RubyGems - conjur-api - Versions diffs - 5.3.8.pre.3 → 5.3.8.pre.8 - Mend

conjur-api 5.3.8.pre.3 → 5.3.8.pre.8

Files changed (150) hide show

checksums.yaml +4 -4
data/VERSION +1 -1
metadata +2 -193
data/.codeclimate.yml +0 -10
data/.dockerignore +0 -1
data/.github/CODEOWNERS +0 -10
data/.gitignore +0 -32
data/.gitleaks.toml +0 -219
data/.overcommit.yml +0 -16
data/.project +0 -18
data/.rubocop.yml +0 -3
data/.rubocop_settings.yml +0 -86
data/.rubocop_todo.yml +0 -709
data/.yardopts +0 -1
data/CHANGELOG.md +0 -448
data/CONTRIBUTING.md +0 -138
data/Dockerfile +0 -16
data/Gemfile +0 -7
data/Jenkinsfile +0 -137
data/LICENSE +0 -202
data/README.md +0 -162
data/Rakefile +0 -47
data/SECURITY.md +0 -42
data/bin/parse-changelog.sh +0 -12
data/ci/configure_v4.sh +0 -12
data/ci/configure_v5.sh +0 -19
data/ci/oauth/keycloak/create_client +0 -18
data/ci/oauth/keycloak/create_user +0 -21
data/ci/oauth/keycloak/fetch_certificate +0 -18
data/ci/oauth/keycloak/keycloak_functions.sh +0 -71
data/ci/oauth/keycloak/standalone.xml +0 -578
data/ci/oauth/keycloak/wait_for_server +0 -56
data/ci/submit-coverage +0 -36
data/conjur-api.gemspec +0 -41
data/dev/Dockerfile.dev +0 -12
data/dev/docker-compose.yml +0 -56
data/dev/start +0 -22
data/dev/stop +0 -5
data/docker-compose.yml +0 -98
data/example/demo_v4.rb +0 -49
data/example/demo_v5.rb +0 -57
data/features/authenticators.feature +0 -41
data/features/authn.feature +0 -14
data/features/authn_local.feature +0 -32
data/features/exists.feature +0 -37
data/features/group.feature +0 -11
data/features/host.feature +0 -50
data/features/host_factory_create_host.feature +0 -28
data/features/host_factory_token.feature +0 -63
data/features/load_policy.feature +0 -61
data/features/members.feature +0 -51
data/features/new_api.feature +0 -36
data/features/permitted.feature +0 -70
data/features/permitted_roles.feature +0 -30
data/features/public_keys.feature +0 -11
data/features/resource_fields.feature +0 -53
data/features/role_fields.feature +0 -15
data/features/rotate_api_key.feature +0 -13
data/features/step_definitions/api_steps.rb +0 -52
data/features/step_definitions/policy_steps.rb +0 -134
data/features/step_definitions/result_steps.rb +0 -11
data/features/support/env.rb +0 -19
data/features/support/hooks.rb +0 -3
data/features/support/world.rb +0 -12
data/features/update_password.feature +0 -14
data/features/user.feature +0 -58
data/features/variable_fields.feature +0 -20
data/features/variable_value.feature +0 -60
data/features_v4/authn_local.feature +0 -27
data/features_v4/exists.feature +0 -29
data/features_v4/host.feature +0 -18
data/features_v4/host_factory_token.feature +0 -49
data/features_v4/members.feature +0 -39
data/features_v4/permitted.feature +0 -15
data/features_v4/permitted_roles.feature +0 -8
