conjur-cli 4.28.2 → 4.29.0

data/spec/command/variable_expiration_spec.rb

@@ -0,0 +1,174 @@
+require 'spec_helper'
+require 'conjur/command/variables'
+
+describe Conjur::Command::Variables, :logged_in => true do
+  def invoke_silently
+    real_stderr = $stderr
+    $stderr = StringIO.new
+    begin
+      invoke
+    ensure
+      $stderr = real_stderr
+    end
+  end
+
+  let (:variable) { double(:name => 'foo') }
+  let (:incompatible_server_msg) { /not supported/ }
+  
+  context "expiring a variable" do
+    
+    let (:duration) { nil }
+
+    context "with valid arguments" do 
+      before do
+        expect(RestClient::Request).to receive(:execute).with({
+            :method => :post,
+            :url => 'https://core.example.com/api/variables/foo/expiration',
+            :headers => {},
+            :payload => {:duration => duration}
+          }).and_return(double('response', :body => '{}'))
+      end
+      
+      shared_examples 'it sets variable expiration' do 
+        it do
+          expect {invoke}.to write
+        end
+      end
+      
+      describe_command 'variable:expire --now foo' do
+        let (:duration) { 'P0Y' }
+        it_behaves_like 'it sets variable expiration'
+      end
+      
+      describe_command 'variable:expire --days 1 foo' do
+        let (:duration) { 'P1D' }
+        it_behaves_like 'it sets variable expiration'
+      end
+      
+      describe_command 'variable:expire --months 1 foo' do
+        let (:duration) { 'P1M' }
+        it_behaves_like 'it sets variable expiration'
+      end
+
+      describe_command 'variable:expire --in PT1M foo' do
+        let (:duration) { 'PT1M' }
+        it_behaves_like 'it sets variable expiration'
+      end
+
+    end
+
+    describe_command 'variable:expire --now --days 1 foo' do
+      it "fails" do
+        expect { invoke_silently }.to raise_error GLI::CustomExit
+      end
+
+    end
+
+    describe_command 'variable:expire' do
+      it 'should fail' do
+        expect { invoke_silently }.to raise_error RuntimeError
+      end
+    end
+
+  end
+
+  context "getting variable expirations" do
+    context "with valid arguments" do
+      let (:expected_params) { nil }
+      let (:expected_headers) { {}.tap {|h| h.merge!(:params => expected_params) if expected_params} }
+      before do
+        expect(RestClient::Request).to receive(:execute).with({
+            :method => :get,
+            :url => 'https://core.example.com/api/variables/expirations',
+            :headers => expected_headers
+          }).and_return(double('response', :body => '[]'))
+      end
+
+      shared_examples 'it writes expiration list' do
+        it do
+          expect { invoke }.to write "[\n\n]\n"
+        end
+      end
+
+      describe_command 'variable:expirations' do
+        it_behaves_like 'it writes expiration list' 
+      end
+
+      describe_command 'variable:expirations --days 1' do
+        let (:expected_params) { { :duration => 'P1D' } }
+        it_behaves_like 'it writes expiration list' 
+      end
+
+      describe_command 'variable:expirations --months 1' do
+        let (:expected_params) { { :duration => 'P1M' } }
+        it_behaves_like 'it writes expiration list' 
+      end
+
+      describe_command 'variable:expirations --in P1D' do
+        let (:expected_params) { { :duration => 'P1D' } }
+        it_behaves_like 'it writes expiration list' 
+      end
+
+    end
+  end
+
+  let(:certificate) do
+    OpenSSL::X509::Certificate.new.tap do |cert|
+      key = OpenSSL::PKey::RSA.new 512
+      cert.public_key = key.public_key
+      cert.not_before = Time.now
+      cert.not_after = 1.minute.from_now
+      cert.sign key, OpenSSL::Digest::SHA256.new
+    end
+  end
+
+  let(:certfile) do
+    Tempfile.new("cert").tap do |file|
+      file.write certificate.to_pem
+      file.close
+    end
+  end
+
+  context 'connecting to incompatible server version while' do
+    before do
+      allow(Conjur.config).to receive_messages \
+                              cert_file: certfile.path,
+                              appliance_url: core_host
+
+      expect(RestClient::Request).to receive(:execute).with({
+          :method => :get,
+          :url => "https://core.example.com/info",
+          :headers => {}
+      }).and_raise(RestClient::ResourceNotFound)
+    end
+
+    context 'setting variable expiration' do
+      describe_command 'variable:expire --days 1 foo' do
+        it 'should display error message' do
+          expect(RestClient::Request).to receive(:execute).with({
+              :method => :post,
+              :url => "https://core.example.com/api/variables/foo/expiration",
+              :headers => {},
+              :payload => anything
+          }).and_raise(RestClient::ResourceNotFound)
+          expect { invoke }.to raise_error(RestClient::ResourceNotFound)
+                           .and write(incompatible_server_msg).to(:stderr)
+        end
+      end
+    end
+
+    context 'getting variable expirations' do
+      describe_command 'variable:expirations' do
+        it 'should display error message' do
+          expect(RestClient::Request).to receive(:execute).with({
+              :method => :get,
+              :url => 'https://core.example.com/api/variables/expirations',
+              :headers => {}
+          }).and_raise(RestClient::ResourceNotFound)
+          expect { invoke }.to raise_error(RestClient::ResourceNotFound)
+                           .and write(incompatible_server_msg).to(:stderr)
+        end
+      end
+    end
+  end
+end

