url_for(:authn_login, *["account", "username", "password"])
51
+ expect(resource.options).to include(expected)
52
+ end
53
+
32
54
  it "can still be changed by changing the appliance_url" do
33
55
  configuration.appliance_url = "https://other/api"
34
56
  expect(configuration.core_url).to eq "https://other/api"
@@ -40,7 +62,7 @@ describe Conjur::Configuration do
40
62
  expect(configuration.authn_url).to eq "http://authn-docker"
41
63
  end
42
64
 
43
- context "and duplicated" do
65
+ context "and duplicated" do
44
66
  subject { configuration.clone override_options }
45
67
  let(:override_options) { Hash.new }
46
68
 
@@ -72,7 +94,7 @@ describe Conjur::Configuration do
72
94
  end
73
95
  end
74
96
  end
75
-
97
+
76
98
  describe "url generation" do
77
99
  describe 'authn_url' do
78
100
  before {
@@ -281,7 +303,7 @@ RjvSxre4Xg2qlI9Laybb4oZ4g6DI8hRbL0VdFAsveg6SXg2RxgJcXeJUFw==
281
303
  expect(subject).to be_truthy
282
304
  end
283
305
  end
284
-
306
+
285
307
  end
286
308
 
287
309
  context 'when cert file is not readable' do
data/spec/spec_helper.rb CHANGED
@@ -1,8 +1,8 @@
1
1
  require 'simplecov'
2
- require 'simplecov-cobertura'
3
2
 
4
- SimpleCov.formatter = SimpleCov::Formatter::CoberturaFormatter
5
- SimpleCov.start
3
+ SimpleCov.start do
4
+ command_name "#{ENV['RUBY_VERSION']}"
5
+ end
6
6
 
7
7
  require 'rubygems'
8
8
  $:.unshift File.join(File.dirname(__FILE__), "..", "lib")
@@ -84,7 +84,7 @@ end
84
84
  require 'conjur/api'
85
85
 
86
86
  KIND="asset_kind"
87
- ID="unique_id"
87
+ ID="unique_id"
88
88
  ROLE='<role>'
89
89
  MEMBER='<member>'
90
90
  PRIVILEGE='<privilege>'
data/spec/ssl_spec.rb CHANGED
@@ -16,16 +16,14 @@ describe 'SSL connection' do
16
16
 
17
17
  context 'with certificate added to the default OpenSSL cert store' do
18
18
  before do
19
- store = OpenSSL::X509::Store.new
20
- store.add_cert cert
21
- stub_const 'OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE', store
19
+ cert_store.add_cert(cert)
22
20
  end
23
21
 
24
22
  it 'works' do
25
23
  expect { Conjur::API.login 'foo', 'bar', account: "the-account" }.to raise_error RestClient::ResourceNotFound
26
24
  end
27
25
  end
28
-
26
+
29
27
  let(:server) do
30
28
  server = WEBrick::HTTPServer.new \
31
29
  Port: 0, SSLEnable: true,
@@ -33,8 +31,14 @@ describe 'SSL connection' do
33
31
  SSLCertificate: cert, SSLPrivateKey: key
34
32
  end
35
33
  let(:port) { server.config[:Port] }
34
+ let(:cert_store) { OpenSSL::X509::Store.new }
36
35
 
37
36
  before do
37
+ # Reset configuration to allow each test to use its own stub
38
+ # of OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.
39
+ Conjur.configuration = nil
40
+ stub_const 'OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE', cert_store
41
+
38
42
  allow(Conjur.configuration).to receive(:authn_url).and_return "https://localhost:#{port}"
39
43
  end
40
44
 
