conjur-api 5.3.8.pre.319 → 5.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (150) hide show
  1. checksums.yaml +4 -4
  2. data/.codeclimate.yml +10 -0
  3. data/.dockerignore +1 -0
  4. data/.github/CODEOWNERS +10 -0
  5. data/.gitignore +32 -0
  6. data/.gitleaks.toml +219 -0
  7. data/.overcommit.yml +16 -0
  8. data/.project +18 -0
  9. data/.rubocop.yml +3 -0
  10. data/.rubocop_settings.yml +86 -0
  11. data/.rubocop_todo.yml +709 -0
  12. data/.yardopts +1 -0
  13. data/CHANGELOG.md +448 -0
  14. data/CONTRIBUTING.md +138 -0
  15. data/Dockerfile +16 -0
  16. data/Gemfile +7 -0
  17. data/Jenkinsfile +136 -0
  18. data/LICENSE +202 -0
  19. data/README.md +162 -0
  20. data/Rakefile +47 -0
  21. data/SECURITY.md +42 -0
  22. data/VERSION +1 -1
  23. data/bin/parse-changelog.sh +12 -0
  24. data/ci/configure_v4.sh +12 -0
  25. data/ci/configure_v5.sh +19 -0
  26. data/ci/oauth/keycloak/create_client +18 -0
  27. data/ci/oauth/keycloak/create_user +21 -0
  28. data/ci/oauth/keycloak/fetch_certificate +18 -0
  29. data/ci/oauth/keycloak/keycloak_functions.sh +71 -0
  30. data/ci/oauth/keycloak/standalone.xml +578 -0
  31. data/ci/oauth/keycloak/wait_for_server +56 -0
  32. data/ci/submit-coverage +36 -0
  33. data/conjur-api.gemspec +41 -0
  34. data/dev/Dockerfile.dev +12 -0
  35. data/dev/docker-compose.yml +56 -0
  36. data/dev/start +22 -0
  37. data/dev/stop +5 -0
  38. data/docker-compose.yml +98 -0
  39. data/example/demo_v4.rb +49 -0
  40. data/example/demo_v5.rb +57 -0
  41. data/features/authenticators.feature +41 -0
  42. data/features/authn.feature +14 -0
  43. data/features/authn_local.feature +32 -0
  44. data/features/exists.feature +37 -0
  45. data/features/group.feature +11 -0
  46. data/features/host.feature +50 -0
  47. data/features/host_factory_create_host.feature +28 -0
  48. data/features/host_factory_token.feature +63 -0
  49. data/features/load_policy.feature +61 -0
  50. data/features/members.feature +51 -0
  51. data/features/new_api.feature +36 -0
  52. data/features/permitted.feature +70 -0
  53. data/features/permitted_roles.feature +30 -0
  54. data/features/public_keys.feature +11 -0
  55. data/features/resource_fields.feature +53 -0
  56. data/features/role_fields.feature +15 -0
  57. data/features/rotate_api_key.feature +13 -0
  58. data/features/step_definitions/api_steps.rb +52 -0
  59. data/features/step_definitions/policy_steps.rb +134 -0
  60. data/features/step_definitions/result_steps.rb +11 -0
  61. data/features/support/env.rb +19 -0
  62. data/features/support/hooks.rb +3 -0
  63. data/features/support/world.rb +12 -0
  64. data/features/update_password.feature +14 -0
  65. data/features/user.feature +58 -0
  66. data/features/variable_fields.feature +20 -0
  67. data/features/variable_value.feature +60 -0
  68. data/features_v4/authn_local.feature +27 -0
  69. data/features_v4/exists.feature +29 -0
  70. data/features_v4/host.feature +18 -0
  71. data/features_v4/host_factory_token.feature +49 -0
  72. data/features_v4/members.feature +39 -0
  73. data/features_v4/permitted.feature +15 -0
