conjur-api 5.4.2.pre.638 → 6.0.0.pre.94

Sign up to get free protection for your applications and to get access to all the features.
Files changed (48) hide show
  1. checksums.yaml +4 -4
  2. data/.github/CODEOWNERS +4 -4
  3. data/.rubocop_todo.yml +3 -5
  4. data/CHANGELOG.md +6 -3
  5. data/CONTRIBUTING.md +27 -71
  6. data/Jenkinsfile +69 -30
  7. data/README.md +1 -21
  8. data/Rakefile +2 -7
  9. data/VERSION +1 -1
  10. data/ci/{configure_v5.sh → configure.sh} +1 -1
  11. data/ci/oauth/keycloak/keycloak_functions.sh +7 -7
  12. data/conjur-api.gemspec +1 -0
  13. data/dev/docker-compose.yml +12 -21
  14. data/dev/start +9 -9
  15. data/dev/stop +1 -1
  16. data/docker-compose.yml +13 -38
  17. data/example/{demo_v5.rb → demo.rb} +3 -8
  18. data/features/step_definitions/policy_steps.rb +1 -1
  19. data/features/support/env.rb +5 -1
  20. data/lib/conjur/api/router.rb +267 -0
  21. data/lib/conjur/base.rb +2 -2
  22. data/lib/conjur/configuration.rb +0 -20
  23. data/lib/conjur/routing.rb +2 -12
  24. data/lib/conjur/variable.rb +7 -15
  25. data/spec/spec_helper.rb +4 -0
  26. data/spec/uri_escape_spec.rb +3 -3
  27. data/test.sh +16 -29
  28. metadata +21 -24
  29. data/ci/configure_v4.sh +0 -12
  30. data/example/demo_v4.rb +0 -49
  31. data/features_v4/authn_local.feature +0 -27
  32. data/features_v4/exists.feature +0 -29
  33. data/features_v4/host.feature +0 -18
  34. data/features_v4/host_factory_token.feature +0 -49
  35. data/features_v4/members.feature +0 -39
  36. data/features_v4/permitted.feature +0 -15
  37. data/features_v4/permitted_roles.feature +0 -8
  38. data/features_v4/resource_fields.feature +0 -47
  39. data/features_v4/rotate_api_key.feature +0 -13
  40. data/features_v4/step_definitions/api_steps.rb +0 -17
  41. data/features_v4/step_definitions/result_steps.rb +0 -3
  42. data/features_v4/support/env.rb +0 -23
  43. data/features_v4/support/world.rb +0 -12
  44. data/features_v4/variable_fields.feature +0 -11
  45. data/features_v4/variable_value.feature +0 -54
  46. data/lib/conjur/api/router/v4.rb +0 -206
  47. data/lib/conjur/api/router/v5.rb +0 -269
  48. /data/{features_v4 → features}/support/policy.yml +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0cc188b840c2f7ebf563ea87eac1a5fda70f5437808fe10d878ded402ad0dd93
4
- data.tar.gz: 77679ec286e918526412a0933a6a9e241047b52d644aa31ba823413df70a3569
3
+ metadata.gz: 12ce978d5cb26691a74513c1197065c11a7bab6281149288232cffc223402656
4
+ data.tar.gz: 88439b9a02e9e2e21061c3cc6af56af8cd7a67a576e16702ba3df59dda638879
5
5
  SHA512:
6
- metadata.gz: dd98f024f9afaa7a9cbb48ff9451efb8dda1249486465d5b64deb64dce4da46827ba1d79195369aa2b82e6a6e56a406dfbaa4034f44d9974639f15e4fcd1c229
7
- data.tar.gz: e591debab91ca3a9340b0a7b26735c21b07fb720bab8885c937eb661470733fc7911bed2e434399eadd59c04ff75621333088e8235e00139c4cc61a72186046b
6
+ metadata.gz: 25319c2ecf51a6b6a7e10051d0c8140b14f71ef41a5d1183b4c9e768194a2137c2e5b5691beeebb85b11bae85b96f9813895d20846e9dc92705322844cd5aab5
7
+ data.tar.gz: 38307b2e705826bb924404654f62a9aed257011664c8712d638fa271c3791305e20f5abf7ebaa879152d996631e1244eaa0438777ca18a68c89d6cf494aa16ac
data/.github/CODEOWNERS CHANGED
@@ -1,10 +1,10 @@
1
- * @cyberark/community-and-integrations-team @conjurinc/community-and-integrations-team @conjurdemos/community-and-integrations-team
1
+ * @cyberark/community-and-integrations-team @conjurinc/community-and-integrations-team @conjurdemos/community-and-integrations-team @conjur-enterprise/community-and-integrations
2
2
 