@@ -50,15 +54,23 @@ describe 'SSL connection' do
50
54
  let(:cert) do
51
55
  OpenSSL::X509::Certificate.new """
52
56
  -----BEGIN CERTIFICATE-----
53
- MIIBpDCCAQ2gAwIBAgIJALVPXQuF0w39MA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
54
- BAMMCWxvY2FsaG9zdDAeFw0xNTAyMTQxNTE0MDFaFw0yNTAyMTExNTE0MDFaMBQx
55
- EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
56
- n+IqEsmbuZk7E2GdPZpBxETjXC+dGze5XlZHPyKviekQ9sachAsBWApVrjM2QDtf
57
- KOwa6GuBqGQ0bdl4Ui7I0CIGB4a0UJHU/EvuDhI1cTzAVVWemW1QaqKxI/2xDgs9
58
- bqY471iVirRiSYD+6lm2pFYqOnnR/d+QKIMXhPOi0DMCAwEAATANBgkqhkiG9w0B
59
- AQsFAAOBgQCSPchDKAiVPNJlRkaY9KPIXfPbFX6h/+ilJRl1xtHqY+y4SxURbnU0
60
- fbYVnapKiuMnrnxTWXwl1z1iMbuuzjUC0RDz8F9pZkQ9IJpBSOaSfyUmk1JrrBRU
61
- INyaxnJjtc7YIzW1Yz7+aKtzZAQuFXNhiQa+CIIGeWrpzbExo2ce3Q==
57
+ MIIDCzCCAfOgAwIBAgIUaApjB95cJZlMTwDg4EBk4Mf1y4swDQYJKoZIhvcNAQEL
58
+ BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDQyODIxNTA1OFoYDzQ3NTkw
59
+ MzI1MjE1MDU4WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEB
60
+ AQUAA4IBDwAwggEKAoIBAQC+MIx1LCzBeAl7kHfI21wYmA6W8luyq14+DecaQPMd
61
+ bW7fMlHSMJC/nlFDQyqmfYfKlVCiJRV/QTdUtA9hCytPlEKjlVmm4WIYLKfjj8Sp
62
+ A+X9VURk75Fz+Z7UsF8u2J3pF9wFfhBzznwePlFdcWYyQMIRtghoHk/WSsbJVXVQ
63
+ so7+0BLFyMYB3otfCyK+H/iyoXWLZll2irYZJedVm/lyTlnc9dT1XDAWWI8kSeUV
64
+ lCkEulqOf8qZyU7wNUafRkzBuYkR7ddp1Qdkq+QYw7blmfZXyJbAYSt4gEMyDMk8
65
+ ArScP8j+Efz5D54wS7fZFwmQp41+iP5WTxGsSU3dh44fAgMBAAGjUzBRMB0GA1Ud
66
+ DgQWBBS4ZJDxXOs8rK3+SyfLopDFqK0IWDAfBgNVHSMEGDAWgBS4ZJDxXOs8rK3+
67
+ SyfLopDFqK0IWDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAE
68
+ WuzjqQ/gyho/pluX31hq7EMAFgqqz7ECN6DqmvpqabMD6s1kQ662KTo7gCBEcNtA
69
+ nC7QycFp4v/Cr8+aUEa1W3+q2MqbmshORonUrLE/vxejK+NUvhSCWnmrM8v60zhR
70
+ pn9lSSgQCBKWDgaU0VQVn0I9MuexeAj64Qv2uUHnZK3QUx+Gk3uurTmhKEN5FI+D
71
+ sC7xO0qquTZ1Vv1EkLEso4dnFVW84EjdfmfeiW6JmHO7z1p1ebGsRwoQead/qTKw
72
+ ze+Y1A1w3GzuhDo55aHlWE/Wvnou0aM3O9gUd++a2j+XJ2P7qaTB/L7SJk4qZ9RA
73
+ t2PbKVP+tyZjXKtXmgzp
62
74
  -----END CERTIFICATE-----
63
75
  """.lines.map(&:strip).join("\n")
64
76
  end
@@ -66,19 +78,31 @@ describe 'SSL connection' do
66
78
  let(:key) do
67
79
  OpenSSL::PKey.read """
68
80
  -----BEGIN RSA PRIVATE KEY-----
69
- MIICXAIBAAKBgQCf4ioSyZu5mTsTYZ09mkHERONcL50bN7leVkc/Iq+J6RD2xpyE
70
- CwFYClWuMzZAO18o7Broa4GoZDRt2XhSLsjQIgYHhrRQkdT8S+4OEjVxPMBVVZ6Z
71
- bVBqorEj/bEOCz1upjjvWJWKtGJJgP7qWbakVio6edH935AogxeE86LQMwIDAQAB
72
- AoGAUCDb7zCFUB4gglUgpfgCT+gqflAKj9J8n2/kIxsyGI7rBpKBbJfLY6FCUZyu
73