data/features_v4/resource_fields.feature +0 -47
data/features_v4/rotate_api_key.feature +0 -13
data/features_v4/step_definitions/api_steps.rb +0 -17
data/features_v4/step_definitions/result_steps.rb +0 -3
data/features_v4/support/env.rb +0 -23
data/features_v4/support/policy.yml +0 -34
data/features_v4/support/world.rb +0 -12
data/features_v4/variable_fields.feature +0 -11
data/features_v4/variable_value.feature +0 -54
data/lib/conjur/acts_as_resource.rb +0 -123
data/lib/conjur/acts_as_role.rb +0 -142
data/lib/conjur/acts_as_rolsource.rb +0 -32
data/lib/conjur/acts_as_user.rb +0 -68
data/lib/conjur/api/authenticators.rb +0 -43
data/lib/conjur/api/authn.rb +0 -144
data/lib/conjur/api/host_factories.rb +0 -71
data/lib/conjur/api/ldap_sync.rb +0 -38
data/lib/conjur/api/policies.rb +0 -56
data/lib/conjur/api/pubkeys.rb +0 -53
data/lib/conjur/api/resources.rb +0 -109
data/lib/conjur/api/roles.rb +0 -98
data/lib/conjur/api/router/v4.rb +0 -206
data/lib/conjur/api/router/v5.rb +0 -269
data/lib/conjur/api/variables.rb +0 -59
data/lib/conjur/api.rb +0 -105
data/lib/conjur/base.rb +0 -355
data/lib/conjur/base_object.rb +0 -57
data/lib/conjur/build_object.rb +0 -47
data/lib/conjur/cache.rb +0 -26
data/lib/conjur/cert_utils.rb +0 -63
data/lib/conjur/cidr.rb +0 -71
data/lib/conjur/configuration.rb +0 -460
data/lib/conjur/escape.rb +0 -129
data/lib/conjur/exceptions.rb +0 -4
data/lib/conjur/group.rb +0 -41
data/lib/conjur/has_attributes.rb +0 -98
data/lib/conjur/host.rb +0 -27
data/lib/conjur/host_factory.rb +0 -75
data/lib/conjur/host_factory_token.rb +0 -78
data/lib/conjur/id.rb +0 -71
data/lib/conjur/layer.rb +0 -9
data/lib/conjur/log.rb +0 -72
data/lib/conjur/log_source.rb +0 -60
data/lib/conjur/policy.rb +0 -34
data/lib/conjur/policy_load_result.rb +0 -61
data/lib/conjur/query_string.rb +0 -12
data/lib/conjur/resource.rb +0 -29
data/lib/conjur/role.rb +0 -29
data/lib/conjur/role_grant.rb +0 -85
data/lib/conjur/routing.rb +0 -29
data/lib/conjur/user.rb +0 -40
data/lib/conjur/variable.rb +0 -208
data/lib/conjur/webservice.rb +0 -30
data/lib/conjur-api/version.rb +0 -24
data/lib/conjur-api.rb +0 -2
data/publish.sh +0 -5
data/spec/api/host_factories_spec.rb +0 -34
data/spec/api_spec.rb +0 -254
data/spec/base_object_spec.rb +0 -13
data/spec/cert_utils_spec.rb +0 -173
data/spec/cidr_spec.rb +0 -34
data/spec/configuration_spec.rb +0 -330
data/spec/has_attributes_spec.rb +0 -63
data/spec/helpers/errors_matcher.rb +0 -34
data/spec/helpers/request_helpers.rb +0 -10
data/spec/id_spec.rb +0 -29
data/spec/ldap_sync_spec.rb +0 -21
data/spec/log_source_spec.rb +0 -13
data/spec/log_spec.rb +0 -42
data/spec/roles_spec.rb +0 -24
data/spec/spec_helper.rb +0 -113
data/spec/ssl_spec.rb +0 -109
data/spec/uri_escape_spec.rb +0 -21
data/test.sh +0 -76
data/tmp/.keep +0 -0

