conjur-api 5.3.8.pre.194 → 5.3.8.pre.319

Sign up to get free protection for your applications and to get access to all the features.
Files changed (143) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. metadata +21 -191
  4. data/.codeclimate.yml +0 -10
  5. data/.dockerignore +0 -1
  6. data/.github/CODEOWNERS +0 -10
  7. data/.gitignore +0 -32
  8. data/.gitleaks.toml +0 -219
  9. data/.overcommit.yml +0 -16
  10. data/.project +0 -18
  11. data/.rubocop.yml +0 -3
  12. data/.rubocop_settings.yml +0 -86
  13. data/.rubocop_todo.yml +0 -709
  14. data/.yardopts +0 -1
  15. data/CHANGELOG.md +0 -435
  16. data/CONTRIBUTING.md +0 -141
  17. data/Dockerfile +0 -16
  18. data/Gemfile +0 -7
  19. data/Jenkinsfile +0 -168
  20. data/LICENSE +0 -202
  21. data/README.md +0 -162
  22. data/Rakefile +0 -47
  23. data/SECURITY.md +0 -42
  24. data/bin/parse-changelog.sh +0 -12
  25. data/ci/configure_v4.sh +0 -12
  26. data/ci/configure_v5.sh +0 -14
  27. data/ci/submit-coverage +0 -36
  28. data/conjur-api.gemspec +0 -40
  29. data/dev/Dockerfile.dev +0 -12
  30. data/dev/docker-compose.yml +0 -56
  31. data/dev/start +0 -22
  32. data/dev/stop +0 -5
  33. data/docker-compose.yml +0 -76
  34. data/example/demo_v4.rb +0 -49
  35. data/example/demo_v5.rb +0 -57
  36. data/features/authenticators.feature +0 -33
  37. data/features/authn_local.feature +0 -32
  38. data/features/exists.feature +0 -37
  39. data/features/group.feature +0 -11
  40. data/features/host.feature +0 -50
  41. data/features/host_factory_create_host.feature +0 -28
  42. data/features/host_factory_token.feature +0 -63
  43. data/features/load_policy.feature +0 -61
  44. data/features/members.feature +0 -51
  45. data/features/new_api.feature +0 -36
  46. data/features/permitted.feature +0 -70
  47. data/features/permitted_roles.feature +0 -30
  48. data/features/public_keys.feature +0 -11
  49. data/features/resource_fields.feature +0 -53
  50. data/features/role_fields.feature +0 -15
  51. data/features/rotate_api_key.feature +0 -13
  52. data/features/step_definitions/api_steps.rb +0 -18
  53. data/features/step_definitions/policy_steps.rb +0 -75
  54. data/features/step_definitions/result_steps.rb +0 -7
  55. data/features/support/env.rb +0 -18
  56. data/features/support/hooks.rb +0 -3
  57. data/features/support/world.rb +0 -12
  58. data/features/update_password.feature +0 -14
  59. data/features/user.feature +0 -58
  60. data/features/variable_fields.feature +0 -20
  61. data/features/variable_value.feature +0 -60
  62. data/features_v4/authn_local.feature +0 -27
  63. data/features_v4/exists.feature +0 -29
  64. data/features_v4/host.feature +0 -18
  65. data/features_v4/host_factory_token.feature +0 -49
  66. data/features_v4/members.feature +0 -39
  67. data/features_v4/permitted.feature +0 -15
  68. data/features_v4/permitted_roles.feature +0 -8
  69. data/features_v4/resource_fields.feature +0 -47
  70. data/features_v4/rotate_api_key.feature +0 -13
  71. data/features_v4/step_definitions/api_steps.rb +0 -17
  72. data/features_v4/step_definitions/result_steps.rb +0 -3
  73. data/features_v4/support/env.rb +0 -23
  74. data/features_v4/support/policy.yml +0 -34
  75. data/features_v4/support/world.rb +0 -12
  76. data/features_v4/variable_fields.feature +0 -11
  77. data/features_v4/variable_value.feature +0 -54
  78. data/lib/conjur/acts_as_resource.rb +0 -123
  79. data/lib/conjur/acts_as_role.rb +0 -142
  80. data/lib/conjur/acts_as_rolsource.rb +0 -32
  81. data/lib/conjur/acts_as_user.rb +0 -68
  82. data/lib/conjur/api/authenticators.rb +0 -35
  83. data/lib/conjur/api/authn.rb +0 -125
  84. data/lib/conjur/api/host_factories.rb +0 -71
