conjur-api 5.3.7.pre.168 → 5.3.8.pre.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- metadata +21 -190
- data/.codeclimate.yml +0 -10
- data/.dockerignore +0 -1
- data/.github/CODEOWNERS +0 -10
- data/.gitignore +0 -32
- data/.gitleaks.toml +0 -219
- data/.overcommit.yml +0 -16
- data/.project +0 -18
- data/.rubocop.yml +0 -3
- data/.rubocop_settings.yml +0 -86
- data/.rubocop_todo.yml +0 -709
- data/.yardopts +0 -1
- data/CHANGELOG.md +0 -433
- data/CONTRIBUTING.md +0 -141
- data/Dockerfile +0 -16
- data/Gemfile +0 -7
- data/Jenkinsfile +0 -167
- data/LICENSE +0 -202
- data/README.md +0 -162
- data/Rakefile +0 -47
- data/SECURITY.md +0 -42
- data/bin/parse-changelog.sh +0 -12
- data/ci/configure_v4.sh +0 -12
- data/ci/configure_v5.sh +0 -14
- data/ci/submit-coverage +0 -36
- data/conjur-api.gemspec +0 -40
- data/dev/Dockerfile.dev +0 -12
- data/dev/docker-compose.yml +0 -56
- data/dev/start +0 -17
- data/dev/stop +0 -5
- data/docker-compose.yml +0 -76
- data/example/demo_v4.rb +0 -49
- data/example/demo_v5.rb +0 -57
- data/features/authenticators.feature +0 -33
- data/features/authn_local.feature +0 -32
- data/features/exists.feature +0 -37
- data/features/group.feature +0 -11
- data/features/host.feature +0 -50
- data/features/host_factory_create_host.feature +0 -28
- data/features/host_factory_token.feature +0 -63
- data/features/load_policy.feature +0 -61
- data/features/members.feature +0 -51
- data/features/new_api.feature +0 -36
- data/features/permitted.feature +0 -70
- data/features/permitted_roles.feature +0 -30
- data/features/public_keys.feature +0 -11
- data/features/resource_fields.feature +0 -53
- data/features/role_fields.feature +0 -15
- data/features/rotate_api_key.feature +0 -13
- data/features/step_definitions/api_steps.rb +0 -18
- data/features/step_definitions/policy_steps.rb +0 -75
- data/features/step_definitions/result_steps.rb +0 -7
- data/features/support/env.rb +0 -18
- data/features/support/hooks.rb +0 -3
- data/features/support/world.rb +0 -12
- data/features/update_password.feature +0 -14
- data/features/user.feature +0 -58
- data/features/variable_fields.feature +0 -20
- data/features/variable_value.feature +0 -60
- data/features_v4/authn_local.feature +0 -27
- data/features_v4/exists.feature +0 -29
- data/features_v4/host.feature +0 -18
- data/features_v4/host_factory_token.feature +0 -49
- data/features_v4/members.feature +0 -39
- data/features_v4/permitted.feature +0 -15
- data/features_v4/permitted_roles.feature +0 -8
- data/features_v4/resource_fields.feature +0 -47
- data/features_v4/rotate_api_key.feature +0 -13
- data/features_v4/step_definitions/api_steps.rb +0 -17
- data/features_v4/step_definitions/result_steps.rb +0 -3
- data/features_v4/support/env.rb +0 -23
- data/features_v4/support/policy.yml +0 -34
