conjur-asset-dsl2 0.3.2 → 0.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +6 -2
- data/conjur-asset-dsl2.gemspec +1 -0
- data/lib/conjur-asset-dsl2-version.rb +1 -1
- data/lib/conjur/command/dsl2.rb +40 -4
- data/lib/conjur/dsl2/executor.rb +16 -0
- metadata +16 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8f38c1c218b12a47f1fb2170f0cd57dc5e267e02
|
|
4
|
+
data.tar.gz: 6b500271f6c523ad283f561575275d80cd26d2df
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 90da10c662515b1f93c8961a61a493b2a68475c9b8375d2df099363322ed5bc35d3465eb9ff028b39756daaeb32397961d0951630b34002e9baf3565b1fa10f6
|
|
7
|
+
data.tar.gz: fd56bb4cdd2ff5f269abbb95f6716d5709df7e93f3fd0a3e655f207759f041470e786f82a5d3b7718ac35665377c88ff167cd23081fb42bc84fd35a6402d6dc3
|
data/CHANGELOG
CHANGED
|
@@ -1,4 +1,8 @@
|
|
|
1
|
-
# 0.
|
|
1
|
+
# 0.4.0
|
|
2
|
+
|
|
3
|
+
* Support `--context` flag to save API keys to a file.
|
|
4
|
+
|
|
5
|
+
# 0.3.2
|
|
2
6
|
|
|
3
7
|
* Fix issue where webservices were being treated as core assets by the executor.
|
|
4
8
|
|
|
@@ -7,4 +11,4 @@
|
|
|
7
11
|
* Fix bug in executor for permissions
|
|
8
12
|
|
|
9
13
|
# 0.3.0
|
|
10
|
-
* Initial stable version
|
|
14
|
+
* Initial stable version
|
data/conjur-asset-dsl2.gemspec
CHANGED
data/lib/conjur/command/dsl2.rb
CHANGED
|
@@ -70,6 +70,24 @@ class Conjur::Command::DSL2 < Conjur::DSLCommand
|
|
|
70
70
|
end
|
|
71
71
|
Conjur::DSL2::HTTPExecutor.new(api).execute actions
|
|
72
72
|
end
|
|
73
|
+
|
|
74
|
+
|
|
75
|
+
def self.save_context_to_file context, path
|
|
76
|
+
|
|
77
|
+
existing = if File.file?(path)
|
|
78
|
+
JSON.load(File.read(path))
|
|
79
|
+
else
|
|
80
|
+
{}
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
File.write(path, existing.merge(context).to_json)
|
|
84
|
+
rescue => ex
|
|
85
|
+
# It would suck to lose all your API keys by fat-fingering the filename -- write it to the stdout if
|
|
86
|
+
# anything goes wrong.
|
|
87
|
+
$stderr.puts "Error saving context to #{path}: #{ex}. Context will be written to the stdout"
|
|
88
|
+
$stderr.puts ex.backtrace.join("\n\t") if ENV['DEBUG']
|
|
89
|
+
puts context.to_json
|
|
90
|
+
end
|
|
73
91
|
|
|
74
92
|
desc "Load a DSL2 policy"
|
|
75
93
|
command :policy2 do |policy|
|
|
@@ -129,14 +147,20 @@ command. Therefore, a policy can be loaded in three steps, if desired:
|
|
|
129
147
|
c.flag [:namespace]
|
|
130
148
|
|
|
131
149
|
c.desc "Syntax (ruby or YAML, will be auto-detected from file extension)"
|
|
132
|
-
c.flag [:
|
|
150
|
+
c.flag [:syntax]
|
|
133
151
|
|
|
134
152
|
c.desc "Print the actions that would be performed"
|
|
135
153
|
c.switch [:"dry-run"]
|
|
136
154
|
|
|
137
155
|
c.desc "Output format of --dry-run mode (text, yaml)"
|
|
138
156
|
c.default_value "yaml"
|
|
139
|
-
c.flag [:
|
|
157
|
+
c.flag [:format]
|
|
158
|
+
|
|
159
|
+
c.desc "File to store API keys for created roles (defaults to stdout)"
|
|
160
|
+
c.flag [:context]
|
|
161
|
+
|
|
162
|
+
c.desc "Don't save the context anywhere (including the stdout)"
|
|
163
|
+
c.switch [:'no-context']
|
|
140
164
|
|
|
141
165
|
c.action do |global_options,options,args|
|
|
142
166
|
Conjur.log = "stderr"
|
|
@@ -153,7 +177,13 @@ command. Therefore, a policy can be loaded in three steps, if desired:
|
|
|
153
177
|
puts plan.actions.to_yaml
|
|
154
178
|
end
|
|
155
179
|
else
|
|
156
|
-
execute api, plan.actions
|
|
180
|
+
context = execute api, plan.actions
|
|
181
|
+
|
|
182
|
+
if options[:context]
|
|
183
|
+
save_context_to_file context, options[:context]
|
|
184
|
+
else
|
|
185
|
+
puts context.to_json unless options[:'no-context']
|
|
186
|
+
end
|
|
157
187
|
end
|
|
158
188
|
end
|
|
159
189
|
end
|
|
@@ -169,7 +199,13 @@ command. Therefore, a policy can be loaded in three steps, if desired:
|
|
|
169
199
|
filename = args.pop
|
|
170
200
|
script = script_from_filename filename
|
|
171
201
|
actions = Conjur::DSL2::YAML::Loader.load(script, filename)
|
|
172
|
-
execute api, actions, options
|
|
202
|
+
context = execute api, actions, options
|
|
203
|
+
|
|
204
|
+
if options[:context]
|
|
205
|
+
save_context_to_file context, options[:context]
|
|
206
|
+
else
|
|
207
|
+
puts context.to_json unless options[:'no-context']
|
|
208
|
+
end
|
|
173
209
|
end
|
|
174
210
|
end
|
|
175
211
|
end
|
data/lib/conjur/dsl2/executor.rb
CHANGED
|
@@ -36,8 +36,10 @@ module Conjur
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
class HTTPExecutor
|
|
39
|
+
# @param [Conjur::API] api
|
|
39
40
|
def initialize api
|
|
40
41
|
@api = api
|
|
42
|
+
@context = {}
|
|
41
43
|
end
|
|
42
44
|
|
|
43
45
|
def execute actions
|
|
@@ -50,6 +52,8 @@ module Conjur
|
|
|
50
52
|
invoke step
|
|
51
53
|
end
|
|
52
54
|
end
|
|
55
|
+
|
|
56
|
+
@context
|
|
53
57
|
end
|
|
54
58
|
|
|
55
59
|
protected
|
|
@@ -92,7 +96,19 @@ module Conjur
|
|
|
92
96
|
$stderr.puts "#{request.method.upcase} #{request.path} #{request.body} failed with error #{response.code}:"
|
|
93
97
|
# $stderr.puts "Request failed with error #{response.code}:"
|
|
94
98
|
$stderr.puts response.body
|
|
99
|
+
else
|
|
100
|
+
update_context_from_response response
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def update_context_from_response response
|
|
105
|
+
return if response.body.nil? or response.body.empty?
|
|
106
|
+
response_json = JSON.parse response.body
|
|
107
|
+
unless response_json['api_key'].nil?
|
|
108
|
+
@context[response_json['roleid']] = response_json['api_key']
|
|
95
109
|
end
|
|
110
|
+
rescue JSON::ParserError
|
|
111
|
+
# empty
|
|
96
112
|
end
|
|
97
113
|
end
|
|
98
114
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: conjur-asset-dsl2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Kevin Gilpin
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-02-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: safe_yaml
|
|
@@ -150,6 +150,20 @@ dependencies:
|
|
|
150
150
|
- - '>='
|
|
151
151
|
- !ruby/object:Gem::Version
|
|
152
152
|
version: '0'
|
|
153
|
+
- !ruby/object:Gem::Dependency
|
|
154
|
+
name: io-grab
|
|
155
|
+
requirement: !ruby/object:Gem::Requirement
|
|
156
|
+
requirements:
|
|
157
|
+
- - '>='
|
|
158
|
+
- !ruby/object:Gem::Version
|
|
159
|
+
version: '0'
|
|
160
|
+
type: :development
|
|
161
|
+
prerelease: false
|
|
162
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
163
|
+
requirements:
|
|
164
|
+
- - '>='
|
|
165
|
+
- !ruby/object:Gem::Version
|
|
166
|
+
version: '0'
|
|
153
167
|
description:
|
|
154
168
|
email:
|
|
155
169
|
- kgilpin@conjur.net
|