  85. data/lib/conjur/api/ldap_sync.rb +0 -38
  86. data/lib/conjur/api/policies.rb +0 -56
  87. data/lib/conjur/api/pubkeys.rb +0 -53
  88. data/lib/conjur/api/resources.rb +0 -109
  89. data/lib/conjur/api/roles.rb +0 -98
  90. data/lib/conjur/api/router/v4.rb +0 -206
  91. data/lib/conjur/api/router/v5.rb +0 -248
  92. data/lib/conjur/api/variables.rb +0 -59
  93. data/lib/conjur/api.rb +0 -105
  94. data/lib/conjur/base.rb +0 -355
  95. data/lib/conjur/base_object.rb +0 -57
  96. data/lib/conjur/build_object.rb +0 -47
  97. data/lib/conjur/cache.rb +0 -26
  98. data/lib/conjur/cert_utils.rb +0 -63
  99. data/lib/conjur/cidr.rb +0 -71
  100. data/lib/conjur/configuration.rb +0 -460
  101. data/lib/conjur/escape.rb +0 -129
  102. data/lib/conjur/exceptions.rb +0 -4
  103. data/lib/conjur/group.rb +0 -41
  104. data/lib/conjur/has_attributes.rb +0 -98
  105. data/lib/conjur/host.rb +0 -27
  106. data/lib/conjur/host_factory.rb +0 -75
  107. data/lib/conjur/host_factory_token.rb +0 -78
  108. data/lib/conjur/id.rb +0 -71
  109. data/lib/conjur/layer.rb +0 -9
  110. data/lib/conjur/log.rb +0 -72
  111. data/lib/conjur/log_source.rb +0 -60
  112. data/lib/conjur/policy.rb +0 -34
  113. data/lib/conjur/policy_load_result.rb +0 -61
  114. data/lib/conjur/query_string.rb +0 -12
  115. data/lib/conjur/resource.rb +0 -29
  116. data/lib/conjur/role.rb +0 -29
  117. data/lib/conjur/role_grant.rb +0 -85
  118. data/lib/conjur/routing.rb +0 -29
  119. data/lib/conjur/user.rb +0 -40
  120. data/lib/conjur/variable.rb +0 -208
  121. data/lib/conjur/webservice.rb +0 -30
  122. data/lib/conjur-api/version.rb +0 -24
  123. data/lib/conjur-api.rb +0 -2
  124. data/publish.sh +0 -5
  125. data/spec/api/host_factories_spec.rb +0 -34
  126. data/spec/api_spec.rb +0 -254
  127. data/spec/base_object_spec.rb +0 -13
  128. data/spec/cert_utils_spec.rb +0 -173
  129. data/spec/cidr_spec.rb +0 -34
  130. data/spec/configuration_spec.rb +0 -330
  131. data/spec/has_attributes_spec.rb +0 -63
  132. data/spec/helpers/errors_matcher.rb +0 -34
  133. data/spec/helpers/request_helpers.rb +0 -10
  134. data/spec/id_spec.rb +0 -29
  135. data/spec/ldap_sync_spec.rb +0 -21
  136. data/spec/log_source_spec.rb +0 -13
  137. data/spec/log_spec.rb +0 -42
  138. data/spec/roles_spec.rb +0 -24
  139. data/spec/spec_helper.rb +0 -113
  140. data/spec/ssl_spec.rb +0 -109
  141. data/spec/uri_escape_spec.rb +0 -21
  142. data/test.sh +0 -73
  143. data/tmp/.keep +0 -0
data/spec/ssl_spec.rb DELETED
@@ -1,109 +0,0 @@
1
- require 'active_support'
2
- require 'spec_helper'
3
-
4
- require 'helpers/errors_matcher'
5
-
6
- require 'webrick'
7
- require 'webrick/https'
8
-
9
- describe 'SSL connection' do
10
- context 'with an untrusted certificate' do
11
- it 'fails' do
12
- expect { Conjur::API.login 'foo', 'bar', account: "the-account" }.to \
13
- raise_one_of(RestClient::SSLCertificateNotVerified, OpenSSL::SSL::SSLError)
14
- end
15
- end
16
-
17
- context 'with certificate added to the default OpenSSL cert store' do
18
- before do
19
- cert_store.add_cert(cert)
20
- end
21
-
22
- it 'works' do
23
- expect { Conjur::API.login 'foo', 'bar', account: "the-account" }.to raise_error RestClient::ResourceNotFound
24
- end
25
- end
26
-
27
- let(:server) do
28
- server = WEBrick::HTTPServer.new \
29
- Port: 0, SSLEnable: true,
30
- AccessLog: [], Logger: Logger.new('/dev/null'), # shut up, WEBrick
31
- SSLCertificate: cert, SSLPrivateKey: key
32
- end
33
- let(:port) { server.config[:Port] }
34
- let(:cert_store) { OpenSSL::X509::Store.new }
35
-
36
- before do
37
- # Reset configuration to allow each test to use its own stub
38
- # of OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.
