conjur-api 5.3.2 → 5.3.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 184486b0770526d9426247e1d6add16572cc73791a160bc828265ea39f01e288
4
- data.tar.gz: 35f3aae54507b549c5c43e7b66034eff28ab4ed331574c4f80301c32c6c42070
3
+ metadata.gz: 4d068a6fcf42161573c1d317260549dd7e30001e1c53d9edeb36e8c8646f7db7
4
+ data.tar.gz: 0ea117aee05921d67c2feef6b863fae286f5556833134f410dbab73a18cc13b9
5
5
  SHA512:
6
- metadata.gz: b289c3c2e41af4e7847d08b0a7229df9d9a96a2ef1c981ad6ac69bc1db588f99e4f63467152678d34f55c37eeb2ae30daf7ed55f39eb8e3ec9630b1749af6509
7
- data.tar.gz: 0a3aba01a8046572a9a1dfea88a71c250727731e2df836f2a262c70a08514dde2b8281c544feb55243fd081f9da0dabf13ecaa7a99bf5d7adf86c0ed1fc7d370
6
+ metadata.gz: bda454b83559d845aad1a5b13e824937f9574420c9c14d0743fd93c56f79ac6de462648901bc3c9d7612ad6243099a659f1292d9b4fe7628865e6f6ca8dfa562
7
+ data.tar.gz: a6e5d7397c882d4d43ee95eead36bf51519fa5d6ea7c754b0c2648388769b9800180df8757c1ac5d3e968738e6e92dd013ba71c08686f2a3e6f85b1700556558
@@ -0,0 +1,10 @@
1
+ * @cyberark/conjur-core-team @conjurinc/conjur-core-team @conjurdemos/conjur-core-team
2
+
3
+ # Changes to .trivyignore require Security Architect approval
4
+ .trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
5
+
6
+ # Changes to .codeclimate.yml require Quality Architect approval
7
+ .codeclimate.yml @cyberark/quality-architects @conjurinc/quality-architects @conjurdemos/quality-architects
8
+
9
+ # Changes to SECURITY.md require Security Architect approval
10
+ SECURITY.md @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
@@ -23,5 +23,20 @@ A clear and concise description of what you expected to happen.
23
23
  ## Actual Results (including error logs, if applicable)
24
24
  A clear and concise description of what actually did happen.
25
25
 
26
+ ## Reproducible
27
+ * [ ] Always
28
+ * [ ] Sometimes
29
+ * [ ] Non-Reproducible
30
+
31
+ ## Version/Tag number
32
+ What version of the product are you running? Any version info that you can share is helpful.
33
+ For example, you might give the version from Docker logs, the Docker tag, a specific download URL,
34
+ the output of the `/info` route, etc.
35
+
36
+ ## Environment setup
37
+ Can you describe the environment in which this product is running? Is it running on a VM / in a container / in a cloud?
38
+ Which cloud provider? Which container orchestrator (including version)?
39
+ The more info you can share about your runtime environment, the better we may be able to reproduce the issue.
40
+
26
41
  ## Additional Information
27
- Add any other context about the problem here.
42
+ Add any other context about the problem here.
@@ -0,0 +1,21 @@
1
+ ### What does this PR do?
2
+ - _What's changed? Why were these changes made?_
3
+ - _How should the reviewer approach this PR, especially if manual tests are required?_
4
+ - _Are there relevant screenshots you can add to the PR description?_
5
+
6
+ ### What ticket does this PR close?
7
+ Connected to #[relevant GitHub issues, eg 76]
8
+
9
+ ### Checklists
10
+
11
+ #### Change log
12
+ - [ ] The CHANGELOG has been updated, or
13
+ - [ ] This PR does not include user-facing changes and doesn't require a CHANGELOG update
14
+
15
+ #### Test coverage
16
+ - [ ] This PR includes new unit and integration tests to go with the code changes, or
17
+ - [ ] The changes in this PR do not require tests
18
+
19
+ #### Documentation
20
+ - [ ] Docs (e.g. `README`s) were updated in this PR, and/or there is a follow-on issue to update docs, or
21
+ - [ ] This PR does not require updating any documentation
@@ -6,6 +6,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## [5.3.3] - 2020-08-18
10
+ ### Changed
11
+ - Release process is updated to ensure that the published Ruby Gem matches a tag in this repository,
12
+ so that consumers of this gem can always reference the correct source code included in any given version.
13
+ [cyberark/conjur-api-ruby](https://github.com/cyberark/conjur-api-ruby/issues/173)
14
+
9
15
  ## 5.3.2 - 2018-09-24
10
16
  ### Added
11
17
  - Add `Conjur::API.authenticator_list`, `Conjur::API.authenticator_enable`, and
@@ -315,7 +321,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
315
321
 