  74. data/features_v4/permitted_roles.feature +8 -0
  75. data/features_v4/resource_fields.feature +47 -0
  76. data/features_v4/rotate_api_key.feature +13 -0
  77. data/features_v4/step_definitions/api_steps.rb +17 -0
  78. data/features_v4/step_definitions/result_steps.rb +3 -0
  79. data/features_v4/support/env.rb +23 -0
  80. data/features_v4/support/policy.yml +34 -0
  81. data/features_v4/support/world.rb +12 -0
  82. data/features_v4/variable_fields.feature +11 -0
  83. data/features_v4/variable_value.feature +54 -0
  84. data/lib/conjur/acts_as_resource.rb +123 -0
  85. data/lib/conjur/acts_as_role.rb +142 -0
  86. data/lib/conjur/acts_as_rolsource.rb +32 -0
  87. data/lib/conjur/acts_as_user.rb +68 -0
  88. data/lib/conjur/api/authenticators.rb +43 -0
  89. data/lib/conjur/api/authn.rb +144 -0
  90. data/lib/conjur/api/host_factories.rb +71 -0
  91. data/lib/conjur/api/ldap_sync.rb +38 -0
  92. data/lib/conjur/api/policies.rb +56 -0
  93. data/lib/conjur/api/pubkeys.rb +53 -0
  94. data/lib/conjur/api/resources.rb +109 -0
  95. data/lib/conjur/api/roles.rb +98 -0
  96. data/lib/conjur/api/router/v4.rb +206 -0
  97. data/lib/conjur/api/router/v5.rb +269 -0
  98. data/lib/conjur/api/variables.rb +59 -0
  99. data/lib/conjur/api.rb +105 -0
  100. data/lib/conjur/base.rb +355 -0
  101. data/lib/conjur/base_object.rb +57 -0
  102. data/lib/conjur/build_object.rb +47 -0
  103. data/lib/conjur/cache.rb +26 -0
  104. data/lib/conjur/cert_utils.rb +63 -0
  105. data/lib/conjur/cidr.rb +71 -0
  106. data/lib/conjur/configuration.rb +460 -0
  107. data/lib/conjur/escape.rb +129 -0
  108. data/lib/conjur/exceptions.rb +4 -0
  109. data/lib/conjur/group.rb +41 -0
  110. data/lib/conjur/has_attributes.rb +98 -0
  111. data/lib/conjur/host.rb +27 -0
  112. data/lib/conjur/host_factory.rb +75 -0
  113. data/lib/conjur/host_factory_token.rb +78 -0
  114. data/lib/conjur/id.rb +71 -0
  115. data/lib/conjur/layer.rb +9 -0
  116. data/lib/conjur/log.rb +72 -0
  117. data/lib/conjur/log_source.rb +60 -0
  118. data/lib/conjur/policy.rb +34 -0
  119. data/lib/conjur/policy_load_result.rb +61 -0
  120. data/lib/conjur/query_string.rb +12 -0
  121. data/lib/conjur/resource.rb +29 -0
  122. data/lib/conjur/role.rb +29 -0
  123. data/lib/conjur/role_grant.rb +85 -0
  124. data/lib/conjur/routing.rb +29 -0
  125. data/lib/conjur/user.rb +40 -0
  126. data/lib/conjur/variable.rb +208 -0
  127. data/lib/conjur/webservice.rb +30 -0
  128. data/lib/conjur-api/version.rb +24 -0
  129. data/lib/conjur-api.rb +2 -0
  130. data/publish.sh +5 -0
  131. data/spec/api/host_factories_spec.rb +34 -0
  132. data/spec/api_spec.rb +254 -0
  133. data/spec/base_object_spec.rb +13 -0
  134. data/spec/cert_utils_spec.rb +173 -0
  135. data/spec/cidr_spec.rb +34 -0
  136. data/spec/configuration_spec.rb +330 -0
  137. data/spec/has_attributes_spec.rb +63 -0
  138. data/spec/helpers/errors_matcher.rb +34 -0
  139. data/spec/helpers/request_helpers.rb +10 -0
  140. data/spec/id_spec.rb +29 -0
  141. data/spec/ldap_sync_spec.rb +21 -0
  142. data/spec/log_source_spec.rb +13 -0
