conjur-cli 5.6.5 → 5.6.6

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: d830fcde4d635f03a1d61e9e5b704a823bf22d6c
4
- data.tar.gz: 40a9d5682c992ced7a4a6e1e1d6759079bffd8a5
2
+ SHA256:
3
+ metadata.gz: 8cc3ac80bea03dc862fae9891a7ddc2397ada7c1a1c1fda95e5f87bcdb310b3e
4
+ data.tar.gz: 7c60ea0c636462b00c0bcc8e0eb6a5f8feeba86caecb022599603d72f39fcbf4
5
5
  SHA512:
6
- metadata.gz: deada212f945a318918bad614874f4ac5b851abde130626177541b4415318a4ab7fe0caaf73406bec1723d2283e49caf07322344311161194089a37866df2fa9
7
- data.tar.gz: dbc670b14e09246918d64fc7481328e8ac47bc1cbbddb05acc634b16bb3d0969b684d806465b87486c6c396c4047b15757bccae508f184cb49dc18c6625d7101
6
+ metadata.gz: 879008991469f78a22f2814f3f8d9eb2627a746ff46d89a992422d69bc8e14338d29d12415c0f4665af5311407139c9882a55f4efb220eb0ae7e92caa19a099f
7
+ data.tar.gz: e7d5716bb41eab4b46ce11d07baf1d73714a0e14382584472c9073ac0b5e6a39cf452d70a7f3f9207f9ea55c6cf4e33b35e5cbc78c329f132f0f1f8db43ead5a
data/.gitignore CHANGED
@@ -1,4 +1,3 @@
1
- Dockerfile.*
2
1
  .DS_Store
3
2
  *.swp
4
3
  *.deb
data/CHANGELOG.md CHANGED
@@ -1,6 +1,10 @@
1
+ # [5.6.6](https://github.com/cyberark/conjur-cli/releases/tag/v5.6.6)
2
+
3
+ * Adds standalone Docker image (`cyberark/conjur-cli:4`)
4
+
1
5
  # 5.6.5
2
6
 
3
- * Fix init cert check when Conjur behind a SNI
7
+ * Fix init cert check when Conjur behind a SNI - [#209](https://github.com/cyberark/conjur-cli/pull/209)
4
8
 
5
9
  # 5.6.4
6
10
 
data/Dockerfile.fpm ADDED
@@ -0,0 +1,18 @@
1
+ FROM ubuntu:14.04
2
+
3
+ RUN apt-get update -y && apt-get install -y software-properties-common git build-essential
4
+
5
+ RUN apt-add-repository ppa:brightbox/ruby-ng
6
+
7
+ RUN apt-get update -y && apt-get install -y ruby2.2 ruby2.2-dev
8
+
9
+ RUN gem install --no-rdoc --no-ri bundler:1.11.2 fpm
10
+
11
+ RUN mkdir /conjur-cli
12
+
13
+ WORKDIR /conjur-cli
14
+
15
+ COPY . .
16
+
17
+ ENTRYPOINT [ "./ci/package.sh" ]
18
+
@@ -0,0 +1,12 @@
1
+ FROM ubuntu:14.04
2
+
3
+ RUN apt-get update -y && apt-get install -y curl
4
+
5
+ RUN curl -kL \
6
+ -o /usr/bin/art \
7
+ https://bintray.com/artifact/download/jfrog/artifactory-cli-go/1.2.1/artifactory-cli-linux-amd64/art && \
8
+ chmod +x /usr/bin/art
9
+
10
+ WORKDIR /src
11
+
12
+ ENTRYPOINT [ "art" ]
@@ -0,0 +1,33 @@
1
+ FROM ruby:2.2.9
2
+
3
+ #---install useful tools and dependencies---#
4
+ RUN apt-get update && \
5
+ apt-get install -y --no-install-recommends \
6
+ jq curl vim nano sudo openssh-client
7
+ # as per https://hub.docker.com/r/conjurinc/cli5/~/dockerfile/
8
+
9
+ #---install summon and summon-conjur---#
10
+ ENV CONJUR_MAJOR_VERSION=4
11
+ ENV CONJUR_VERSION=4
12
+ RUN curl -sSL https://raw.githubusercontent.com/cyberark/summon/master/install.sh \
13
+ | env TMPDIR=$(mktemp -d) bash && \
14
+ curl -sSL https://raw.githubusercontent.com/cyberark/summon-conjur/master/install.sh \
15
+ | env TMPDIR=$(mktemp -d) bash
16
+ # as per https://github.com/cyberark/summon#linux
17
+ # and https://github.com/cyberark/summon-conjur#install
18
+
19
+ # Note: these install scripts^^ conflict with one another if they are not given
20
+ # different TMPDIRs.
21
+
22
+ #---install Conjur 4 CLI---#
23
+ WORKDIR /src
24
+ COPY . .
25
+ RUN gem build conjur-cli.gemspec && \
26
+ gem install conjur-cli && \
27
+ cd /root && \
28
+ rm -rf /src
29
+
30
+ #---set defaults---#
31
+ WORKDIR /root
32
+ COPY standalone.entrypoint /bin/entry
33
+ ENTRYPOINT ["/bin/entry"]
@@ -0,0 +1,9 @@
1
+ FROM ubuntu:14.04
2
+
3
+ RUN apt-get update && apt-get install -y software-properties-common
4
+ RUN apt-add-repository ppa:brightbox/ruby-ng
5
+ RUN apt-get update -y && apt-get install -y ruby2.2 dpkg-dev
6
+
7
+ ADD ci/install.sh /
8
+
9
+ CMD [ "/install.sh" ]
data/Jenkinsfile CHANGED
@@ -55,6 +55,18 @@ pipeline {
55
55
  }
56
56
  }
57
57
 