- data/features_v4/support/world.rb +0 -12
- data/features_v4/variable_fields.feature +0 -11
- data/features_v4/variable_value.feature +0 -54
- data/lib/conjur/acts_as_resource.rb +0 -123
- data/lib/conjur/acts_as_role.rb +0 -142
- data/lib/conjur/acts_as_rolsource.rb +0 -32
- data/lib/conjur/acts_as_user.rb +0 -68
- data/lib/conjur/api/authenticators.rb +0 -35
- data/lib/conjur/api/authn.rb +0 -125
- data/lib/conjur/api/host_factories.rb +0 -71
- data/lib/conjur/api/ldap_sync.rb +0 -38
- data/lib/conjur/api/policies.rb +0 -56
- data/lib/conjur/api/pubkeys.rb +0 -53
- data/lib/conjur/api/resources.rb +0 -109
- data/lib/conjur/api/roles.rb +0 -98
- data/lib/conjur/api/router/v4.rb +0 -206
- data/lib/conjur/api/router/v5.rb +0 -248
- data/lib/conjur/api/variables.rb +0 -59
- data/lib/conjur/api.rb +0 -105
- data/lib/conjur/base.rb +0 -355
- data/lib/conjur/base_object.rb +0 -57
- data/lib/conjur/build_object.rb +0 -47
- data/lib/conjur/cache.rb +0 -26
- data/lib/conjur/cert_utils.rb +0 -63
- data/lib/conjur/cidr.rb +0 -71
- data/lib/conjur/configuration.rb +0 -460
- data/lib/conjur/escape.rb +0 -129
- data/lib/conjur/exceptions.rb +0 -4
- data/lib/conjur/group.rb +0 -41
- data/lib/conjur/has_attributes.rb +0 -98
- data/lib/conjur/host.rb +0 -27
- data/lib/conjur/host_factory.rb +0 -75
- data/lib/conjur/host_factory_token.rb +0 -78
- data/lib/conjur/id.rb +0 -71
- data/lib/conjur/layer.rb +0 -9
- data/lib/conjur/log.rb +0 -72
- data/lib/conjur/log_source.rb +0 -60
- data/lib/conjur/policy.rb +0 -34
- data/lib/conjur/policy_load_result.rb +0 -61
- data/lib/conjur/query_string.rb +0 -12
- data/lib/conjur/resource.rb +0 -29
- data/lib/conjur/role.rb +0 -29
- data/lib/conjur/role_grant.rb +0 -85
- data/lib/conjur/routing.rb +0 -29
- data/lib/conjur/user.rb +0 -40
- data/lib/conjur/variable.rb +0 -208
- data/lib/conjur/webservice.rb +0 -30
- data/lib/conjur-api/version.rb +0 -24
- data/lib/conjur-api.rb +0 -2
- data/publish.sh +0 -7
- data/spec/api/host_factories_spec.rb +0 -34
- data/spec/api_spec.rb +0 -254
- data/spec/base_object_spec.rb +0 -13
- data/spec/cert_utils_spec.rb +0 -173
- data/spec/cidr_spec.rb +0 -34
- data/spec/configuration_spec.rb +0 -330
- data/spec/has_attributes_spec.rb +0 -63
- data/spec/helpers/errors_matcher.rb +0 -34
- data/spec/helpers/request_helpers.rb +0 -10
- data/spec/id_spec.rb +0 -29
- data/spec/ldap_sync_spec.rb +0 -21
- data/spec/log_source_spec.rb +0 -13
- data/spec/log_spec.rb +0 -42
- data/spec/roles_spec.rb +0 -24
- data/spec/spec_helper.rb +0 -113
- data/spec/ssl_spec.rb +0 -109
- data/spec/uri_escape_spec.rb +0 -21
- data/test.sh +0 -69
- data/tmp/.keep +0 -0
data/lib/conjur/role_grant.rb
DELETED
@@ -1,85 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Copyright 2013-2018 CyberArk Ltd.