39
- Conjur.configuration = nil
40
- stub_const 'OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE', cert_store
41
-
42
- allow(Conjur.configuration).to receive(:authn_url).and_return "https://localhost:#{port}"
43
- end
44
-
45
- around do |example|
46
- server_thread = Thread.new do
47
- server.start
48
- end
49
- example.run
50
- server.shutdown
51
- server_thread.join
52
- end
53
-
54
- let(:cert) do
55
- OpenSSL::X509::Certificate.new """
56
- -----BEGIN CERTIFICATE-----
57
- MIIDCzCCAfOgAwIBAgIUaApjB95cJZlMTwDg4EBk4Mf1y4swDQYJKoZIhvcNAQEL
58
- BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDQyODIxNTA1OFoYDzQ3NTkw
59
- MzI1MjE1MDU4WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEB
60
- AQUAA4IBDwAwggEKAoIBAQC+MIx1LCzBeAl7kHfI21wYmA6W8luyq14+DecaQPMd
61
- bW7fMlHSMJC/nlFDQyqmfYfKlVCiJRV/QTdUtA9hCytPlEKjlVmm4WIYLKfjj8Sp
62
- A+X9VURk75Fz+Z7UsF8u2J3pF9wFfhBzznwePlFdcWYyQMIRtghoHk/WSsbJVXVQ
63
- so7+0BLFyMYB3otfCyK+H/iyoXWLZll2irYZJedVm/lyTlnc9dT1XDAWWI8kSeUV
64
- lCkEulqOf8qZyU7wNUafRkzBuYkR7ddp1Qdkq+QYw7blmfZXyJbAYSt4gEMyDMk8
65
- ArScP8j+Efz5D54wS7fZFwmQp41+iP5WTxGsSU3dh44fAgMBAAGjUzBRMB0GA1Ud
66
- DgQWBBS4ZJDxXOs8rK3+SyfLopDFqK0IWDAfBgNVHSMEGDAWgBS4ZJDxXOs8rK3+
67
- SyfLopDFqK0IWDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAE
68
- WuzjqQ/gyho/pluX31hq7EMAFgqqz7ECN6DqmvpqabMD6s1kQ662KTo7gCBEcNtA
69
- nC7QycFp4v/Cr8+aUEa1W3+q2MqbmshORonUrLE/vxejK+NUvhSCWnmrM8v60zhR
70
- pn9lSSgQCBKWDgaU0VQVn0I9MuexeAj64Qv2uUHnZK3QUx+Gk3uurTmhKEN5FI+D
71
- sC7xO0qquTZ1Vv1EkLEso4dnFVW84EjdfmfeiW6JmHO7z1p1ebGsRwoQead/qTKw
72
- ze+Y1A1w3GzuhDo55aHlWE/Wvnou0aM3O9gUd++a2j+XJ2P7qaTB/L7SJk4qZ9RA
73
- t2PbKVP+tyZjXKtXmgzp
74
- -----END CERTIFICATE-----
75
- """.lines.map(&:strip).join("\n")
76
- end
77
-
78
- let(:key) do
79
- OpenSSL::PKey.read """
80
- -----BEGIN RSA PRIVATE KEY-----
81
- MIIEowIBAAKCAQEAvjCMdSwswXgJe5B3yNtcGJgOlvJbsqtePg3nGkDzHW1u3zJR
82
- 0jCQv55RQ0Mqpn2HypVQoiUVf0E3VLQPYQsrT5RCo5VZpuFiGCyn44/EqQPl/VVE
83
- ZO+Rc/me1LBfLtid6RfcBX4Qc858Hj5RXXFmMkDCEbYIaB5P1krGyVV1ULKO/tAS
84
- xcjGAd6LXwsivh/4sqF1i2ZZdoq2GSXnVZv5ck5Z3PXU9VwwFliPJEnlFZQpBLpa
85
- jn/KmclO8DVGn0ZMwbmJEe3XadUHZKvkGMO25Zn2V8iWwGEreIBDMgzJPAK0nD/I
86
- /hH8+Q+eMEu32RcJkKeNfoj+Vk8RrElN3YeOHwIDAQABAoIBAQCnW0ctkDqt3/fQ
87
- MHcHWue2iI9GCmvgU+WxC0DSHFcSDQrkAn53S98DjseJPaBZMtr7y9pRY/p/qR6M
