conjur-api 5.3.8.pre.3 → 5.3.8.pre.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (150) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. metadata +2 -193
  4. data/.codeclimate.yml +0 -10
  5. data/.dockerignore +0 -1
  6. data/.github/CODEOWNERS +0 -10
  7. data/.gitignore +0 -32
  8. data/.gitleaks.toml +0 -219
  9. data/.overcommit.yml +0 -16
  10. data/.project +0 -18
  11. data/.rubocop.yml +0 -3
  12. data/.rubocop_settings.yml +0 -86
  13. data/.rubocop_todo.yml +0 -709
  14. data/.yardopts +0 -1
  15. data/CHANGELOG.md +0 -448
  16. data/CONTRIBUTING.md +0 -138
  17. data/Dockerfile +0 -16
  18. data/Gemfile +0 -7
  19. data/Jenkinsfile +0 -137
  20. data/LICENSE +0 -202
  21. data/README.md +0 -162
  22. data/Rakefile +0 -47
  23. data/SECURITY.md +0 -42
  24. data/bin/parse-changelog.sh +0 -12
  25. data/ci/configure_v4.sh +0 -12
  26. data/ci/configure_v5.sh +0 -19
  27. data/ci/oauth/keycloak/create_client +0 -18
  28. data/ci/oauth/keycloak/create_user +0 -21
  29. data/ci/oauth/keycloak/fetch_certificate +0 -18
  30. data/ci/oauth/keycloak/keycloak_functions.sh +0 -71
  31. data/ci/oauth/keycloak/standalone.xml +0 -578
  32. data/ci/oauth/keycloak/wait_for_server +0 -56
  33. data/ci/submit-coverage +0 -36
  34. data/conjur-api.gemspec +0 -41
  35. data/dev/Dockerfile.dev +0 -12
  36. data/dev/docker-compose.yml +0 -56
  37. data/dev/start +0 -22
  38. data/dev/stop +0 -5
  39. data/docker-compose.yml +0 -98
  40. data/example/demo_v4.rb +0 -49
  41. data/example/demo_v5.rb +0 -57
  42. data/features/authenticators.feature +0 -41
  43. data/features/authn.feature +0 -14
  44. data/features/authn_local.feature +0 -32
  45. data/features/exists.feature +0 -37
  46. data/features/group.feature +0 -11
  47. data/features/host.feature +0 -50
  48. data/features/host_factory_create_host.feature +0 -28
  49. data/features/host_factory_token.feature +0 -63
  50. data/features/load_policy.feature +0 -61
  51. data/features/members.feature +0 -51
  52. data/features/new_api.feature +0 -36
  53. data/features/permitted.feature +0 -70
  54. data/features/permitted_roles.feature +0 -30
  55. data/features/public_keys.feature +0 -11
  56. data/features/resource_fields.feature +0 -53
  57. data/features/role_fields.feature +0 -15
  58. data/features/rotate_api_key.feature +0 -13
  59. data/features/step_definitions/api_steps.rb +0 -52
  60. data/features/step_definitions/policy_steps.rb +0 -134
  61. data/features/step_definitions/result_steps.rb +0 -11
  62. data/features/support/env.rb +0 -19
  63. data/features/support/hooks.rb +0 -3
  64. data/features/support/world.rb +0 -12
  65. data/features/update_password.feature +0 -14
  66. data/features/user.feature +0 -58
  67. data/features/variable_fields.feature +0 -20
  68. data/features/variable_value.feature +0 -60
  69. data/features_v4/authn_local.feature +0 -27
  70. data/features_v4/exists.feature +0 -29
  71. data/features_v4/host.feature +0 -18
  72. data/features_v4/host_factory_token.feature +0 -49
  73. data/features_v4/members.feature +0 -39
  74. data/features_v4/permitted.feature +0 -15
  75. data/features_v4/permitted_roles.feature +0 -8
  76. data/features_v4/resource_fields.feature +0 -47
  77. data/features_v4/rotate_api_key.feature +0 -13
  78. data/features_v4/step_definitions/api_steps.rb +0 -17
