conjur-cli 6.0.1 → 6.2.3

data/lib/conjur/command/hosts.rb

@@ -36,7 +36,7 @@ class Conjur::Command::Hosts < Conjur::Command
           host_resourceid = full_resource_id("host:#{host}")
 
           unless api.resource(host_resourceid).exists?
-            exit_now! "host '#{host}' not found"
+            exit_now! "Host '#{host}' not found"
           end
 
           # Prepend 'host/' if it wasn't passed in

data/lib/conjur/command/ldap_sync.rb

@@ -0,0 +1,37 @@
+require 'conjur/command'
+
+class Conjur::Command::LDAPSync < Conjur::Command
+  desc 'LDAP sync management commands'
+  command :'ldap-sync' do |cgrp|
+
+    cgrp.desc 'Manage the policy used to sync Conjur and the LDAP server'
+    cgrp.command :policy do |policy|
+
+      policy.desc 'Show the current policy'
+      policy.command :show do |show|
+
+        show.desc 'LDAP Sync profile to use (defined in UI)'
+        show.arg_name 'profile'
+        show.flag ['p', 'profile'], default_value: 'default'
+
+        show.action do |_,options,_|
+          begin
+            resp = api.ldap_sync_policy(config_name: options[:profile])
+            
+            if (policy = resp['policy'])
+              if resp['ok']
+                puts(policy)
+              else
+                exit_now! 'Failed creating the policy.'
+              end
+            else
+              exit_now! resp['error']['message']
+            end
+          rescue RestClient::ResourceNotFound => ex
+            exit_now! "LDAP sync is not supported by the server #{Conjur.configuration.appliance_url}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/conjur/command/rspec/mock_services.rb

@@ -29,7 +29,13 @@ end
 shared_context "when logged in", logged_in: true do
   include_context "with mock authn"
   before do
-    allow(api).to receive(:credentials) { {} }
+    allow(api).to receive(:credentials) do
+      {
+        :username => 'dknuth',
+        :headers => { :authorization => "fakeauth" },
+      }
+    end
+
     netrc[authn_host] = [username, api_key]
     allow(Conjur::Command).to receive_messages api: api
   end

data/lib/conjur/command/users.rb

@@ -47,7 +47,11 @@ class Conjur::Command::Users < Conjur::Command
           if api.username == options[:user]
             exit_now! 'To rotate the API key of the currently logged-in user, use this command without any flags or options'
           end
-          puts api.resource([ Conjur.configuration.account, "user", options[:user] ].join(":")).rotate_api_key
+          user_resource_id = [Conjur.configuration.account, "user", options[:user]].join(":")
+          unless api.resource(user_resource_id).exists?
+            exit_now! "User '#{options[:user]}' not found"
+          end
+          puts api.resource(user_resource_id).rotate_api_key
         else
           username, password = Conjur::Authn.read_credentials
           new_api_key = Conjur::API.rotate_api_key username, password

data/lib/conjur/version.rb

@@ -19,6 +19,6 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
 module Conjur
-  VERSION = '6.0.1'
+  VERSION = '6.2.3'
   ::Version=VERSION
 end

data/needs-publishing

@@ -0,0 +1,28 @@
+#!/bin/bash -ex
+
+echo "Determining if publishing is requested..."
+
+VERSION=$(ruby -I lib -r conjur/version -e 'puts Conjur::VERSION')
+echo Declared version: $VERSION
+
+if curl -s https://rubygems.org/api/v1/versions/conjur-cli.json | jq -e ".[] | select(.number == \"$VERSION\")" >/dev/null; then
+   echo "Found $VERSION on rubygems, not republishing"
+   exit 1
+fi
+   
+# Jenkins git plugin is broken and always fetches with `--no-tags`
+# (or `--tags`, neither of which is what you want), so tags end up
+# not being fetched. Try to fix that.
+# (Unfortunately this fetches all remote heads, so we may have to find
+# another solution for bigger repos.)
+git fetch -q
+
+# note when tag not found git rev-parse will just print its name
+# TAG=`git rev-parse tags/v$VERSION 2>/dev/null || :`
+TAG=`git rev-list -n 1 "v$VERSION" 2>/dev/null || :`
+echo Tag v$VERSION: $TAG
+
+HEAD=`git rev-parse HEAD`
+echo HEAD: $HEAD
+
+test "$HEAD" = "$TAG"

