conjur-api 5.3.5 → 5.3.7.pre.168
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -2
- data/CONTRIBUTING.md +1 -1
- data/Dockerfile +3 -2
- data/Gemfile +1 -5
- data/Jenkinsfile +118 -18
- data/LICENSE +1 -1
- data/README.md +4 -4
- data/VERSION +1 -0
- data/ci/submit-coverage +36 -0
- data/conjur-api.gemspec +6 -5
- data/docker-compose.yml +15 -3
- data/features/permitted.feature +27 -0
- data/features/support/env.rb +3 -3
- data/features_v4/support/env.rb +0 -2
- data/lib/conjur/escape.rb +2 -3
- data/lib/conjur-api/version.rb +2 -2
- data/spec/api_spec.rb +4 -7
- data/spec/spec_helper.rb +3 -3
- data/test.sh +10 -17
- metadata +35 -19
- data/.github/ISSUE_TEMPLATE/bug.md +0 -42
- data/.github/ISSUE_TEMPLATE/feature_request.md +0 -27
- data/.github/PULL_REQUEST_TEMPLATE.md +0 -21
- data/ci/codeclimate.dockerfile +0 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 78dd828b0df7d1c654cdc6b018cda3cbf8af65b5778892216e1e4d9914d8d2f8
|
4
|
+
data.tar.gz: 054d9b0969de1c5d382158c1ed1f8207bc0d5a17d6f6be38cc4dafc5e4ef52e1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d75f6f3d509da1f3b3777a927f17ebe0b795ae5d65885e551b41a1d79556ea8e2debd53cd1c1afbc79340888115aac0e5707a80cedac32c7d794ce3efe4b0c72
|
7
|
+
data.tar.gz: 88c2bb2eb83ce02f5aecb76af719602531b9a0fcb3943ebb0643bf364da9ce07d125610f0cdd50c156693202fd2b55edbb85855bb7b1c6ace9d7ea021c10aad9
|
data/CHANGELOG.md
CHANGED
@@ -4,7 +4,23 @@ All notable changes to this project will be documented in this file.
|
|
4
4
|
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
|
5
5
|
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
|
6
6
|
|
7
|
-
##
|
7
|
+
## Unreleased
|
8
|
+
### Changed
|
9
|
+
- Nothing should go in this section, please add to the latest unreleased version
|
10
|
+
(and update the corresponding date), or add a new version.
|
11
|
+
|
12
|
+
## [5.3.7] - 2021-12-28
|
13
|
+
|
14
|
+
### Changed
|
15
|
+
- Change addressable gem dependency.
|
16
|
+
[cyberark/conjur-api-ruby#199](https://github.com/cyberark/conjur-api-ruby/pull/199)
|
17
|
+
- Update to use automated release process
|
18
|
+
|
19
|
+
## [5.3.6] - 2021-12-09
|
20
|
+
|
21
|
+
### Changed
|
22
|
+
- Support ruby-3.0.2.
|
23
|
+
[cyberark/conjur-api-ruby#197](https://github.com/cyberark/conjur-api-ruby/pull/197)
|
8
24
|
|
9
25
|
## [5.3.5] - 2021-05-04
|
10
26
|
|
@@ -346,7 +362,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
346
362
|
|
347
363
|
## [2.0.0] - 2013-13-12
|
348
364
|
|
349
|
-
[Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.
|
365
|
+
[Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.6...HEAD
|
366
|
+
[5.3.7]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.6...v5.3.7
|
367
|
+
[5.3.6]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.5...v5.3.6
|
350
368
|
[5.3.5]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.4...v5.3.5
|
351
369
|
[5.3.4]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.3...v5.3.4
|
352
370
|
[5.3.3]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.1...v5.3.3
|
data/CONTRIBUTING.md
CHANGED
@@ -131,7 +131,7 @@ $ docker-compose down
|
|
131
131
|
|
132
132
|
### Add a git tag
|
133
133
|
|
134
|
-
1. Once your changes have been **reviewed and merged into
|
134
|
+
1. Once your changes have been **reviewed and merged into main**, tag the version
|
135
135
|
using `git tag -a "vx.y.z" -m "vx.y.z release"`. Note this requires you to be able to sign releases.
|
136
136
|
Consult the [github documentation on signing commits](https://help.github.com/articles/signing-commits-with-gpg/)
|
137
137
|
on how to set this up. `vx.y.z release` is an acceptable tag message.