88
- PYnO5iotc5QUKEbkjy1nglwV5Zuy8kg+XPq7Kwg+GmjGVZDcQybpRuKIPr8xeIBF
89
- iKbGaBP6ontjZGAPZqTwN4qm/bkm0QRQkMEVQLpBaOlXjl0BCknhCMgyNA1F0jGc
90
- HLqJpFO46qvWDkDaKriMY/ezrkGYxlvV8xGJ2lzoaNWBsQeMXtcDJXuFMJO3lZl4
91
- VUjeNbyPprUzL6/kLZGMVFdRWhzKAluJEy3B6zybY4xxmgmifqn8/OxIaT172IXN
92
- KACuEorpAoGBAOYZEfuON+73dcstpjq3062+XUOxAAc77aFcGFQ2pqDTUtvoR05R
93
- o0uXrSuQqt0/FJVdZqdDx1and6idI7j/LfkOwvmPPg2dJIwKV73T2HdR7BpJaYlI
94
- KS6Bgl0AiW2ibjZJbBFJMiINb2tRGeYcOPfWlis309D2DXxl1f1TJTKTAoGBANOZ
95
- aDH1VJXh7rdAHrwNonTjoCeYKG7oAh0WTfqmCqcBjAkXsVc7dBd/98XKGS5LPRtl
96
- dIaJdYngeYyH5Ey5O2l/63tk0d4sqE8l+GVy+OHFn2AZMuaVXS0JXIQspn4s/U7F
97
- CuawmFszE8fv41WgVNhF00ijheoRz/X19yu0ULHFAoGAYmJZ1AutUtowXZ25M+Yh
98
- 9motCqKF9pHjO1lbdbagbKevCCQ7SPuTLOE/xB7pUAyGyo7TM7XBaAXXHhuCiLlj
99
- eNic+YQL7lpApDhP5/TK28oFf//fxjk6ko4Bpa5zFJOdOE0QjhuT+gdwmpxkzIVI
100
- vn/cWcJXKUPr5ELOyrBgeU0CgYBWqIUbsLWrjJQPSJtNuOfHp1F35cDpausyrmfR
101
- Nx81tlR7hNCEQT0SQr5eqp4Vb4rfJXXLg5A3n08oVp8RLOtAEbuHFYs9ylxDzfEk
102
- 2ylCjYTv/mHyPUmjoCnbl8237wTutZP5VmmPMCPxxjT8ZGVbDX2ySgYWDqV0vf80
103
- TuydYQKBgG24Wpes1CJmKiuWGnPi5I/+iIKZRfpEGidpjnsktkr3O+VZSZNQtDfC
104
- uWp/NgMxzxXxYdmmaQTwektB5axrsPUnxxiHmb8KkVU1IcMpYvUulFYiKVvFx+JJ
105
- bx/fkItCZ4AP3CG2Onz8xZdosg+c+MEdIlCrg94dA1EmHewCt2Hv
106
- -----END RSA PRIVATE KEY-----
107
- """.lines.map(&:strip).join("\n")
108
- end
109
- end
@@ -1,21 +0,0 @@
1
- require 'spec_helper'
2
- require 'conjur/id'
3
- require 'conjur/api/router/v5'
4
-
5
- describe 'url escaping' do
6
- it 'Id to path is escaped' do
7
- id = Conjur::Id.new('cucumber:variable:one two/three')
8
- expect(id.to_url_path).to eq('cucumber/variable/one%20two%2Fthree')
9
- end
10
-
11
- it 'Resources path is escaped' do
12
- request = Conjur::API::Router::V5.resources(nil, 'cucumber/two', 'extended variable', {})
13
- expect(request.url).to eq('http://localhost:5000/resources/cucumber%2Ftwo/extended%20variable/')
14
- end
15
-
16
- it 'Resource path is escaped' do
17
- resource = Conjur::Id.new('cucumber:variable:one two/three')
18
- request = Conjur::API::Router::V5.resources_resource(nil, resource)
19
- expect(request.url).to eq('http://localhost:5000/resources/cucumber/variable/one%20two%2Fthree')
20
- end
21
- end
data/test.sh DELETED
@@ -1,73 +0,0 @@
1
- #!/bin/bash -e
2
-
3
