conjur-cli 4.9.3 → 4.10.1

data/lib/conjur/command/script.rb

@@ -18,23 +18,22 @@
 # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
-require 'conjur/authn'
-require 'conjur/command/dsl_command'
 
 class Conjur::Command::Script < Conjur::DSLCommand
-  self.prefix = :script
+  desc "Execute Conjur DSL scripts"
+  command :script do |script|
+    script.desc "Run a Conjur DSL script"
+    script.arg_name "script"
+    script.command :execute do |c|
+      acting_as_option(c)
 
-  desc "Run a Conjur DSL script"
-  arg_name "script"
-  command :execute do |c|
-    acting_as_option(c)
-    
-    c.desc "Load context from this config file, and save it when finished. The file permissions will be 0600 by default."
-    c.arg_name "context"
-    c.flag [:c, :context]
-    
-    c.action do |global_options,options,args|
-      run_script args, options
+      c.desc "Load context from this config file, and save it when finished. The file permissions will be 0600 by default."
+      c.arg_name "context"
+      c.flag [:c, :context]
+
+      c.action do |global_options,options,args|
+        run_script args, options
+      end
     end
   end
 end

data/lib/conjur/command/secrets.rb

@@ -18,32 +18,29 @@
 # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
-require 'conjur/authn'
-require 'conjur/command'
 
 class Conjur::Command::Secrets < Conjur::Command
-  self.prefix = :secret
-  
-  desc "Create and store a secret"
-  arg_name "secret"
-  command :create do |c|
-    def c.nodoc; true end
+  desc "Manage secrets"
+  command :secret do |secret|
+    hide_docs(secret)
+    secret.desc "Create and store a secret"
+    secret.arg_name "secret"
+    secret.command :create do |c|
+      acting_as_option(c)
 
-    acting_as_option(c)
-
-    c.action do |global_options,options,args|
-      secret = args.shift or raise "Missing parameter: secret"
-      display api.create_secret(secret, options), options
+      c.action do |global_options,options,args|
+        secret = args.shift or raise "Missing parameter: secret"
+        display api.create_secret(secret, options), options
+      end
     end
-  end
 
-  desc "Retrieve a secret"
-  arg_name "id"
-  command :value do |c|
-    def c.nodoc; true end
-    c.action do |global_options,options,args|
-      id = args.shift or raise "Missing parameter: id"
-      puts api.secret(id).value
+    secret.desc "Retrieve a secret"
+    secret.arg_name "id"
+    secret.command :value do |c|
+      c.action do |global_options,options,args|
+        id = args.shift or raise "Missing parameter: id"
+        puts api.secret(id).value
+      end
     end
   end
 end

data/lib/conjur/command/users.rb

@@ -18,13 +18,9 @@
 # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
-require 'conjur/api/authn'
-require 'conjur/authn'
-require 'conjur/command'
 
 class Conjur::Command::Users < Conjur::Command
-  self.prefix = :user
-  
+
   def self.prompt_for_password
     # use stderr to allow output redirection, e.g.
     # conjur user:create -p username > user.json
@@ -37,56 +33,61 @@ class Conjur::Command::Users < Conjur::Command
     
     password
   end
-  
-  desc "Create a new user"
-  arg_name "login"
-  command :create do |c|
-    c.desc "Prompt for a password for the user (default: --no-password)"
-    c.switch [:p,:password]
-    
-    acting_as_option(c)
-    
-    c.action do |global_options,options,args|
-      login = require_arg(args, 'login')
-      
-      opts = options.slice(:ownerid)
 
-      if options[:p]
-        opts[:password] = prompt_for_password
+  desc "Manage users"
+  command :user do |user|
+
+    user.desc "Create a new user"
+    user.arg_name "login"
+    user.command :create do |c|
+      c.desc "Prompt for a password for the user (default: --no-password)"
+      c.switch [:p,:password]
+
+      acting_as_option(c)
+
+      c.action do |global_options,options,args|
+        login = require_arg(args, 'login')
+
+        opts = options.slice(:ownerid)
+        
+        if options[:p]
+          opts[:password] = prompt_for_password
+        end
+        
+        display api.create_user(login, opts)
       end
-      
-      display api.create_user(login, opts)
     end
-  end
 
-  desc "Show a user"
-  arg_name "id"
-  command :show do |c|
-    c.action do |global_options,options,args|
-      id = require_arg(args, 'id')
-      display(api.user(id), options)
+    user.desc "Show a user"
+    user.arg_name "id"
+    user.command :show do |c|
+      c.action do |global_options,options,args|
+        id = require_arg(args, 'id')
+        display(api.user(id), options)
+      end
     end
-  end
 
-  desc "List users"
-  command :list do |c|
-    command_options_for_list c
+    user.desc "List users"
+    user.command :list do |c|
+      command_options_for_list c
 