data/push-image

@@ -1,28 +1,46 @@
-#!/bin/bash -eu
-
-# Push the 'cli:5' image to Dockerhub when on the 'master' branch
-
-cd "$(git rev-parse --show-toplevel)"
-
-IMAGE='cyberark/conjur-cli'
-
-function tag_and_push() {
-    local image="$1"
-    local tag="$2"
-    local description="$3"
-
-    echo "TAG = $tag, $description"
-
-    docker tag "$image" "$image:$tag"
-    docker push "$image:$tag"
-}
-
-version_tag="5-$(cat VERSION)"
-
-tag_and_push $IMAGE '5'        'latest image'
-tag_and_push $IMAGE '5-latest'   'same as "5"'
-tag_and_push $IMAGE $version_tag 'version-specific image'
-
-# push to legacy `conjurinc/cli5` tag
-docker tag "$IMAGE" conjurinc/cli5:latest
-docker push conjurinc/cli5:latest
+#!/bin/bash
+
+set -e
+
+readonly REGISTRY="cyberark"
+readonly INTERNAL_REGISTRY="registry2.itci.conjur.net"
+readonly VERSION="$(cat VERSION)"
+readonly VERSION_TAG="5-${VERSION}"
+readonly image_name="conjur-cli"
+readonly full_image_name="${REGISTRY}/${image_name}:latest"
+
+readonly TAGS=(
+  "5"
+  "5-latest"
+  "$VERSION_TAG"
+)
+
+# fetching tags is required for git_description to work
+git fetch --tags
+git_description=$(git describe)
+
+# if it’s not a tagged commit, VERSION will have extra junk (i.e. -g666c4b2), so we won’t publish that commit
+# only when tag matches the VERSION, push VERSION and latest releases
+# and x and x.y releases
+#Ex: v5-6.2.1
+if [ "${git_description}" = "v${VERSION}" ]; then
+  echo "Revision ${git_description} matches version ${VERSION} exactly. Pushing to Dockerhub..."
+
+  for tag in "${TAGS[@]}"; do
+    echo "Tagging and pushing ${REGISTRY}/${image_name}:${tag}"
+
+    # push to dockerhub
+    docker tag "${full_image_name}" "${REGISTRY}/${image_name}:${tag}"
+    docker push "${REGISTRY}/${image_name}:${tag}"
+
+    # push to internal registry
+    # necessary because some cyberark teams/networks can't pull from dockerhub
+    docker tag "${full_image_name}" "${INTERNAL_REGISTRY}/${image_name}:${tag}"
+    docker push "${INTERNAL_REGISTRY}/${image_name}:${tag}"
+
+  done
+
+  # push to legacy `conjurinc/cli5` tag
+  docker tag "${full_image_name}" conjurinc/cli5:latest
+  docker push conjurinc/cli5:latest
+fi

data/spec/authn_spec.rb

@@ -37,11 +37,11 @@ describe Conjur::Authn do
       allow(ENV).to receive(:[]).with("CONJUR_AUTHN_LOGIN").and_return "the-login"
       allow(ENV).to receive(:[]).with("CONJUR_AUTHN_API_KEY").and_return "the-api-key"
     end
-    
+
     context "login and API key" do
       it "are used to authn" do
         expect(Conjur::Authn.get_credentials).to eq([ "the-login", "the-api-key" ])
-          
+
         expect(api.username).to eq('the-login')
         expect(api.api_key).to eq('the-api-key')
       end
@@ -94,7 +94,7 @@ describe Conjur::Authn do
       before do
         allow(Conjur::Config).to receive(:[]).with(:netrc_path).and_return path
       end
-      
+
       context "with specified netrc_path" do
         let(:path) { "/a/dummy/netrc/path" }
         it "consults Conjur::Config for netrc_path" do
@@ -102,7 +102,7 @@ describe Conjur::Authn do
           expect(Conjur::Authn.netrc).to eq(netrc)
         end
       end
-  
+
       context "without specified netrc_path" do
         let(:path) { nil }
         it "uses default netrc path" do