data/spec/command/variables_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe Conjur::Command::Variables, logged_in: true do
-  let(:host) { 'https://core.example.com' }
+  let(:host) { 'https://core.example.com/api' }
   let(:collection_url) { "#{host}/variables" }
   let(:mime_type) { 'text/plain' }
   let(:kind) { 'secret' }

data/spec/conjurize_spec.rb

@@ -0,0 +1,70 @@
+require "spec_helper"
+require "conjur/conjurize"
+
+describe Conjur::Conjurize do
+  let(:certificate) do
+    OpenSSL::X509::Certificate.new.tap do |cert|
+      key = OpenSSL::PKey::RSA.new 512
+      cert.public_key = key.public_key
+      cert.not_before = Time.now
+      cert.not_after = 1.minute.from_now
+      cert.sign key, OpenSSL::Digest::SHA256.new
+    end
+  end
+
+  let(:certfile) do
+    Tempfile.new("cert").tap do |file|
+      file.write certificate.to_pem
+      file.close
+    end
+  end
+
+  let(:host_id) { "somehostid" }
+  let(:api_key) { "very_secret_key" }
+  let(:account) { "testacct" }
+  let(:appliance_url) { "https://example.com" }
+
+  before do
+    allow(Conjur.config).to receive_messages \
+      account: account,
+      cert_file: certfile.path,
+      appliance_url: appliance_url
+  end
+
+  describe ".generate" do
+    it "puts all the relevant data in the script" do
+      script = Conjur::Conjurize.generate "id" => host_id, "api_key" => api_key
+      expect(script).to include host_id, api_key, account, certificate.to_pem
+    end
+
+    it "dumps JSON if required" do
+      allow(Conjur::Conjurize).to receive_messages options: { json: true }
+      expect(
+        JSON.load(
+          Conjur::Conjurize.generate(
+            "id" => host_id,
+            "api_key" => api_key
+          )
+        )
+      ).to eq \
+        "id" => host_id,
+        "api_key" => api_key,
+        "account" => account,
+        "certificate" => certificate.to_pem.strip,
+        "appliance_url" => appliance_url
+    end
+  end
+
+  describe ".configuration" do
+    it "gathers all the configuration options" do
+      expect(
+        Conjur::Conjurize.configuration("id" => host_id, "api_key" => api_key)
+      ).to eq \
+        "id" => host_id,
+        "api_key" => api_key,
+        "account" => account,
+        "certificate" => certificate.to_pem.strip,
+        "appliance_url" => appliance_url
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-cli
 version: !ruby/object:Gem::Version
-  version: 4.28.2
+  version: 4.29.0
 platform: ruby
 authors:
 - Rafal Rzepecki
@@ -9,36 +9,36 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-12-02 00:00:00.000000000 Z
+date: 2016-02-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '4.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '4.2'
 - !ruby/object:Gem::Dependency
   name: conjur-api
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '4.19'
+        version: '4.20'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '4.19'
+        version: '4.20'
 - !ruby/object:Gem::Dependency
   name: gli
   requirement: !ruby/object:Gem::Requirement
@@ -57,16 +57,16 @@ dependencies:
   name: highline
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.7'
 - !ruby/object:Gem::Dependency
   name: netrc
   requirement: !ruby/object:Gem::Requirement
@@ -85,58 +85,58 @@ dependencies:
   name: methadone
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.9'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.9'
 - !ruby/object:Gem::Dependency
   name: deep_merge
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: xdg
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: cas_rest_client
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.3'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -171,14 +171,14 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.6.1
+        version: 0.12.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.6.1
+        version: 0.12.0
 - !ruby/object:Gem::Dependency
   name: ci_reporter_rspec
   requirement: !ruby/object:Gem::Requirement
@@ -197,16 +197,16 @@ dependencies:
   name: ci_reporter_cucumber
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -249,34 +249,6 @@ dependencies:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: conjur-asset-audit-send
