conjur-asset-dsl2 0.3.2 → 0.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +6 -2
- data/conjur-asset-dsl2.gemspec +1 -0
- data/lib/conjur-asset-dsl2-version.rb +1 -1
- data/lib/conjur/command/dsl2.rb +40 -4
- data/lib/conjur/dsl2/executor.rb +16 -0
- metadata +16 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8f38c1c218b12a47f1fb2170f0cd57dc5e267e02
|
|
4
|
+
data.tar.gz: 6b500271f6c523ad283f561575275d80cd26d2df
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 90da10c662515b1f93c8961a61a493b2a68475c9b8375d2df099363322ed5bc35d3465eb9ff028b39756daaeb32397961d0951630b34002e9baf3565b1fa10f6
|
|
7
|
+
data.tar.gz: fd56bb4cdd2ff5f269abbb95f6716d5709df7e93f3fd0a3e655f207759f041470e786f82a5d3b7718ac35665377c88ff167cd23081fb42bc84fd35a6402d6dc3
|
data/CHANGELOG
CHANGED
|
@@ -1,4 +1,8 @@
|
|
|
1
|
-
# 0.
|
|
1
|
+
# 0.4.0
|
|
2
|
+
|
|
3
|
+
* Support `--context` flag to save API keys to a file.
|
|
4
|
+
|
|
5
|
+
# 0.3.2
|
|
2
6
|
|
|
3
7
|
* Fix issue where webservices were being treated as core assets by the executor.
|
|
4
8
|
|
|
@@ -7,4 +11,4 @@
|
|
|
7
11
|
* Fix bug in executor for permissions
|
|
8
12
|
|
|
9
13
|
# 0.3.0
|
|
10
|
-
* Initial stable version
|
|
14
|
+
* Initial stable version
|
data/conjur-asset-dsl2.gemspec
CHANGED
data/lib/conjur/command/dsl2.rb
CHANGED
|
@@ -70,6 +70,24 @@ class Conjur::Command::DSL2 < Conjur::DSLCommand
|
|
|
70
70
|
end
|
|
71
71
|
Conjur::DSL2::HTTPExecutor.new(api).execute actions
|
|
72
72
|
end
|
|
73
|
+
|
|
74
|
+
|
|
75
|
+
def self.save_context_to_file context, path
|
|
76
|
+
|
|
77
|
+
existing = if File.file?(path)
|
|
78
|
+
JSON.load(File.read(path))
|
|
79
|
+
else
|
|
80
|
+
{}
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
File.write(path, existing.merge(context).to_json)
|
|
84
|
+
rescue => ex
|
|
85
|
+
# It would suck to lose all your API keys by fat-fingering the filename -- write it to the stdout if
|
|
86
|
+
# anything goes wrong.
|
|
87
|
+
$stderr.puts "Error saving context to #{path}: #{ex}. Context will be written to the stdout"
|
|
88
|
+
$stderr.puts ex.backtrace.join("\n\t") if ENV['DEBUG']
|
|
89
|
+
puts context.to_json
|
|
90
|
+
end
|
|
73
91
|
|
|
74
92
|
desc "Load a DSL2 policy"
|
|
75
93
|
command :policy2 do |policy|
|
|
@@ -129,14 +147,20 @@ command. Therefore, a policy can be loaded in three steps, if desired:
|
|
|
129
147
|
c.flag [:namespace]
|
|
130
148
|
|
|
131
149
|
c.desc "Syntax (ruby or YAML, will be auto-detected from file extension)"
|
|
132
|
-
c.flag [:
|
|
150
|
+
c.flag [:syntax]
|
|
133
151
|
|
|
134
152
|
c.desc "Print the actions that would be performed"
|
|
135
153
|
c.switch [:"dry-run"]
|
|
136
154
|
|
|
137
155
|
c.desc "Output format of --dry-run mode (text, yaml)"
|
|
138
156
|
c.default_value "yaml"
|
|
139
|
-
c.flag [:
|
|
157
|
+
c.flag [:format]
|
|
158
|
+
|
|
159
|
+
c.desc "File to store API keys for created roles (defaults to stdout)"
|
|
160
|
+
c.flag [:context]
|
|
161
|
+
|
|
162
|
+
c.desc "Don't save the context anywhere (including the stdout)"
|
|
163
|
+
c.switch [:'no-context']
|
|
140
164
|
|
|
141
165
|
c.action do |global_options,options,args|
|
|
142
166
|
Conjur.log = "stderr"
|
|
@@ -153,7 +177,13 @@ command. Therefore, a policy can be loaded in three steps, if desired:
|
|
|
153
177
|
puts plan.actions.to_yaml
|
|
154
178
|
end
|
|
155
179
|
else
|
|
156
|
-
execute api, plan.actions
|
|
180
|
+
context = execute api, plan.actions
|
|
181
|
+
|
|
182
|
+
if options[:context]
|
|
183
|
+
save_context_to_file context, options[:context]
|
|
184
|
+
else
|
|
185
|
+
puts context.to_json unless options[:'no-context']
|
|
186
|
+
end
|
|
157
187
|
end
|
|
158
188
|
end
|
|
159
189
|
end
|
|
@@ -169,7 +199,13 @@ command. Therefore, a policy can be loaded in three steps, if desired:
|
|
|
169
199
|
filename = args.pop
|
|
170
200
|
script = script_from_filename filename
|
|
171
201
|
actions = Conjur::DSL2::YAML::Loader.load(script, filename)
|
|
172
|
-
execute api, actions, options
|
|
202
|
+
context = execute api, actions, options
|
|
203
|
+
|
|
204
|
+
if options[:context]
|
|
205
|
+
save_context_to_file context, options[:context]
|
|
206
|
+
else
|
|
207
|
+
puts context.to_json unless options[:'no-context']
|
|
208
|
+
end
|
|
173
209
|
end
|
|
174
210
|
end
|
|
175
211
|
end
|
data/lib/conjur/dsl2/executor.rb
CHANGED
|
@@ -36,8 +36,10 @@ module Conjur
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
class HTTPExecutor
|
|
39
|
+
# @param [Conjur::API] api
|
|
39
40
|
def initialize api
|
|
40
41
|
@api = api
|
|
42
|
+
@context = {}
|
|
41
43
|
end
|
|
42
44
|
|
|
43
45
|
def execute actions
|
|
@@ -50,6 +52,8 @@ module Conjur
|
|
|
50
52
|
invoke step
|
|
51
53
|
end
|
|
52
54
|
end
|
|
55
|
+
|
|
56
|
+
@context
|
|
53
57
|
end
|
|
54
58
|
|
|
55
59
|
protected
|
|
@@ -92,7 +96,19 @@ module Conjur
|
|
|
92
96
|
$stderr.puts "#{request.method.upcase} #{request.path} #{request.body} failed with error #{response.code}:"
|
|
93
97
|
# $stderr.puts "Request failed with error #{response.code}:"
|
|
94
98
|
$stderr.puts response.body
|
|
99
|
+
else
|
|
100
|
+
update_context_from_response response
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def update_context_from_response response
|
|
105
|
+
return if response.body.nil? or response.body.empty?
|
|
106
|
+
response_json = JSON.parse response.body
|
|
107
|
+
unless response_json['api_key'].nil?
|
|
108
|
+
@context[response_json['roleid']] = response_json['api_key']
|
|
95
109
|
end
|
|
110
|
+
rescue JSON::ParserError
|
|
111
|
+
# empty
|
|
96
112
|
end
|
|
97
113
|
end
|
|
98
114
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: conjur-asset-dsl2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Kevin Gilpin
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-02-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: safe_yaml
|
|
@@ -150,6 +150,20 @@ dependencies:
|
|
|
150
150
|
- - '>='
|
|
151
151
|
- !ruby/object:Gem::Version
|
|
152
152
|
version: '0'
|
|
153
|
+
- !ruby/object:Gem::Dependency
|
|
154
|
+
name: io-grab
|
|
155
|
+
requirement: !ruby/object:Gem::Requirement
|
|
156
|
+
requirements:
|
|
157
|
+
- - '>='
|
|
158
|
+
- !ruby/object:Gem::Version
|
|
159
|
+
version: '0'
|
|
160
|
+
type: :development
|
|
161
|
+
prerelease: false
|
|
162
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
163
|
+
requirements:
|
|
164
|
+
- - '>='
|
|
165
|
+
- !ruby/object:Gem::Version
|
|
166
|
+
version: '0'
|
|
153
167
|
description:
|
|
154
168
|
email:
|
|
155
169
|
- kgilpin@conjur.net
|