-    c.action do |global_options, options, args|
-      command_impl_for_list global_options, options.merge(kind: "user"), args
+      c.action do |global_options, options, args|
+        command_impl_for_list global_options, options.merge(kind: "user"), args
+      end
     end
-  end
 
-  desc "Update the password of the logged-in user"
-  command :update_password do |c|
-    c.desc "Password to use, otherwise you will be prompted"
-    c.flag [:p,:password]
+    user.desc "Update the password of the logged-in user"
+    user.command :update_password do |c|
+      c.desc "Password to use, otherwise you will be prompted"
+      c.flag [:p,:password]
 
-    c.action do |global_options,options,args|
-      username, password = Conjur::Authn.read_credentials
-      new_password = options[:password] || prompt_for_password
-      
-      Conjur::API.update_password username, password, new_password
+      c.action do |global_options,options,args|
+        username, password = Conjur::Authn.read_credentials
+        new_password = options[:password] || prompt_for_password
+
+        Conjur::API.update_password username, password, new_password
+      end
     end
   end
+
 end

data/lib/conjur/command/variables.rb

@@ -17,102 +17,89 @@
 # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
 # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-#
-require 'conjur/authn'
-require 'conjur/command'
+
 
 class Conjur::Command::Variables < Conjur::Command
-  self.prefix = :variable
-  
-  desc "Create and store a variable"
-  arg_name "id"
-  command :create do |c|
-    c.arg_name "mime_type"
-    c.flag [:m, :"mime-type"], default_value: "text/plain"
-    
-    c.arg_name "kind"
-    c.flag [:k, :"kind"], default_value: "secret"
-    
-    c.arg_name "value"
-    c.desc "Initial value"
-    c.flag [:v, :"value"]
-    
-    acting_as_option(c)
-    
-    c.action do |global_options,options,args|
-      id = args.shift
-      options[:id] = id if id
-      
-      unless id
-        ActiveSupport::Deprecation.warn "id argument will be required in future releases"
+  desc "Manage variables"
+  command :variable do |var|
+    var.desc "Create and store a variable"
+    var.arg_name "id"
+    var.command :create do |c|
+      c.arg_name "mime_type"
+      c.flag [:m, :"mime-type"], default_value: "text/plain"
+
+      c.arg_name "kind"
+      c.flag [:k, :"kind"], default_value: "secret"
+
+      c.arg_name "value"
+      c.desc "Initial value"
+      c.flag [:v, :"value"]
+
+      acting_as_option(c)
+
+      c.action do |global_options,options,args|
+        id = args.shift
+        options[:id] = id if id
+
+        unless id
+          ActiveSupport::Deprecation.warn "id argument will be required in future releases"
+        end
+
+        mime_type = options.delete(:m)
+        kind = options.delete(:k)
+
+        options.delete(:"mime-type")
+        options.delete(:"kind")
+
+        var = api.create_variable(mime_type, kind, options)
+        display(var, options)
       end
-      
-      mime_type = options.delete(:m)
-      kind = options.delete(:k)
-      
-      options.delete(:"mime-type")
-      options.delete(:"kind")
-    
-      var = api.create_variable(mime_type, kind, options)
-      display(var, options)
     end
-  end
 
-  desc "Show a variable"
-  arg_name "id"
-  command :show do |c|
-    c.action do |global_options,options,args|
-      id = require_arg(args, 'id')
-      display(api.variable(id), options)
+    var.desc "Show a variable"
+    var.arg_name "id"
+    var.command :show do |c|
+      c.action do |global_options,options,args|
+        id = require_arg(args, 'id')
+        display(api.variable(id), options)
+      end
     end
-  end
 
-  desc "List variables"
-  command :list do |c|
-    command_options_for_list c
+    var.desc "List variables"
+    var.command :list do |c|
+      command_options_for_list c
 
-    c.action do |global_options, options, args|
-      command_impl_for_list global_options, options.merge(kind: "variable"), args
-    end
-  end
-  
-  desc "Add a value"
-  arg_name "variable ( value | STDIN )"
-  command :"values:add" do |c|
-    c.action do |global_options,options,args|
-      id = require_arg(args, 'variable')
-      value = args.shift || STDIN.read
-      
-      api.variable(id).add_value(value)
-      puts "Value added"
+      c.action do |global_options, options, args|
+        command_impl_for_list global_options, options.merge(kind: "variable"), args
+      end
     end
-  end
-  
-
-  desc "Get a value"
-  arg_name "variable"
-  command :value do |c|
-    c.desc "Version number"
-    c.flag [:v, :version]
-    
-    c.action do |global_options,options,args|
-      id = require_arg(args, 'variable')
-      $stdout.write api.variable(id).value(options[:version])
+
+    var.desc "Access varialbe values"
+    var.command :values do |values|
+      values.desc "Add a value"
+      values.arg_name "variable ( value | STDIN )"
+      values.command :add do |c|
+        c.action do |global_options,options,args|
+          id = require_arg(args, 'variable')
+          value = args.shift || STDIN.read
+
+          api.variable(id).add_value(value)
+          puts "Value added"
+        end
+      end
     end
-  end
 
