conjur-api 5.3.6 → 5.3.7.pre.183
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -1
- data/Dockerfile +1 -1
- data/Jenkinsfile +49 -15
- data/VERSION +1 -0
- data/conjur-api.gemspec +2 -2
- data/dev/start +5 -0
- data/features/permitted.feature +27 -0
- data/lib/conjur-api/version.rb +1 -1
- data/publish.sh +3 -5
- data/test.sh +4 -0
- metadata +9 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 510a87b647a26d2abc902433920963157b3f1f3452178c8d2df33b88101d9d76
|
4
|
+
data.tar.gz: 6855d313b355ce713485bc94941d6c9335ff394a8cb60a113a0e497379354d1f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d5112f1adbceee7b4364c9ad2f050696a9f25778c751df39cb8355220f479461a213536adc823a5dc8397e7651d655e08cf0b10e25c9c49cce8d059952f5ecf4
|
7
|
+
data.tar.gz: bac9ba81f5487f492cfbebc00b0efe9420d96ec1a9024533cc8d3563f48ee9666a091e03fc3f0fac4f08735acdb90292aca3547245b1c3ed641bb43040f08f47
|
data/CHANGELOG.md
CHANGED
@@ -4,9 +4,20 @@ All notable changes to this project will be documented in this file.
|
|
4
4
|
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
|
5
5
|
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
|
6
6
|
|
7
|
-
##
|
7
|
+
## Unreleased
|
8
|
+
### Changed
|
9
|
+
- Nothing should go in this section, please add to the latest unreleased version
|
10
|
+
(and update the corresponding date), or add a new version.
|
11
|
+
|
12
|
+
## [5.3.7] - 2021-12-28
|
13
|
+
|
14
|
+
### Changed
|
15
|
+
- Change addressable gem dependency.
|
16
|
+
[cyberark/conjur-api-ruby#199](https://github.com/cyberark/conjur-api-ruby/pull/199)
|
17
|
+
- Update to use automated release process
|
8
18
|
|
9
19
|
## [5.3.6] - 2021-12-09
|
20
|
+
|
10
21
|
### Changed
|
11
22
|
- Support ruby-3.0.2.
|
12
23
|
[cyberark/conjur-api-ruby#197](https://github.com/cyberark/conjur-api-ruby/pull/197)
|
@@ -352,6 +363,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
352
363
|
## [2.0.0] - 2013-13-12
|
353
364
|
|
354
365
|
[Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.6...HEAD
|
366
|
+
[5.3.7]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.6...v5.3.7
|
355
367
|
[5.3.6]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.5...v5.3.6
|
356
368
|
[5.3.5]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.4...v5.3.5
|
357
369
|
[5.3.4]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.3...v5.3.4
|
data/Dockerfile
CHANGED
data/Jenkinsfile
CHANGED
@@ -1,5 +1,17 @@
|
|
1
1
|
#!/usr/bin/env groovy
|
2
2
|
|
3
|
+
// Automated release, promotion and dependencies
|
4
|
+
properties([
|
5
|
+
release.addParams()
|
6
|
+
])
|
7
|
+
|
8
|
+
if (params.MODE == "PROMOTE") {
|
9
|
+
release.promote(params.VERSION_TO_PROMOTE) { sourceVersion, targetVersion, assetDirectory ->
|
10
|
+
sh './publish.sh'
|
11
|
+
}
|
12
|
+
return
|
13
|
+
}
|
14
|
+
|
3
15
|
pipeline {
|
4
16
|
agent { label 'executor-v2' }
|
5
17
|
|
@@ -12,9 +24,29 @@ pipeline {
|
|
12
24
|
cron(getDailyCronString())
|
13
25
|
}
|
14
26
|
|
27
|
+
environment {
|
28
|
+