3
3
  # Changes to .trivyignore require Security Architect approval
4
- .trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
4
+ .trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects @conjur-enterprise/conjur-security
5
5
 
6
6
  # Changes to .codeclimate.yml require Quality Architect approval
7
- .codeclimate.yml @cyberark/quality-architects @conjurinc/quality-architects @conjurdemos/quality-architects
7
+ .codeclimate.yml @cyberark/quality-architects @conjurinc/quality-architects @conjurdemos/quality-architects @conjur-enterprise/conjur-quality
8
8
 
9
9
  # Changes to SECURITY.md require Security Architect approval
10
- SECURITY.md @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
10
+ SECURITY.md @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects @conjur-enterprise/conjur-security
data/.rubocop_todo.yml CHANGED
@@ -309,8 +309,7 @@ Lint/UnneededSplatExpansion:
309
309
  Lint/UnusedMethodArgument:
310
310
  Exclude:
311
311
  - 'lib/conjur/api.rb'
312
- - 'lib/conjur/api/router/v4.rb'
313
- - 'lib/conjur/api/router/v5.rb'
312
+ - 'lib/conjur/api/router.rb'
314
313
  - 'lib/conjur/base_object.rb'
315
314
  - 'lib/conjur/cache.rb'
316
315
  - 'lib/conjur/has_attributes.rb'
@@ -538,7 +537,7 @@ Style/MethodDefParentheses:
538
537
  - 'lib/conjur/acts_as_rolsource.rb'
539
538
  - 'lib/conjur/acts_as_user.rb'
540
539
  - 'lib/conjur/api.rb'
541
- - 'lib/conjur/api/router/v5.rb'
540
+ - 'lib/conjur/api/router.rb'
542
541
  - 'lib/conjur/configuration.rb'
543
542
  - 'lib/conjur/escape.rb'
544
543
  - 'lib/conjur/has_attributes.rb'
@@ -552,8 +551,7 @@ Style/MethodDefParentheses:
552
551
  # SupportedStyles: module_function, extend_self
553
552
  Style/ModuleFunction:
554
553
  Exclude:
555
- - 'lib/conjur/api/router/v4.rb'
556
- - 'lib/conjur/api/router/v5.rb'
554
+ - 'lib/conjur/api/router.rb'
557
555
 
558
556
  # Offense count: 1
559
557
  Style/MultilineBlockChain:
data/CHANGELOG.md CHANGED
@@ -9,7 +9,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
9
9
  - Nothing should go in this section, please add to the latest unreleased version
10
10
  (and update the corresponding date), or add a new version.
11
11
 
12
- ## [5.4.2] - 2023-09-11
12
+ ## [6.0.0] - 2023-12-28
13
+
14
+ ### Removed
15
+ - Remove support for Conjur V4 (CNJR-2935)
13
16
 
14
17
  ## [5.4.1] - 2023-06-14
15
18
 
@@ -386,8 +389,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
386
389
 
387
390
  ## [2.0.0] - 2013-13-12
388
391
 
389
- [Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.4.1...HEAD
390
- [5.4.2]: https://github.com/cyberark/conjur-api-ruby/compare/v5.4.1...v5.4.2
392
+ [Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v6.0.0...HEAD
393
+ [6.0.0]: https://github.com/cyberark/conjur-api-ruby/compare/v5.4.1...v6.0.0
391
394
  [5.4.1]: https://github.com/cyberark/conjur-api-ruby/compare/v5.4.0...v5.4.1
392
395
  [5.4.0]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.7...v5.4.0
393
396
  [5.3.7]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.6...v5.3.7
data/CONTRIBUTING.md CHANGED
@@ -7,26 +7,29 @@ For general contribution and community guidelines, please see the [community rep
7
7
  1. [Fork the project](https://help.github.com/en/github/getting-started-with-github/fork-a-repo)
8
8
  2. [Clone your fork](https://help.github.com/en/github/creating-cloning-and-archiving-repositories/cloning-a-repository)
9
9
  3. Make local changes to your fork by editing files
10
- 3. [Commit your changes](https://help.github.com/en/github/managing-files-in-a-repository/adding-a-file-to-a-repository-using-the-command-line)
11
- 4. [Push your local changes to the remote server](https://help.github.com/en/github/using-git/pushing-commits-to-a-remote-repository)
12
- 5. [Create new Pull Request](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)
10
+ 4. [Commit your changes](https://help.github.com/en/github/managing-files-in-a-repository/adding-a-file-to-a-repository-using-the-command-line)
11
+ 5. [Push your local changes to the remote server](https://help.github.com/en/github/using-git/pushing-commits-to-a-remote-repository)
12
+ 6. [Create new Pull Request](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)
13
13
 