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
|
17
|
-
module Conjur
|
18
|
-
# Represents the membership of a role. `RoleGrant`s are returned
|
19
|
-
# by {ActsAsRole#members} and represent members of the role on which the method was invoked.
|
20
|
-
#
|
21
|
-
# @example
|
22
|
-
# alice.members.map{|grant| grant.member}.include? admin_role # => true
|
23
|
-
# admin_role.members.map{|grant| grant.member}.include? alice # => true
|
24
|
-
#
|
25
|
-
class RoleGrant
|
26
|
-
extend BuildObject::ClassMethods
|
27
|
-
|
28
|
-
# The role which was granted.
|
29
|
-
# @return [Conjur::Role]
|
30
|
-
attr_reader :role
|
31
|
-
|
32
|
-
# The member role in the relationship
|
33
|
-
# @return [Conjur::Role]
|
34
|
-
attr_reader :member
|
35
|
-
|
36
|
-
# When true, the role {#member} is allowed to give this grant to other roles
|
37
|
-
#
|
38
|
-
# @return [Boolean]
|
39
|
-
attr_reader :admin_option
|
40
|
-
|
41
|
-
# @api private
|
42
|
-
#
|
43
|
-
# Create a new RoleGrant instance.
|
44
|
-
#
|
45
|
-
# @param [Conjur::Role] member the member to which the role was granted
|
46
|
-
# @param [Boolean] admin_option whether `member` can give the grant to other roles
|
47
|
-
def initialize role, member, admin_option
|
48
|
-
@role = role
|
49
|
-
@member = member
|
50
|
-
@admin_option = admin_option
|
51
|
-
end
|
52
|
-
|
53
|
-
# Representation of the role grant as a hash.
|
54
|
-
def to_h
|
55
|
-
{
|
56
|
-
role: role.id,
|
57
|
-
member: member.id,
|
58
|
-
admin_option: admin_option
|
59
|
-
}
|
60
|
-
end
|
61
|
-
|
62
|
-
def to_s
|
63
|
-
to_h.to_s
|
64
|
-
end
|
65
|
-
|
66
|
-
def as_json options = {}
|
67
|
-
to_h.as_json(options)
|
68
|
-
end
|
69
|
-
|
70
|
-
class << self
|
71
|
-
# @api private
|
72
|
-
#
|
73
|
-
# Create a `RoleGrant` from a JSON respnose
|
74
|
-
#
|
75
|
-
# @param [Hash] json the parsed JSON response
|
76
|
-
# @param [Hash] credentials the credentials used to create APIs for the member and grantor role objects
|
77
|
-
# @return [Conjur::RoleGrant]
|
78
|
-
def parse_from_json(json, credentials)
|
79
|
-
role = build_object(json['role'], credentials, default_class: Role)
|
80
|
-
member = build_object(json['member'], credentials, default_class: Role)
|
81
|
-
RoleGrant.new(role, member, json['admin_option'])
|
82
|
-
end
|
83
|
-
end
|
84
|
-
end
|
85
|
-
end
|
data/lib/conjur/routing.rb
DELETED
@@ -1,29 +0,0 @@
|
|
1
|
-
module Conjur
|
2
|
-
module Routing
|
3
|
-
def url_for method, *args
|
4
|
-
router.send method, *args
|
5
|
-
end
|
6
|
-
|
7
|
-
def parser_for method, *args
|
8
|
-
router.send "parse_#{method}", *args
|
9
|
-
end
|
10
|
-
|
11
|
-
protected
|
12
|
-
|
13
|
-
def router
|
14
|
-
require 'conjur/api/router/v4'
|
15
|
-
require 'conjur/api/router/v5'
|
16
|
-
|
17
|
-
variable_id = "@v#{Conjur.configuration.version}_router"
|
18
|
-
router = instance_variable_get variable_id
|
19
|
-
if router.nil?
|
20
|
-
router = instance_variable_set variable_id, router_for_version
|
21
|
-
end
|
22
|
-
router
|
23
|
-
end
|
24
|
-
|
25
|
-
def router_for_version
|
26
|
-
Conjur::API::Router.const_get("V#{Conjur.configuration.version}")
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
data/lib/conjur/user.rb
DELETED
@@ -1,40 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Copyright 2013-2017 Conjur Inc