data/spec/command/authn_spec.rb

@@ -10,14 +10,14 @@ describe Conjur::Command::Authn do
         describe_command "#{cmd}" do
           it "prompts for username and password and logs in the user" do
             expect(Conjur::Authn).to receive(:ask_for_credentials).with({}).and_return [ "the-user", "the-api-key" ]
-  
+
             expect { invoke }.to write("Logged in")
           end
         end
         describe_command "#{cmd} -u the-user" do
           it "prompts for password and logs in the user" do
             expect(Conjur::Authn).to receive(:ask_for_credentials).with({username: 'the-user'}).and_return [ "the-user", "the-api-key" ]
-  
+
             expect { invoke }.to write("Logged in")
           end
         end

data/spec/command/hosts_spec.rb

@@ -9,13 +9,19 @@ describe Conjur::Command::Hosts, logged_in: true do
         expect(RestClient::Request).to receive(:execute).with({
           method: :head,
           url: "https://core.example.com/api/resources/#{account}/host/redis001",
-          headers: {}
+          headers: {
+            authorization: "fakeauth",
+          },
+          username: "dknuth",
         }).and_return true
         expect(RestClient::Request).to receive(:execute).with({
             method: :put,
             url: "https://core.example.com/api/authn/#{account}/api_key?role=#{account}:host:redis001",
-            headers: {},
-            payload: ''
+            headers: {
+              authorization: "fakeauth",
+            },
+            payload: '',
+            username: "dknuth",
         }).and_return double(:response, body: 'new api key')
       end
 
@@ -23,5 +29,19 @@ describe Conjur::Command::Hosts, logged_in: true do
         invoke
       end
     end
+
+    describe_command 'host rotate_api_key --host non-existing' do
+      before do
+        expect(RestClient::Request).to receive(:execute).with({
+                  method: :head,
+                  url: "https://core.example.com/api/resources/#{account}/host/non-existing",
+                  headers: {authorization: "fakeauth"},
+                  username: username,
+              }).and_raise RestClient::ResourceNotFound
+      end
+      it 'rotate_api_key with non-existing --host option' do
+        expect { invoke }.to raise_error(GLI::CustomExit, /Host 'non-existing' not found/i)
+      end
+    end
   end
 end

data/spec/command/init_spec.rb

@@ -1,36 +1,46 @@
 require 'spec_helper'
 require 'highline'
 