14
14
  From here your pull request will be reviewed and once you've responded to all
15
15
  feedback it will be merged into the project. Congratulations, you're a
16
16
  contributor!
17
17
 
18
+ ## Development
18
19
 
19
- ## Development (V5)
20
- To develop and run tests against Conjur V5, use the `start` and `stop` scripts in the `dev` folder. The start script brings up an open source Conjur (and Postgres database), CLI container, and a "work" container, with the gem code mounted into the working directory.
20
+ To develop and run tests against Conjur, use the `start` and `stop` scripts in the `dev` folder. The start script brings up an open source Conjur (and Postgres database), CLI container, and a "work" container, with the gem code mounted into the working directory.
21
21
 
22
22
  ### Starting a Shell
23
+
23
24
  To begin:
25
+
24
26
  ```sh
25
27
  $ cd dev
26
28
  $ ./start
27
29
  ...
28
30
  root@9df0ac10ada2:/src/conjur-api#
29
31
  ```
32
+
30
33
  You'll be dropped into development container upon completion. From there, install the development gems:
31
34
 
32
35
  ```sh
@@ -34,20 +37,19 @@ root@9df0ac10ada2:/src/conjur-api# bundle
34
37
  ```
35
38
 
36
39
  #### Running Tests
37
- *NOTE*: There are some existing challenges around running tests from the development console. For now, run tests
38
- by using the `./test.sh` script utilized for Jenkins Pipelines.
39
-
40
- <!--
41
- Commented out until I can get tests running locally
42
40
 
43
41
  Tests can be run with:
42
+
44
43
  ```sh
45
44
  root@9df0ac10ada2:/src/conjur-api# bundle exec cucumber features
46
45
  root@9df0ac10ada2:/src/conjur-api# bundle exec rspec
47
46
  ```
48
- -->
47
+
48
+ Note: At the moment some of the cucumber tests are failing when run in the development container.
49
+ You can use the CI script, `test.sh` to run the full test suite instead.
49
50
 
50
51
  #### Stopping & Environment Cleanup
52
+
51
53
  Once you're done, exit the shell, and stop the containers:
52
54
 
53
55
  ```sh
@@ -55,59 +57,10 @@ root@9df0ac10ada2:/src/conjur-api# exit
55
57
  $ ./stop
56
58
  ```
57
59
 
58
- ## Development (V4)
59
-
60
- The file `docker-compose.yml` is a self-contained development environment for the project.
61
-
62
- ### Starting
63
-
64
- To bring it up, run:
65
-
66
- ```sh-session
67
- $ docker-compose build
68
- $ docker-compose up -d pg conjur_4 conjur_5
69
- ```
70
-
71
- Then configure the v4 and v5 servers:
72
-
73
- ```sh-session
74
- $ ./ci/configure_v4.sh
75
- ...
76
- $ ./ci/configure_v5.sh
77
- ...
78
- ```
79
-
80
- ### Using
81
-
82
- Obtain the API key for the v5 admin user:
83
-
84
- ```
85
- $ docker-compose exec conjur_5 rake 'role:retrieve-key[cucumber:user:admin]'
86
- 3aezp05q3wkem3hmegymwzz8wh3bs3dr6xx3y3m2q41k5ymebkc
87
- ```
88
-
89
- The password of the v4 admin user is "secret".
90
-
91
- Now you can run the client `dev` container:
92
-
93
- ```sh-session
94
- $ docker-compose run --rm dev
95
- ```
96
-
97
- This gives you a shell session with `conjur_4` and `conjur_5` available as linked containers.
98
-
99
60
  ### Demos
100
61
 