|
3
|
-
#
|
4
|
-
# Permission is hereby granted, free of charge, to any person obtaining a copy of
|
5
|
-
# this software and associated documentation files (the "Software"), to deal in
|
6
|
-
# the Software without restriction, including without limitation the rights to
|
7
|
-
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
8
|
-
# the Software, and to permit persons to whom the Software is furnished to do so,
|
9
|
-
# subject to the following conditions:
|
10
|
-
#
|
11
|
-
# The above copyright notice and this permission notice shall be included in all
|
12
|
-
# copies or substantial portions of the Software.
|
13
|
-
#
|
14
|
-
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
15
|
-
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
16
|
-
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
17
|
-
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
18
|
-
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
19
|
-
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
20
|
-
#
|
21
|
-
module Conjur
|
22
|
-
# A Conjur User.
|
23
|
-
class User < BaseObject
|
24
|
-
include ActsAsUser
|
25
|
-
|
26
|
-
# Get the user's uidnumber, which can be used by LDAP and SSH login, among other things.
|
27
|
-
#
|
28
|
-
# @return [Fixnum] the uidnumber
|
29
|
-
# @raise [RestClient::Forbidden] if you don't have permission to `show` the user.
|
30
|
-
def uidnumber
|
31
|
-
parser_for(:user_uidnumber, user_attributes)
|
32
|
-
end
|
33
|
-
|
34
|
-
private
|
35
|
-
|
36
|
-
def user_attributes
|
37
|
-
@user_attributes ||= url_for(:user_attributes, credentials, self, id)
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
data/lib/conjur/variable.rb
DELETED
@@ -1,208 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Copyright 2013-2017 Conjur Inc