-GITHUB_FP = "SHA1 Fingerprint=D7:9F:07:61:10:B3:92:93:E3:49:AC:89:84:5B:03:80:C1:9E:2F:8B"
+GITHUB_FP = "SHA1 Fingerprint=5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E"
 GITHUB_CERT = <<EOF
 -----BEGIN CERTIFICATE-----
-MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBs
+MIIG1TCCBb2gAwIBAgIQBVfICygmg6F7ChFEkylreTANBgkqhkiG9w0BAQsFADBw
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
-ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowdTEL
-MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
-LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGlnaUNlcnQgU0hBMiBFeHRlbmRlZCBW
-YWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAAh/FnKIaFjI5j2ryxQDji0/XspQUY
-uD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9om9KxjxKws9LniB8f7zh3VFNfgHk/
-LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzikIKHaq7q12TWmFXo/a8aUGxUvBHy
-/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIclho3YIeSwTQyJ3DkmF93215SF2AQh
-cJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6Ku8hI3UarS2bhjWMnHe1c63YlC3k
-8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOCAUkwggFFMBIGA1UdEwEB/wQIMAYB
-Af8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
-BQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
-Z2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2Vy
-dC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2
-MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
-b20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNKYApl0yHU+PjWDzAfBgNVHSMEGDAW
-gBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAnbbQkIbh
-hgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18CK3mtlC4ohpNiAexKSHc59rGPCHg
-4xFJcKx6HQGkyhE6V6t9VypAdP3THYUYUN9XR3WhfVUgLkc3UHKMf4Ib0mKPLQNa
-2sPIoc4sUqIAY+tzunHISScjl2SFnjgOrWNoPLpSgVh5oywM395t6zHyuqB8bPEs
-1OG9d4Q3A84ytciagRpKkk47RpqF/oOi+Z6Mo8wNXrM9zwR4jxQUezKcxwCmXMS1
-oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn
-8TUoE6smftX3eg==
------END CERTIFICATE-----
+d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
+dXJhbmNlIFNlcnZlciBDQTAeFw0yMDA1MDUwMDAwMDBaFw0yMjA1MTAxMjAwMDBa
+MGYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
+YW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIEluYy4xEzARBgNVBAMTCmdp
+dGh1Yi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MrTQ2J6a
+nox5KUwrqO9cQ9STO5R4/zBUxxvI5S8bmc0QjWfIVAwHWuT0Bn/H1oS0LM0tTkQm
+ARrqN77v9McVB8MWTGsmGQnS/1kQRFuKiYGUHf7iX5pfijbYsOkfb4AiVKysKUNV
+UtgVvpJoe5RWURjQp9XDWkeo2DzGHXLcBDadrM8VLC6H1/D9SXdVruxKqduLKR41
+Z/6dlSDdeY1gCnhz3Ch1pYbfMfsTCTamw+AtRtwlK3b2rfTHffhowjuzM15UKt+b
+rr/cEBlAjQTva8rutYU9K9ONgl+pG2u7Bv516DwmNy8xz9wOjTeOpeh0M9N/ewq8
+cgbR87LFaxi1AgMBAAGjggNzMIIDbzAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVk
+YqISuFlyOzAdBgNVHQ4EFgQUYwLSXQJf943VWhKedhE2loYsikgwJQYDVR0RBB4w
+HIIKZ2l0aHViLmNvbYIOd3d3LmdpdGh1Yi5jb20wDgYDVR0PAQH/BAQDAgWgMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5o
+dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMDSg
+MqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYu
+Y3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBz
+Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3
+MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEF
+BQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhp
+Z2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAXwGCisGAQQB
+1nkCBAIEggFsBIIBaAFmAHUAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVd
+x4QAAAFx5ltprwAABAMARjBEAiAuWGCWxN/M0Ms3KOsqFjDMHT8Aq0SlHfQ68KDg
+rVU6AAIgDA+2EB0D5W5r0i4Nhljx6ABlIByzrEdfcxiOD/o6//EAdQAiRUUHWVUk
+VpY/oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXHmW2nTAAAEAwBGMEQCIBp+XQKa
+UDiPHwjBxdv5qvgyALKaysKqMF60gqem8iPRAiAk9Dp5+VBUXfSHqyW+tVShUigh
+ndopccf8Gs21KJ4jXgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXl
+AAABceZbahsAAAQDAEcwRQIgd/5HcxT4wfNV8zavwxjYkw2TYBAuRCcqp1SjWKFn
+4EoCIQDHSTHxnbpxWFbP6v5Y6nGFZCDjaHgd9HrzUv2J/DaacDANBgkqhkiG9w0B
+AQsFAAOCAQEAhjKPnBW4r+jR3gg6RA5xICTW/A5YMcyqtK0c1QzFr8S7/l+skGpC
+yCHrJfFrLDeyKqgabvLRT6YvvM862MGfMMDsk+sKWtzLbDIcYG7sbviGpU+gtG1q
+B0ohWNApfWWKyNpquqvwdSEzAEBvhcUT5idzbK7q45bQU9vBIWgQz+PYULAU7KmY
+z7jOYV09o22TNMQT+hFmo92+EBlwSeIETYEsHy5ZxixTRTvu9hP00CyEbiht5OTK
+5EiJG6vsIh/uEtRsdenMCxV06W2f20Af4iSFo0uk6c1ryHefh08FcwA4pSNUaPyi
+Pb8YGQ6o/blejFzo/OSiUnDueafSJ0p6SQ==
 EOF
 
