conjur-cli 6.2.1 → 6.2.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/CODEOWNERS +10 -0
- data/.github/ISSUE_TEMPLATE/bug.md +42 -0
- data/.github/ISSUE_TEMPLATE/feature_request.md +27 -0
- data/.github/PULL_REQUEST_TEMPLATE.md +21 -0
- data/.gitleaks.toml +216 -0
- data/CHANGELOG.md +63 -22
- data/CONTRIBUTING.md +81 -0
- data/Gemfile +1 -1
- data/Jenkinsfile +69 -18
- data/LICENSE +202 -0
- data/NOTICES.txt +421 -0
- data/README.md +278 -48
- data/SECURITY.md +42 -0
- data/VERSION +1 -1
- data/bin/parse-changelog.sh +12 -0
- data/build-standalone +42 -3
- data/ci/submit-coverage +36 -0
- data/ci/test.sh +1 -1
- data/conjur-cli.gemspec +15 -12
- data/docker-compose.yml +2 -1
- data/features/step_definitions/authn_steps.rb +1 -1
- data/features/support/env.rb +3 -1
- data/jenkins.sh +1 -1
- data/lib/conjur/command/hosts.rb +1 -1
- data/lib/conjur/command/rspec/describe_command.rb +26 -7
- data/lib/conjur/command/rspec/mock_services.rb +7 -1
- data/lib/conjur/command/users.rb +5 -1
- data/lib/conjur/version.rb +1 -1
- data/push-image +46 -28
- data/spec/authn_spec.rb +4 -4
- data/spec/command/authn_spec.rb +2 -2
- data/spec/command/hosts_spec.rb +26 -3
- data/spec/command/init_spec.rb +28 -41
- data/spec/command/users_spec.rb +18 -2
- data/spec/spec_helper.rb +5 -2
- data/test.sh +1 -1
- metadata +74 -60
- data/LICENSE.md +0 -195
data/README.md
CHANGED
@@ -6,7 +6,18 @@ Command-line interface for Conjur.
|
|
6
6
|
|
7
7
|
A complete reference guide is available at [conjur.org](https://www.conjur.org).
|
8
8
|
|
9
|
-
##
|
9
|
+
## Table of Contents
|
10
|
+
- [Getting Started](#getting-started)
|
11
|
+
- [Quick Start](#quick-start)
|
12
|
+
- [Using This Project With Conjur Open Source](#Using-conjur-cli-with-Conjur-Open-Source)
|
13
|
+
- [Using Docker](#using-docker)
|
14
|
+
- [Usage](#usage)
|
15
|
+
- [Contributing](#contributing)
|
16
|
+
- [License](#license)
|
17
|
+
|
18
|
+
## Getting Started
|
19
|
+
|
20
|
+
### Quick start
|
10
21
|
|
11
22
|
```sh-session
|
12
23
|
$ gem install conjur-cli
|
@@ -15,7 +26,19 @@ $ conjur -v
|
|
15
26
|
conjur version 6.0.0
|
16
27
|
```
|
17
28
|
|
29
|
+
### Using conjur-cli with Conjur Open Source
|
30
|
+
|
31
|
+
Are you using this project with [Conjur Open Source](https://github.com/cyberark/conjur)? Then we
|
32
|
+
**strongly** recommend choosing the version of this project to use from the latest [Conjur OSS
|
33
|
+
suite release](https://docs.conjur.org/Latest/en/Content/Overview/Conjur-OSS-Suite-Overview.html).
|
34
|
+
Conjur maintainers perform additional testing on the suite release versions to ensure
|
35
|
+
compatibility. When possible, upgrade your Conjur version to match the
|
36
|
+
[latest suite release](https://docs.conjur.org/Latest/en/Content/ReleaseNotes/ConjurOSS-suite-RN.htm);
|
37
|
+
when using integrations, choose the latest suite release that matches your Conjur version. For any
|
38
|
+
questions, please contact us on [Discourse](https://discuss.cyberarkcommons.org/c/conjur/5).
|
39
|
+
|
18
40
|
## Using Docker
|
41
|
+
|
19
42
|
[![Docker Build Status](https://img.shields.io/docker/build/conjurinc/cli5.svg)](https://hub.docker.com/r/conjurinc/cli5/)
|
20
43
|
This software is included in the standalone cyberark/conjur-cli:5 Docker image. Docker containers are designed to be ephemeral, which means they don't store state after the container exits.