- 6sAWr/6seaEviQI3WHpuF9oEn6gzb1XWpKH7h9ZAu5O2sscdrc5MrpFmBvGjMBnd
74
- 80u/TcsDHX453QbPgqOJTi+Qt15Y+Ot/iE8ccQjW6pMPiCECQQDLQvNekVF7YJ9e
75
- iJNZSJMcx2c9hjAuywm/jPX+57k0xRlxGKCQxyujmxDfztDYU9kHMRHknbxz0sFr
76
- 0Vkaxo1DAkEAyV3z6vvTtUx7R5IYOUkZqIfeQ6k6ZItQoZdZPKoBW0s7QhqvJyZN
77
- qeYJMaFR87A6273LwhpXZTvQwSYUUw6KUQJAQAIfXaJphG7TARQFQtKF8UQiEM/X
78
- EIVD1pxvQwx52FJRRro4ph7ycRz93Vzli5or+AXN2q6Jj/fIjUlpw/LOvQJAfyPO
79
- FUjpM+hVUiwhFVJdW/ZlVK0tzDvWLiDkXBQvBRhsEuHMQ1jA4ov2tBpaJxXXI9Uj
80
- KKv/EFEDDmDfpk1g8QJBAIJhDsxKWgUy1lk+lGYdWRQi/D/BnkNbySklCypmZghu
81
- Q6oXJNYB9NWLRWDJaGHlHrAn40Wq6MUx95Aomvj+uHA=
81
+ MIIEowIBAAKCAQEAvjCMdSwswXgJe5B3yNtcGJgOlvJbsqtePg3nGkDzHW1u3zJR
82
+ 0jCQv55RQ0Mqpn2HypVQoiUVf0E3VLQPYQsrT5RCo5VZpuFiGCyn44/EqQPl/VVE
83
+ ZO+Rc/me1LBfLtid6RfcBX4Qc858Hj5RXXFmMkDCEbYIaB5P1krGyVV1ULKO/tAS
84
+ xcjGAd6LXwsivh/4sqF1i2ZZdoq2GSXnVZv5ck5Z3PXU9VwwFliPJEnlFZQpBLpa
85
+ jn/KmclO8DVGn0ZMwbmJEe3XadUHZKvkGMO25Zn2V8iWwGEreIBDMgzJPAK0nD/I
86
+ /hH8+Q+eMEu32RcJkKeNfoj+Vk8RrElN3YeOHwIDAQABAoIBAQCnW0ctkDqt3/fQ
87
+ MHcHWue2iI9GCmvgU+WxC0DSHFcSDQrkAn53S98DjseJPaBZMtr7y9pRY/p/qR6M
88
+ PYnO5iotc5QUKEbkjy1nglwV5Zuy8kg+XPq7Kwg+GmjGVZDcQybpRuKIPr8xeIBF
89
+ iKbGaBP6ontjZGAPZqTwN4qm/bkm0QRQkMEVQLpBaOlXjl0BCknhCMgyNA1F0jGc
90
+ HLqJpFO46qvWDkDaKriMY/ezrkGYxlvV8xGJ2lzoaNWBsQeMXtcDJXuFMJO3lZl4
91
+ VUjeNbyPprUzL6/kLZGMVFdRWhzKAluJEy3B6zybY4xxmgmifqn8/OxIaT172IXN
92
+ KACuEorpAoGBAOYZEfuON+73dcstpjq3062+XUOxAAc77aFcGFQ2pqDTUtvoR05R
93
+ o0uXrSuQqt0/FJVdZqdDx1and6idI7j/LfkOwvmPPg2dJIwKV73T2HdR7BpJaYlI
94
+ KS6Bgl0AiW2ibjZJbBFJMiINb2tRGeYcOPfWlis309D2DXxl1f1TJTKTAoGBANOZ
95
+ aDH1VJXh7rdAHrwNonTjoCeYKG7oAh0WTfqmCqcBjAkXsVc7dBd/98XKGS5LPRtl
96
+ dIaJdYngeYyH5Ey5O2l/63tk0d4sqE8l+GVy+OHFn2AZMuaVXS0JXIQspn4s/U7F
97
+ CuawmFszE8fv41WgVNhF00ijheoRz/X19yu0ULHFAoGAYmJZ1AutUtowXZ25M+Yh
98
+ 9motCqKF9pHjO1lbdbagbKevCCQ7SPuTLOE/xB7pUAyGyo7TM7XBaAXXHhuCiLlj
99
+ eNic+YQL7lpApDhP5/TK28oFf//fxjk6ko4Bpa5zFJOdOE0QjhuT+gdwmpxkzIVI
100
+ vn/cWcJXKUPr5ELOyrBgeU0CgYBWqIUbsLWrjJQPSJtNuOfHp1F35cDpausyrmfR
101
+ Nx81tlR7hNCEQT0SQr5eqp4Vb4rfJXXLg5A3n08oVp8RLOtAEbuHFYs9ylxDzfEk
102
+ 2ylCjYTv/mHyPUmjoCnbl8237wTutZP5VmmPMCPxxjT8ZGVbDX2ySgYWDqV0vf80
103
+ TuydYQKBgG24Wpes1CJmKiuWGnPi5I/+iIKZRfpEGidpjnsktkr3O+VZSZNQtDfC
104
+ uWp/NgMxzxXxYdmmaQTwektB5axrsPUnxxiHmb8KkVU1IcMpYvUulFYiKVvFx+JJ
105
+ bx/fkItCZ4AP3CG2Onz8xZdosg+c+MEdIlCrg94dA1EmHewCt2Hv
82
106
  -----END RSA PRIVATE KEY-----
83
107
  """.lines.map(&:strip).join("\n")
84
108
  end
data/test.sh CHANGED
@@ -1,5 +1,10 @@
1
1
  #!/bin/bash -e
2
2
 