  79. data/features_v4/step_definitions/result_steps.rb +0 -3
  80. data/features_v4/support/env.rb +0 -23
  81. data/features_v4/support/policy.yml +0 -34
  82. data/features_v4/support/world.rb +0 -12
  83. data/features_v4/variable_fields.feature +0 -11
  84. data/features_v4/variable_value.feature +0 -54
  85. data/lib/conjur/acts_as_resource.rb +0 -123
  86. data/lib/conjur/acts_as_role.rb +0 -142
  87. data/lib/conjur/acts_as_rolsource.rb +0 -32
  88. data/lib/conjur/acts_as_user.rb +0 -68
  89. data/lib/conjur/api/authenticators.rb +0 -43
  90. data/lib/conjur/api/authn.rb +0 -144
  91. data/lib/conjur/api/host_factories.rb +0 -71
  92. data/lib/conjur/api/ldap_sync.rb +0 -38
  93. data/lib/conjur/api/policies.rb +0 -56
  94. data/lib/conjur/api/pubkeys.rb +0 -53
  95. data/lib/conjur/api/resources.rb +0 -109
  96. data/lib/conjur/api/roles.rb +0 -98
  97. data/lib/conjur/api/router/v4.rb +0 -206
  98. data/lib/conjur/api/router/v5.rb +0 -269
  99. data/lib/conjur/api/variables.rb +0 -59
  100. data/lib/conjur/api.rb +0 -105
  101. data/lib/conjur/base.rb +0 -355
  102. data/lib/conjur/base_object.rb +0 -57
  103. data/lib/conjur/build_object.rb +0 -47
  104. data/lib/conjur/cache.rb +0 -26
  105. data/lib/conjur/cert_utils.rb +0 -63
  106. data/lib/conjur/cidr.rb +0 -71
  107. data/lib/conjur/configuration.rb +0 -460
  108. data/lib/conjur/escape.rb +0 -129
  109. data/lib/conjur/exceptions.rb +0 -4
  110. data/lib/conjur/group.rb +0 -41
  111. data/lib/conjur/has_attributes.rb +0 -98
  112. data/lib/conjur/host.rb +0 -27
  113. data/lib/conjur/host_factory.rb +0 -75
  114. data/lib/conjur/host_factory_token.rb +0 -78
  115. data/lib/conjur/id.rb +0 -71
  116. data/lib/conjur/layer.rb +0 -9
  117. data/lib/conjur/log.rb +0 -72
  118. data/lib/conjur/log_source.rb +0 -60
  119. data/lib/conjur/policy.rb +0 -34
  120. data/lib/conjur/policy_load_result.rb +0 -61
  121. data/lib/conjur/query_string.rb +0 -12
  122. data/lib/conjur/resource.rb +0 -29
  123. data/lib/conjur/role.rb +0 -29
  124. data/lib/conjur/role_grant.rb +0 -85
  125. data/lib/conjur/routing.rb +0 -29
  126. data/lib/conjur/user.rb +0 -40
  127. data/lib/conjur/variable.rb +0 -208
  128. data/lib/conjur/webservice.rb +0 -30
  129. data/lib/conjur-api/version.rb +0 -24
  130. data/lib/conjur-api.rb +0 -2
  131. data/publish.sh +0 -5
  132. data/spec/api/host_factories_spec.rb +0 -34
  133. data/spec/api_spec.rb +0 -254
  134. data/spec/base_object_spec.rb +0 -13
  135. data/spec/cert_utils_spec.rb +0 -173
  136. data/spec/cidr_spec.rb +0 -34
  137. data/spec/configuration_spec.rb +0 -330
  138. data/spec/has_attributes_spec.rb +0 -63
  139. data/spec/helpers/errors_matcher.rb +0 -34
  140. data/spec/helpers/request_helpers.rb +0 -10
  141. data/spec/id_spec.rb +0 -29
  142. data/spec/ldap_sync_spec.rb +0 -21
  143. data/spec/log_source_spec.rb +0 -13
  144. data/spec/log_spec.rb +0 -42
  145. data/spec/roles_spec.rb +0 -24
  146. data/spec/spec_helper.rb +0 -113
  147. data/spec/ssl_spec.rb +0 -109
  148. data/spec/uri_escape_spec.rb +0 -21
  149. data/test.sh +0 -76
  150. data/tmp/.keep +0 -0
data/ci/oauth/keycloak/fetch_certificate DELETED
@@ -1,18 +0,0 @@
1
- #!/bin/sh
2
-
3
- # This script retrieves a certificate from the keycloak OIDC provider
4
- # and puts it to a trusted operating system store.
