conjur-cli 5.5.0 → 5.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ac5dff61d36b91557e546edb4f9f0c42d1d47ae7
-  data.tar.gz: 4b217db2dcbab92a5ac3d321043e05f67aaaab6d
+  metadata.gz: 9ed6b6ede4ce280bd68268f820911a620b7ab216
+  data.tar.gz: 8b5dfecbcbcabc3adb7d2e3325660e6a5a8e7c49
 SHA512:
-  metadata.gz: 8ad164a85360446876629b60e811f881246238502149794de61efa3a7495de85e4bd6bc35bdd85e83958f5d7f8d6005bd788003fb6b07c39e8e76e25e9fa51fd
-  data.tar.gz: df5671793e1adaad9e527bc1a8352de32f941fe99d914cfa9c503f05c12b55afc52a05cfc347508f8c3d443fe163b0e1f3507e72e5f03b9a2604c495845e948e
+  metadata.gz: 9d5e00ad48beb3ab211759acdaf249def511f3efe832dc04399c540102d9182488286de3900c792cb63015f3537cd7f677805f4b7f19c1984d6b2991507624b9
+  data.tar.gz: 464040c1700ea7ab95ecce32ce63681d81535af916ecf642fc8408d5c7756ddc8c5f828251e5830263e029f1051191bbc0fe0b1b1b40cfd9dc9cb18f9e443f3d

data/.rubocop.yml

@@ -5,10 +5,10 @@ Style/MethodDefParentheses:
   EnforcedStyle: require_no_parentheses
 
 Style/StringLiterals:
-  EnforcedStyle: double_quotes
+  Enabled: false # more trouble than it's worth
 
 Lint/EndAlignment:
-  AlignWith: start_of_line
+  EnforcedStyleAlignWith: start_of_line
 
 Style/AndOr:
   EnforcedStyle: conditionals

data/CHANGELOG.md

@@ -1,3 +1,25 @@
+# 5.6.3
+
+* Fix the gemspec to reflect dependency changes.
+
+# 5.6.2
+
+* License changed to Apache 2.0
+* Don't let conjur-api drift to v5.
+
+# 5.6.1
+
+* Fix handling of `-k / --kind` argument to `resource list`.
+
+# 5.6.0
+
+The following enhancements require Conjur server 4.9.1.0 or later:
+
+* Supports filter and pagination of role-listing methods `role memberships`, `role members`, and `resource permitted_roles`.
+* Supports non-recursive (`--no-recursive`) retrieval of `role memberships`.
+
+On older server versions, the new options will be ignored by the server.
+
 # 5.5.0
 
 * Use `CONJUR_AUTHN_TOKEN_FILE` as the Conjur access token file, if it's available in the environment.

data/Dockerfile

@@ -4,7 +4,7 @@ RUN mkdir /src
 WORKDIR /src
 
 COPY Gemfile Gemfile
-COPY conjur.gemspec conjur.gemspec
+COPY conjur-cli.gemspec conjur-cli.gemspec
 COPY lib/conjur/version.rb lib/conjur/version.rb
 
 # Make sure only one version of bundler is available

data/Gemfile

@@ -1,19 +1,14 @@
 source 'https://rubygems.org'
 
-#ruby=ruby-2.2.5
+#ruby=ruby-2.4.1
 #ruby-gemset=conjur-cli
 
 # Specify your gem's dependencies in conjur.gemspec
 gemspec
 
-gem 'activesupport', '~> 4.2'
-
-gem 'conjur-api', '>= 4.29.0', git: 'https://github.com/conjurinc/api-ruby.git', branch: 'master'
-gem 'semantic', '>= 1.4.1', git: 'https://github.com/jlindsey/semantic.git'
-
 group :test, :development do
   gem 'pry'                     # Don't be tempted to change this to pry-byebug until we drop support for 1.9
   gem 'pry-doc'
   gem 'ruby-prof'
-  gem 'conjur-debify', '~> 1.0'
+  gem 'conjur-debify', '~> 1.0', require: false
 end