316
322
  ## [2.0.0] - 2013-13-12
317
323
 
318
- [Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.1...HEAD
324
+ [Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.3...HEAD
325
+ [5.3.3]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.1...v5.3.3
319
326
  [5.3.1]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.0...v5.3.1
320
327
  [5.3.0]: https://github.com/cyberark/conjur-api-ruby/compare/v5.1.0...v5.3.0
321
328
  [5.1.0]: https://github.com/cyberark/conjur-api-ruby/compare/v5.0.0...v5.1.0
@@ -120,30 +120,22 @@ $ docker-compose down
120
120
 
121
121
  ## Releasing
122
122
 
123
- Releasing a new version of this Gem involves a two step process:
124
- 1. Tag and Release (using `bin/release`)
125
- 2. Approving the push to RubyGems in Jenkins
123
+ ### Update the version and changelog
126
124
 
127
- ### Step 1: Tag and Release
125
+ 1. Create a new branch for the version bump.
126
+ 1. Based on the unreleased content, determine the new version number and update
127
+ the [version.rb](lib/conjur-api/version.rb) file.
128
+ 1. Commit these changes - `Bump version to x.y.z` is an acceptable commit message - and open a PR
129
+ for review. Your PR should include updates to `lib/conjur-api/version.rb`, and
130
+ `CHANGELOG.md`.
128
131
 
129
- First, update the following files:
132
+ ### Add a git tag
130
133
 
131
- - The version file (`lib/conjur-api/version.rb`) has been updated with an appropriate Semantic version number.
132
- - The `CHANGELOG.md` file has been updated to reflect the release version and appropriate release notes.
134
+ 1. Once your changes have been **reviewed and merged into master**, tag the version
135
+ using `git tag -a "vx.y.z" -m "vx.y.z release"`. Note this requires you to be able to sign releases.
136
+ Consult the [github documentation on signing commits](https://help.github.com/articles/signing-commits-with-gpg/)
137
+ on how to set this up. `vx.y.z release` is an acceptable tag message.
138
+ 1. Push the tag: `git push vx.y.z` (or `git push origin vx.y.z` if you are working
139
+ from your local machine).
133
140
 
134
- Next, save -- but do not commit -- the changes above.
135
-
136
- Finally, when you're ready to release, run the following:
137
-
138
- ```sh
139
- $ bin/release
140
- ```
141
-
142
- ### Step 2: Approve the push to RubyGems in Jenkins
143
-
144
- - Navigate to Jenkins: https://jenkins.conjur.net/job/cyberark--conjur-api-ruby/job/master/.
145
- - Once the pipeline reaches the `Publish to RubyGems?` stage, click the blue box, and then click `Logs`.
146
- - Open the confirmation step (`Wait for interactive input -- Publish to RubyGems?`), and click `Proceed`. Nothing appears to happen, but the "Publish" stage will be run.
147
- - Finally, verify that the new library is present in RubyGems: https://rubygems.org/gems/conjur-api
148
-
149
- The release is now complete.
141
+ After pushing the tag, a matching version will be published to [RubyGems](https://rubygems.org/gems/conjur-api/versions)!
@@ -40,34 +40,11 @@ pipeline {
40
40
  }
41
41
  }
42
42
 
43
- // Only publish to RubyGems if branch is 'master'
44
- // AND someone confirms this stage within 5 minutes
43
+ // Only publish to RubyGems if the tag begins with 'v' ex) v5.3.2
45
44
  stage('Publish to RubyGems?') {
46
- agent { label 'releaser-v2' }
45
+ agent { label 'executor-v2' }
47
46
 