- : "${RUBY_VERSION=3.0}"
4
- # My local RUBY_VERSION is set to ruby-#.#.# so this allows running locally.
5
- RUBY_VERSION="$(cut -d '-' -f 2 <<< "$RUBY_VERSION")"
6
-
7
-
8
- function finish {
9
- echo 'Removing test environment'
10
- echo '---'
11
- docker-compose down --rmi 'local' --volumes
12
- }
13
-
14
- trap finish EXIT
15
-
16
- # Set up VERSION file for local development
17
- if [ ! -f "../VERSION" ]; then
18
- echo -n "0.0.dev" > ../VERSION
19
- fi
20
-
21
- function main() {
22
- if ! docker info >/dev/null 2>&1; then
23
- echo "Docker does not seem to be running, run it first and retry"
24
- exit 1
25
- fi
26
- # Generate reports folders locally
27
- mkdir -p spec/reports features/reports features_v4/reports
28
-
29
- startConjur
30
- runTests_5
31
- runTests_4
32
- }
33
-
34
- function startConjur() {
35
- echo 'Starting Conjur environment'
36
- echo '-----'
37
-
38
- # We want to pull to make sure we're testing against the newest release;
39
- # failing to ensure that has caused many mysterious failures in CI.
40
- # However, unconditionally pulling prevents working offline even
41
- # with a warm cache. So try to pull, but ignore failures.
42
- docker-compose pull --ignore-pull-failures
43
- docker-compose build --build-arg RUBY_VERSION="$RUBY_VERSION"
44
- docker-compose up -d pg conjur_4 conjur_5
45
- }
46
-
47
- function runTests_5() {
48
- echo 'Waiting for Conjur v5 to come up, and configuring it...'
49
- ./ci/configure_v5.sh
50
-
51
- local api_key=$(docker-compose exec -T conjur_5 rake 'role:retrieve-key[cucumber:user:admin]')
52
-
53
- echo 'Running tests'
54
- echo '-----'
55
- docker-compose run --rm \
56
- -e CONJUR_AUTHN_API_KEY="$api_key" \
57
- tester_5 rake jenkins_init jenkins_spec jenkins_cucumber_v5
58
- }
59
-
60
- function runTests_4() {
61
- echo 'Waiting for Conjur v4 to come up, and configuring it...'
62
- ./ci/configure_v4.sh
63
-
64
- local api_key=$(docker-compose exec -T conjur_4 su conjur -c "conjur-plugin-service authn env RAILS_ENV=appliance rails r \"puts User['admin'].api_key\" 2>/dev/null")
65
-
66
- echo 'Running tests'
67
- echo '-----'
68
- docker-compose run --rm \
69
- -e CONJUR_AUTHN_API_KEY="$api_key" \
70
- tester_4 rake jenkins_cucumber_v4
71
- }
72
-
73
- main
data/tmp/.keep DELETED
File without changes