|
3
|
-
#
|
4
|
-
# Permission is hereby granted, free of charge, to any person obtaining a copy of
|
5
|
-
# this software and associated documentation files (the "Software"), to deal in
|
6
|
-
# the Software without restriction, including without limitation the rights to
|
7
|
-
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
8
|
-
# the Software, and to permit persons to whom the Software is furnished to do so,
|
9
|
-
# subject to the following conditions:
|
10
|
-
#
|
11
|
-
# The above copyright notice and this permission notice shall be included in all
|
12
|
-
# copies or substantial portions of the Software.
|
13
|
-
#
|
14
|
-
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
15
|
-
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
16
|
-
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
17
|
-
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
18
|
-
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
19
|
-
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
20
|
-
#
|
21
|
-
module Conjur
|
22
|
-
|
23
|
-
# Protected (secret) data stored in Conjur.
|
24
|
-
#
|
25
|
-
# The code responsible for the actual encryption of variables is open source as part of the
|
26
|
-
# {https://github.com/conjurinc/slosilo Slosilo} library.
|
27
|
-
#
|
28
|
-
# Each variables has some standard metadata (`mime-type` and secret `kind`).
|
29
|
-
#
|
30
|
-
# Variables are *versioned*. Storing secrets in multiple places is a bad security practice, but
|
31
|
-
# overwriting a secret accidentally can create a major problem for development and ops teams. Conjur
|
32
|
-
# discourages bad security practices while avoiding ops disasters by storing previous versions of
|
33
|
-
# a secret (up to a fixed limit, to avoid unbounded database growth).
|
34
|
-
#
|
35
|
-
# ### Important
|
36
|
-
# A common pitfall when trying to access older versions of a variable is to assume that `0` is the oldest
|
37
|
-
# version. Variable versions are `1`-based, with `1` being the oldest.
|
38
|
-
#
|
39
|
-
# ### Permissions
|
40
|
-
#
|
41
|
-
# * To *fetch* the value of a `variable`, you must have permission to `'execute'` the variable.
|
42
|
-
# * To *add* a value to a `variable`, you must have permission to `'update'` the variable.
|
43
|
-
# * To *show* metadata associated with a variable, but *not* the value of the secret, you must have `'read'`
|
44
|
-
# permission on the variable.
|
45
|
-
#
|
46
|
-
# @example Get a variable and access its metadata and the latest value
|
47
|
-
# variable = api.resource 'myorg:variable:example'
|
48
|
-
# puts variable.kind # "example-secret"
|
49
|
-
# puts variable.mime_type # "text/plain"
|
50
|
-
# puts variable.value # "supahsecret"
|
51
|
-
|
52
|
-
# @example Variables are versioned
|
53
|
-
# variable = api.resource 'myorg:variable:example'
|
54
|
-
# # Unless you set a variables value when you create it, the variable starts out without a value and version_count
|
55
|
-
# # is 0.
|
56
|
-
# var.version_count # => 0
|
57
|
-
# var.value # raises RestClient::ResourceNotFound (404)
|
58
|
-
#
|
59
|
-
# # Add a value
|
60
|
-
# var.add_value 'value 1'
|
61
|
-
# var.version_count # => 1
|
62
|
-
# var.value # => 'value 1'
|
63
|
-
#
|
64
|
-
# # Add another value
|
65
|
-
# var.add_value 'value 2'
|
66
|
-
# var.version_count # => 2
|
67
|
-
#
|
68
|
-
# # 'value' with no argument returns the most recent value
|
69
|
-
# var.value # => 'value 2'
|
70
|
-
#
|
71
|
-
# # We can access older versions by their 1 based index:
|
72
|
-
# var.value 1 # => 'value 1'
|
73
|
-
# var.value 2 # => 'value 2'
|
74
|
-
# # Notice that version 0 of a variable is always the most recent:
|
75
|
-
# var.value 0 # => 'value 2'
|
76
|
-
#
|
77
|
-
class Variable < BaseObject
|
78
|
-
include ActsAsResource
|
79
|
-
|
80
|
-
def as_json options={}
|
81
|
-
result = super(options)
|
82
|
-
result["mime_type"] = mime_type
|
83
|
-
result["kind"] = kind
|
84
|
-
result
|
85
|
-
end
|
86
|
-
|
87
|
-
# The kind of secret represented by this variable, for example, `'postgres-url'` or
|
88
|
-
# `'aws-secret-access-key'`.
|
89
|
-
#
|
90
|
-
# You must have the **`'read'`** permission on a variable to call this method.
|
91
|
-
#
|
92
|
-
# This attribute is only for human consumption, and does not take part in the Conjur permissions
|
93
|
-
# model.
|
94
|
-
#
|
95
|
-
# @note this is **not** the same as the `kind` part of a qualified Conjur id.
|
96
|
-
# @return [String] a string representing the kind of secret.
|
97
|
-
def kind
|
98
|
-
parser_for(:variable_kind, variable_attributes) || "secret"
|
99
|
-
end
|
100
|
-
|
101
|
-
# The MIME Type of the variable's value.
|
102
|
-
#
|
103
|
-
# You must have the **`'read'`** permission on a variable to call this method.
|
104
|
-
#
|
105
|
-
# This attribute is used by the Conjur services to set a response `Content-Type` header when
|
106
|
-
# returning the value of a variable. Conjur applies the same MIME Type to all versions of a variable,
|
107
|
-
# so if you plan on accessing the variable in a way that depends on a correct `Content-Type` header
|
108
|
-
# you should make sure to store appropriate data for the mime type in all versions.
|
109
|
-
#
|
110
|
-
# @return [String] a MIME type, such as `'text/plain'` or `'application/octet-stream'`.
|
111
|
-
def mime_type
|
112
|
-
parser_for(:variable_mime_type, variable_attributes) || "text/plain"