3
+ : "${RUBY_VERSION=3.0}"
4
+ # My local RUBY_VERSION is set to ruby-#.#.# so this allows running locally.
5
+ RUBY_VERSION="$(cut -d '-' -f 2 <<< "$RUBY_VERSION")"
6
+
7
+
3
8
  function finish {
4
9
  echo 'Removing test environment'
5
10
  echo '---'
@@ -8,29 +13,18 @@ function finish {
8
13
 
9
14
  trap finish EXIT
10
15
 
11
- function publishToCodeClimate() {
12
- docker build -f ci/codeclimate.dockerfile -t cyberark/code-climate:latest .
13
- docker run \
14
- --rm \
15
- -e GIT_BRANCH \
16
- -e GIT_COMMIT \
17
- -e TRID \
18
- --volume "$PWD:/src/conjur-api" \
19
- -w "/src/conjur-api" \
20
- cyberark/code-climate:latest \
21
- after-build \
22
- -r "$(<TRID)" \
23
- -t "simplecov"
24
- }
25
16
 
26
17
  function main() {
18
+ if ! docker info >/dev/null 2>&1; then
19
+ echo "Docker does not seem to be running, run it first and retry"
20
+ exit 1
21
+ fi
27
22
  # Generate reports folders locally
28
23
  mkdir -p spec/reports features/reports features_v4/reports
29
24
 
30
25
  startConjur
31
26
  runTests_5
32
27
  runTests_4
33
- publishToCodeClimate
34
28
  }
35
29
 
36
30
  function startConjur() {
@@ -42,8 +36,7 @@ function startConjur() {
42
36
  # However, unconditionally pulling prevents working offline even
43
37
  # with a warm cache. So try to pull, but ignore failures.
44
38
  docker-compose pull --ignore-pull-failures
45
-
46
- docker-compose build
39
+ docker-compose build --build-arg RUBY_VERSION="$RUBY_VERSION"
47
40
  docker-compose up -d pg conjur_4 conjur_5
48
41
  }
49
42