|
21
44
|
|
@@ -59,80 +82,287 @@ drwxr-xr-x 2 you staff 68 Mar 29 14:16 .cache
|
|
59
82
|
```
|
60
83
|
*Security notice:* the file `.netrc`, created or updated by `conjur authn login`, contains a user identity credential that can be used to access the Conjur API. You should remove it after use or otherwise secure it like you would another netrc file.
|
61
84
|
|
62
|
-
##
|
85
|
+
## Usage
|
63
86
|
|
64
|
-
|
87
|
+
```
|
88
|
+
NAME
|
89
|
+
conjur - Command-line toolkit for managing roles, resources and privileges
|
90
|
+
|
91
|
+
SYNOPSIS
|
92
|
+
conjur [global options] command [command options] [arguments...]
|
93
|
+
|
94
|
+
GLOBAL OPTIONS
|
95
|
+
--help - Show this message
|
96
|
+
--version - Display the program version
|
97
|
+
```
|
98
|
+
|
99
|
+
### Commands
|
100
|
+
|
101
|
+
| Command | Description |
|
102
|
+
| ---------------------------------- | ------------------------------------------------- |
|
103
|
+
| [authn](#conjur-authn) | - Login and logout |
|
104
|
+
| [check](#conjur-check) | - Check for a privilege on a resource |
|
105
|
+
| [env](#conjur-env) | - Use values of Conjur variables in local context |
|
106
|
+
| [host](#conjur-host) | - Manage hosts |
|
107
|
+
| [hostfactory](#conjur-hostfactory) | - Manage host factories |
|
108
|
+
| [init](#conjur-init) | - Initialize the Conjur configuration |
|
109
|
+
| [ldap-sync](#conjur-ldap-sync) | - LDAP sync management commands |
|
110
|
+
| [list](#conjur-list) | - List objects |
|
111
|
+
| [plugin](#conjur-plugin) | - Manage plugins |
|
112
|
+
| [policy](#conjur-policy) | - Manage policies |
|
113
|
+
| [pubkeys](#conjur-pubkeys) | - Public keys service operations |
|
114
|
+
| [resource](#conjur-resource) | - Manage resources |
|
115
|
+
| [role](#conjur-role) | - Manage roles |
|
116
|
+
| [show](#conjur-show) | - Show an object |
|
117
|
+
| [user](#conjur-user) | - Manage users |
|
118
|
+
| [variable](#conjur-variable) | - Manage variables |
|
119
|
+
|
120
|
+
#### `conjur authn`
|
121
|
+
|
122
|
+
```
|
123
|
+
NAME
|
124
|
+
authn - Login and logout
|
125
|
+
SYNOPSIS
|
126
|
+
conjur [global options] authn authenticate [-H|--header] [-f filename|--filename filename]
|
127
|
+
conjur [global options] authn login [-p password|--password password] [-u username|--username username] login-name
|
128
|
+
conjur [global options] authn logout
|
129
|
+
conjur [global options] authn whoami
|
130
|
+
COMMANDS
|
131
|
+
authenticate - Obtains an authentication token using the current logged-in
|
132
|
+
user
|
133
|
+
login - Logs in and caches credentials to netrc.
|
134
|
+
logout - Logs out
|
135
|
+
whoami - Prints out the current logged in username
|
136
|
+
```
|
137
|
+
|
138
|
+
#### `conjur check`
|
65
139
|
|
66
|
-
```
|
67
|
-
|
68
|
-
|
140
|
+
```
|
141
|
+
NAME
|
142
|
+
check - Check for a user’s privilege on a resource
|
143
|
+
SYNOPSIS
|
144
|
+
conjur check [object] [privilege] [user]
|
145
|
+
PRIVILEGES
|
146
|
+
read, write, execute
|
69
147
|
```
|
70
148
|
|
71
|
-
|
149
|
+
#### `conjur env`
|
72
150
|
|
73
|
-
|
74
|
-
|
151
|
+
```
|
152
|
+
NAME
|
153
|
+
env - Use values of Conjur variables in local context
|
154
|
+
SYNOPSIS
|
155
|
+
conjur [global options] env check [--policy arg] [--yaml arg] [-c FILE]
|
156
|
+
conjur [global options] env help
|
157
|
+
conjur [global options] env run [--policy arg] [--yaml arg] [-c FILE] -- command [arg1, arg2 ...]
