conjur-cli 5.6.6 → 6.0.0.rc1

data/bin/conjurize

@@ -1,26 +0,0 @@
-#!/usr/bin/env ruby
-#
-# Copyright (C) 2013 Conjur Inc
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy of
-# this software and associated documentation files (the "Software"), to deal in
-# the Software without restriction, including without limitation the rights to
-# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
-# the Software, and to permit persons to whom the Software is furnished to do so,
-# subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in all
-# copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
-# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
-# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-#
-
-require 'active_support'
-require 'conjur/conjurize'
-
-Conjur::Conjurize.go!

data/bin/jsonfield

@@ -1,70 +0,0 @@
-#!/usr/bin/env ruby
-#
-# Copyright (C) 2013 Conjur Inc
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy of
-# this software and associated documentation files (the "Software"), to deal in
-# the Software without restriction, including without limitation the rights to
-# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
-# the Software, and to permit persons to whom the Software is furnished to do so,
-# subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in all
-# copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
-# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
-# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-#
-
-require 'json'
-require 'methadone'
-
-class JsonField
-  include Methadone::Main
-  include Methadone::CLILogging
-
-  description "parse JSON and extract a field value"
-  arg :json_path, "path to object to extract, eg. 'headers.0' or 'document.author.name'"
-  arg :json, :optional, "data to parse (reads from stdin if not given)"
-
-  main do |path, input = nil|
-    input ||= STDIN.read
-    data = JSON.parse input
-    result = data.extract_field *(path.split '.', -1)
-    puts result
-  end
-end
-
-class Hash
-  def extract_field head = nil, *tail
-    return self unless head
-    field_not_found! head unless has_key? head
-    self[head].extract_field *tail
-  end
-end
-
-class Array
-  def extract_field head = nil, *tail
-    return self unless head
-    index = Integer(head) rescue field_not_found!(head)
-    field_not_found! index if index >= size
-    self[index].extract_field *tail
-  end
-end
-
-class Object
-  def extract_field head = nil, *tail
-    field_not_found! head if head
-    self
-  end
-
-  def field_not_found! field
-    raise Methadone::Error.new(2, "No field #{field} in #{inspect}")
-  end
-end
-
-JsonField.go!

data/build-standalone

@@ -1,6 +0,0 @@
-#!/bin/bash -e
-
-# build the cli standalone container image
-docker build . \
-       -f Dockerfile.standalone \
-       -t cyberark/conjur-cli

data/deprecations.sh

@@ -1,38 +0,0 @@
-#!/bin/bash
-
-searchstring='DEPRECATED'
-
-function bundleexec {
-  bundle exec "$@" 2> /dev/null
-}
-
-echo "Planned deprecations for Conjur CLI"
-echo "-----"
-
-echo "group"
-bundleexec conjur group | grep "$searchstring"
-echo "group members"
-bundleexec conjur group members | grep "$searchstring"
-
-echo "hostfactory"
-bundleexec conjur hostfactory | grep "$searchstring"
-
-echo "host"
-bundleexec conjur host | grep "$searchstring"
-
-echo "layer"
-bundleexec conjur layer | grep "$searchstring"
-echo "layer hosts"
-bundleexec conjur layer hosts | grep "$searchstring"
-
-echo "resource"
-bundleexec conjur resource | grep "$searchstring"
-
-echo "role"
-bundleexec conjur role | grep "$searchstring"
-
-echo "user"
-bundleexec conjur user | grep "$searchstring"
-
-echo "variable"
-bundleexec conjur variable | grep "$searchstring"