101
- For a v5 demo, run:
102
-
103
62
  ```sh-session
104
- $ bundle exec ./example/demo_v5.rb <admin-api-key>
105
- ```
106
-
107
- For a v4 demo, run:
108
-
109
- ```sh-session
110
- $ bundle exec ./example/demo_v4.rb
63
+ bundle exec ./example/demo.rb <admin-api-key>
111
64
  ```
112
65
 
113
66
  ### Stopping
@@ -115,7 +68,7 @@ $ bundle exec ./example/demo_v4.rb
115
68
  To bring it down, run:
116
69
 
117
70
  ```sh-session
118
- $ docker-compose down
71
+ docker compose down
119
72
  ```
120
73
 
121
74
  ## Releasing
@@ -123,16 +76,19 @@ $ docker-compose down
123
76
  ### Update the version and changelog
124
77
 
125
78
  1. Create a new branch for the version bump.
79
+ 1. Based on the changelog content, determine the new version number and update.
80
+ 1. Review the [changelog](CHANGELOG.md) to make sure all relevant changes since
81
+ the last release have been captured. You may find it helpful to look at the
82
+ list of commits since the last release.
83
+
84
+ This is also a good time to make sure all entries conform to our
85
+ [changelog guidelines](https://github.com/cyberark/community/blob/main/Conjur/CONTRIBUTING.md#changelog-guidelines).
126
86
  1. Commit these changes - `Bump version to x.y.z` is an acceptable commit message - and open a PR
127
87
  for review. Your PR should include updates to `CHANGELOG.md`.
128
88
 
129
- ### Add a git tag
130
-
131
- 1. Once your changes have been **reviewed and merged into main**, tag the version
132
- using `git tag -a "vx.y.z" -m "vx.y.z release"`. Note this requires you to be able to sign releases.
133
- Consult the [github documentation on signing commits](https://help.github.com/articles/signing-commits-with-gpg/)
134
- on how to set this up. `vx.y.z release` is an acceptable tag message.
135
- 1. Push the tag: `git push vx.y.z` (or `git push origin vx.y.z` if you are working
136
- from your local machine).
89
+ ### Release and Promote
137
90
 
138
- After pushing the tag, a matching version will be published to [RubyGems](https://rubygems.org/gems/conjur-api/versions)!
91
+ 1. Jenkins build parameters can be utilized to release and promote successful builds.
92
+ 1. Merging into main/master branches will automatically trigger a release.
93
+ 1. Reference the [internal automated release doc](https://github.com/conjurinc/docs/blob/master/reference/infrastructure/automated_releases.md#release-and-promotion-process)
94
+ for releasing and promoting.
data/Jenkinsfile CHANGED
@@ -1,5 +1,7 @@
1
1
  #!/usr/bin/env groovy
2
2
 
3
+ @Library("product-pipelines-shared-library") _
4
+
3
5
  // Automated release, promotion and dependencies
4
6
  properties([
5
7
  release.addParams()
@@ -9,11 +11,14 @@ if (params.MODE == "PROMOTE") {
9
11
  release.promote(params.VERSION_TO_PROMOTE) { sourceVersion, targetVersion, assetDirectory ->
10
12
  sh './publish.sh'
11
13
  }
14
+
15
+ // Copy Github Enterprise release to Github
16
+ release.copyEnterpriseRelease(params.VERSION_TO_PROMOTE)
12
17
  return
13
18
  }
14
19
 
15
20
  pipeline {
16
- agent { label 'executor-v2' }
21
+ agent { label 'conjur-enterprise-common-agent' }
17
22
 
18
23
  options {
19
24
  timestamps()
@@ -42,18 +47,26 @@ pipeline {
42
47
  }
43
48
  }
44
49
  }
50
+
51
+ stage('Get InfraPool Agent') {
52
+ steps {
53
+ script {
54
+ INFRAPOOL_EXECUTORV2_AGENT_0 = getInfraPoolAgent.connected(type: "ExecutorV2", quantity: 1, duration: 1)[0]
55
+ }
56
+ }
57
+ }
58
+
45
59
  stage('Validate Changelog and set version') {
46
60
  steps {
47
- parseChangelog()
48
- updateVersion("CHANGELOG.md", "${BUILD_NUMBER}")
61
+ parseChangelog(INFRAPOOL_EXECUTORV2_AGENT_0)
62
+ updateVersion(INFRAPOOL_EXECUTORV2_AGENT_0, "CHANGELOG.md", "${BUILD_NUMBER}")
49
63
  }
50
64
  }
51
65
 