|
158
|
+
conjur [global options] env template [--policy arg] [--yaml arg] [-c FILE] template.erb
|
75
159
|
|
76
|
-
|
77
|
-
|
160
|
+
COMMANDS
|
161
|
+
check - Check availability of Conjur variables
|
162
|
+
help - Print description of environment configuration format
|
163
|
+
run - Execute external command with environment variables populated
|
164
|
+
from Conjur
|
165
|
+
template - Render ERB template with variables obtained from Conjur
|
78
166
|
|
79
|
-
|
167
|
+
root@e1bfc649b68d:/# conjur env help
|
80
168
|
|
81
|
-
|
82
|
-
|
83
|
-
|
169
|
+
Environment configuration (either stored in file referred by -c option or provided inline with --yaml option) should be a YAML document describing one-level Hash.
|
170
|
+
Keys of the hash are 'local names', used to refer to variable values in convenient manner. (See help for env:run and env:template for more details about how they are interpreted).
|
171
|
+
|
172
|
+
Values of the hash may take one of the following forms: a) string b) string preceeded with !var tag c) string preceeded with !tmp tag.
|
173
|
+
|
174
|
+
a) Plain string is just associated with local name without any calls to Conjur.
|
175
|
+
|
176
|
+
b) String preceeded by !var tag is interpreted as an ID of the Conjur variable, which value should be obtained and associated with appropriate local name.
|
177
|
+
|
178
|
+
c) String preceeded by !tmp tag is interpreted as an ID of the Conjur variable, which value should be stored in temporary file, which location should in turn be associated with appropriate local name.
|
179
|
+
|
180
|
+
Example of environment configuration:
|
181
|
+
|
182
|
+
{ local_variable_1: 'literal value', local_variable_2: !var id/of/Conjur/Variable , local_variable_3: !tmp id/of/another/Conjur/variable }
|
84
183
|
```
|
85
184
|
|
86
|
-
|
87
|
-
`start.sh` script. It looks like this:
|
185
|
+
#### `conjur host`
|
88
186
|
|
89
187
|
```
|
90
|
-
|
188
|
+
NAME
|
189
|
+
host - Manage hosts
|
91
190
|
|
92
|
-
|
93
|
-
|
191
|
+
SYNOPSIS
|
192
|
+
conjur [global options] host layers HOST
|
193
|
+
conjur [global options] host rotate_api_key [--host arg|-h arg]
|
94
194
|
|
95
|
-
|
195
|
+
COMMANDS
|
196
|
+
layers - List the layers to which the host belongs
|
197
|
+
rotate_api_key - Rotate a host's API key
|
96
198
|
```
|
97
199
|
|
98
|
-
|
200
|
+
#### `conjur hostfactory`
|
99
201
|
|
100
|
-
|
202
|
+
```
|
203
|
+
NAME
|
204
|
+
hostfactory - Manage host factories
|
101
205
|
|
102
|
-
|
206
|
+
SYNOPSIS
|
207
|
+
conjur [global options] hostfactory hosts
|
208
|
+
conjur [global options] hostfactory tokens
|
103
209
|
|
104
|
-
|
105
|
-
|
106
|
-
|
210
|
+
COMMANDS
|
211
|
+
hosts - Operations on hosts
|
212
|
+
tokens - Operations on tokens
|
107
213
|
```
|
108
214
|
|
109
|
-
|
215
|
+
#### `conjur init`
|
110
216
|
|
111
|
-
```
|
112
|
-
|
113
|
-
|
217
|
+
```
|
218
|
+
NAME
|
219
|
+
init – Initialize the Conjur configuration
|
220
|
+
SYNOPSIS
|
221
|
+
conjur [global options] init [-u URL of Conjur service] [-a account name]
|
114
222
|
```
|
115
223
|
|
116
|
-
|
224
|
+
#### `conjur ldap-sync`
|
225