58
+ stage('Build standalone Docker image') {
59
+ steps {
60
+ sh './build-standalone'
61
+ }
62
+ }
63
+
64
+ stage('Publish standalone Docker image to DockerHub') {
65
+ steps {
66
+ sh './push-image'
67
+ }
68
+ }
69
+
58
70
  // Only publish to RubyGems if the HEAD is
59
71
  // tagged with the same version as in version.rb
60
72
  stage('Publish to RubyGems') {
data/README.md CHANGED
@@ -20,6 +20,60 @@ Or install it yourself as:
20
20
 
21
21
  $ gem install conjur-cli
22
22
 
23
+ ### Using Docker
24
+
25
+ This software is included in the standalone `cyberark/conjur-cli:4` Docker
26
+ image. Docker containers are designed to be ephemeral, which means they don't
27
+ store state after the container exits.
28
+
29
+ You can start an ephemeral session with the Conjur CLI software like so:
30
+
31
+ ```sh-session
32
+ $ docker run --rm -it cyberark/conjur-cli:4
33
+ root@b27a95721e7d:~#
34
+ ```
35
+
36
+ Any initialization you do or files you create in that session will be discarded
37
+ (permanently lost) when you exit the shell. Changes that you make to the Conjur
38
+ server will remain.
39
+
40
+ You can also use a folder on your filesystem to persist the data that the Conjur
41
+ CLI uses to connect. For example:
42
+
43
+ ```sh-session
44
+ $ mkdir mydata
45
+ $ chmod 700 mydata
46
+ $ docker run --rm -it -v $(PWD)/mydata:/root cyberark/conjur-cli:4 init -h https://conjur.myorg.com
47
+ SHA1 Fingerprint=16:C8:F8:AC:7B:57:BD:5B:58:B4:13:27:22:8E:3F:A2:12:01:DB:68
48
+
49
+ Please verify this certificate on the appliance using command:
50
+ openssl x509 -fingerprint -noout -in ~conjur/etc/ssl/conjur.pem
51
+
52
+ Trust this certificate (yes/no): yes
53
+ Wrote certificate to /root/conjur-conjur.pem
54
+ Wrote configuration to /root/.conjurrc
55
+ $ ls -lA mydata
56
+ total 8
57
+ drwxr-xr-x 2 you staff 64 Mar 28 19:30 .cache
58
+ -rw-r--r-- 1 you staff 128 Mar 28 19:30 .conjurrc
59
+ -rw-r--r-- 1 you staff 2665 Mar 28 19:30 conjur-conjur.pem
60
+ $ docker run --rm -it -v $(PWD)/mydata:/root cyberark/conjur-cli:4 authn login -u your-user-name
61
+ Please enter your password (it will not be echoed):
62
+ Logged in
63
+ $ ls -lA mydata
64
+ total 12
65
+ drwxr-xr-x 2 you staff 64 Mar 28 19:26 .cache
66
+ -rw-r--r-- 1 you staff 128 Mar 28 19:20 .conjurrc
67
+ -rw------- 1 you staff 143 Mar 28 19:27 .netrc
68
+ -rw-r--r-- 1 you staff 2665 Mar 28 19:20 conjur-conjur.pem
69
+ $
70
+ ```
71
+
72
+ *Security notice:* the file `.netrc`, created or updated by `conjur authn
73
+ login`, contains a user identity credential that can be used to access the
74
+ Conjur API. You should remove it after use or otherwise secure it like you would
75
+ another netrc file.
76
+
23
77
  ### Bash completion
24
78
 