  143. data/spec/log_spec.rb +42 -0
  144. data/spec/roles_spec.rb +24 -0
  145. data/spec/spec_helper.rb +113 -0
  146. data/spec/ssl_spec.rb +109 -0
  147. data/spec/uri_escape_spec.rb +21 -0
  148. data/test.sh +76 -0
  149. data/tmp/.keep +0 -0
  150. metadata +196 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 705a21655aa742f9a4d6494d0ae5500c4970ae248a189a3d5f55de55f3375923
4
- data.tar.gz: 6f57b05120bfe3f338f82690e0c82b1c532d5ea882cd9ae71d90c6ba2d40efa0
3
+ metadata.gz: d0e6e603e128d52fb7d219106d9d9f2a4c302ea3a6ccd943fe424443f5640ff8
4
+ data.tar.gz: 4c788058b9ce44f5d044ea2635927cbfe31c6739901f514f5d796844bcb26b41
5
5
  SHA512:
6
- metadata.gz: 6c66bc9a3858610d878a4d75d785a666ba983fa9d336e6e1f90140fb66bbd4820cd1757ecb1d6622d1688adaef1d544801233461412775a2fabc675e9365adf6
7
- data.tar.gz: 35059d4a89df055e4bcba143b9b1e6ebe74fb75582280f9ec8e725f70b9476e567ab43e65442121dd9ba6f6bdbd881ace302bca8210b75a41e7ff3f45f40b40c
6
+ metadata.gz: 7c516e5fcdefb9878d33e67addfee81b168721e4e861a8d0eabd25d6452943a35ccd6f0eb0f9701407710de2d8a4919e5259de2590d9ec009c2a6d798e54486e
7
+ data.tar.gz: 59166c9503087a5f9a81af241efd81c1151d5204aea33aa87bc61aecb003ca81169efac2a4c5ceb29d6d846be4e8d587574095e71277ef889e27a7e215cb90d4
data/.codeclimate.yml ADDED
@@ -0,0 +1,10 @@
1
+ plugins:
2
+ rubocop:
3
+ enabled: true
4
+ channel: rubocop-0-76
5
+ reek:
6
+ enabled: true
7
+ brakeman:
8
+ enabled: false
9
+ shellcheck:
10
+ enabled: true
data/.dockerignore ADDED
@@ -0,0 +1 @@
1
+ Gemfile.lock
@@ -0,0 +1,10 @@
1
+ * @cyberark/community-and-integrations-team @conjurinc/community-and-integrations-team @conjurdemos/community-and-integrations-team
2
+
3
+ # Changes to .trivyignore require Security Architect approval
4
+ .trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
5
+
6
+ # Changes to .codeclimate.yml require Quality Architect approval
7
+ .codeclimate.yml @cyberark/quality-architects @conjurinc/quality-architects @conjurdemos/quality-architects
8
+
9
+ # Changes to SECURITY.md require Security Architect approval
10
+ SECURITY.md @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
data/.gitignore ADDED
@@ -0,0 +1,32 @@
1
+ features/reports
2
+ features_v4/reports
3
+ dev/data_key
4
+ .DS_Store
5
+ build_number
6
+ *.gem
7
+ *.rbc
8
+ .bundle
9
+ .config
10
+ .yardoc
11
+ Gemfile.lock
12
+ InstalledFiles
13
+ _yardoc
14
+ coverage
15
+ coverage_v4
16
+ doc/
17
+ lib/bundler/man
18
+ pkg
19
+ rdoc
20
+ spec/reports
21
+ test/tmp
22
+ test/version_tmp
23
+ tmp
24
+ .kateproject.d
25
+ .rvmrc
26
+ .idea
27
+
28
+ # rspec
29
+ .rspec
30
+
31
+ # Script to connect to jon's lxc appliances
32
+ lxcsh.rb
data/.gitleaks.toml ADDED
@@ -0,0 +1,219 @@
1
+ title = "Conjur API Ruby gitleaks config"
2
+
3
+ # This is the config file for gitleaks. You can configure gitleaks what to search for and what to whitelist.
4
+ # If GITLEAKS_CONFIG environment variable
5
+ # is set, gitleaks will load configurations from that path. If option --config-path is set, gitleaks will load
6
+ # configurations from that path. Gitleaks does not whitelist anything by default.