|
data/Dockerfile
CHANGED
@@ -1,10 +1,11 @@
|
|
1
|
-
|
1
|
+
ARG RUBY_VERSION
|
2
|
+
FROM ruby:$RUBY_VERSION
|
2
3
|
|
3
4
|
RUN apt-get update && apt-get install -y vim curl
|
4
5
|
|
5
6
|
WORKDIR /src/conjur-api
|
6
7
|
|
7
|
-
COPY Gemfile conjur-api.gemspec ./
|
8
|
+
COPY Gemfile conjur-api.gemspec VERSION ./
|
8
9
|
COPY lib/conjur-api/version.rb ./lib/conjur-api/
|
9
10
|
|
10
11
|
RUN bundle
|
data/Gemfile
CHANGED
data/Jenkinsfile
CHANGED
@@ -1,5 +1,17 @@
|
|
1
1
|
#!/usr/bin/env groovy
|
2
2
|
|
3
|
+
// Automated release, promotion and dependencies
|
4
|
+
properties([
|
5
|
+
release.addParams()
|
6
|
+
])
|
7
|
+
|
8
|
+
if (params.MODE == "PROMOTE") {
|
9
|
+
release.promote(params.VERSION_TO_PROMOTE) { sourceVersion, targetVersion, assetDirectory ->
|
10
|
+
sh './publish.sh'
|
11
|
+
}
|
12
|
+
return
|
13
|
+
}
|
14
|
+
|
3
15
|
pipeline {
|
4
16
|
agent { label 'executor-v2' }
|
5
17
|
|
@@ -12,21 +24,62 @@ pipeline {
|
|
12
24
|
cron(getDailyCronString())
|
13
25
|
}
|
14
26
|
|
27
|
+
environment {
|
28
|
+
MODE = release.canonicalizeMode()
|
29
|
+
}
|
30
|
+
|
15
31
|
stages {
|
16
|
-
stage('
|
17
|
-
|
18
|
-
|
19
|
-
|
32
|
+
stage ("Skip build if triggering job didn't create a release") {
|
33
|
+
when {
|
34
|
+
expression {
|
35
|
+
MODE == "SKIP"
|
20
36
|
}
|
21
37
|
}
|
38
|
+
steps {
|
39
|
+
script {
|
40
|
+
currentBuild.result = 'ABORTED'
|
41
|
+
error("Aborting build because this build was triggered from upstream, but no release was built")
|
42
|
+
}
|
43
|
+
}
|
44
|
+
}
|
45
|
+
stage('Validate Changelog and set version') {
|
46
|
+
steps {
|
47
|
+
sh './bin/parse-changelog.sh'
|
48
|
+
updateVersion("CHANGELOG.md", "${BUILD_NUMBER}")
|
49
|
+
}
|
22
50
|
}
|
23
51
|
|
24
|
-
stage('
|
52
|
+
stage('Prepare CC Report Dir'){
|
25
53
|
steps {
|
26
54
|
script {
|
27
|
-
ccCoverage.
|
55
|
+
ccCoverage.dockerPrep()
|
56
|
+
sh 'mkdir -p coverage'
|
28
57
|
}
|
29
|
-
|
58
|
+
}
|
59
|
+
}
|
60
|
+
|
61
|
+
stage('Test Ruby 2.5') {
|
62
|
+
environment {
|
63
|
+
RUBY_VERSION = '2.5'
|
64
|
+
}
|
65
|
+
steps {
|
66
|
+
sh './test.sh'
|
67
|
+
}
|
68
|
+
|
69
|
+
post {
|
70
|
+
always {
|
71
|
+
junit 'spec/reports/*.xml'
|
72
|
+
junit 'features/reports/*.xml'
|
73
|
+
junit 'features_v4/reports/*.xml'
|
74
|
+
}
|
75
|
+
}
|
76
|
+
}
|
77
|
+
|
78
|
+
stage('Test Ruby 2.6') {
|
79
|
+
environment {
|
80
|
+
RUBY_VERSION = '2.6'
|
81
|
+
}
|
82
|
+
steps {
|
30
83
|
sh './test.sh'
|
31
84
|
}
|
32
85
|
|
@@ -35,28 +88,75 @@ pipeline {
|
|
35
88
|
junit 'spec/reports/*.xml'
|
36
89
|
junit 'features/reports/*.xml'
|
37
90
|
junit 'features_v4/reports/*.xml'
|
38
|
-
cobertura autoUpdateHealth: true, autoUpdateStability: true, coberturaReportFile: 'coverage/coverage.xml', conditionalCoverageTargets: '100, 0, 0', failUnhealthy: true, failUnstable: false, lineCoverageTargets: '99, 0, 0', maxNumberOfBuilds: 0, methodCoverageTargets: '100, 0, 0', onlyStable: false, sourceEncoding: 'ASCII', zoomCoverageChart: false
|
39
91
|
}
|
40
92
|
}
|
41
93
|
}
|
42
94
|
|
43
|
-
|
44
|
-
|
45
|
-
|
95
|
+
stage('Test Ruby 2.7') {
|
96
|
+
environment {
|
97
|
+
RUBY_VERSION = '2.7'
|
98
|
+
}
|
99
|
+
steps {
|
100
|
+
sh './test.sh'
|
101
|
+
}
|
102
|
+
|
103
|
+
post {
|
104
|
+
always {
|
105
|
+
junit 'spec/reports/*.xml'
|
106
|
+
junit 'features/reports/*.xml'
|
107
|
+
junit 'features_v4/reports/*.xml'
|
108
|
+
}
|
109
|
+
}
|
110
|
+
}
|
46
111
|
|
47
|
-
|
112
|
+
stage('Test Ruby 3.0') {
|
113
|
+
environment {
|
114
|
+
RUBY_VERSION = '3.0'
|
115
|
+
}
|
48
116