data/Jenkinsfile

@@ -0,0 +1,98 @@
+pipeline {
+  agent { label 'executor-v2' }
+
+  options {
+    timestamps()
+    buildDiscarder(logRotator(numToKeepStr: '30'))
+  }
+
+  stages {
+
+    stage('Test 2.2') {
+      environment {
+        RUBY_VERSION = '2.2'
+      }
+      steps {
+        sh './test.sh'
+        junit 'spec/reports/*.xml, features/reports/*.xml'
+      }
+    }
+
+    stage('Test 2.3') {
+      environment {
+        RUBY_VERSION = '2.3'
+      }
+      steps {
+        sh './test.sh'
+        junit 'spec/reports/*.xml, features/reports/*.xml'
+      }
+    }
+
+    stage('Test 2.4') {
+      environment {
+        RUBY_VERSION = '2.4'
+      }
+      steps {
+        sh './test.sh'
+        junit 'spec/reports/*.xml, features/reports/*.xml'
+      }
+    }
+
+    stage('Build deb') {
+      steps {
+        sh './build-deb.sh'
+        archiveArtifacts "tmp/deb/*"
+      }
+    }
+
+    stage('Publish deb') {
+      when {
+        branch 'master'
+      }
+
+      steps {
+        sh './publish.sh conjurtools stable'
+      }
+    }
+
+    // Only publish to RubyGems if branch is 'master'
+    // AND someone confirms this stage within 5 minutes
+    stage('Publish to RubyGems?') {
+      agent { label 'releaser-v2' }
+
+      when {
+        allOf {
+          branch 'v4'
+          expression {
+            boolean publish = false
+            try {
+              timeout(time: 5, unit: 'MINUTES') {
+                input(message: 'Publish to RubyGems?')
+                publish = true
+              }
+            } catch (final ignore) {
+              publish = false
+            }
+            return publish
+          }
+        }
+      }
+      steps {
+        sh './publish-rubygem.sh'
+      }
+    }
+  }
+
+  post {
+    always {
+      sh 'docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd'
+      deleteDir()
+    }
+    failure {
+      slackSend(color: 'danger', message: "${env.JOB_NAME} #${env.BUILD_NUMBER} FAILURE (<${env.BUILD_URL}|Open>)")
+    }
+    unstable {
+      slackSend(color: 'warning', message: "${env.JOB_NAME} #${env.BUILD_NUMBER} UNSTABLE (<${env.BUILD_URL}|Open>)")
+    }
+  }
+}