7
+ # - https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf
8
+ # - https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
9
+ [[rules]]
10
+ description = "AWS Client ID"
11
+ regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}'''
12
+ tags = ["key", "AWS"]
13
+
14
+ [[rules]]
15
+ description = "AWS Secret Key"
16
+ regex = '''(?i)aws(.{0,20})?(?-i)['\"][0-9a-zA-Z\/+]{40}['\"]'''
17
+ tags = ["key", "AWS"]
18
+
19
+ [[rules]]
20
+ description = "AWS MWS key"
21
+ regex = '''amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}'''
22
+ tags = ["key", "AWS", "MWS"]
23
+
24
+ [[rules]]
25
+ description = "PKCS8"
26
+ regex = '''-----BEGIN PRIVATE KEY-----'''
27
+ tags = ["key", "PKCS8"]
28
+
29
+ [[rules]]
30
+ description = "RSA"
31
+ regex = '''-----BEGIN RSA PRIVATE KEY-----'''
32
+ tags = ["key", "RSA"]
33
+
34
+ [[rules]]
35
+ description = "SSH"
36
+ regex = '''-----BEGIN OPENSSH PRIVATE KEY-----'''
37
+ tags = ["key", "SSH"]
38
+
39
+ [[rules]]
40
+ description = "PGP"
41
+ regex = '''-----BEGIN PGP PRIVATE KEY BLOCK-----'''
42
+ tags = ["key", "PGP"]
43
+
44
+ [[rules]]
45
+ description = "Facebook Secret Key"
46
+ regex = '''(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]'''
47
+ tags = ["key", "Facebook"]
48
+
49
+ [[rules]]
50
+ description = "Facebook Client ID"
51
+ regex = '''(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]'''
52
+ tags = ["key", "Facebook"]
53
+
54
+ [[rules]]
55
+ description = "Facebook access token"
56
+ regex = '''EAACEdEose0cBA[0-9A-Za-z]+'''
57
+ tags = ["key", "Facebook"]
58
+
59
+ [[rules]]
60
+ description = "Twitter Secret Key"
61
+ regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}['\"]'''
62
+ tags = ["key", "Twitter"]
63
+
64
+ [[rules]]
65
+ description = "Twitter Client ID"
66
+ regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{18,25}['\"]'''
67
+ tags = ["client", "Twitter"]
68
+
69
+ [[rules]]
70
+ description = "Github"
71
+ regex = '''(?i)github(.{0,20})?(?-i)['\"][0-9a-zA-Z]{35,40}['\"]'''
72
+ tags = ["key", "Github"]
73
+
74
+ [[rules]]
75
+ description = "LinkedIn Client ID"
76
+ regex = '''(?i)linkedin(.{0,20})?(?-i)['\"][0-9a-z]{12}['\"]'''
77
+ tags = ["client", "Twitter"]
78
+
79
+ [[rules]]
80
+ description = "LinkedIn Secret Key"
81
+ regex = '''(?i)linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]'''
82
+ tags = ["secret", "Twitter"]
83
+
84
+ [[rules]]
85
+ description = "Slack"
86
+ regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})?'''
87
+ tags = ["key", "Slack"]
88
+
89
+ [[rules]]
90
+ description = "EC"
91
+ regex = '''-----BEGIN EC PRIVATE KEY-----'''
92
+ tags = ["key", "EC"]
93
+
94
+ [[rules]]
95
+ description = "Generic API key"
96
+ regex = '''(?i)(api_key|apikey)(.{0,20})?['|"][0-9a-zA-Z]{32,45}['|"]'''
97
+ tags = ["key", "API", "generic"]
98
+
99
+ [[rules]]
100
+ description = "Generic Secret"
101
+ regex = '''(?i)secret(.{0,20})?['|"][0-9a-zA-Z]{32,45}['|"]'''
102
+ tags = ["key", "Secret", "generic"]
103
+
104
+ [[rules]]
105
+ description = "Google API key"
106
+ regex = '''AIza[0-9A-Za-z\\-_]{35}'''
107
+ tags = ["key", "Google"]
108
+
109
+ [[rules]]
110
+ description = "Google Cloud Platform API key"
111
+ regex = '''(?i)(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z\\-_]{35}]['\"]'''
112
+ tags = ["key", "Google", "GCP"]
113
+
114
+ [[rules]]
115
+ description = "Google OAuth"
116
+ regex = '''(?i)(google|gcp|auth)(.{0,20})?['"][0-9]+-[0-9a-z_]{32}\.apps\.googleusercontent\.com['"]'''
117
+ tags = ["key", "Google", "OAuth"]
118
+
119
+ [[rules]]
120
+ description = "Google OAuth access token"
121
+ regex = '''ya29\.[0-9A-Za-z\-_]+'''
122
+ tags = ["key", "Google", "OAuth"]
123
+
124
+ [[rules]]
125
+ description = "Heroku API key"
126
+ regex = '''(?i)heroku(.{0,20})?['"][0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}['"]'''
127
+ tags = ["key", "Heroku"]
128
+
129
+ [[rules]]
130
+ description = "MailChimp API key"
131
+ regex = '''(?i)(mailchimp|mc)(.{0,20})?['"][0-9a-f]{32}-us[0-9]{1,2}['"]'''
132
+ tags = ["key", "Mailchimp"]
133
+
134
+ [[rules]]
135
+ description = "Mailgun API key"
136
+ regex = '''(?i)(mailgun|mg)(.{0,20})?['"][0-9a-z]{32}['"]'''
137
+ tags = ["key", "Mailgun"]
138
+
139
+ [[rules]]
140
+ description = "Password in URL"
141
+ regex = '''[a-zA-Z]{3,10}:\/\/[^\/\s:@]{3,20}:[^\/\s:@]{3,20}@.{1,100}\/?.?'''