5
- # It is needed to communicate with the provider via SSL for validating ID tokens
6
-
7
- openssl s_client \
8
- -showcerts \
9
- -connect keycloak:8443 \
10
- -servername keycloak \
11
- </dev/null | \
12
- openssl x509 \
13
- -outform PEM \
14
- >/etc/ssl/certs/keycloak.pem
15
-
16
- hash=$(openssl x509 -hash -in /etc/ssl/certs/keycloak.pem -out /dev/null)
17
-
18
- ln -s /etc/ssl/certs/keycloak.pem "/etc/ssl/certs/${hash}.0"
data/ci/oauth/keycloak/keycloak_functions.sh DELETED
@@ -1,71 +0,0 @@
1
- #!/usr/bin/env bash
2
-
3
- KEYCLOAK_SERVICE_NAME="keycloak"
4
-
5
- # Note: the single arg is a nameref, which this function sets to an array
6
- # containing items of the form "KEY=VAL".
7
- function _hydrate_keycloak_env_args() {
8
- local -n arr=$1
9
- local keycloak_items
10
-
11
- readarray -t keycloak_items < <(
12
- set -o pipefail
13
- # Note: This prints all lines that look like:
14
- # KEYCLOAK_XXX=someval
15
- docker-compose exec -T ${KEYCLOAK_SERVICE_NAME} printenv | awk '/KEYCLOAK/'
16
- )
17
-
18
- # shellcheck disable=SC2034
19
- arr=(
20
- "${keycloak_items[@]}"
21
- "PROVIDER_URI=https://keycloak:8443/auth/realms/master"
22
- "PROVIDER_INTERNAL_URI=http://keycloak:8080/auth/realms/master/protocol/openid-connect"
23
- "PROVIDER_ISSUER=http://keycloak:8080/auth/realms/master"
24
- "ID_TOKEN_USER_PROPERTY=preferred_username"
25
- )
26
- }
27
-
28
- # The arguments must be unexpanded variable names. Eg:
29
- #
30
- # _create_keycloak_user '$APP_USER' '$APP_PW' '$APP_EMAIL'
31
- #
32
- # This is because those variables are not available to this script. They are
33
- # available to bash commands run via "docker-compose exec keycloak bash
34
- # -c...", since they're defined in the docker-compose.yml.
35
- function _create_keycloak_user() {
36
- local user_var=$1
37
- local pw_var=$2
38
- local email_var=$3
39
-
40
- docker-compose exec -T \
41
- ${KEYCLOAK_SERVICE_NAME} \
42
- bash -c "/scripts/create_user \"$user_var\" \"$pw_var\" \"$email_var\""
43
- }
44
-
45
- function create_keycloak_users() {
46
- echo "Defining keycloak client"
47
-
48
- docker-compose exec -T ${KEYCLOAK_SERVICE_NAME} /scripts/create_client
49
-
50
- echo "Creating user 'alice' in Keycloak"
51
-
52
- # Note: We want to pass the bash command thru without expansion here.
53
- # shellcheck disable=SC2016
54
- _create_keycloak_user \
55
- '$KEYCLOAK_APP_USER' \
56
- '$KEYCLOAK_APP_USER_PASSWORD' \
57
- '$KEYCLOAK_APP_USER_EMAIL'
58
- }
59
-
60
- function wait_for_keycloak_server() {
61
- docker-compose exec -T \
62
- ${KEYCLOAK_SERVICE_NAME} /scripts/wait_for_server
63
- }
64
-
65
- function fetch_keycloak_certificate() {
66
- # there's a dep on the docker-compose.yml volumes.
67
- # Fetch SSL cert to communicate with keycloak (OIDC provider).
68
- echo "Initialize keycloak certificate in conjur server"
69
- docker-compose exec -T \
70
- conjur_5 /scripts/fetch_certificate
71
- }