data/spec/ssl_spec.rb DELETED Viewed

@@ -1,109 +0,0 @@
-require 'active_support'
-require 'spec_helper'
-require 'helpers/errors_matcher'
-require 'webrick'
-require 'webrick/https'
-describe 'SSL connection' do
-  context 'with an untrusted certificate' do
-    it 'fails' do
-      expect { Conjur::API.login 'foo', 'bar', account: "the-account" }.to \
-          raise_one_of(RestClient::SSLCertificateNotVerified, OpenSSL::SSL::SSLError)
-    end
-  end
-  context 'with certificate added to the default OpenSSL cert store' do
-    before do
-      cert_store.add_cert(cert)
-    end
-    it 'works' do
-      expect { Conjur::API.login 'foo', 'bar', account: "the-account" }.to raise_error RestClient::ResourceNotFound
-    end
-  end
-  let(:server) do
-    server = WEBrick::HTTPServer.new \
-        Port: 0, SSLEnable: true,
-        AccessLog: [], Logger: Logger.new('/dev/null'), # shut up, WEBrick
-        SSLCertificate: cert, SSLPrivateKey: key
-  end
-  let(:port) { server.config[:Port] }
-  let(:cert_store) { OpenSSL::X509::Store.new }
-  before do
-    # Reset configuration to allow each test to use its own stub
-    # of OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.
-    Conjur.configuration = nil
-    stub_const 'OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE', cert_store
-    allow(Conjur.configuration).to receive(:authn_url).and_return "https://localhost:#{port}"
-  end
-  around do |example|
-    server_thread = Thread.new do
-      server.start
-    end
-    example.run
-    server.shutdown
-    server_thread.join
-  end
-  let(:cert) do
-    OpenSSL::X509::Certificate.new """
-      -----BEGIN CERTIFICATE-----
-      MIIDCzCCAfOgAwIBAgIUaApjB95cJZlMTwDg4EBk4Mf1y4swDQYJKoZIhvcNAQEL
-      BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDQyODIxNTA1OFoYDzQ3NTkw
-      MzI1MjE1MDU4WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEB
-      AQUAA4IBDwAwggEKAoIBAQC+MIx1LCzBeAl7kHfI21wYmA6W8luyq14+DecaQPMd
-      bW7fMlHSMJC/nlFDQyqmfYfKlVCiJRV/QTdUtA9hCytPlEKjlVmm4WIYLKfjj8Sp
-      A+X9VURk75Fz+Z7UsF8u2J3pF9wFfhBzznwePlFdcWYyQMIRtghoHk/WSsbJVXVQ
-      so7+0BLFyMYB3otfCyK+H/iyoXWLZll2irYZJedVm/lyTlnc9dT1XDAWWI8kSeUV
-      lCkEulqOf8qZyU7wNUafRkzBuYkR7ddp1Qdkq+QYw7blmfZXyJbAYSt4gEMyDMk8
-      ArScP8j+Efz5D54wS7fZFwmQp41+iP5WTxGsSU3dh44fAgMBAAGjUzBRMB0GA1Ud
-      DgQWBBS4ZJDxXOs8rK3+SyfLopDFqK0IWDAfBgNVHSMEGDAWgBS4ZJDxXOs8rK3+
-      SyfLopDFqK0IWDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAE
-      WuzjqQ/gyho/pluX31hq7EMAFgqqz7ECN6DqmvpqabMD6s1kQ662KTo7gCBEcNtA
-      nC7QycFp4v/Cr8+aUEa1W3+q2MqbmshORonUrLE/vxejK+NUvhSCWnmrM8v60zhR
-      pn9lSSgQCBKWDgaU0VQVn0I9MuexeAj64Qv2uUHnZK3QUx+Gk3uurTmhKEN5FI+D
-      sC7xO0qquTZ1Vv1EkLEso4dnFVW84EjdfmfeiW6JmHO7z1p1ebGsRwoQead/qTKw
-      ze+Y1A1w3GzuhDo55aHlWE/Wvnou0aM3O9gUd++a2j+XJ2P7qaTB/L7SJk4qZ9RA
-      t2PbKVP+tyZjXKtXmgzp
-      -----END CERTIFICATE-----
-    """.lines.map(&:strip).join("\n")
-  end
-  let(:key) do
-    OpenSSL::PKey.read """
-      -----BEGIN RSA PRIVATE KEY-----
-      MIIEowIBAAKCAQEAvjCMdSwswXgJe5B3yNtcGJgOlvJbsqtePg3nGkDzHW1u3zJR
-      0jCQv55RQ0Mqpn2HypVQoiUVf0E3VLQPYQsrT5RCo5VZpuFiGCyn44/EqQPl/VVE
-      ZO+Rc/me1LBfLtid6RfcBX4Qc858Hj5RXXFmMkDCEbYIaB5P1krGyVV1ULKO/tAS
-      xcjGAd6LXwsivh/4sqF1i2ZZdoq2GSXnVZv5ck5Z3PXU9VwwFliPJEnlFZQpBLpa
-      jn/KmclO8DVGn0ZMwbmJEe3XadUHZKvkGMO25Zn2V8iWwGEreIBDMgzJPAK0nD/I
-      /hH8+Q+eMEu32RcJkKeNfoj+Vk8RrElN3YeOHwIDAQABAoIBAQCnW0ctkDqt3/fQ
-      MHcHWue2iI9GCmvgU+WxC0DSHFcSDQrkAn53S98DjseJPaBZMtr7y9pRY/p/qR6M
-      PYnO5iotc5QUKEbkjy1nglwV5Zuy8kg+XPq7Kwg+GmjGVZDcQybpRuKIPr8xeIBF
-      iKbGaBP6ontjZGAPZqTwN4qm/bkm0QRQkMEVQLpBaOlXjl0BCknhCMgyNA1F0jGc
-      HLqJpFO46qvWDkDaKriMY/ezrkGYxlvV8xGJ2lzoaNWBsQeMXtcDJXuFMJO3lZl4
-      VUjeNbyPprUzL6/kLZGMVFdRWhzKAluJEy3B6zybY4xxmgmifqn8/OxIaT172IXN
-      KACuEorpAoGBAOYZEfuON+73dcstpjq3062+XUOxAAc77aFcGFQ2pqDTUtvoR05R
-      o0uXrSuQqt0/FJVdZqdDx1and6idI7j/LfkOwvmPPg2dJIwKV73T2HdR7BpJaYlI
-      KS6Bgl0AiW2ibjZJbBFJMiINb2tRGeYcOPfWlis309D2DXxl1f1TJTKTAoGBANOZ
-      aDH1VJXh7rdAHrwNonTjoCeYKG7oAh0WTfqmCqcBjAkXsVc7dBd/98XKGS5LPRtl
-      dIaJdYngeYyH5Ey5O2l/63tk0d4sqE8l+GVy+OHFn2AZMuaVXS0JXIQspn4s/U7F
-      CuawmFszE8fv41WgVNhF00ijheoRz/X19yu0ULHFAoGAYmJZ1AutUtowXZ25M+Yh
-      9motCqKF9pHjO1lbdbagbKevCCQ7SPuTLOE/xB7pUAyGyo7TM7XBaAXXHhuCiLlj
-      eNic+YQL7lpApDhP5/TK28oFf//fxjk6ko4Bpa5zFJOdOE0QjhuT+gdwmpxkzIVI
-      vn/cWcJXKUPr5ELOyrBgeU0CgYBWqIUbsLWrjJQPSJtNuOfHp1F35cDpausyrmfR
-      Nx81tlR7hNCEQT0SQr5eqp4Vb4rfJXXLg5A3n08oVp8RLOtAEbuHFYs9ylxDzfEk
-      2ylCjYTv/mHyPUmjoCnbl8237wTutZP5VmmPMCPxxjT8ZGVbDX2ySgYWDqV0vf80
-      TuydYQKBgG24Wpes1CJmKiuWGnPi5I/+iIKZRfpEGidpjnsktkr3O+VZSZNQtDfC
-      uWp/NgMxzxXxYdmmaQTwektB5axrsPUnxxiHmb8KkVU1IcMpYvUulFYiKVvFx+JJ
-      bx/fkItCZ4AP3CG2Onz8xZdosg+c+MEdIlCrg94dA1EmHewCt2Hv
-      -----END RSA PRIVATE KEY-----
-    """.lines.map(&:strip).join("\n")
-  end
-end