 describe Conjur::Command::Init do

data/spec/command/ldap_sync_spec.rb

@@ -0,0 +1,38 @@
+require 'spec_helper'
+
+describe Conjur::Command::LDAPSync, logged_in: true do
+  let (:policy_response) { { 'ok' => true, 'events' => [], 'policy' => <<eop
+"---
+- !user
+  annotations:
+    ldap-sync/source: ldap-server:389
+    ldap-sync/upstream-dn: CN=Administrator,OU=functest,OU=testdata,OU=dev-ci,DC=dev-ci,DC=conjur
+  id: Administrator
+  uidnumber:"}
+eop
+  }
+}
+
+  describe_command "ldap-sync policy show" do
+
+    context "on a server that supports LDAP sync" do
+      before do 
+        expect_any_instance_of(Conjur::API).to receive(:ldap_sync_policy).with(config_name: 'default').and_return policy_response
+      end
+      
+      it "shows the policy" do
+        expect { invoke }.to write policy_response['policy']
+      end
+    end
+
+    context "on a server that doesn't support LDAP sync" do
+      before do
+        expect_any_instance_of(Conjur::API).to receive(:ldap_sync_policy).and_raise(RestClient::ResourceNotFound)
+      end
+
+      it "shows an error message" do
+        expect {invoke}.to raise_error(GLI::CustomExit, /LDAP sync is not supported by the server/)
+      end
+    end
+  end
+end

data/spec/command/users_spec.rb

@@ -52,5 +52,18 @@ describe Conjur::Command::Users, logged_in: true do
         invoke
       end
     end
+    describe_command 'user rotate_api_key --user non-existing' do
+      before do
+      expect(RestClient::Request).to receive(:execute).with({
+            method: :head,
+            url: "https://core.example.com/api/resources/#{account}/user/non-existing",
+            headers: {authorization: "fakeauth"},
+            username: username,
+        }).and_raise RestClient::ResourceNotFound
+      end
+      it 'rotate_api_key with non-existing --user option' do
+        expect { invoke }.to raise_error(GLI::CustomExit, /User 'non-existing' not found/i)
+      end
+    end
   end
 end

data/spec/spec_helper.rb

@@ -4,8 +4,11 @@ require 'tempfile'
 require 'ostruct'
 
 require "simplecov"
-SimpleCov.start
-  
+
+SimpleCov.start do
+  command_name "#{ENV['RUBY_VERSION']}"
+end
+
 def post_response(id, attributes = {})
   attributes[:id] = id
   

data/test.sh

@@ -6,6 +6,11 @@
 RUBY_VERSION=$(cut -d '-' -f 2 <<< $RUBY_VERSION)
 
 main() {
+
+  # set up the containers to run in their own namespace
+  COMPOSE_PROJECT_NAME="$(basename "$PWD")_$(openssl rand -hex 3)"
+  export COMPOSE_PROJECT_NAME
+
   build
 
