conjur-api 5.3.6 → 5.3.7.pre.167
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -1
- data/Dockerfile +1 -1
- data/Jenkinsfile +45 -15
- data/VERSION +1 -0
- data/conjur-api.gemspec +2 -2
- data/features/permitted.feature +27 -0
- data/lib/conjur-api/version.rb +1 -1
- metadata +7 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ad1a073ba389391d9ed2e0770f947a0a7e30c982154063c9a488925c05050efa
|
4
|
+
data.tar.gz: 7abc458cd851260b3f96aa1ede3abf4dfe338c42197a501bdfe6b37d672d1707
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 75079d3b4699e33e470643f9c0d75aa095cb937217619cd316c69cb36a80d73addaa6d1c238d1920d712e7483bf6d69d28c1f1f8256bceab5de27f5f3e73752d
|
7
|
+
data.tar.gz: 8f73519cf1241e9aae9034ca51727507b3390af92e93ee0008fce2934368f31e581876c66b53e50f58755669ff823ab57ced16d4037e1c0c4dcadda83468986b
|
data/CHANGELOG.md
CHANGED
@@ -4,9 +4,20 @@ All notable changes to this project will be documented in this file.
|
|
4
4
|
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
|
5
5
|
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
|
6
6
|
|
7
|
-
##
|
7
|
+
## Unreleased
|
8
|
+
### Changed
|
9
|
+
- Nothing should go in this section, please add to the latest unreleased version
|
10
|
+
(and update the corresponding date), or add a new version.
|
11
|
+
|
12
|
+
## [5.3.7] - 2021-12-28
|
13
|
+
|
14
|
+
### Changed
|
15
|
+
- Change addressable gem dependency.
|
16
|
+
[cyberark/conjur-api-ruby#199](https://github.com/cyberark/conjur-api-ruby/pull/199)
|
17
|
+
- Update to use automated release process
|
8
18
|
|
9
19
|
## [5.3.6] - 2021-12-09
|
20
|
+
|
10
21
|
### Changed
|
11
22
|
- Support ruby-3.0.2.
|
12
23
|
[cyberark/conjur-api-ruby#197](https://github.com/cyberark/conjur-api-ruby/pull/197)
|
@@ -352,6 +363,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
352
363
|
## [2.0.0] - 2013-13-12
|
353
364
|
|
354
365
|
[Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.6...HEAD
|
366
|
+
[5.3.7]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.6...v5.3.7
|
355
367
|
[5.3.6]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.5...v5.3.6
|
356
368
|
[5.3.5]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.4...v5.3.5
|
357
369
|
[5.3.4]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.3...v5.3.4
|
data/Dockerfile
CHANGED
data/Jenkinsfile
CHANGED
@@ -1,5 +1,17 @@
|
|
1
1
|
#!/usr/bin/env groovy
|
2
2
|
|
3
|
+
// Automated release, promotion and dependencies
|
4
|
+
properties([
|
5
|
+
release.addParams()
|
6
|
+
])
|
7
|
+
|
8
|
+
if (params.MODE == "PROMOTE") {
|
9
|
+
release.promote(params.VERSION_TO_PROMOTE) { sourceVersion, targetVersion, assetDirectory ->
|
10
|
+
sh './publish.sh'
|
11
|
+
}
|
12
|
+
return
|
13
|
+
}
|
14
|
+
|
3
15
|
pipeline {
|
4
16
|
agent { label 'executor-v2' }
|
5
17
|
|
@@ -12,9 +24,29 @@ pipeline {
|
|
12
24
|
cron(getDailyCronString())
|
13
25
|
}
|
14
26
|
|
27
|
+
environment {
|
28
|
+
MODE = release.canonicalizeMode()
|
29
|
+
}
|
30
|
+
|
15
31
|
stages {
|
16
|
-
stage('
|
17
|
-
|
32
|
+
stage ("Skip build if triggering job didn't create a release") {
|
33
|
+
when {
|
34
|
+
expression {
|
35
|
+
MODE == "SKIP"
|
36
|
+
}
|
37
|
+
}
|
38
|
+
steps {
|
39
|
+
script {
|
40
|
+
currentBuild.result = 'ABORTED'
|
41
|
+
error("Aborting build because this build was triggered from upstream, but no release was built")
|
42
|
+
}
|
43
|
+
}
|
44
|
+
}
|
45
|
+
stage('Validate Changelog and set version') {
|
46
|
+
steps {
|
47
|
+
sh './bin/parse-changelog.sh'
|
48
|
+
updateVersion("CHANGELOG.md", "${BUILD_NUMBER}")
|
49
|
+
}
|
18
50
|
}
|
19
51
|
|
20
52
|
stage('Prepare CC Report Dir'){
|
@@ -107,23 +139,21 @@ pipeline {
|
|
107
139
|
}
|
108
140
|
}
|
109
141
|
|
110
|
-
|
111
|
-
|
112
|
-
|
142
|
+
stage('Release') {
|
143
|
+
when {
|
144
|
+
expression {
|
145
|
+
MODE == "RELEASE"
|
146
|
+
}
|
147
|
+
}
|
113
148
|
|
114
|
-
when { tag "v*" }
|
115
149
|
steps {
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
// Clean up again...