48
- when {
49
- allOf {
50
- branch 'master'
51
- expression {
52
- boolean publish = false
53
-
54
- if (env.PUBLISH_GEM == "true") {
55
- return true
56
- }
57
-
58
- try {
59
- timeout(time: 5, unit: 'MINUTES') {
60
- input(message: 'Publish to RubyGems?')
61
- publish = true
62
- }
63
- } catch (final ignore) {
64
- publish = false
65
- }
66
-
67
- return publish
68
- }
69
- }
70
- }
47
+ when { tag "v*" }
71
48
  steps {
72
49
  // Clean up first
73
50
  sh 'docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd'
data/README.md CHANGED
@@ -24,6 +24,17 @@ Use the configuration setting `Conjur.configuration.version` to select your serv
24
24
 
25
25
  If you are using Conjur server version `4.x`, you can also choose to use the `conjur-api` version `4.x`. In this case, the `Configuration.version` setting is not required (actually, it doesn't exist).
26
26
 
27
+ ## Using conjur-api-ruby with Conjur OSS
28
+
29
+ Are you using this project with [Conjur OSS](https://github.com/cyberark/conjur)? Then we
30
+ **strongly** recommend choosing the version of this project to use from the latest [Conjur OSS
31
+ suite release](https://docs.conjur.org/Latest/en/Content/Overview/Conjur-OSS-Suite-Overview.html).
32
+ Conjur maintainers perform additional testing on the suite release versions to ensure
33
+ compatibility. When possible, upgrade your Conjur version to match the
34
+ [latest suite release](https://docs.conjur.org/Latest/en/Content/ReleaseNotes/ConjurOSS-suite-RN.htm);
35
+ when using integrations, choose the latest suite release that matches your Conjur version. For any
36
+ questions, please contact us on [Discourse](https://discuss.cyberarkcommons.org/c/conjur/5).
37
+
27
38
  # Installation
28
39
 
29
40
  Add this line to your application's Gemfile:
@@ -0,0 +1,42 @@
1
+ # Security Policies and Procedures
2
+
3
+ This document outlines security procedures and general policies for the CyberArk Conjur
4
+ suite of tools and products.
5
+
6
+ * [Reporting a Bug](#reporting-a-bug)
7
+ * [Disclosure Policy](#disclosure-policy)
8
+ * [Comments on this Policy](#comments-on-this-policy)
9
+
10
+ ## Reporting a Bug
11
+
12
+ The CyberArk Conjur team and community take all security bugs in the Conjur suite seriously.
13
+ Thank you for improving the security of the Conjur suite. We appreciate your efforts and
14
+ responsible disclosure and will make every effort to acknowledge your
15
+ contributions.
16
+
17
+ Report security bugs by emailing the lead maintainers at security@conjur.org.
18
+
19
+ The maintainers will acknowledge your email within 2 business days. Subsequently, we will
20
+ send a more detailed response within 2 business days of our acknowledgement indicating
21
+ the next steps in handling your report. After the initial reply to your report, the security
22
+ team will endeavor to keep you informed of the progress towards a fix and full
23
+ announcement, and may ask for additional information or guidance.
24
+
25
+ Report security bugs in third-party modules to the person or team maintaining
26
+ the module.
27
+
28
+ ## Disclosure Policy
29
+
30
+ When the security team receives a security bug report, they will assign it to a
31
+ primary handler. This person will coordinate the fix and release process,
32
+ involving the following steps:
33
+
34
+ * Confirm the problem and determine the affected versions.
35
+ * Audit code to find any potential similar problems.
36
+ * Prepare fixes for all releases still under maintenance. These fixes will be
37
+ released as fast as possible.
38
+
39
+ ## Comments on this Policy
40
+
41
+ If you have suggestions on how this process could be improved please submit a
42
+ pull request.
@@ -19,6 +19,6 @@
19
19
 