142
+ tags = ["key", "URL", "generic"]
143
+
144
+ [[rules]]
145
+ description = "PayPal Braintree access token"
146
+ regex = '''access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}'''
147
+ tags = ["key", "Paypal"]
148
+
149
+ [[rules]]
150
+ description = "Picatic API key"
151
+ regex = '''sk_live_[0-9a-z]{32}'''
152
+ tags = ["key", "Picatic"]
153
+
154
+ [[rules]]
155
+ description = "Slack Webhook"
156
+ regex = '''https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24}'''
157
+ tags = ["key", "slack"]
158
+
159
+ [[rules]]
160
+ description = "Stripe API key"
161
+ regex = '''(?i)stripe(.{0,20})?['\"][sk|rk]_live_[0-9a-zA-Z]{24}'''
162
+ tags = ["key", "Stripe"]
163
+
164
+ [[rules]]
165
+ description = "Square access token"
166
+ regex = '''sq0atp-[0-9A-Za-z\-_]{22}'''
167
+ tags = ["key", "square"]
168
+
169
+ [[rules]]
170
+ description = "Square OAuth secret"
171
+ regex = '''sq0csp-[0-9A-Za-z\\-_]{43}'''
172
+ tags = ["key", "square"]
173
+
174
+ [[rules]]
175
+ description = "Twilio API key"
176
+ regex = '''(?i)twilio(.{0,20})?['\"][0-9a-f]{32}['\"]'''
177
+ tags = ["key", "twilio"]
178
+
179
+ [whitelist]
180
+ files = [
181
+ # "(.*?)(jpg|gif|doc|pdf|bin)$",
182
+ ".gitleaks.toml",
183
+ "spec/ssl_spec.rb" # unit test file that has sample RSA key
184
+ ]
185
+ regexes = [
186
+ "mysql://username:password@mysql.somehost.com/mydb", # sample mysql connection string from code comment
187
+ "http://master:master@localhost", # sample URI in unit test data
188
+ "http://admin:%5E6feWZpr@localhost" # sample URI in unit test data
189
+ ]
190
+
191
+ # Additional Examples
192
+
193
+ # [[rules]]
194
+ # description = "Generic Key"
195
+ # regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
196
+ # entropies = [
197
+ # "4.1-4.3",
198
+ # "5.5-6.3",
199
+ # ]
200
+ # entropyROI = "line"
201
+ # filetypes = [".go", ".py", ".c"]
202
+ # tags = ["key"]
203
+ # severity = "8"
204
+ #
205
+ #
206
+ # [[rules]]
207
+ # description = "Generic Key"
208
+ # regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
209
+ # entropies = ["4.1-4.3"]
210
+ # filetypes = [".gee"]
211
+ # entropyROI = "line"
212
+ # tags = ["key"]
213
+ # severity = "medium"
214
+
215
+ # [[rules]]
216
+ # description = "Any pem file"
217
+ # filetypes = [".key"]
218
+ # tags = ["pem"]
219
+ # severity = "high"
data/.overcommit.yml ADDED
@@ -0,0 +1,16 @@
1
+ PreCommit:
2
+ ALL:
3
+ problem_on_unmodified_line: warn
4
+
5
+ RuboCop:
6
+ enabled: true
7
+ flags: [
8
+ '--format=emacs', '--force-exclusion', '--display-cop-names',
9
+ '-c', '.rubocop_settings.yml']
10
+
11
+ Reek:
12
+ enabled: true
13
+ flags: [
14
+ '--single-line', '--no-color',
15
+ '-c', '/dev/null']
16
+
data/.project ADDED
@@ -0,0 +1,18 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <projectDescription>
3
+ <name>conjur-api</name>
4
+ <comment></comment>
5
+ <projects>
6
+ </projects>
7
+ <buildSpec>
8
+ <buildCommand>
9
+ <name>com.aptana.ide.core.unifiedBuilder</name>
10
+ <arguments>
11
+ </arguments>
12
+ </buildCommand>
13
+ </buildSpec>
14
+ <natures>
15
+ <nature>com.aptana.ruby.core.rubynature</nature>
16
+ <nature>com.aptana.projects.webnature</nature>
17
+ </natures>
18
+ </projectDescription>
data/.rubocop.yml ADDED
@@ -0,0 +1,3 @@
1
+ inherit_from:
2
+ - .rubocop_settings.yml
3
+ - .rubocop_todo.yml
@@ -0,0 +1,86 @@
1
+ AllCops:
2
+ TargetRubyVersion: 2.7
3
+
4
+ # These non-default settings best reflect our current code style.