|
steps {
|
49
|
-
|
50
|
-
|
117
|
+
sh("./test.sh")
|
118
|
+
}
|
119
|
+
post {
|
120
|
+
always {
|
121
|
+
junit 'spec/reports/*.xml'
|
122
|
+
junit 'features/reports/*.xml'
|
123
|
+
junit 'features_v4/reports/*.xml'
|
124
|
+
}
|
125
|
+
}
|
126
|
+
}
|
51
127
|
|
52
|
-
|
128
|
+
stage('Submit Coverage Report'){
|
129
|
+
steps{
|
130
|
+
sh 'ci/submit-coverage'
|
131
|
+
publishHTML([reportDir: 'coverage', reportFiles: 'index.html', reportName: 'Coverage Report', reportTitles: '',
|
132
|
+
allowMissing: false, alwaysLinkToLastBuild: true, keepAll: true])
|
133
|
+
}
|
53
134
|
|
54
|
-
|
55
|
-
|
56
|
-
|
135
|
+
post {
|
136
|
+
always {
|
137
|
+
archiveArtifacts artifacts: "coverage/.resultset.json", fingerprint: false
|
138
|
+
}
|
57
139
|
}
|
58
140
|
}
|
59
141
|
|
142
|
+
stage('Release') {
|
143
|
+
when {
|
144
|
+
expression {
|
145
|
+
MODE == "RELEASE"
|
146
|
+
}
|
147
|
+
}
|
148
|
+
|
149
|
+
steps {
|
150
|
+
release {
|
151
|
+
// Clean up all but the calculated VERSION
|
152
|
+
sh '''docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd \
|
153
|
+
-e VERSION \
|
154
|
+
-e bom-assets/ \
|
155
|
+
-e release-assets/ '''
|
156
|
+
sh './publish.sh'
|
157
|
+
}
|
158
|
+
}
|
159
|
+
}
|
60
160
|
}
|
61
161
|
|
62
162
|
post {
|
data/LICENSE
CHANGED
@@ -187,7 +187,7 @@
|
|
187
187
|
same "printed page" as the copyright notice for easier
|
188
188
|
identification within third-party archives.
|
189
189
|
|
190
|
-
Copyright (c)
|
190
|
+
Copyright (c) 2021 CyberArk Software Ltd. All rights reserved.
|
191
191
|
|
192
192
|
Licensed under the Apache License, Version 2.0 (the "License");
|
193
193
|
you may not use this file except in compliance with the License.
|
data/README.md
CHANGED
@@ -11,7 +11,7 @@ The Conjur server comes in two major versions:
|
|
11
11
|
* **4.x** Conjur 4 is a commercial, non-open-source product, which is documented at [https://developer.conjur.net/](https://developer.conjur.net/).
|
12
12
|
* **5.x** Conjur 5 is open-source software, hosted and documented at [https://www.conjur.org/](https://www.conjur.org/).
|
13
13
|
|
14
|
-
You can use the `
|
14
|
+
You can use the `main` branch of this project, which is `conjur-api` version `5.x`, to do all of the following things against either type of Conjur server:
|
15
15
|
|
16
16
|
* Authenticate
|
17
17
|
* Fetch secrets
|
@@ -24,9 +24,9 @@ Use the configuration setting `Conjur.configuration.version` to select your serv
|
|
24
24
|
|
25
25
|
If you are using Conjur server version `4.x`, you can also choose to use the `conjur-api` version `4.x`. In this case, the `Configuration.version` setting is not required (actually, it doesn't exist).
|
26
26
|
|
27
|
-
## Using conjur-api-ruby with Conjur
|
27
|
+
## Using conjur-api-ruby with Conjur Open Source
|
28
28
|
|
29
|
-
Are you using this project with [Conjur
|
29
|
+
Are you using this project with [Conjur Open Source](https://github.com/cyberark/conjur)? Then we
|
30
30
|
**strongly** recommend choosing the version of this project to use from the latest [Conjur OSS
|
31
31
|
suite release](https://docs.conjur.org/Latest/en/Content/Overview/Conjur-OSS-Suite-Overview.html).
|
32
32
|
Conjur maintainers perform additional testing on the suite release versions to ensure
|
@@ -155,7 +155,7 @@ Conjur.configuration.rest_client_options = {
|
|
155
155
|
We welcome contributions of all kinds to this repository. For instructions on how to get started and descriptions of our development workflows, please see our [contributing
|
156
156
|
guide][contrib].