20
20
  module Conjur
21
21
  class API
22
- VERSION = "5.3.2"
22
+ VERSION = "5.3.3"
23
23
  end
24
24
  end
data/test.sh CHANGED
@@ -12,6 +12,9 @@ function publishToCodeClimate() {
12
12
  docker build -f ci/codeclimate.dockerfile -t cyberark/code-climate:latest .
13
13
  docker run \
14
14
  --rm \
15
+ -e GIT_BRANCH \
16
+ -e GIT_COMMIT \
17
+ -e TRID \
15
18
  --volume "$PWD:/src/conjur-api" \
16
19
  -w "/src/conjur-api" \
17
20
  cyberark/code-climate:latest \
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-api
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.3.2
4
+ version: 5.3.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rafal Rzepecki
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2020-05-06 00:00:00.000000000 Z
12
+ date: 2020-08-19 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rest-client
@@ -211,15 +211,16 @@ description: Conjur API
211
211
  email:
212
212
  - rafal@conjur.net
213
213
  - kgilpin@conjur.net
214
- executables:
215
- - release
214
+ executables: []
216
215
  extensions: []
217
216
  extra_rdoc_files: []
218
217
  files:
219
218
  - ".codeclimate.yml"
220
219
  - ".dockerignore"
220
+ - ".github/CODEOWNERS"
221
221
  - ".github/ISSUE_TEMPLATE/bug.md"
222
222
  - ".github/ISSUE_TEMPLATE/feature_request.md"
223
+ - ".github/PULL_REQUEST_TEMPLATE.md"
223
224
  - ".gitignore"
224
225
  - ".gitleaks.toml"
225
226
  - ".overcommit.yml"
@@ -236,8 +237,8 @@ files:
236
237
  - LICENSE
237
238
  - README.md
238
239
  - Rakefile
240
+ - SECURITY.md
239
241
  - bin/parse-changelog.sh
240
- - bin/release
241
242
  - ci/codeclimate.dockerfile
242
243
  - ci/configure_v4.sh
243
244
  - ci/configure_v5.sh
@@ -377,7 +378,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
377
378
  - !ruby/object:Gem::Version
378
379
  version: '0'
379
380
  requirements: []
380
- rubygems_version: 3.0.3
381
+ rubygems_version: 3.1.2
381
382
  signing_key:
382
383
  specification_version: 4
383
384
  summary: Conjur API
@@ -1,43 +0,0 @@
1
- #!/bin/bash -e
2
-
3
- git fetch --tags
4
-
5
- if [ "$(git rev-parse --abbrev-ref HEAD)" != "master" ]; then
6
- echo "Must be on the master branch to releases. Please switch with 'git checkout master'."
7
- exit 1
8
- fi
9
-
10
- version_file="$(cat lib/conjur-api/version.rb)"
11
- re='VERSION = "([0-9]{1,}\.[0-9]{1,}\.[0-9]{1,})"'
12
- if [[ "$version_file" =~ $re ]]; then
13
- version="v${BASH_REMATCH[1]}"
14
- else
15
- echo "Failed to find a version in 'lib/conjur-api/version.rb'"
16
- exit 1
17
- fi
18
-
19
- last_release=$(git describe --abbrev=0 --tags)
20
-
21
- echo "The last release was: $last_release"
22
- echo "The next release will be: $version"
23
-
24
- if [ "$version" = "$last_release" ]; then
25
- echo 'To release, the VERSION file must be incremented to the latest release number.'
26
- exit 1
27
- fi
28
-
29
- if [[ ! $(git status --porcelain) ]]; then
30
- echo 'Your Git is clean. Please update the lib/conjur-api/version.rb, and CHANGELOG.md before releasing. The script will handle commits and pushing.'
31
- exit 1
32
- fi
33
-
34
- # Make sure we have the most recent changes, without destroying local changes.
35
- git stash
36
- git pull --rebase origin master
37
- git stash pop
38
-
39
- # Perform a commit, tag, and push. The tag needs to be present before the commit
40
- # to insure Jenkins has what it needs to make a decision about a release.
41
- git commit -am "$version"
42
- git tag -a "$version" -m "$version release"
43
- git push --follow-tags