data/LICENSE.md

@@ -0,0 +1,195 @@
+Apache License
+==============
+
+_Version 2.0, January 2004_  
+_&lt;<http://www.apache.org/licenses/>&gt;_
+
+### Terms and Conditions for use, reproduction, and distribution
+
+#### 1. Definitions
+
+“License” shall mean the terms and conditions for use, reproduction, and
+distribution as defined by Sections 1 through 9 of this document.
+
+“Licensor” shall mean the copyright owner or entity authorized by the copyright
+owner that is granting the License.
+
+“Legal Entity” shall mean the union of the acting entity and all other entities
+that control, are controlled by, or are under common control with that entity.
+For the purposes of this definition, “control” means **(i)** the power, direct or
+indirect, to cause the direction or management of such entity, whether by
+contract or otherwise, or **(ii)** ownership of fifty percent (50%) or more of the
+outstanding shares, or **(iii)** beneficial ownership of such entity.
+
+“You” (or “Your”) shall mean an individual or Legal Entity exercising
+permissions granted by this License.
+
+“Source” form shall mean the preferred form for making modifications, including
+but not limited to software source code, documentation source, and configuration
+files.
+
+“Object” form shall mean any form resulting from mechanical transformation or
+translation of a Source form, including but not limited to compiled object code,
+generated documentation, and conversions to other media types.
+
+“Work” shall mean the work of authorship, whether in Source or Object form, made
+available under the License, as indicated by a copyright notice that is included
+in or attached to the work (an example is provided in the Appendix below).
+
+“Derivative Works” shall mean any work, whether in Source or Object form, that
+is based on (or derived from) the Work and for which the editorial revisions,
+annotations, elaborations, or other modifications represent, as a whole, an
+original work of authorship. For the purposes of this License, Derivative Works
+shall not include works that remain separable from, or merely link (or bind by
+name) to the interfaces of, the Work and Derivative Works thereof.
+
+“Contribution” shall mean any work of authorship, including the original version
+of the Work and any modifications or additions to that Work or Derivative Works
+thereof, that is intentionally submitted to Licensor for inclusion in the Work
+by the copyright owner or by an individual or Legal Entity authorized to submit
+on behalf of the copyright owner. For the purposes of this definition,
+“submitted” means any form of electronic, verbal, or written communication sent
+to the Licensor or its representatives, including but not limited to
+communication on electronic mailing lists, source code control systems, and
+issue tracking systems that are managed by, or on behalf of, the Licensor for
+the purpose of discussing and improving the Work, but excluding communication
+that is conspicuously marked or otherwise designated in writing by the copyright
+owner as “Not a Contribution.”
+
+“Contributor” shall mean Licensor and any individual or Legal Entity on behalf
+of whom a Contribution has been received by Licensor and subsequently
+incorporated within the Work.
+
+#### 2. Grant of Copyright License
+
+Subject to the terms and conditions of this License, each Contributor hereby
+grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,
+irrevocable copyright license to reproduce, prepare Derivative Works of,
+publicly display, publicly perform, sublicense, and distribute the Work and such
+Derivative Works in Source or Object form.
+
+#### 3. Grant of Patent License
+
+Subject to the terms and conditions of this License, each Contributor hereby
+grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,
+irrevocable (except as stated in this section) patent license to make, have
+made, use, offer to sell, sell, import, and otherwise transfer the Work, where
+such license applies only to those patent claims licensable by such Contributor
+that are necessarily infringed by their Contribution(s) alone or by combination
+of their Contribution(s) with the Work to which such Contribution(s) was
+submitted. If You institute patent litigation against any entity (including a
+cross-claim or counterclaim in a lawsuit) alleging that the Work or a
+Contribution incorporated within the Work constitutes direct or contributory
+patent infringement, then any patent licenses granted to You under this License
+for that Work shall terminate as of the date such litigation is filed.
+
+#### 4. Redistribution
+
+You may reproduce and distribute copies of the Work or Derivative Works thereof
+in any medium, with or without modifications, and in Source or Object form,
+provided that You meet the following conditions:
+
+* **(a)** You must give any other recipients of the Work or Derivative Works a copy of
+this License; and
+* **(b)** You must cause any modified files to carry prominent notices stating that You
+changed the files; and
+* **(c)** You must retain, in the Source form of any Derivative Works that You distribute,
+all copyright, patent, trademark, and attribution notices from the Source form
+of the Work, excluding those notices that do not pertain to any part of the
+Derivative Works; and
+* **(d)** If the Work includes a “NOTICE” text file as part of its distribution, then any
+Derivative Works that You distribute must include a readable copy of the
+attribution notices contained within such NOTICE file, excluding those notices
+that do not pertain to any part of the Derivative Works, in at least one of the
+following places: within a NOTICE text file distributed as part of the
+Derivative Works; within the Source form or documentation, if provided along
+with the Derivative Works; or, within a display generated by the Derivative
+Works, if and wherever such third-party notices normally appear. The contents of
+the NOTICE file are for informational purposes only and do not modify the
+License. You may add Your own attribution notices within Derivative Works that
+You distribute, alongside or as an addendum to the NOTICE text from the Work,
+provided that such additional attribution notices cannot be construed as
+modifying the License.
+
+You may add Your own copyright statement to Your modifications and may provide
+additional or different license terms and conditions for use, reproduction, or
+distribution of Your modifications, or for any such Derivative Works as a whole,
+provided Your use, reproduction, and distribution of the Work otherwise complies
+with the conditions stated in this License.
+
+#### 5. Submission of Contributions
+
+Unless You explicitly state otherwise, any Contribution intentionally submitted
+for inclusion in the Work by You to the Licensor shall be under the terms and
+conditions of this License, without any additional terms or conditions.
+Notwithstanding the above, nothing herein shall supersede or modify the terms of
+any separate license agreement you may have executed with Licensor regarding
+such Contributions.
+
+#### 6. Trademarks
+
+This License does not grant permission to use the trade names, trademarks,
+service marks, or product names of the Licensor, except as required for
+reasonable and customary use in describing the origin of the Work and
+reproducing the content of the NOTICE file.
+
+#### 7. Disclaimer of Warranty
+
+Unless required by applicable law or agreed to in writing, Licensor provides the
+Work (and each Contributor provides its Contributions) on an “AS IS” BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied,
+including, without limitation, any warranties or conditions of TITLE,
+NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are
+solely responsible for determining the appropriateness of using or
+redistributing the Work and assume any risks associated with Your exercise of
+permissions under this License.
+
+#### 8. Limitation of Liability
+
+In no event and under no legal theory, whether in tort (including negligence),
+contract, or otherwise, unless required by applicable law (such as deliberate
+and grossly negligent acts) or agreed to in writing, shall any Contributor be
+liable to You for damages, including any direct, indirect, special, incidental,
+or consequential damages of any character arising as a result of this License or
+out of the use or inability to use the Work (including but not limited to
+damages for loss of goodwill, work stoppage, computer failure or malfunction, or
+any and all other commercial damages or losses), even if such Contributor has
+been advised of the possibility of such damages.
+
+#### 9. Accepting Warranty or Additional Liability
+
+While redistributing the Work or Derivative Works thereof, You may choose to
+offer, and charge a fee for, acceptance of support, warranty, indemnity, or
+other liability obligations and/or rights consistent with this License. However,
+in accepting such obligations, You may act only on Your own behalf and on Your
+sole responsibility, not on behalf of any other Contributor, and only if You
+agree to indemnify, defend, and hold each Contributor harmless for any liability
+incurred by, or claims asserted against, such Contributor by reason of your
+accepting any such warranty or additional liability.
+
+_END OF TERMS AND CONDITIONS_
+
+### APPENDIX: How to apply the Apache License to your work
+
+To apply the Apache License to your work, attach the following boilerplate
+notice, with the fields enclosed by brackets `[]` replaced with your own
+identifying information. (Don't include the brackets!) The text should be
+enclosed in the appropriate comment syntax for the file format. We also
+recommend that a file or class name and description of purpose be included on
+the same “printed page” as the copyright notice for easier identification within
+third-party archives.
+
+    Copyright [yyyy] [name of copyright owner]
+    
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+    
+      http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+