data/features/conjurize.feature

@@ -1,134 +0,0 @@
-Feature: conjurize program generates install scripts
-
-  Scenario: App just runs
-    When I get help for "conjurize"
-    Then the exit status should be 0
-    And the banner should be present
-    And the banner should document that this app takes options
-    And the following options should be documented:
-      |--version|
-    And the banner should document that this app takes no arguments
-
-  Scenario: Minimal conjurize script
-    When I conjurize ""
-    Then the stdout should contain:
-"""
-#!/bin/sh
-set -e
-
-# Implementation note: 'tee' is used as a sudo-friendly 'cat' to populate a file with the contents provided below.
-
-tee /etc/conjur.conf > /dev/null << EOF
-account: test
-appliance_url: https://conjur/api
-cert_file: /etc/conjur-test.pem
-netrc_path: /etc/conjur.identity
-plugins: []
-EOF
-
-tee /etc/conjur-test.pem > /dev/null << EOF
------BEGIN CERTIFICATE-----
-MIIDZTCCAk2gAwIBAgIJAMzfPBZBq82XMA0GCSqGSIb3DQEBBQUAMDMxMTAvBgNV
-BAMTKGVjMi01NC04My05OS0xMzUuY29tcHV0ZS0xLmFtYXpvbmF3cy5jb20wHhcN
-MTQxMTIxMTUxNDE0WhcNMjQxMTE4MTUxNDE0WjAzMTEwLwYDVQQDEyhlYzItNTQt
-ODMtOTktMTM1LmNvbXB1dGUtMS5hbWF6b25hd3MuY29tMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAlkhRt1pvOkw1JTtvmfa3lHpT00g0lbBnShN5cKI3
-cT1Na3aGdosPDfn0z+A6GNT2sUcdsc5RLkrZKG2+57B5hyUtdwRoJoTTBqypxJTc
-vkeMpCrcaeY8Ye0zsoBNaeauXLPobtEV4I6IadJGuT2AKILTJLDYdyV4dg2/zN2z
-XmW+9FsDs+aJKtWnpBIkvXcCqbaIgRZSxFNeZUF+xDrZdCRm+qkBXZaMFQzLU0BT
-B239Lmpwp54zsBoTBY9JBS4Atmrwt3YE3JqcIH77GpkgXSx203bYVp0jF3vPxHLU
-bSqhV9Zw7m6V8uF+jvOdrDiZ33OJN9yx6nS+c7NfOyRgGQIDAQABo3wwejB4BgNV
-HREEcTBvgglsb2NhbGhvc3SCBmNvbmp1coIVY29uanVyLWRldi5jb25qdXIubmV0
-ghljb25qdXItZGV2Lml0ZC5jb25qdXIubmV0gihlYzItNTQtODMtOTktMTM1LmNv
-bXB1dGUtMS5hbWF6b25hd3MuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQB+alzAA3ek
-o8QrnoDuWOxTqD0XIwzqux6BM/nM4dZX6drr+D0y8QtMKLZNODazvFCJWNHAWWmD
-FkRudwl3G1Qs56AB+LnQ2jhL5Qf78Rl2vYvdmo8iowEpOBajvzEMLsEaRNmwmSGc
-yvml0YdVSiMdTdIk58qG84pkmteSX9VYE1IF7xfWb3ji8292fm5q6cgqFLNYx2MI
-5UyfyroGMJ2ikzTGS64TpCmi/n1sjl2iM+/QmkHVc3KUIdwAY2NttyZ2pZo2J4i6
-MVs0y+HobWbOKKhyfxpMT59dJxGu21QPbWfQLkHCCOlo2P4z9oku23sbvQQ7CbvS
-VoykXurdaZo9
------END CERTIFICATE-----
-EOF
-
-touch /etc/conjur.identity
-chmod 600 /etc/conjur.identity
-tee /etc/conjur.identity > /dev/null << EOF
-machine https://conjur/api/authn
-        login host/ec2/i-eaa5f700
-        password 3a4rb19rpjejr89h6r29kd2fb3808cpy
-EOF
-"""
-
-  Scenario: conjurize with SSH installation
-    When I conjurize "--ssh"
-    Then the stdout should contain:
-"""
-#!/bin/sh
-set -e
-
-# Implementation note: 'tee' is used as a sudo-friendly 'cat' to populate a file with the contents provided below.
-
-tee /etc/conjur.conf > /dev/null << EOF
-account: test
-appliance_url: https://conjur/api
-cert_file: /etc/conjur-test.pem
-netrc_path: /etc/conjur.identity
-plugins: []
-EOF
-
-tee /etc/conjur-test.pem > /dev/null << EOF