|
122
|
-
sh 'docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd'
|
123
|
-
deleteDir()
|
150
|
+
release {
|
151
|
+
// Clean up all but the calculated VERSION
|
152
|
+
sh 'docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd -e VERSION'
|
153
|
+
sh './publish.sh'
|
154
|
+
}
|
124
155
|
}
|
125
156
|
}
|
126
|
-
|
127
157
|
}
|
128
158
|
|
129
159
|
post {
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
5.3.7-167
|
data/conjur-api.gemspec
CHANGED
@@ -9,7 +9,7 @@ Gem::Specification.new do |gem|
|
|
9
9
|
gem.homepage = "https://github.com/cyberark/conjur-api-ruby/"
|
10
10
|
gem.license = "Apache-2.0"
|
11
11
|
|
12
|
-
gem.files = `git ls-files`.split($\) + Dir['build_number']
|
12
|
+
gem.files = `git ls-files`.split($\).append("VERSION") + Dir['build_number']
|
13
13
|
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
14
14
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
15
15
|
gem.name = "conjur-api"
|
@@ -23,7 +23,7 @@ Gem::Specification.new do |gem|
|
|
23
23
|
|
24
24
|
gem.add_dependency 'rest-client'
|
25
25
|
gem.add_dependency 'activesupport', '>= 4.2'
|
26
|
-
gem.add_dependency 'addressable', '~> 2.
|
26
|
+
gem.add_dependency 'addressable', '~> 2.0'
|
27
27
|
|
28
28
|
gem.add_development_dependency 'rake', '>= 12.3.3'
|
29
29
|
gem.add_development_dependency 'rspec', '~> 3'
|
data/features/permitted.feature
CHANGED
@@ -4,6 +4,8 @@ Feature: Check if a role has permission on a resource.
|
|
4
4
|
Given I run the code:
|
5
5
|
"""
|
6
6
|
@host_id = "app-#{random_hex}"
|
7
|
+
@test_user = "user$#{random_hex}"
|
8
|
+
@test_host = "host?#{random_hex}"
|
7
9
|
response = $conjur.load_policy 'root', <<-POLICY
|
8
10
|
- !variable db-password
|
9
11
|
|
@@ -15,6 +17,17 @@ Feature: Check if a role has permission on a resource.
|
|
15
17
|
role: !layer myapp
|
16
18
|
privilege: execute
|
17
19
|
resource: !variable db-password
|
20
|
+
|
21
|
+
- !policy
|
22
|
+
id: test
|
23
|
+
body:
|
24
|
+
- !user #{@test_user}
|
25
|
+
- !host #{@test_host}
|
26
|
+
|
27
|
+
- !permit
|
28
|
+
role: !user #{@test_user}@test
|
29
|
+
privilege: execute
|
30
|
+
resource: !variable db-password
|
18
31
|
POLICY
|
19
32
|
@host_api_key = response.created_roles["cucumber:host:#{@host_id}"]['api_key']
|
20
33
|
expect(@host_api_key).to be
|
@@ -34,6 +47,20 @@ Feature: Check if a role has permission on a resource.
|
|
34
47
|
"""
|
35
48
|
Then the result should be "false"
|
36
49
|
|
50
|
+
Scenario: Check if a different user from subpolicy has the privilege.
|
51
|
+
When I run the code:
|
52
|
+
"""
|
53
|
+
$conjur.resource('cucumber:variable:db-password').permitted? 'execute', role: "cucumber:user:#{@test_user}@test"
|
54
|
+
"""
|
55
|
+
Then the result should be "true"
|
56
|
+
|
57
|
+
Scenario: Check if a different host from subpolicy has the privilege.
|
58
|
+
When I run the code:
|
59
|
+
"""
|
60
|
+
$conjur.resource('cucumber:variable:db-password').permitted? 'execute', role: "cucumber:host:test/#{@test_host}"
|
61
|
+
"""
|
62
|
+
Then the result should be "false"
|
63
|
+
|
37
64
|
Scenario: Check if a different user has the privilege, while logged in as that user.
|
38
65
|
When I run the code:
|
39
66
|
"""
|
data/lib/conjur-api/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.3.
|
4
|
+
version: 5.3.7.pre.167
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- CyberArk Maintainers
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-12-
|
11
|
+
date: 2021-12-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rest-client
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 2.
|
47
|
+
version: '2.0'
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 2.
|
54
|
+
version: '2.0'
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: rake
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -253,6 +253,7 @@ files:
|
|
253
253
|
- README.md
|
254
254
|
- Rakefile
|
255
255
|
- SECURITY.md
|
256
|
+
- VERSION
|
256
257
|
- bin/parse-changelog.sh
|
257
258
|
- ci/configure_v4.sh
|
258
259
|
- ci/configure_v5.sh
|
@@ -388,9 +389,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
388
389
|
version: '1.9'
|
389
390
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
390
391
|
requirements:
|
391
|
-
- - "
|
392
|
+
- - ">"
|
392
393
|
- !ruby/object:Gem::Version
|
393
|
-
version:
|
394
|
+
version: 1.3.1
|
394
395
|
requirements: []
|
395
396
|
rubygems_version: 3.1.6
|
396
397
|
signing_key:
|