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: conjur-asset-host-factory
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '>='
-      - !ruby/object:Gem::Version
-        version: '0'
 description: 
 email:
 - rafal@conjur.net
@@ -289,11 +261,15 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- .dockerignore
 - .githooks/pre_commit/run_specs.rb
 - .gitignore
 - .kateproject
+- .overcommit.yml
 - .project
+- .rubocop.yml
 - CHANGELOG.md
+- Dockerfile
 - Gemfile
 - LICENSE
 - PUBLISH.md
@@ -328,9 +304,12 @@ files:
 - acceptance-features/directory/group/retire.feature
 - acceptance-features/directory/host/create.feature
 - acceptance-features/directory/host/retire.feature
+- acceptance-features/directory/hostfactory/create.feature
+- acceptance-features/directory/hostfactory/tokens.feature
 - acceptance-features/directory/layer/create.feature
 - acceptance-features/directory/layer/hosts-add.feature
 - acceptance-features/directory/layer/hosts-remove.feature
+- acceptance-features/directory/layer/retire.feature
 - acceptance-features/directory/user/create.feature
 - acceptance-features/directory/user/retire.feature
 - acceptance-features/directory/user/update_password.feature
@@ -347,7 +326,7 @@ files:
 - acceptance-features/pubkeys/delete.feature
 - acceptance-features/pubkeys/names.feature
 - acceptance-features/pubkeys/show.feature
-- acceptance-features/step_definitions/cli.rb
+- acceptance-features/step_definitions/cli_steps.rb
 - acceptance-features/step_definitions/graph_steps.rb
 - acceptance-features/step_definitions/user_steps.rb
 - acceptance-features/support/env.rb
@@ -357,7 +336,15 @@ files:
 - bin/conjur
 - bin/conjurize
 - bin/jsonfield
+- build-deb.sh
+- ci/Dockerfile.fpm
+- ci/test.sh
 - conjur.gemspec
+- debify.sh
+- distrib/bin/_conjur
+- distrib/bin/conjur
+- distrib/bin/conjurize
+- distrib/bin/jsonfield
 - features/conjurize.feature
 - features/dsl_context.feature
 - features/dsl_host_create.feature
@@ -392,6 +379,7 @@ files:
 - lib/conjur/command/env.rb
 - lib/conjur/command/field.rb
 - lib/conjur/command/groups.rb
+- lib/conjur/command/host_factories.rb
 - lib/conjur/command/hosts.rb
 - lib/conjur/command/ids.rb
 - lib/conjur/command/init.rb
@@ -408,6 +396,7 @@ files:
 - lib/conjur/command/rspec/output_matchers.rb
 - lib/conjur/command/script.rb
 - lib/conjur/command/secrets.rb
+- lib/conjur/command/server.rb
 - lib/conjur/command/shellinit.rb
 - lib/conjur/command/users.rb
 - lib/conjur/command/variables.rb
@@ -415,11 +404,13 @@ files:
 - lib/conjur/config.rb
 - lib/conjur/conjurenv.rb
 - lib/conjur/conjurize.rb
+- lib/conjur/conjurize/script.rb
 - lib/conjur/dsl/runner.rb
 - lib/conjur/identifier_manipulation.rb
 - lib/conjur/version.rb
 - lib/patches/conjur/error.rb
 - profile.rb
+- publish.sh
 - spec/authn_spec.rb
 - spec/command/assets_spec.rb
 - spec/command/audit_spec.rb
@@ -427,6 +418,7 @@ files:
 - spec/command/elevate_spec.rb
 - spec/command/env_spec.rb
 - spec/command/groups_spec.rb
+- spec/command/host_factories_spec.rb
 - spec/command/hosts_spec.rb
 - spec/command/init_spec.rb
 - spec/command/layers_spec.rb
@@ -435,10 +427,12 @@ files:
 - spec/command/resources_spec.rb
 - spec/command/roles_spec.rb
 - spec/command/users_spec.rb
+- spec/command/variable_expiration_spec.rb
 - spec/command/variables_spec.rb
 - spec/command_spec.rb
 - spec/complete_spec.rb
 - spec/config_spec.rb
+- spec/conjurize_spec.rb
 - spec/conjurrc
 - spec/dsl/runner_spec.rb
 - spec/env_spec.rb
@@ -463,7 +457,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.0.14.1
 signing_key: 
 specification_version: 4
 summary: Conjur command line interface
@@ -494,6 +488,7 @@ test_files:
 - spec/command/elevate_spec.rb
 - spec/command/env_spec.rb
 - spec/command/groups_spec.rb
+- spec/command/host_factories_spec.rb
 - spec/command/hosts_spec.rb
 - spec/command/init_spec.rb
 - spec/command/layers_spec.rb
@@ -502,10 +497,12 @@ test_files:
 - spec/command/resources_spec.rb
 - spec/command/roles_spec.rb
 - spec/command/users_spec.rb
+- spec/command/variable_expiration_spec.rb
 - spec/command/variables_spec.rb
 - spec/command_spec.rb
 - spec/complete_spec.rb
 - spec/config_spec.rb
+- spec/conjurize_spec.rb
 - spec/conjurrc
 - spec/dsl/runner_spec.rb
 - spec/env_spec.rb