|
157
157
|
|
158
|
-
[contrib]: https://github.com/cyberark/conjur-api-ruby/blob/
|
158
|
+
[contrib]: https://github.com/cyberark/conjur-api-ruby/blob/main/CONTRIBUTING.md
|
159
159
|
|
160
160
|
## License
|
161
161
|
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
5.3.7-168
|
data/ci/submit-coverage
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
set -eux
|
4
|
+
|
5
|
+
DIR="coverage"
|
6
|
+
BIN="cc-test-reporter"
|
7
|
+
REPORT="${DIR}/.resultset.json"
|
8
|
+
|
9
|
+
if [[ ! -e ${REPORT} ]]; then
|
10
|
+
echo "SimpleCov report (${REPORT}) not found"
|
11
|
+
ls -laR ${DIR}
|
12
|
+
exit 1
|
13
|
+
fi
|
14
|
+
|
15
|
+
if [[ ! -x ${BIN} ]]; then
|
16
|
+
echo "cc-test-reporter binary not found, not reporting coverage data to code climate"
|
17
|
+
ls -laR ${DIR}
|
18
|
+
# report is present but reporter binary is not, definitely a bug, exit error.
|
19
|
+
exit 1
|
20
|
+
fi
|
21
|
+
|
22
|
+
# Simplecov excludes files not within the current repo, it also needs to
|
23
|
+
# be able to read all the files referenced within the report. As the reports
|
24
|
+
# are generated in containers, the absolute paths contained in the report
|
25
|
+
# are not valid outside that container. This sed fixes the paths
|
26
|
+
# So they are correct relative to the Jenkins workspace.
|
27
|
+
sed -i -E "s+/src/conjur-api+${WORKSPACE}+g" "${REPORT}"
|
28
|
+
|
29
|
+
echo "Coverage reports prepared, submitting to CodeClimate."
|
30
|
+
# vars GIT_COMMIT, GIT_BRANCH & TRID are set by ccCoverage.dockerPrep
|
31
|
+
|
32
|
+
./${BIN} after-build \
|
33
|
+
--coverage-input-type "simplecov"\
|
34
|
+
--id "${TRID}"
|
35
|
+
|
36
|
+
echo "Successfully Reported Coverage Data"
|
data/conjur-api.gemspec
CHANGED
@@ -2,14 +2,14 @@
|
|
2
2
|
require File.expand_path('../lib/conjur-api/version', __FILE__)
|
3
3
|
|
4
4
|
Gem::Specification.new do |gem|
|
5
|
-
gem.authors = ["
|
6
|
-
gem.email = ["
|
5
|
+
gem.authors = ["CyberArk Maintainers"]
|
6
|
+
gem.email = ["conj_maintainers@cyberark.com"]
|
7
7
|
gem.description = %q{Conjur API}
|
8
8
|
gem.summary = %q{Conjur API}
|
9
9
|
gem.homepage = "https://github.com/cyberark/conjur-api-ruby/"
|
10
10
|
gem.license = "Apache-2.0"
|
11
11
|
|
12
|
-
gem.files = `git ls-files`.split($\) + Dir['build_number']
|
12
|
+
gem.files = `git ls-files`.split($\).append("VERSION") + Dir['build_number']
|
13
13
|
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
14
14
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
15
15
|
gem.name = "conjur-api"
|
@@ -22,7 +22,8 @@ Gem::Specification.new do |gem|
|
|
22
22
|
gem.executables -= %w{parse-changelog.sh}
|
23
23
|
|
24
24
|
gem.add_dependency 'rest-client'
|
25
|
-
gem.add_dependency 'activesupport'
|
25
|
+
gem.add_dependency 'activesupport', '>= 4.2'
|
26
|
+
gem.add_dependency 'addressable', '~> 2.0'
|
26
27
|
|
27
28
|
gem.add_development_dependency 'rake', '>= 12.3.3'
|
28
29
|
gem.add_development_dependency 'rspec', '~> 3'
|
@@ -30,7 +31,7 @@ Gem::Specification.new do |gem|
|
|
30
31
|
gem.add_development_dependency 'json_spec'
|
31
32
|
gem.add_development_dependency 'cucumber', '~> 2.99'
|
32
33
|
gem.add_development_dependency 'ci_reporter_rspec'
|
33
|
-
gem.add_development_dependency 'simplecov'
|
34
|
+
gem.add_development_dependency 'simplecov', '~> 0.17', '< 0.18'
|
34
35
|
gem.add_development_dependency 'io-grab'
|
35
36
|
gem.add_development_dependency 'rdoc'
|
36
37
|
gem.add_development_dependency 'yard'
|
data/docker-compose.yml
CHANGED
@@ -23,7 +23,11 @@ services:
|
|
23
23
|
- authn_local_4:/run/authn-local
|
24
24
|
|
25
25
|
tester_5:
|
26
|
-
build:
|
26
|
+
build:
|
27
|
+
context: .