52
66
  stage('Prepare CC Report Dir'){
53
67
  steps {
54
68
  script {
55
- ccCoverage.dockerPrep()
56
- sh 'mkdir -p coverage'
69
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentSh 'mkdir -p coverage'
57
70
  }
58
71
  }
59
72
  }
@@ -63,13 +76,14 @@ pipeline {
63
76
  RUBY_VERSION = '3.0'
64
77
  }
65
78
  steps {
66
- sh("./test.sh")
79
+ script {
80
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentSh "./test.sh"
81
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentStash name: 'reports3.0', includes: '**/reports/*.xml'
82
+ }
67
83
  }
68
84
  post {
69
85
  always {
70
- junit 'spec/reports/*.xml'
71
- junit 'features/reports/*.xml'
72
- junit 'features_v4/reports/*.xml'
86
+ unstash 'reports3.0'
73
87
  }
74
88
  }
75
89
  }
@@ -79,13 +93,14 @@ pipeline {
79
93
  RUBY_VERSION = '3.1'
80
94
  }
81
95
  steps {
82
- sh("./test.sh")
96
+ script {
97
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentSh "./test.sh"
98
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentStash name: 'reports3.1', includes: '**/reports/*.xml'
99
+ }
83
100
  }
84
101
  post {
85
102
  always {
86
- junit 'spec/reports/*.xml'
87
- junit 'features/reports/*.xml'
88
- junit 'features_v4/reports/*.xml'
103
+ unstash 'reports3.1'
89
104
  }
90
105
  }
91
106
  }
@@ -95,27 +110,49 @@ pipeline {
95
110
  RUBY_VERSION = '3.2'
96
111
  }
97
112
  steps {
98
- sh("./test.sh")
113
+ script {
114
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentSh "./test.sh"
115
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentStash name: 'reports3.2', includes: '**/reports/*.xml'
116
+ }
99
117
  }
100
118
  post {
101
119
  always {
102
- junit 'spec/reports/*.xml'
103
- junit 'features/reports/*.xml'
104
- junit 'features_v4/reports/*.xml'
120
+ unstash 'reports3.2'
105
121
  }
106
122
  }
107
123
  }
108
124
 
109
125
  stage('Submit Coverage Report'){
110
126
  steps{
111
- sh 'ci/submit-coverage'
127
+ script {
128
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentStash name: 'coverage', includes: '**/coverage/**'
129
+ }
130
+ unstash 'coverage'
131
+
132
+ cobertura autoUpdateHealth: false,
133
+ autoUpdateStability: false,
134
+ coberturaReportFile: 'coverage/coverage.xml',
135
+ conditionalCoverageTargets: '70, 0, 0',
136
+ failUnhealthy: false,
137
+ failUnstable: false,
138
+ maxNumberOfBuilds: 0,
139
+ lineCoverageTargets: '70, 0, 0',
140
+ methodCoverageTargets: '70, 0, 0',
141
+ onlyStable: false,
142
+ sourceEncoding: 'ASCII',
143
+ zoomCoverageChart: false
144
+
112
145
  publishHTML([reportDir: 'coverage', reportFiles: 'index.html', reportName: 'Coverage Report', reportTitles: '',
113
146
  allowMissing: false, alwaysLinkToLastBuild: true, keepAll: true])
147
+ codacy action: 'reportCoverage', filePath: "coverage/coverage.xml"
114
148
  }
115
149
 
116
150
  post {
117
151
  always {
118
- archiveArtifacts artifacts: "coverage/.resultset.json", fingerprint: false
152
+ // only call junit once to submit all reports, otherwise it will only submit reports
153
+ // from the last junit call as it overwrites the previously submitted reports
154
+ junit '**/reports/*.xml'
155
+ archiveArtifacts artifacts: "coverage/coverage.xml", fingerprint: false
119
156
  }
120
157
  }
121
158
  }
@@ -128,16 +165,18 @@ pipeline {
128
165
  }
129
166
 