|
113
|
-
end
|
114
|
-
|
115
|
-
# Add a new value to the variable.
|
116
|
-
#
|
117
|
-
# You must have the **`'update'`** permission on a variable to call this method.
|
118
|
-
#
|
119
|
-
# @example Add a value to a variable
|
120
|
-
# var = api.variable 'my-secret'
|
121
|
-
# puts var.version_count # 1
|
122
|
-
# puts var.value # 'supersecret'
|
123
|
-
# var.add_value "new_secret"
|
124
|
-
# puts var.version_count # 2
|
125
|
-
# puts var.value # 'new_secret'
|
126
|
-
# @param [String] value the new value to add
|
127
|
-
# @return [void]
|
128
|
-
def add_value value
|
129
|
-
log do |logger|
|
130
|
-
logger << "Adding a value to variable #{id}"
|
131
|
-
end
|
132
|
-
invalidate do
|
133
|
-
route = url_for(:secrets_add, credentials, id)
|
134
|
-
Conjur.configuration.version_logic lambda {
|
135
|
-
route.post value: value
|
136
|
-
}, lambda {
|
137
|
-
route.post value
|
138
|
-
}
|
139
|
-
end
|
140
|
-
end
|
141
|
-
|
142
|
-
# Return the number of versions of the variable.
|
143
|
-
#
|
144
|
-
# You must have the **`'read'`** permission on a variable to call this method.
|
145
|
-
#
|
146
|
-
# @example
|
147
|
-
# var.version_count # => 4
|
148
|
-
# var.add_value "something new"
|
149
|
-
# var.version_count # => 5
|
150
|
-
#
|
151
|
-
# @return [Integer] the number of versions
|
152
|
-
def version_count
|
153
|
-
Conjur.configuration.version_logic lambda {
|
154
|
-
JSON.parse(url_for(:variable, credentials, id).get)['version_count']
|
155
|
-
}, lambda {
|
156
|
-
secrets = attributes['secrets']
|
157
|
-
if secrets.empty?
|
158
|
-
0
|
159
|
-
else
|
160
|
-
secrets.last['version']
|
161
|
-
end
|
162
|
-
}
|
163
|
-
end
|
164
|
-
|
165
|
-
# Return the version of a variable.
|
166
|
-
#
|
167
|
-
# You must have the **`'execute'`** permission on a variable to call this method.
|
168
|
-
#
|
169
|
-
# When no argument is given, the most recent version is returned.
|
170
|
-
#
|
171
|
-
# When a `version` argument is given, the method returns a version according to the following rules:
|
172
|
-
# * If `version` is 0, the *most recent* version is returned.
|
173
|
-
# * If `version` is less than 0 or greater than {#version_count}, a `RestClient::ResourceNotFound` exception
|
174
|
-
# will be raised.
|
175
|
-
# * If {#version_count} is 0, a `RestClient::ResourceNotFound` exception will be raised.
|
176
|
-
# * If `version` is >= 1 and `version` <= {#version_count}, the version at the **1 based** index given by `version`
|
177
|
-
# will be returned.
|
178
|
-
#
|
179
|
-
# @example Fetch all versions of a variable
|
180
|
-
# versions = (1..var.version_count).map do |version|
|
181
|
-
# var.value version
|
182
|
-
# end
|
183
|
-
#
|
184
|
-
# @example Get the current version of a variable
|
185
|
-
# # All of these return the same thing:
|
186
|
-
# var.value
|
187
|
-
# var.value 0
|
188
|
-
# var.value var.version_count
|
189
|
-
#
|
190
|
-
# @example Get the value of an expired variable
|
191
|
-
# var.value nil, show_expired: true
|
192
|
-
#
|
193
|
-
# @param [Integer] version the **1 based** version.
|
194
|
-
# @param options [Hash]
|
195
|
-
# @option options [Boolean, false] :show_expired show value even if variable has expired
|
196
|
-
# @return [String] the value of the variable
|
197
|
-
def value version = nil, options = {}
|
198
|
-
options['version'] = version if version
|
199
|
-
url_for(:secrets_value, credentials, id, options).get.body
|
200
|
-
end
|
201
|
-
|
202
|
-
private
|
203
|
-
|
204
|
-
def variable_attributes
|
205
|
-
@variable_attributes ||= url_for(:variable_attributes, credentials, self, id)
|
206
|
-
end
|
207
|
-
end
|
208
|
-
end
|
data/lib/conjur/webservice.rb
DELETED
@@ -1,30 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Copyright 2013-2017 Conjur Inc