5
+ Style/MethodDefParentheses:
6
+ EnforcedStyle: require_no_parentheses_except_multiline
7
+ Style/PercentLiteralDelimiters:
8
+ PreferredDelimiters:
9
+ "%i": ()
10
+ "%w": ()
11
+ Style/RescueStandardError:
12
+ EnforcedStyle: implicit
13
+ Style/AndOr:
14
+ EnforcedStyle: conditionals
15
+ Layout/IndentHeredoc:
16
+ EnforcedStyle: squiggly
17
+ Layout/MultilineMethodCallBraceLayout:
18
+ EnforcedStyle: symmetrical
19
+ Layout/SpaceAroundBlockParameters:
20
+ EnforcedStyleInsidePipes: no_space
21
+ Layout/SpaceAroundEqualsInParameterDefault:
22
+ EnforcedStyle: space
23
+ Layout/SpaceBeforeBlockBraces:
24
+ EnforcedStyle: space
25
+ EnforcedStyleForEmptyBraces: space
26
+ Layout/SpaceInsideBlockBraces:
27
+ EnforcedStyle: space
28
+ EnforcedStyleForEmptyBraces: no_space
29
+ SpaceBeforeBlockParameters: true
30
+ Layout/SpaceInsideHashLiteralBraces:
31
+ EnforcedStyle: space
32
+ EnforcedStyleForEmptyBraces: no_space
33
+ Layout/SpaceInsideParens:
34
+ EnforcedStyle: no_space
35
+ Layout/SpaceInsideReferenceBrackets:
36
+ EnforcedStyle: no_space
37
+ EnforcedStyleForEmptyBrackets: no_space
38
+ Layout/TrailingBlankLines:
39
+ EnforcedStyle: final_newline
40
+ Style/BarePercentLiterals:
41
+ EnforcedStyle: percent_q
42
+
43
+ # Either style of these arguably has its place depending on the context.
44
+ Style/FormatStringToken:
45
+ Enabled: false
46
+ Style/LambdaCall:
47
+ Enabled: false
48
+ Style/StringLiterals:
49
+ Enabled: false
50
+ Layout/SpaceInsideArrayLiteralBrackets:
51
+ Enabled: false
52
+ # However, these score at comparatively fewer offences, so I'll
53
+ # leave it here in case we want to enforce a style after all.
54
+ EnforcedStyle: no_space
55
+ EnforcedStyleForEmptyBrackets: no_space
56
+
57
+ # The default configuration of these makes it hard to use proportional fonts.
58
+ Layout/MultilineMethodCallIndentation:
59
+ EnforcedStyle: indented
60
+ Layout/AlignParameters:
61
+ EnforcedStyle: with_fixed_indentation
62
+ Layout/EndAlignment:
63
+ EnforcedStyleAlignWith: start_of_line
64
+ Layout/ExtraSpacing:
65
+ AllowForAlignment: false
66
+ Layout/IndentFirstArgument:
67
+ EnforcedStyle: consistent
68
+ Layout/IndentFirstHashElement:
69
+ EnforcedStyle: consistent
70
+ Layout/MultilineMethodCallIndentation:
71
+ EnforcedStyle: indented
72
+ Layout/MultilineOperationIndentation:
73
+ EnforcedStyle: indented
74
+ Layout/SpaceAroundOperators:
75
+ AllowForAlignment: false
76
+ Layout/SpaceBeforeFirstArg:
77
+ AllowForAlignment: false
78
+
79
+ Metrics/BlockLength:
80
+ CountComments: false
81
+ Max: 25
82
+ Exclude:
83
+ - 'Rakefile'
84
+ - '**/*.rake'
85
+ - 'spec/**/*.rb'
86
+ - 'conjur-api.gemspec'