130
167
  steps {
131
- release {
132
- // Clean up all but the calculated VERSION
133
- sh '''docker run -i --rm -v $(pwd):/src -w /src --entrypoint /bin/sh alpine/git \
134
- -c "git config --global --add safe.directory /src && \
135
- git clean -fdx \
136
- -e VERSION \
137
- -e bom-assets/ \
138
- -e release-assets" '''
139
- sh './publish.sh'
140
- sh 'cp conjur-api-*.gem release-assets/.'
168
+ script {
169
+ release(INFRAPOOL_EXECUTORV2_AGENT_0) {
170
+ // Clean up all but the calculated VERSION
171
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentSh '''docker run -i --rm -v $(pwd):/src -w /src --entrypoint /bin/sh alpine/git \
172
+ -c "git config --global --add safe.directory /src && \
173
+ git clean -fdx \
174
+ -e VERSION \
175
+ -e bom-assets/ \
176
+ -e release-assets" '''
177
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentSh './publish.sh'
178
+ INFRAPOOL_EXECUTORV2_AGENT_0.agentSh 'cp conjur-api-*.gem release-assets/.'
179
+ }
141
180
  }
142
181
  }
143
182
  }
@@ -145,7 +184,7 @@ pipeline {
145
184
 
146
185
  post {
147
186
  always {
148
- cleanupAndNotify(currentBuild.currentResult)
187
+ releaseInfraPoolAgent(".infrapool/release_agents")
149
188
  }
150
189
  }
151
190
  }
data/README.md CHANGED
@@ -4,26 +4,6 @@ Programmatic Ruby access to the Conjur API.
4
4
 
5
5
  RDocs are available from the through the [Ruby Gem details page](https://rubygems.org/gems/conjur-api)
6
6
 
7
- # Server Versions
8
-
9
- The Conjur server comes in two major versions:
10
-
11
- * **4.x** Conjur 4 is a commercial, non-open-source product, which is documented at [https://developer.conjur.net/](https://developer.conjur.net/).
12
- * **5.x** Conjur 5 is open-source software, hosted and documented at [https://www.conjur.org/](https://www.conjur.org/).
13
-
14
- You can use the `main` branch of this project, which is `conjur-api` version `5.x`, to do all of the following things against either type of Conjur server:
15
-
16
- * Authenticate
17
- * Fetch secrets
18
- * Check permissions
19
- * List roles, resources, members, memberships and permitted roles.
20
- * Create hosts using host factory
21
- * Rotate API keys
22
-
23
- Use the configuration setting `Conjur.configuration.version` to select your server version, or set the environment variable `CONJUR_VERSION`. In either case, the valid values are `4` and `5`; the default is `5`.
24
-
25
- If you are using Conjur server version `4.x`, you can also choose to use the `conjur-api` version `4.x`. In this case, the `Configuration.version` setting is not required (actually, it doesn't exist).
26
-
27
7
  ## Using conjur-api-ruby with Conjur Open Source
28
8
 
29
9
  Are you using this project with [Conjur Open Source](https://github.com/cyberark/conjur)? Then we
@@ -33,7 +13,7 @@ Conjur maintainers perform additional testing on the suite release versions to e
33
13
  compatibility. When possible, upgrade your Conjur version to match the
34
14
  [latest suite release](https://docs.conjur.org/Latest/en/Content/ReleaseNotes/ConjurOSS-suite-RN.htm);
35
15
  when using integrations, choose the latest suite release that matches your Conjur version. For any
36
- questions, please contact us on [Discourse](https://discuss.cyberarkcommons.org/c/conjur/5).
16
+ questions, please contact us on [Discourse](https://discuss.cyberarkcommons.org/).
37
17
 
38
18
  # Installation
39
19
 
data/Rakefile CHANGED
@@ -23,11 +23,7 @@ begin
23
23
  require 'cucumber'
24
24
  require 'cucumber/rake/task'
25
25
 
26
- Cucumber::Rake::Task.new(:cucumber_4) do |t|
27
- t.cucumber_opts = "--tags ~@wip --format pretty --format junit --out features_v4/reports -r features_v4/step_definitions/ -r features_v4/support/ features_v4/"
28
- end
29
-
30
- Cucumber::Rake::Task.new(:cucumber_5) do |t|
26
+ Cucumber::Rake::Task.new(:cucumber) do |t|
31
27
  t.cucumber_opts = "--tags ~@wip --format pretty --format junit --out features/reports"
32
28
  end
33
29
 