|
28
|
+
dockerfile: Dockerfile
|
29
|
+
args:
|
30
|
+
RUBY_VERSION: ${RUBY_VERSION}
|
27
31
|
volumes:
|
28
32
|
- ./spec/reports:/src/conjur-api/spec/reports
|
29
33
|
- ./features/reports:/src/conjur-api/features/reports
|
@@ -35,7 +39,11 @@ services:
|
|
35
39
|
CONJUR_ACCOUNT: cucumber
|
36
40
|
|
37
41
|
tester_4:
|
38
|
-
build:
|
42
|
+
build:
|
43
|
+
context: .
|
44
|
+
dockerfile: Dockerfile
|
45
|
+
args:
|
46
|
+
RUBY_VERSION: ${RUBY_VERSION}
|
39
47
|
volumes:
|
40
48
|
- ./features_v4/reports:/src/conjur-api/features_v4/reports
|
41
49
|
- ./tmp/conjur.pem:/src/conjur-api/tmp/conjur.pem
|
@@ -47,7 +55,11 @@ services:
|
|
47
55
|
CONJUR_ACCOUNT: cucumber
|
48
56
|
|
49
57
|
dev:
|
50
|
-
build:
|
58
|
+
build:
|
59
|
+
context: .
|
60
|
+
dockerfile: Dockerfile
|
61
|
+
args:
|
62
|
+
RUBY_VERSION: ${RUBY_VERSION}
|
51
63
|
entrypoint: bash
|
52
64
|
volumes:
|
53
65
|
- .:/src/conjur-api
|
data/features/permitted.feature
CHANGED
@@ -4,6 +4,8 @@ Feature: Check if a role has permission on a resource.
|
|
4
4
|
Given I run the code:
|
5
5
|
"""
|
6
6
|
@host_id = "app-#{random_hex}"
|
7
|
+
@test_user = "user$#{random_hex}"
|
8
|
+
@test_host = "host?#{random_hex}"
|
7
9
|
response = $conjur.load_policy 'root', <<-POLICY
|
8
10
|
- !variable db-password
|
9
11
|
|
@@ -15,6 +17,17 @@ Feature: Check if a role has permission on a resource.
|
|
15
17
|
role: !layer myapp
|
16
18
|
privilege: execute
|
17
19
|
resource: !variable db-password
|
20
|
+
|
21
|
+
- !policy
|
22
|
+
id: test
|
23
|
+
body:
|
24
|
+
- !user #{@test_user}
|
25
|
+
- !host #{@test_host}
|
26
|
+
|
27
|
+
- !permit
|
28
|
+
role: !user #{@test_user}@test
|
29
|
+
privilege: execute
|
30
|
+
resource: !variable db-password
|
18
31
|
POLICY
|
19
32
|
@host_api_key = response.created_roles["cucumber:host:#{@host_id}"]['api_key']
|
20
33
|
expect(@host_api_key).to be
|
@@ -34,6 +47,20 @@ Feature: Check if a role has permission on a resource.
|
|
34
47
|
"""
|
35
48
|
Then the result should be "false"
|
36
49
|
|
50
|
+
Scenario: Check if a different user from subpolicy has the privilege.
|
51
|
+
When I run the code:
|
52
|
+
"""
|
53
|
+
$conjur.resource('cucumber:variable:db-password').permitted? 'execute', role: "cucumber:user:#{@test_user}@test"
|
54
|
+
"""
|
55
|
+
Then the result should be "true"
|
56
|
+
|
57
|
+
Scenario: Check if a different host from subpolicy has the privilege.
|
58
|
+
When I run the code:
|
59
|
+
"""
|
60
|
+
$conjur.resource('cucumber:variable:db-password').permitted? 'execute', role: "cucumber:host:test/#{@test_host}"
|
61
|
+
"""
|
62
|
+
Then the result should be "false"
|
63
|
+
|
37
64
|
Scenario: Check if a different user has the privilege, while logged in as that user.