25
79
  To enable bash completions, run this command:
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 5.6.6
data/build-standalone ADDED
@@ -0,0 +1,6 @@
1
+ #!/bin/bash -e
2
+
3
+ # build the cli standalone container image
4
+ docker build . \
5
+ -f Dockerfile.standalone \
6
+ -t cyberark/conjur-cli
@@ -19,6 +19,6 @@
19
19
  # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
20
  #
21
21
  module Conjur
22
- VERSION = '5.6.5'.freeze
22
+ VERSION = '5.6.6'.freeze
23
23
  ::Version=VERSION
24
24
  end
data/push-image ADDED
@@ -0,0 +1,29 @@
1
+ #!/bin/bash -e
2
+
3
+ # Push the 'cli:4' image to Dockerhub when on the 'v4' branch
4
+
5
+ cd "$(git rev-parse --show-toplevel)"
6
+
7
+ TAG="4-${1:-$(cat VERSION)-$(git rev-parse --short HEAD)}"
8
+ IMAGE='cyberark/conjur-cli'
9
+
10
+ function tag_and_push() {
11
+ local image="$1"
12
+ local tag="$2"
13
+ local description="$3"
14
+
15
+ echo "TAG = $tag, $description"
16
+
17
+ docker tag "$image" "$image:$tag"
18
+ docker push "$image:$tag"
19
+ }
20
+
21
+ if [[ "$BRANCH_NAME" == 'v4' ]]; then
22
+ bare_tag='4'
23
+ latest_tag='4-latest'
24
+ stable_tag="4-$(cat VERSION)"
25
+
26
+ tag_and_push $IMAGE $bare_tag 'latest image (bare)'
27
+ tag_and_push $IMAGE $latest_tag 'latest image'
28
+ tag_and_push $IMAGE $stable_tag 'stable image'
29
+ fi
@@ -0,0 +1,17 @@
1
+ #!/bin/sh -e
2
+
3
+ # A tool container entrypoint that tries to do the right thing whether you want
4
+ # an interactive shell environment or run a command directly.
5
+ #
6
+ # It starts bash if
7
+ # - there is a tty (ie. docker was run with -t),
8
+ # - there are no arguments.
9
+ #
10
+ # Otherwise it runs the tool.
11
+
12
+ TOOL=conjur
13
+
14
+ [ -t 1 -a $# -eq 0 ] && exec bash
15
+
16
+ # else
17
+ exec $TOOL "$@"
data/test.sh CHANGED
@@ -12,6 +12,9 @@ RUBY_VERSION=${1-${RUBY_VERSION_DEFAULT}}
12
12
  function dockerfile_path {
13
13
  echo "Setting Ruby version as ${RUBY_VERSION}" >&2
14
14
  cp "Dockerfile" "Dockerfile.${RUBY_VERSION}"
15
+ if ! grep "Dockerfile.${RUBY_VERSION}" .git/info/exclude >/dev/null; then
16
+ echo "Dockerfile.${RUBY_VERSION}*" >>.git/info/exclude
17
+ fi
15
18
  sed -i -e "s/${RUBY_VERSION_DEFAULT}/${RUBY_VERSION}/g" Dockerfile.${RUBY_VERSION}
16
19
 
17
20
  echo "Dockerfile.${RUBY_VERSION}"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-cli
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.6.5
4
+ version: 5.6.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rafal Rzepecki
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2018-03-08 00:00:00.000000000 Z
12
+ date: 2018-04-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activesupport
@@ -335,6 +335,7 @@ files:
335
335
  - Dockerfile
336
336
  - Dockerfile.fpm
337
337
  - Dockerfile.publish
338
+ - Dockerfile.standalone
338
339
  - Dockerfile.validate-packaging
339
340
  - Gemfile
340
341
  - Jenkinsfile
@@ -342,6 +343,7 @@ files:
342
343
  - PUBLISH.md
343
344
  - README.md
344
345
  - Rakefile
346
+ - VERSION
345
347
  - acceptance-features/audit/audit_event_send.feature
346
348
  - acceptance-features/audit/fetch.feature
347
349
  - acceptance-features/audit/send.feature
@@ -408,6 +410,7 @@ files:
408
410
  - bin/conjurize
409
411
  - bin/jsonfield
410
412
  - build-deb.sh
413
+ - build-standalone
411
414
  - ci/install.sh
412
415
  - ci/package.sh
413
416
  - ci/publish.sh
@@ -485,6 +488,7 @@ files:
485
488
  - profile.rb
486
489
  - publish-deb.sh
487
490
  - publish-rubygem.sh
491
+ - push-image
488
492
  - spec/authn_spec.rb
489
493
  - spec/command/assets_spec.rb
490
494
  - spec/command/audit_spec.rb
@@ -513,6 +517,7 @@ files:
513
517
  - spec/dsl/runner_spec.rb
514
518
  - spec/env_spec.rb
515
519
  - spec/spec_helper.rb
520
+ - standalone.entrypoint
516
521
  - test.sh
517
522
  homepage: https://github.com/conjurinc/cli-ruby
518
523
  licenses:
@@ -534,7 +539,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
534
539
  version: '0'
535
540
  requirements: []
536
541
  rubyforge_project:
537
- rubygems_version: 2.5.2.1
542
+ rubygems_version: 2.7.6
538
543
  signing_key:
539
544
  specification_version: 4
540
545
  summary: Conjur command line interface