MODE = release.canonicalizeMode()
|
29
|
+
}
|
30
|
+
|
15
31
|
stages {
|
16
|
-
stage('
|
17
|
-
|
32
|
+
stage ("Skip build if triggering job didn't create a release") {
|
33
|
+
when {
|
34
|
+
expression {
|
35
|
+
MODE == "SKIP"
|
36
|
+
}
|
37
|
+
}
|
38
|
+
steps {
|
39
|
+
script {
|
40
|
+
currentBuild.result = 'ABORTED'
|
41
|
+
error("Aborting build because this build was triggered from upstream, but no release was built")
|
42
|
+
}
|
43
|
+
}
|
44
|
+
}
|
45
|
+
stage('Validate Changelog and set version') {
|
46
|
+
steps {
|
47
|
+
sh './bin/parse-changelog.sh'
|
48
|
+
updateVersion("CHANGELOG.md", "${BUILD_NUMBER}")
|
49
|
+
}
|
18
50
|
}
|
19
51
|
|
20
52
|
stage('Prepare CC Report Dir'){
|
@@ -107,23 +139,25 @@ pipeline {
|
|
107
139
|
}
|
108
140
|
}
|
109
141
|
|
110
|
-
|
111
|
-
|
112
|
-
|
142
|
+
stage('Release') {
|
143
|
+
when {
|
144
|
+
expression {
|
145
|
+
MODE == "RELEASE"
|
146
|
+
}
|
147
|
+
}
|
113
148
|
|
114
|
-
when { tag "v*" }
|
115
149
|
steps {
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
150
|
+
release {
|
151
|
+
// Clean up all but the calculated VERSION
|
152
|
+
sh '''docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd \
|
153
|
+
-e VERSION \
|
154
|
+
-e bom-assets/ \
|
155
|
+
-e release-assets/ '''
|
156
|
+
sh './publish.sh'
|
157
|
+
sh 'cp conjur-api-*.gem release-assets/.'
|
158
|
+
}
|
124
159
|
}
|
125
160
|
}
|
126
|
-
|
127
161
|
}
|
128
162
|
|
129
163
|
post {
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
5.3.7-183
|
data/conjur-api.gemspec
CHANGED
@@ -9,7 +9,7 @@ Gem::Specification.new do |gem|
|
|
9
9
|
gem.homepage = "https://github.com/cyberark/conjur-api-ruby/"
|
10
10
|
gem.license = "Apache-2.0"
|
11
11
|
|
12
|
-
gem.files = `git ls-files`.split($\) + Dir['build_number']
|
12
|
+
gem.files = `git ls-files`.split($\).append("VERSION") + Dir['build_number']
|
13
13
|
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
14
14
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
15
15
|
gem.name = "conjur-api"
|
@@ -23,7 +23,7 @@ Gem::Specification.new do |gem|
|
|
23
23
|
|
24
24
|
gem.add_dependency 'rest-client'
|
25
25
|
gem.add_dependency 'activesupport', '>= 4.2'
|
26
|
-
gem.add_dependency 'addressable', '~> 2.
|
26
|
+
gem.add_dependency 'addressable', '~> 2.0'
|
27
27
|
|
28
28
|
gem.add_development_dependency 'rake', '>= 12.3.3'
|
29
29
|
gem.add_development_dependency 'rspec', '~> 3'
|
data/dev/start
CHANGED
@@ -11,6 +11,11 @@ function v5_development() {
|
|
11
11
|
docker exec -e CONJUR_AUTHN_API_KEY="$api_key" -it --detach-keys 'ctrl-\' $(docker-compose ps -q gem) bash
|
12
12
|
}
|
13
13
|
|
14
|
+
# Set up VERSION file for local development
|
15
|
+
if [ ! -f "../VERSION" ]; then
|
16
|
+
echo -n "0.0.dev" > ../VERSION
|
17
|
+
fi
|
18
|
+
|
14
19
|
docker-compose pull
|
15
20
|
docker-compose build
|
16
21
|
|
data/features/permitted.feature
CHANGED
@@ -4,6 +4,8 @@ Feature: Check if a role has permission on a resource.