|
38
65
|
When I run the code:
|
39
66
|
"""
|
data/features/support/env.rb
CHANGED
data/features_v4/support/env.rb
CHANGED
data/lib/conjur/escape.rb
CHANGED
@@ -80,9 +80,8 @@ module Conjur
|
|
80
80
|
return "false" unless str
|
81
81
|
str = str.id if str.respond_to?(:id)
|
82
82
|
# Leave colons and forward slashes alone
|
83
|
-
require 'uri'
|
84
|
-
|
85
|
-
URI.escape(str.to_s, Regexp.new("[^#{pattern}]"))
|
83
|
+
require 'addressable/uri'
|
84
|
+
Addressable::URI.encode(str.to_s)
|
86
85
|
end
|
87
86
|
end
|
88
87
|
|
data/lib/conjur-api/version.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright 2013-
|
1
|
+
# Copyright 2013-2021 Conjur Inc.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy of
|
4
4
|
# this software and associated documentation files (the "Software"), to deal in
|
@@ -19,6 +19,6 @@
|
|
19
19
|
|
20
20
|
module Conjur
|
21
21
|
class API
|
22
|
-
VERSION =
|
22
|
+
VERSION = File.read(File.expand_path('../../VERSION', __dir__))
|
23
23
|
end
|
24
24
|
end
|
data/spec/api_spec.rb
CHANGED
@@ -4,29 +4,26 @@ require 'fakefs/spec_helpers'
|
|
4
4
|
describe Conjur::API do
|
5
5
|
|
6
6
|
let(:account) { 'api-spec-acount' }
|
7
|
+
let(:remote_ip) { nil }
|
7
8
|
before { allow(Conjur.configuration).to receive_messages account: account }
|
8
9
|
|
9
10
|
shared_context "logged in", logged_in: true do
|
10
11
|
let(:login) { "bob" }
|
11
12
|
let(:token) { { 'data' => login, 'timestamp' => Time.now.to_s } }
|
12
|
-
|
13
|
-
let(:api_args) { [ token, { remote_ip: remote_ip } ] }
|
14
|
-
subject(:api) { Conjur::API.new_from_token(*api_args) }
|
13
|
+
subject(:api) { Conjur::API.new_from_token(token, remote_ip: remote_ip) }
|
15
14
|
end
|
16
15
|
|
17
16
|
shared_context "logged in with an API key", logged_in: :api_key do
|
18
17
|
include_context "logged in"
|
19
18
|
let(:api_key) { "theapikey" }
|
20
|
-
|
21
|
-
subject(:api) { Conjur::API.new_from_key(*api_args) }
|
19
|
+
subject(:api) { Conjur::API.new_from_key(login, api_key, account: account ,remote_ip: remote_ip) }
|
22
20
|
end
|
23
21
|
|
24
22
|
shared_context "logged in with a token file", logged_in: :token_file do
|
25
23
|
include FakeFS::SpecHelpers
|
26
24
|
include_context "logged in"
|
27
25
|
let(:token_file) { "token_file" }
|
28
|
-
|
29
|
-
subject(:api) { Conjur::API.new_from_token_file(*api_args) }
|
26
|
+
subject(:api) { Conjur::API.new_from_token_file(token_file, remote_ip: remote_ip) }
|
30
27
|
end
|
31
28
|
|
32
29
|
def time_travel delta
|
data/spec/spec_helper.rb
CHANGED
@@ -1,8 +1,8 @@
|
|
1
1
|
require 'simplecov'
|
2
|
-
require 'simplecov-cobertura'
|
3
2
|
|
4
|
-
SimpleCov.
|
5
|
-
|
3
|
+
SimpleCov.start do
|
4
|
+
command_name "#{ENV['RUBY_VERSION']}"
|
5
|
+
end
|
6
6
|
|
7
7
|
require 'rubygems'
|
8
8
|
$:.unshift File.join(File.dirname(__FILE__), "..", "lib")
|
data/test.sh
CHANGED
@@ -1,5 +1,10 @@
|
|
1
1
|
#!/bin/bash -e
|
2
2
|
|
3
|
+
: "${RUBY_VERSION=3.0}"
|
4
|
+
# My local RUBY_VERSION is set to ruby-#.#.# so this allows running locally.
|
5
|
+
RUBY_VERSION="$(cut -d '-' -f 2 <<< "$RUBY_VERSION")"
|
6
|
+
|
7
|
+
|
3
8
|
function finish {
|
4
9
|
echo 'Removing test environment'
|
5
10
|
echo '---'
|
@@ -8,29 +13,18 @@ function finish {
|
|
8
13
|
|
9
14
|
trap finish EXIT
|
10
15
|
|
11
|
-
function publishToCodeClimate() {
|
12
|
-
docker build -f ci/codeclimate.dockerfile -t cyberark/code-climate:latest .
|
13
|
-
docker run \
|
14
|
-
--rm \
|
15
|
-
-e GIT_BRANCH \
|
16
|
-
-e GIT_COMMIT \
|
17
|
-
-e TRID \
|
18
|
-
--volume "$PWD:/src/conjur-api" \
|
19
|
-
-w "/src/conjur-api" \
|
20
|
-
cyberark/code-climate:latest \
|
21
|
-
after-build \
|
22
|
-
-r "$(<TRID)" \
|
23
|
-
-t "simplecov"
|
24
|
-
}
|
25
16
|
|
26
17
|
function main() {
|
18
|
+
if ! docker info >/dev/null 2>&1; then
|
19
|
+
echo "Docker does not seem to be running, run it first and retry"