|
3
|
-
#
|
4
|
-
# Permission is hereby granted, free of charge, to any person obtaining a copy of
|
5
|
-
# this software and associated documentation files (the "Software"), to deal in
|
6
|
-
# the Software without restriction, including without limitation the rights to
|
7
|
-
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
8
|
-
# the Software, and to permit persons to whom the Software is furnished to do so,
|
9
|
-
# subject to the following conditions:
|
10
|
-
#
|
11
|
-
# The above copyright notice and this permission notice shall be included in all
|
12
|
-
# copies or substantial portions of the Software.
|
13
|
-
#
|
14
|
-
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
15
|
-
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
16
|
-
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
17
|
-
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
18
|
-
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
19
|
-
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
20
|
-
#
|
21
|
-
module Conjur
|
22
|
-
# A Conjur Webservice, which protects access to service code.
|
23
|
-
#
|
24
|
-
# Permissions on webservices can be granted and interpreted in a free-form way
|
25
|
-
# which is appropriate to the domain. For example, for a Docker registry
|
26
|
-
# which is guarded by a Webservice, the likely privileges would be `pull` and `push`.
|
27
|
-
class Webservice < BaseObject
|
28
|
-
include ActsAsResource
|
29
|
-
end
|
30
|
-
end
|
data/lib/conjur-api/version.rb
DELETED
@@ -1,24 +0,0 @@
|
|
1
|
-
# Copyright 2013-2021 Conjur Inc.
|
2
|
-
#
|
3
|
-
# Permission is hereby granted, free of charge, to any person obtaining a copy of
|
4
|
-
# this software and associated documentation files (the "Software"), to deal in
|
5
|
-
# the Software without restriction, including without limitation the rights to
|
6
|
-
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
7
|
-
# the Software, and to permit persons to whom the Software is furnished to do so,
|
8
|
-
# subject to the following conditions:
|
9
|
-
#
|
10
|
-
# The above copyright notice and this permission notice shall be included in all
|
11
|
-
# copies or substantial portions of the Software.
|
12
|
-
#
|
13
|
-
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
-
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
15
|
-
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
16
|
-
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
17
|
-
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
18
|
-
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
19
|
-
|
20
|
-
module Conjur
|
21
|
-
class API
|
22
|
-
VERSION = File.read(File.expand_path('../../VERSION', __dir__))
|
23
|
-
end
|
24
|
-
end
|
data/lib/conjur-api.rb
DELETED
data/publish.sh
DELETED
@@ -1,34 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'spec_helper'
|
4
|
-
require 'conjur/api/host_factories'
|
5
|
-
|
6
|
-
describe "Conjur::API.host_factory_create_host", api: :dummy do
|
7
|
-
it "returns a Host instance correctly on v4" do
|
8
|
-
token = "host factory token"
|
9
|
-
id = "test-host"
|
10
|
-
|
11
|
-
allow(Conjur::API).to receive(:url_for)
|
12
|
-
.with(:host_factory_create_host, token).and_return(
|
13
|
-
resource = instance_double(RestClient::Resource, "hosts")
|
14
|
-
)
|
15
|
-
|
16
|
-
allow(resource).to receive(:post).with(id: id).and_return(
|
17
|
-
instance_double(RestClient::Response, "host response", body: '
|
18
|
-
{
|
19
|
-
"id": "test-host",
|
20
|
-
"userid": "hosts",
|
21
|
-
"created_at": "2015-11-13T22:57:14Z",
|
22
|
-
"ownerid": "cucumber:group:ops",
|
23
|
-
"roleid": "cucumber:host:test-host",
|
24
|
-
"resource_identifier": "cucumber:host:test-host",
|
25
|
-
"api_key": "14x82x72syhnnd1h8jj24zj1kqd2j09sjy3tddwxc35cmy5nx33ph7"
|
26
|
-
}
|
27
|
-
')
|
28
|
-
)
|
29
|
-
|
30
|
-
host = Conjur::API.host_factory_create_host token, id
|
31
|
-
|
32
|
-
expect(host).to be_a Conjur::Host
|
33
|
-
end
|
34
|
-
end
|