data/spec/uri_escape_spec.rb DELETED Viewed

@@ -1,21 +0,0 @@
-require 'spec_helper'
-require 'conjur/id'
-require 'conjur/api/router/v5'
-describe 'url escaping' do
-  it 'Id to path is escaped' do
-    id = Conjur::Id.new('cucumber:variable:one two/three')
-    expect(id.to_url_path).to eq('cucumber/variable/one%20two%2Fthree')
-  end
-  it 'Resources path is escaped' do
-    request = Conjur::API::Router::V5.resources(nil, 'cucumber/two', 'extended variable', {})
-    expect(request.url).to eq('http://localhost:5000/resources/cucumber%2Ftwo/extended%20variable/')
-  end
-  it 'Resource path is escaped' do
-    resource = Conjur::Id.new('cucumber:variable:one two/three')
-    request = Conjur::API::Router::V5.resources_resource(nil, resource)
-    expect(request.url).to eq('http://localhost:5000/resources/cucumber/variable/one%20two%2Fthree')
-  end
-end

data/test.sh DELETED Viewed

@@ -1,76 +0,0 @@
-#!/bin/bash -e
-: "${RUBY_VERSION=3.0}"
-# My local RUBY_VERSION is set to ruby-#.#.# so this allows running locally.
-RUBY_VERSION="$(cut -d '-' -f 2 <<< "$RUBY_VERSION")"
-source ./ci/oauth/keycloak/keycloak_functions.sh
-function finish {
-  echo 'Removing test environment'
-  echo '---'
-  docker-compose down --rmi 'local' --volumes
-}
-trap finish EXIT
-# Set up VERSION file for local development
-if [ ! -f "../VERSION" ]; then
-  echo -n "0.0.dev" > ../VERSION
-fi
-function main() {
-  if ! docker info >/dev/null 2>&1; then
-    echo "Docker does not seem to be running, run it first and retry"
-    exit 1
-  fi
-  # Generate reports folders locally
-  mkdir -p spec/reports features/reports features_v4/reports
-  startConjur
-  runTests_5
-  runTests_4
-}
-function startConjur() {
-  echo 'Starting Conjur environment'
-  echo '-----'
-  # We want to pull to make sure we're testing against the newest release;
-  # failing to ensure that has caused many mysterious failures in CI.
-  # However, unconditionally pulling prevents working offline even
-  # with a warm cache. So try to pull, but ignore failures.
-  docker-compose pull --ignore-pull-failures
-  docker-compose build --build-arg RUBY_VERSION="$RUBY_VERSION"
-  docker-compose up -d pg conjur_4 conjur_5
-}
-function runTests_5() {
-  echo 'Waiting for Conjur v5 to come up, and configuring it...'
-  ./ci/configure_v5.sh
-  local api_key=$(docker-compose exec -T conjur_5 rake 'role:retrieve-key[cucumber:user:admin]')
-  echo 'Running tests'
-  echo '-----'
-  docker-compose run --rm \
-    -e CONJUR_AUTHN_API_KEY="$api_key" \
-    -e SSL_CERT_FILE=/etc/ssl/certs/keycloak.pem \
-    tester_5 \
-    "/scripts/fetch_certificate && rake jenkins_init jenkins_spec jenkins_cucumber_v5"
-}
-function runTests_4() {
-  echo 'Waiting for Conjur v4 to come up, and configuring it...'
-  ./ci/configure_v4.sh
-  local api_key=$(docker-compose exec -T conjur_4 su conjur -c "conjur-plugin-service authn env RAILS_ENV=appliance rails r \"puts User['admin'].api_key\" 2>/dev/null")
-  echo 'Running tests'
-  echo '-----'
-  docker-compose run --rm \
-    -e CONJUR_AUTHN_API_KEY="$api_key" \
-    tester_4 rake jenkins_cucumber_v4
-}
-main

data/tmp/.keep DELETED Viewed

File without changes