|
20
|
+
exit 1
|
21
|
+
fi
|
27
22
|
# Generate reports folders locally
|
28
23
|
mkdir -p spec/reports features/reports features_v4/reports
|
29
24
|
|
30
25
|
startConjur
|
31
26
|
runTests_5
|
32
27
|
runTests_4
|
33
|
-
publishToCodeClimate
|
34
28
|
}
|
35
29
|
|
36
30
|
function startConjur() {
|
@@ -42,8 +36,7 @@ function startConjur() {
|
|
42
36
|
# However, unconditionally pulling prevents working offline even
|
43
37
|
# with a warm cache. So try to pull, but ignore failures.
|
44
38
|
docker-compose pull --ignore-pull-failures
|
45
|
-
|
46
|
-
docker-compose build
|
39
|
+
docker-compose build --build-arg RUBY_VERSION="$RUBY_VERSION"
|
47
40
|
docker-compose up -d pg conjur_4 conjur_5
|
48
41
|
}
|
49
42
|
|
metadata
CHANGED
@@ -1,15 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.3.
|
4
|
+
version: 5.3.7.pre.168
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
8
|
-
- Kevin Gilpin
|
7
|
+
- CyberArk Maintainers
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date: 2021-
|
11
|
+
date: 2021-12-31 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: rest-client
|
@@ -31,14 +30,28 @@ dependencies:
|
|
31
30
|
requirements:
|
32
31
|
- - ">="
|
33
32
|
- !ruby/object:Gem::Version
|
34
|
-
version: '
|
33
|
+
version: '4.2'
|
35
34
|
type: :runtime
|
36
35
|
prerelease: false
|
37
36
|
version_requirements: !ruby/object:Gem::Requirement
|
38
37
|
requirements:
|
39
38
|
- - ">="
|
40
39
|
- !ruby/object:Gem::Version
|
41
|
-
version: '
|
40
|
+
version: '4.2'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: addressable
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '2.0'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '2.0'
|
42
55
|
- !ruby/object:Gem::Dependency
|
43
56
|
name: rake
|
44
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -127,16 +140,22 @@ dependencies:
|
|
127
140
|
name: simplecov
|
128
141
|
requirement: !ruby/object:Gem::Requirement
|
129
142
|
requirements:
|
130
|
-
- - "
|
143
|
+
- - "~>"
|
131
144
|
- !ruby/object:Gem::Version
|
132
|
-
version: '0'
|
145
|
+
version: '0.17'
|
146
|
+
- - "<"
|
147
|
+
- !ruby/object:Gem::Version
|
148
|
+
version: '0.18'
|
133
149
|
type: :development
|
134
150
|
prerelease: false
|
135
151
|
version_requirements: !ruby/object:Gem::Requirement
|
136
152
|
requirements:
|
137
|
-
- - "
|
153
|
+
- - "~>"
|
138
154
|
- !ruby/object:Gem::Version
|
139
|
-
version: '0'
|
155
|
+
version: '0.17'
|
156
|
+
- - "<"
|
157
|
+
- !ruby/object:Gem::Version
|
158
|
+
version: '0.18'
|
140
159
|
- !ruby/object:Gem::Dependency
|
141
160
|
name: io-grab
|
142
161
|
requirement: !ruby/object:Gem::Requirement
|
@@ -209,8 +228,7 @@ dependencies:
|
|
209
228
|
version: '0'
|
210
229
|
description: Conjur API
|
211
230
|
email:
|
212
|
-
-
|
213
|
-
- kgilpin@conjur.net
|
231
|
+
- conj_maintainers@cyberark.com
|
214
232
|
executables: []
|
215
233
|
extensions: []
|
216
234
|
extra_rdoc_files: []
|
@@ -218,9 +236,6 @@ files:
|
|
218
236
|
- ".codeclimate.yml"
|
219
237
|
- ".dockerignore"
|
220
238
|
- ".github/CODEOWNERS"
|
221
|
-
- ".github/ISSUE_TEMPLATE/bug.md"
|
222
|
-
- ".github/ISSUE_TEMPLATE/feature_request.md"
|
223
|
-
- ".github/PULL_REQUEST_TEMPLATE.md"
|
224
239
|
- ".gitignore"
|
225
240
|
- ".gitleaks.toml"
|
226
241
|
- ".overcommit.yml"
|
@@ -238,10 +253,11 @@ files:
|
|
238
253
|
- README.md
|
239
254
|
- Rakefile
|
240
255
|
- SECURITY.md
|
256
|
+
- VERSION
|
241
257
|
- bin/parse-changelog.sh
|
242
|
-
- ci/codeclimate.dockerfile
|
243
258
|
- ci/configure_v4.sh
|
244
259
|
- ci/configure_v5.sh
|
260
|
+
- ci/submit-coverage
|
245
261
|
- conjur-api.gemspec
|
246
262
|
- dev/Dockerfile.dev
|
247
263
|
- dev/docker-compose.yml
|
@@ -373,11 +389,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
373
389
|
version: '1.9'
|
374
390
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
375
391
|
requirements:
|
376
|
-
- - "
|
392
|
+
- - ">"
|
377
393
|
- !ruby/object:Gem::Version
|
378
|
-
version:
|
394
|
+
version: 1.3.1
|
379
395
|
requirements: []
|
380
|
-
rubygems_version: 3.1.