-  desc "Store value into temporary file and print out it's name" 
-  arg_name "variable"
-  command :"to_file" do |c|
-    c.desc "Version number"
-    c.flag [:v, :version]
-    c.action do |global_options,options,args|
-      id = require_arg(args, 'variable')
-      value = api.variable(id).value(options[:version])
-      tempfile = `mktemp /dev/shm/conjur.XXXXXX`.strip
-      File.open(tempfile,'w') { |f| f.write(value) }
-      puts tempfile
+    var.desc "Get a value"
+    var.arg_name "variable"
+    var.command :value do |c|
+      c.desc "Version number"
+      c.flag [:v, :version]
+
+      c.action do |global_options,options,args|
+        id = require_arg(args, 'variable')
+        $stdout.write api.variable(id).value(options[:version])
+      end
     end
-    
+
   end
 end

data/lib/conjur/config.rb

@@ -36,6 +36,7 @@ module Conjur
       
       def load(config_files = default_config_files)
         require 'yaml'
+        require 'conjur/log'
         config_files.each do |f|
           if File.file?(f)
             if Conjur.log
@@ -51,6 +52,7 @@ module Conjur
       end
       
       def apply
+        require 'conjur/configuration'
         keys = Config.keys.dup
         keys.delete(:plugins)
         keys.each do |k|
@@ -59,6 +61,7 @@ module Conjur
         end
   
         if Conjur.log
+          require 'conjur/api'
           Conjur.log << "Using authn host #{Conjur::Authn::API.host}\n"
         end
         if Config[:cert_file]

data/lib/conjur/dsl/runner.rb

@@ -1,4 +1,3 @@
-require 'conjur/identifier_manipulation'
 
 module Conjur
   module DSL

data/lib/conjur/version.rb

@@ -19,6 +19,6 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
 module Conjur
-  VERSION = "4.9.3"
+  VERSION = "4.10.1"
   ::Version=VERSION
 end

data/profile.rb

@@ -0,0 +1,19 @@
+#!/usr/bin/env ruby
+require 'ruby-prof'
+
+result = RubyProf.profile do
+  require 'conjur/cli'
+  Conjur::CLI.run(ARGV)
+end
+
+
+`mkdir -p #{File.dirname(__FILE__)}/profile`
+File.open("profile/graph.html", "w") do |io|
+  grapher = RubyProf::GraphHtmlPrinter.new(result)
+  grapher.print(io)
+end
+File.open("profile/stack.html", "w") do |io|
+  printer = RubyProf::CallStackPrinter.new(result)
+  printer.print(io)
+end
+

data/spec/command/authn_spec.rb

@@ -2,6 +2,42 @@ require 'spec_helper'
 
 describe Conjur::Command::Authn do
   context logged_in: false do
+    context "logging in" do
+      [ "authn:login", "authn login" ].each do |cmd|
+        before do
+          Conjur::Authn.stub(:write_credentials)
+        end
+        describe_command "#{cmd}" do
+          it "prompts for username and password and logs in the user" do
+            Conjur::Authn.should_receive(:ask_for_credentials).with({}).and_return [ "the-user", "the-api-key" ]
+  
+            expect { invoke }.to write("Logged in")
+          end
+        end
+        describe_command "#{cmd} -u the-user" do
+          it "prompts for password and logs in the user" do
+            Conjur::Authn.should_receive(:ask_for_credentials).with({username: 'the-user'}).and_return [ "the-user", "the-api-key" ]
+  
+            expect { invoke }.to write("Logged in")
+          end
+        end
+        describe_command "#{cmd} -u the-user -p the-password" do
+          it "logs in the user" do
+            Conjur::Authn.should_receive(:ask_for_credentials).with({username: 'the-user', password: 'the-password'}).and_return [ "the-user", "the-api-key" ]
+
+            expect { invoke }.to write("Logged in")
+          end
+        end
+        describe_command "#{cmd} -p the-password the-user" do
+          it "logs in the user" do
+            Conjur::Authn.should_receive(:ask_for_credentials).with({username: 'the-user', password: 'the-password'}).and_return [ "the-user", "the-api-key" ]
+
+            expect { invoke }.to write("Logged in")
+          end
+        end
+      end
+    end
+
     describe_command 'authn:whoami' do
       it "errors out" do
         expect { invoke }.to raise_error(GLI::CustomExit, /not logged in/i)
@@ -12,7 +48,7 @@ describe Conjur::Command::Authn do
   context logged_in: true do
     describe_command 'authn:logout' do
       it "deletes credentials" do
-        invoke
+        expect { invoke }.to write("Logged out")
         netrc[authn_host].should_not be
       end
     end