------BEGIN CERTIFICATE-----
-MIIDZTCCAk2gAwIBAgIJAMzfPBZBq82XMA0GCSqGSIb3DQEBBQUAMDMxMTAvBgNV
-BAMTKGVjMi01NC04My05OS0xMzUuY29tcHV0ZS0xLmFtYXpvbmF3cy5jb20wHhcN
-MTQxMTIxMTUxNDE0WhcNMjQxMTE4MTUxNDE0WjAzMTEwLwYDVQQDEyhlYzItNTQt
-ODMtOTktMTM1LmNvbXB1dGUtMS5hbWF6b25hd3MuY29tMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAlkhRt1pvOkw1JTtvmfa3lHpT00g0lbBnShN5cKI3
-cT1Na3aGdosPDfn0z+A6GNT2sUcdsc5RLkrZKG2+57B5hyUtdwRoJoTTBqypxJTc
-vkeMpCrcaeY8Ye0zsoBNaeauXLPobtEV4I6IadJGuT2AKILTJLDYdyV4dg2/zN2z
-XmW+9FsDs+aJKtWnpBIkvXcCqbaIgRZSxFNeZUF+xDrZdCRm+qkBXZaMFQzLU0BT
-B239Lmpwp54zsBoTBY9JBS4Atmrwt3YE3JqcIH77GpkgXSx203bYVp0jF3vPxHLU
-bSqhV9Zw7m6V8uF+jvOdrDiZ33OJN9yx6nS+c7NfOyRgGQIDAQABo3wwejB4BgNV
-HREEcTBvgglsb2NhbGhvc3SCBmNvbmp1coIVY29uanVyLWRldi5jb25qdXIubmV0
-ghljb25qdXItZGV2Lml0ZC5jb25qdXIubmV0gihlYzItNTQtODMtOTktMTM1LmNv
-bXB1dGUtMS5hbWF6b25hd3MuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQB+alzAA3ek
-o8QrnoDuWOxTqD0XIwzqux6BM/nM4dZX6drr+D0y8QtMKLZNODazvFCJWNHAWWmD
-FkRudwl3G1Qs56AB+LnQ2jhL5Qf78Rl2vYvdmo8iowEpOBajvzEMLsEaRNmwmSGc
-yvml0YdVSiMdTdIk58qG84pkmteSX9VYE1IF7xfWb3ji8292fm5q6cgqFLNYx2MI
-5UyfyroGMJ2ikzTGS64TpCmi/n1sjl2iM+/QmkHVc3KUIdwAY2NttyZ2pZo2J4i6
-MVs0y+HobWbOKKhyfxpMT59dJxGu21QPbWfQLkHCCOlo2P4z9oku23sbvQQ7CbvS
-VoykXurdaZo9
------END CERTIFICATE-----
-EOF
-
-touch /etc/conjur.identity
-chmod 600 /etc/conjur.identity
-tee /etc/conjur.identity > /dev/null << EOF
-machine https://conjur/api/authn
-        login host/ec2/i-eaa5f700
-        password 3a4rb19rpjejr89h6r29kd2fb3808cpy
-EOF
-
-curl -L https://www.opscode.com/chef/install.sh | bash
-"""
-    And the output should match:
-    """
-    chef-solo --recipe-url https:\/\/github.com\/conjur-cookbooks\/conjur\/releases\/download/v\d\.\d\.\d/conjur-v\d\.\d\.\d.tar.gz -o conjur
-    """
-
-  Scenario: conjurize with arbitrary cookbook
-    When I conjurize "--conjur-cookbook-url https://example.com --conjur-run-list fry"
-    Then the stdout should contain "chef-solo --recipe-url https://example.com -o fry"
-
-  Scenario: conjurize with path to chef-solo
-    When I conjurize "--chef-executable /path/to/chef-solo --conjur-cookbook-url https://example.com --conjur-run-list fry"
-    Then the stdout should contain "/path/to/chef-solo --recipe-url https://example.com -o fry"
-    And the stdout should not contain "curl -L https://www.opscode.com/chef/install.sh"
-
-  Scenario: conjurize with sudo-ized commands
-    When I conjurize "--sudo --ssh"
-    Then the stdout should contain "sudo -n tee /etc/conjur.conf > /dev/null << EOF"
-    And the stdout should contain "sudo -n tee /etc/conjur-test.pem > /dev/null << EOF"
-    And the stdout should contain "sudo -n tee /etc/conjur.identity > /dev/null << EOF"
-    And the stdout should contain "sudo -n chmod 600 /etc/conjur.identity"
-    And the stdout should contain "curl -L https://www.opscode.com/chef/install.sh | sudo -n bash"
-