data/README.md

@@ -1,9 +1,11 @@
 # Conjur
 
-Command-line interface to Conjur. 
+Command-line interface to Conjur.
 
 A complete reference guide is available at [developer.conjur.net](http://developer.conjur.net/reference).
 
+Note that this `v4` branch is for Conjur 4.x. Use `master` for Conjur 5.x and later.
+
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -31,3 +33,19 @@ To enable bash completions, run this command:
 3. Commit your changes (`git commit -am 'Added some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)
 5. Create new Pull Request
+
+## License
+
+Copyright 2016-2017 CyberArk
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this software except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/acceptance-features/support/hooks.rb

@@ -8,9 +8,8 @@ username, password = Conjur::Authn.get_credentials
 raise "Not logged in to Conjur" unless username && password
 puts "Performing acceptance tests as root-ish user '#{username}'"
 
-# Future Aruba
 Aruba.configure do |config|
-  config.exit_timeout = 15
+  config.exit_timeout = 30
   config.io_wait_timeout = 2
 end
 

data/acceptance-features/support/world.rb

@@ -15,6 +15,7 @@ module ConjurCLIWorld
   end
   
   def save_password username, password
+    raise "Password for #{username} not found" if password.blank?
     raise "Found existing password for user '#{username}'" if passwords[username]
     passwords[username] = password
   end
@@ -34,8 +35,13 @@ module ConjurCLIWorld
     admin_api.current_role.role_id
   end
 
+  def random_hex nbytes = 12
+    @random ||= Random.new
+    @random.bytes(nbytes).unpack('h*').first
+  end
+
   def namespace
-    @namespace ||= admin_api.create_variable("text/plain", "id").id
+    @namespace ||= random_hex
   end
   
   # Aruba's method
@@ -45,7 +51,7 @@ module ConjurCLIWorld
   end 
 
   # Substitute the namespace for marker $ns
-  def unescape(string)
+  def sanitize_text string
     string = super
     string.gsub("$ns", namespace)
   end