|
396
|
+
rubygems_version: 3.1.6
|
381
397
|
signing_key:
|
382
398
|
specification_version: 4
|
383
399
|
summary: Conjur API
|
@@ -1,42 +0,0 @@
|
|
1
|
-
---
|
2
|
-
name: Bug
|
3
|
-
about: Create a bug report to help us improve
|
4
|
-
title: ''
|
5
|
-
labels: component/api/ruby, kind/bug
|
6
|
-
assignees: ''
|
7
|
-
|
8
|
-
---
|
9
|
-
|
10
|
-
## Summary
|
11
|
-
A clear and concise description of what the bug is.
|
12
|
-
|
13
|
-
## Steps to Reproduce
|
14
|
-
Steps to reproduce the behavior:
|
15
|
-
1. Go to '...'
|
16
|
-
2. Click on '....'
|
17
|
-
3. Scroll down to '....'
|
18
|
-
4. See error
|
19
|
-
|
20
|
-
## Expected Results
|
21
|
-
A clear and concise description of what you expected to happen.
|
22
|
-
|
23
|
-
## Actual Results (including error logs, if applicable)
|
24
|
-
A clear and concise description of what actually did happen.
|
25
|
-
|
26
|
-
## Reproducible
|
27
|
-
* [ ] Always
|
28
|
-
* [ ] Sometimes
|
29
|
-
* [ ] Non-Reproducible
|
30
|
-
|
31
|
-
## Version/Tag number
|
32
|
-
What version of the product are you running? Any version info that you can share is helpful.
|
33
|
-
For example, you might give the version from Docker logs, the Docker tag, a specific download URL,
|
34
|
-
the output of the `/info` route, etc.
|
35
|
-
|
36
|
-
## Environment setup
|
37
|
-
Can you describe the environment in which this product is running? Is it running on a VM / in a container / in a cloud?
|
38
|
-
Which cloud provider? Which container orchestrator (including version)?
|
39
|
-
The more info you can share about your runtime environment, the better we may be able to reproduce the issue.
|
40
|
-
|
41
|
-
## Additional Information
|
42
|
-
Add any other context about the problem here.
|
@@ -1,27 +0,0 @@
|
|
1
|
-
---
|
2
|
-
name: Feature request
|
3
|
-
about: Suggest an idea for this project
|
4
|
-
title: ''
|
5
|
-
labels: kind/enhancement, component/api/ruby
|
6
|
-
assignees: ''
|
7
|
-
|
8
|
-
---
|
9
|
-
|
10
|
-
## Is your feature request related to a problem? Please describe.
|
11
|
-
|
12
|
-
A clear and concise description of what the problem is. Ex. `I would like to see [...] because [...]`.
|
13
|
-
Please include the intended use case and what the feature would improve on so that we can prioritize
|
14
|
-
the feature accordingly.
|
15
|
-
|
16
|
-
## Describe the solution you would like
|
17
|
-
|
18
|
-
A clear and concise description of what the desired end result(s) would be.
|
19
|
-
|
20
|
-
## Describe alternatives you have considered
|
21
|
-
|
22
|
-
A clear and concise description of any alternative solutions or features that may be related to this that
|
23
|
-
you have considered.
|
24
|
-
|
25
|
-
## Additional context
|
26
|
-
|
27
|
-
Add any other context information about the feature request here.
|
@@ -1,21 +0,0 @@
|
|
1
|
-
### What does this PR do?
|
2
|
-
- _What's changed? Why were these changes made?_
|
3
|
-
- _How should the reviewer approach this PR, especially if manual tests are required?_
|
4
|
-
- _Are there relevant screenshots you can add to the PR description?_
|
5
|
-
|
6
|
-
### What ticket does this PR close?
|
7
|
-
Connected to #[relevant GitHub issues, eg 76]
|
8
|
-
|
9
|
-
### Checklists
|
10
|
-
|
11
|
-
#### Change log
|
12
|
-
- [ ] The CHANGELOG has been updated, or
|
13
|
-
- [ ] This PR does not include user-facing changes and doesn't require a CHANGELOG update
|
14
|
-
|
15
|
-
#### Test coverage
|
16
|
-
- [ ] This PR includes new unit and integration tests to go with the code changes, or
|
17
|
-
- [ ] The changes in this PR do not require tests
|
18
|
-
|
19
|
-
#### Documentation
|
20
|
-
- [ ] Docs (e.g. `README`s) were updated in this PR, and/or there is a follow-on issue to update docs, or
|
21
|
-
- [ ] This PR does not require updating any documentation
|
data/ci/codeclimate.dockerfile
DELETED