data/features/dsl_context.feature

@@ -1,36 +0,0 @@
-@dsl
-Feature: Saving and restoring context
-
-  Background:
-
-  Scenario: Environment and api keys are saved in the context
-    When I run script:
-    """
-namespace do
-  user "bob"
-end
-    """
-    Then the context should contain "env"
-    And the context should contain "namespace"
-    And the context should contain "stack"
-    And the context should contain "account"
-    And the context should contain "api_keys"
-    And the context "api_keys" should contain "1" item
-
-  Scenario: API keys are restored from the context
-    When I use script context:
-    """
-{
-  "namespace": "foobar",
-  "api_keys": [
-    "the-api-key"
-  ]
-}
-    """
-    And I run script:
-    """
-namespace
-    """
-    Then the context "namespace" should be "foobar"
-    And the context "api_keys" should contain "1" item
-    

data/features/dsl_host_create.feature

@@ -1,11 +0,0 @@
-@dsl
-Feature: Creating a Host
-
-  Background:
-
-  Scenario: Host id is propagated properly to API#create_host
-    When I run script:
-    """
-host "the-host"
-    """
-    Then the model should contain "host" "the-host"

data/features/dsl_ownership.feature

@@ -1,30 +0,0 @@
-@dsl
-Feature: Assigning ownership
-
-  Background:
-
-  Scenario: Create without ownership
-    When I run script:
-    """
-role "user", "bob"
-    """
-    Then the "role" "cucumber:user:bob" should not have an owner
-
-  Scenario: Create with explicit ownership
-    When I run script:
-    """
-role "user", "bob", ownerid: "foobar"
-    """
-    Then the "role" "cucumber:user:bob" should be owned by "foobar"
-    
-  Scenario: Create with scoped ownership
-    When I run script:
-    """
-role "user", "bob" do
-  owns do
-    resource "food", "bacon"
-  end
-end
-    """
-    Then the "resource" "cucumber:food:bacon" should be owned by "cucumber:user:bob"
-    

data/features/dsl_permission.feature

@@ -1,45 +0,0 @@
-@dsl
-Feature: Manpipulating permissions
-
-  Background:
-
-  Scenario: Permit using Role#can
-    When I run script:
-    """
-bacon = resource "food", "bacon"
-role "user", "bob" do
-  can "fry", bacon
-end
-    """
-    Then "cucumber:user:bob" can "fry" "cucumber:food:bacon"
-
-  Scenario: Permit using Role#can with grant option
-    When I run script:
-    """
-bacon = resource "food", "bacon"
-role "user", "bob" do
-  can "fry", bacon, grant_option: true
-end
-    """
-    Then "cucumber:user:bob" can "fry" "cucumber:food:bacon" with grant option
-    
-  Scenario: Permit using Resource#permit
-    When I run script:
-    """
-bob = role "user", "bob"
-resource "food", "bacon" do
-  permit "fry", bob
-end
-    """
-    Then "cucumber:user:bob" can "fry" "cucumber:food:bacon"
-
-  Scenario: Permit using Resource#permit with grant option
-    When I run script:
-    """
-bob = role "user", "bob"
-resource "food", "bacon" do
-  permit "fry", bob, grant_option: true
-end
-    """
-    Then "cucumber:user:bob" can "fry" "cucumber:food:bacon" with grant option
-    

data/features/dsl_resource_create.feature

@@ -1,23 +0,0 @@
-@dsl
-Feature: Creating a resource
-
-  Background:
-
-  Scenario: Create with simple kind and id
-    When I run script:
-    """
-resource "food", "bacon"
-    """
-    Then the model should contain "resource" "cucumber:food:bacon"
-
-  Scenario: Create with scope
-    When I run script:
-    """
-scope "test" do
-  resource "food", "bacon"
-end
-resource "food", "eggs"
-    """
-    Then the model should contain "resource" "cucumber:food:test/bacon"
-    And the model should contain "resource" "cucumber:food:eggs"
-    

data/features/dsl_role_create.feature

@@ -1,11 +0,0 @@
-@dsl
-Feature: Creating a role
-
-  Background:
-
-  Scenario: Create with simple kind and id
-    When I run script:
-    """
-role "user", "bob"
-    """
-    Then the model should contain "role" "cucumber:user:bob"