@@ -36,8 +32,7 @@ begin
36
32
  desc "Run the spec and cucumber suites, compute the test results and coverage statistics, build Yard docs"
37
33
  task :jenkins_init => [ :init_coverage, :cuke_report_cleanup ]
38
34
  task :jenkins_spec => [ :"ci:setup:rspec", :spec ]
39
- task :jenkins_cucumber_v4 => [ :cucumber_4 ]
40
- task :jenkins_cucumber_v5 => [ :cucumber_5 ]
35
+ task :jenkins_cucumber => [ :cucumber ]
41
36
  rescue LoadError
42
37
  warn "ci_reporter_rspec not found, jenkins task will be unavailable"
43
38
  end
data/VERSION CHANGED
@@ -1 +1 @@
1
- 5.4.2-638
1
+ 6.0.0-94
@@ -2,7 +2,7 @@
2
2
 
3
3
  source ./ci/oauth/keycloak/keycloak_functions.sh
4
4
 
5
- cat << "CONFIGURE" | docker exec -i $(docker-compose ps -q conjur_5) bash
5
+ cat << "CONFIGURE" | docker exec -i $(docker compose ps -q conjur) bash
6
6
  set -e
7
7
 
8
8
  for _ in $(seq 20); do
@@ -12,7 +12,7 @@ function _hydrate_keycloak_env_args() {
12
12
  set -o pipefail
13
13
  # Note: This prints all lines that look like:
14
14
  # KEYCLOAK_XXX=someval
15
- docker-compose exec -T ${KEYCLOAK_SERVICE_NAME} printenv | awk '/KEYCLOAK/'
15
+ docker compose exec -T ${KEYCLOAK_SERVICE_NAME} printenv | awk '/KEYCLOAK/'
16
16
  )
17
17
 
18
18
  # shellcheck disable=SC2034
@@ -30,14 +30,14 @@ function _hydrate_keycloak_env_args() {
30
30
  # _create_keycloak_user '$APP_USER' '$APP_PW' '$APP_EMAIL'
31
31
  #
32
32
  # This is because those variables are not available to this script. They are
33
- # available to bash commands run via "docker-compose exec keycloak bash
33
+ # available to bash commands run via "docker compose exec keycloak bash
34
34
  # -c...", since they're defined in the docker-compose.yml.
35
35
  function _create_keycloak_user() {
36
36
  local user_var=$1
37
37
  local pw_var=$2
38
38
  local email_var=$3
39
39
 
40
- docker-compose exec -T \
40
+ docker compose exec -T \
41
41
  ${KEYCLOAK_SERVICE_NAME} \
42
42
  bash -c "/scripts/create_user \"$user_var\" \"$pw_var\" \"$email_var\""
43
43
  }
@@ -45,7 +45,7 @@ function _create_keycloak_user() {
45
45
  function create_keycloak_users() {
46
46
  echo "Defining keycloak client"
47
47
 
48
- docker-compose exec -T ${KEYCLOAK_SERVICE_NAME} /scripts/create_client
48
+ docker compose exec -T ${KEYCLOAK_SERVICE_NAME} /scripts/create_client
49
49
 
50
50
  echo "Creating user 'alice' in Keycloak"
51
51
 
@@ -58,7 +58,7 @@ function create_keycloak_users() {
58
58
  }
59
59
 
60
60
  function wait_for_keycloak_server() {
61
- docker-compose exec -T \
61
+ docker compose exec -T \
62
62
  ${KEYCLOAK_SERVICE_NAME} /scripts/wait_for_server
63
63
  }
64
64
 
@@ -66,6 +66,6 @@ function fetch_keycloak_certificate() {
66
66
  # there's a dep on the docker-compose.yml volumes.
67
67
  # Fetch SSL cert to communicate with keycloak (OIDC provider).
68
68
  echo "Initialize keycloak certificate in conjur server"
69
- docker-compose exec -T \
70
- conjur_5 /scripts/fetch_certificate
69
+ docker compose exec -T \
70
+ conjur /scripts/fetch_certificate
71
71
  }
data/conjur-api.gemspec CHANGED
@@ -32,6 +32,7 @@ Gem::Specification.new do |gem|
32
32
  gem.add_development_dependency 'cucumber', '~> 2.99'
33
33
  gem.add_development_dependency 'ci_reporter_rspec'
34
34
  gem.add_development_dependency 'simplecov', '~> 0.17', '< 0.18'
35
+ gem.add_development_dependency 'simplecov-cobertura'
35
36
  gem.add_development_dependency 'io-grab'
36
37
  gem.add_development_dependency 'rdoc'
37
38
  gem.add_development_dependency 'yard'
@@ -1,27 +1,21 @@
1
1
  version: '3'
2
2
  services:
3
3
  pg:
4
- image: postgres:9.3
4
+ image: postgres:15
5
+ environment:
6
+ POSTGRES_HOST_AUTH_METHOD: trust
5
7
 