   start_conjur

metadata

@@ -1,15 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: conjur-cli
 version: !ruby/object:Gem::Version
-  version: 6.0.1
+  version: 6.2.3
 platform: ruby
 authors:
-- Rafal Rzepecki
-- Kevin Gilpin
+- Conjur Maintainers
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-04-05 00:00:00.000000000 Z
+date: 2020-12-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -37,84 +36,70 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '5.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '5.3'
 - !ruby/object:Gem::Dependency
-  name: gli
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.8.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.8.0
-- !ruby/object:Gem::Dependency
-  name: highline
+  name: deep_merge
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
-  name: netrc
+  name: gli
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: 2.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: 2.8.0
 - !ruby/object:Gem::Dependency
-  name: deep_merge
+  name: highline
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.7'
 - !ruby/object:Gem::Dependency
-  name: xdg
+  name: netrc
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '0.10'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '0.10'
 - !ruby/object:Gem::Dependency
   name: table_print
   requirement: !ruby/object:Gem::Requirement
@@ -130,21 +115,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.5'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: xdg
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
+        version: 2.2.3
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 2.2.3
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: addressable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -186,49 +171,49 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
-  name: ci_reporter_cucumber
+  name: cucumber-api
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: io-grab
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0.0'
 - !ruby/object:Gem::Dependency
-  name: io-grab
+  name: json_spec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: json_spec
+  name: pry-byebug
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -242,51 +227,56 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: cucumber-api
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
-  name: addressable
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: pry-byebug
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.17'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.18'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.17'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.18'
 description: 
 email:
-- rafal@conjur.net
-- kgilpin@conjur.net
+- conj_maintainers@cyberark.com
 executables:
 - _conjur
 - conjur
@@ -294,23 +284,32 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".dockerignore"
+- ".github/CODEOWNERS"
+- ".github/ISSUE_TEMPLATE/bug.md"
+- ".github/ISSUE_TEMPLATE/feature_request.md"
+- ".github/PULL_REQUEST_TEMPLATE.md"
 - ".gitignore"
+- ".gitleaks.toml"
 - ".kateproject"
 - ".overcommit.yml"
 - ".project"
 - ".rubocop.yml"
 - APPLIANCE_VERSION
 - CHANGELOG.md
+- CONTRIBUTING.md
 - Gemfile
 - Humanfile.md
 - Jenkinsfile
-- LICENSE.md
+- LICENSE
+- NOTICES.txt
 - PUBLISH.md
 - README.md
 - Rakefile
+- SECURITY.md
 - VERSION
 - bin/_conjur
 - bin/conjur
+- bin/parse-changelog.sh
 - build-deb.sh
 - build-standalone
 - ci/cli-test.sh
@@ -318,6 +317,7 @@ files:
 - ci/package.sh
 - ci/publish.sh
 - ci/secrets/publish.yml
+- ci/submit-coverage
 - ci/test.sh
 - ci/wait_for_server.sh
 - conjur-cli.gemspec
@@ -372,6 +372,7 @@ files:
 - lib/conjur/command/host_factories.rb
 - lib/conjur/command/hosts.rb
 - lib/conjur/command/init.rb
+- lib/conjur/command/ldap_sync.rb
 - lib/conjur/command/plugin.rb
 - lib/conjur/command/policies.rb
 - lib/conjur/command/pubkeys.rb
@@ -391,6 +392,7 @@ files:
 - lib/conjur/version.rb
 - lib/patches/conjur/error.rb
 - lib/patches/gli.rb
+- needs-publishing
 - profile.rb
 - publish.sh
 - push-image
@@ -398,6 +400,7 @@ files:
 - spec/command/authn_spec.rb
 - spec/command/hosts_spec.rb
 - spec/command/init_spec.rb
+- spec/command/ldap_sync_spec.rb
 - spec/command/pubkeys_spec.rb
 - spec/command/resources_spec.rb
 - spec/command/roles_spec.rb
@@ -409,9 +412,9 @@ files:
 - spec/spec_helper.rb
 - standalone.entrypoint
 - test.sh
-homepage: https://github.com/conjurinc/cli-ruby
+homepage: https://github.com/cyberark/conjur-cli
 licenses:
-- MIT
+- Apache 2.0
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -428,8 +431,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Conjur command line interface
@@ -471,6 +473,7 @@ test_files:
 - spec/command/authn_spec.rb
 - spec/command/hosts_spec.rb
 - spec/command/init_spec.rb
+- spec/command/ldap_sync_spec.rb
 - spec/command/pubkeys_spec.rb
 - spec/command/resources_spec.rb
 - spec/command/roles_spec.rb