|
|
4
4
|
Given I run the code:
|
5
5
|
"""
|
6
6
|
@host_id = "app-#{random_hex}"
|
7
|
+
@test_user = "user$#{random_hex}"
|
8
|
+
@test_host = "host?#{random_hex}"
|
7
9
|
response = $conjur.load_policy 'root', <<-POLICY
|
8
10
|
- !variable db-password
|
9
11
|
|
@@ -15,6 +17,17 @@ Feature: Check if a role has permission on a resource.
|
|
15
17
|
role: !layer myapp
|
16
18
|
privilege: execute
|
17
19
|
resource: !variable db-password
|
20
|
+
|
21
|
+
- !policy
|
22
|
+
id: test
|
23
|
+
body:
|
24
|
+
- !user #{@test_user}
|
25
|
+
- !host #{@test_host}
|
26
|
+
|
27
|
+
- !permit
|
28
|
+
role: !user #{@test_user}@test
|
29
|
+
privilege: execute
|
30
|
+
resource: !variable db-password
|
18
31
|
POLICY
|
19
32
|
@host_api_key = response.created_roles["cucumber:host:#{@host_id}"]['api_key']
|
20
33
|
expect(@host_api_key).to be
|
@@ -34,6 +47,20 @@ Feature: Check if a role has permission on a resource.
|
|
34
47
|
"""
|
35
48
|
Then the result should be "false"
|
36
49
|
|
50
|
+
Scenario: Check if a different user from subpolicy has the privilege.
|
51
|
+
When I run the code:
|
52
|
+
"""
|
53
|
+
$conjur.resource('cucumber:variable:db-password').permitted? 'execute', role: "cucumber:user:#{@test_user}@test"
|
54
|
+
"""
|
55
|
+
Then the result should be "true"
|
56
|
+
|
57
|
+
Scenario: Check if a different host from subpolicy has the privilege.
|
58
|
+
When I run the code:
|
59
|
+
"""
|
60
|
+
$conjur.resource('cucumber:variable:db-password').permitted? 'execute', role: "cucumber:host:test/#{@test_host}"
|
61
|
+
"""
|
62
|
+
Then the result should be "false"
|
63
|
+
|
37
64
|
Scenario: Check if a different user has the privilege, while logged in as that user.
|
38
65
|
When I run the code:
|
39
66
|
"""
|
data/lib/conjur-api/version.rb
CHANGED
data/publish.sh
CHANGED
@@ -1,7 +1,5 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
docker pull registry.tld/conjurinc/publish-rubygem
|
1
|
+
#!/usr/bin/env bash
|
2
|
+
set -e
|
4
3
|
|
5
4
|
summon --yaml "RUBYGEMS_API_KEY: !var rubygems/api-key" \
|
6
|
-
|
7
|
-
registry.tld/conjurinc/publish-rubygem conjur-api
|
5
|
+
publish-rubygem conjur-api
|
data/test.sh
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.3.
|
4
|
+
version: 5.3.7.pre.183
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- CyberArk Maintainers
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rest-client
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 2.
|
47
|
+
version: '2.0'
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 2.
|
54
|
+
version: '2.0'
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: rake
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -253,6 +253,7 @@ files:
|
|
253
253
|
- README.md
|
254
254
|
- Rakefile
|
255
255
|
- SECURITY.md
|
256
|
+
- VERSION
|
256
257
|
- bin/parse-changelog.sh
|
257
258
|
- ci/configure_v4.sh
|
258
259
|
- ci/configure_v5.sh
|
@@ -388,11 +389,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
388
389
|
version: '1.9'
|
389
390
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
390
391
|
requirements:
|
391
|
-
- - "
|
392
|
+
- - ">"
|
392
393
|
- !ruby/object:Gem::Version
|
393
|
-
version:
|
394
|
+
version: 1.3.1
|
394
395
|
requirements: []
|
395
|
-
|
396
|
+
rubyforge_project:
|
397
|
+
rubygems_version: 2.7.6.2
|
396
398
|
signing_key:
|
397
399
|
specification_version: 4
|
398
400
|
summary: Conjur API
|