6
- conjur_5:
8
+ conjur:
7
9
  image: cyberark/conjur
8
10
  command: server -a cucumber
9
11
  environment:
10
12
  DATABASE_URL: postgres://postgres@pg/postgres
11
13
  CONJUR_DATA_KEY: 'WMfApcDBtocRWV+ZSUP3Tjr5XNU+Z2FdBb6BEezejIs='
12
14
  volumes:
13
- - authn_local_5:/run/authn-local
15
+ - authn_local:/run/authn-local
14
16
  depends_on:
15
17
  - pg
16
18
 
17
- conjur_4:
18
- image: registry2.itci.conjur.net/conjur-appliance-cuke-master:4.9-stable
19
- security_opt:
20
- - seccomp:unconfined
21
- volumes:
22
- - ../features_v4/support/policy.yml:/etc/policy.yml
23
- - authn_local_4:/run/authn-local
24
-
25
19
  gem:
26
20
  build:
27
21
  context: ../
@@ -29,28 +23,25 @@ services:
29
23
  entrypoint: sleep
30
24
  command: infinity
31
25
  environment:
32
- CONJUR_APPLIANCE_URL: http://conjur_5
33
- CONJUR_VERSION: 5
26
+ CONJUR_APPLIANCE_URL: http://conjur
34
27
  CONJUR_ACCOUNT: cucumber
35
28
  links:
36
- - conjur_5:conjur_5
37
- - conjur_4:conjur_4
29
+ - conjur:conjur
38
30
  volumes:
39
31
  - ..:/src/conjur-api
40
- - authn_local_4:/run/authn-local-4
41
- - authn_local_5:/run/authn-local-5
32
+ - authn_local:/run/authn-local
42
33
 
43
34
  client:
35
+ # TODO: Upgrade to V8
44
36
  image: conjurinc/cli5
45
37
  entrypoint: sleep
46
38
  command: infinity
47
39
  environment:
48
- CONJUR_APPLIANCE_URL: http://conjur_5
40
+ CONJUR_APPLIANCE_URL: http://conjur
49
41
  CONJUR_ACCOUNT: cucumber
50
42
  CONJUR_AUTHN_LOGIN: admin
51
43
  links:
52
- - conjur_5:conjur_5
44
+ - conjur:conjur
53
45
 
54
46
  volumes:
55
- authn_local_5:
56
- authn_local_4:
47
+ authn_local:
data/dev/start CHANGED
@@ -1,14 +1,14 @@
1
1
  #!/bin/bash -ex
2
2
 
3
- function v5_development() {
4
- docker-compose up -d --no-deps conjur_5 pg gem client
3
+ function development() {
4
+ docker compose up -d --no-deps conjur pg gem client
5
5
 
6
- docker-compose exec -T conjur_5 conjurctl wait
6
+ docker compose exec -T conjur conjurctl wait
7
7
 
8
- local api_key=$(docker-compose exec -T conjur_5 rake 'role:retrieve-key[cucumber:user:admin]')
9
- api_key=$(docker-compose exec -T conjur_5 conjurctl role retrieve-key cucumber:user:admin | tr -d '\r')
8
+ local api_key=$(docker compose exec -T conjur rake 'role:retrieve-key[cucumber:user:admin]')
9
+ api_key=$(docker compose exec -T conjur conjurctl role retrieve-key cucumber:user:admin | tr -d '\r')
10
10
 
11
- docker exec -e CONJUR_AUTHN_API_KEY="$api_key" -it --detach-keys 'ctrl-\' $(docker-compose ps -q gem) bash
11
+ docker exec -e CONJUR_AUTHN_API_KEY="$api_key" -it --detach-keys 'ctrl-\' $(docker compose ps -q gem) bash
12
12
  }
13
13
 
14
14
  # Set up VERSION file for local development
@@ -16,7 +16,7 @@ if [ ! -f "../VERSION" ]; then
16
16
  echo -n "0.0.dev" > ../VERSION
17
17
  fi
18
18
 
19
- docker-compose pull
20
- docker-compose build
19
+ docker compose pull
20
+ docker compose build
21
21
 
22
- v5_development
22
+ development