|
+
|
226
|
+
```
|
227
|
+
NAME
|
228
|
+
ldap-sync - LDAP sync management commands
|
117
229
|
|
118
|
-
|
119
|
-
|
120
|
-
3. Commit your changes (`git commit -am 'Added some feature'`)
|
121
|
-
4. Push to the branch (`git push origin my-new-feature`)
|
122
|
-
5. Create new Pull Request
|
230
|
+
SYNOPSIS
|
231
|
+
conjur [global options] ldap-sync policy
|
123
232
|
|
124
|
-
|
233
|
+
COMMANDS
|
234
|
+
policy - Manage the policy used to sync Conjur and the LDAP server
|
235
|
+
```
|
236
|
+
|
237
|
+
#### `conjur list`
|
238
|
+
|
239
|
+
```
|
240
|
+
Lists conjur objects
|
241
|
+
```
|
242
|
+
|
243
|
+
#### `conjur plugin`
|
244
|
+
|
245
|
+
```
|
246
|
+
NAME
|
247
|
+
plugin - Manage plugins
|
248
|
+
|
249
|
+
SYNOPSIS
|
250
|
+
conjur [global options] plugin install [-v version|--version version] PLUGIN
|
251
|
+
conjur [global options] plugin list
|
252
|
+
conjur [global options] plugin show PLUGIN
|
253
|
+
conjur [global options] plugin uninstall PLUGIN
|
254
|
+
|
255
|
+
COMMANDS
|
256
|
+
install - Install a plugin
|
257
|
+
list - List installed plugins
|
258
|
+
show - Show a plugin's details
|
259
|
+
uninstall - Uninstall a plugin
|
260
|
+
```
|
261
|
+
|
262
|
+
#### `conjur policy`
|
263
|
+
|
264
|
+
```
|
265
|
+
NAME
|
266
|
+
policy - Manage policies
|
267
|
+
|
268
|
+
SYNOPSIS
|
269
|
+
conjur [global options] policy load [--delete] [--replace] POLICY FILENAME
|
270
|
+
|
271
|
+
COMMANDS
|
272
|
+
load - Load a policy
|
273
|
+
--delete – deletes a policy
|
274
|
+
--replace – replaces a policy
|
275
|
+
```
|
276
|
+
|
277
|
+
#### `conjur pubkeys`
|
278
|
+
|
279
|
+
```
|
280
|
+
NAME
|
281
|
+
pubkeys - Public keys service operations
|
282
|
+
SYNOPSIS
|
283
|
+
conjur [global options] pubkeys [USER]
|
284
|
+
```
|
285
|
+
|
286
|
+
#### `conjur resource`
|
287
|
+
|
288
|
+
```
|
289
|
+
NAME
|
290
|
+
resource - Manage resources
|
291
|
+
|
292
|
+
SYNOPSIS
|
293
|
+
conjur [global options] resource exists RESOURCE
|
294
|
+
conjur [global options] resource permitted_roles RESOURCE PRIVILEGE
|
295
|
+
|
296
|
+
COMMANDS
|
297
|
+
exists - Determines whether a resource exists
|
298
|
+
permitted_roles - List roles with a specified privilege on the resource
|
299
|
+
```
|
300
|
+
|
301
|
+
#### `conjur role`
|
302
|
+
|
303
|
+
```
|
304
|
+
NAME
|
305
|
+
role - Manage roles
|
306
|
+
|
307
|
+
SYNOPSIS
|
308
|
+
conjur [global options] role exists [--json] ROLE
|
309
|
+
conjur [global options] role members [-V|--verbose] ROLE
|
310
|
+
conjur [global options] role memberships [-s|--system] ROLE
|
311
|
+
|
312
|
+
COMMANDS
|
313
|
+
exists - Determines whether a role exists
|
314
|
+
members - Lists all direct members of the role. The membership list is
|
315
|
+
not recursively expanded.
|
316
|
+
memberships - Lists role memberships. The role membership list is
|
317
|
+
recursively expanded.
|
318
|
+
```
|
319
|
+
|
320
|
+
#### `conjur show`
|
321
|
+
|
322
|
+
```
|
323
|
+
NAME
|
324
|
+
show - Show an object
|
325
|
+
SYNOPSIS
|
326
|
+
conjur show [object]
|
327
|
+
```
|
328
|
+
|
329
|
+
#### `conjur user`
|
330
|
+
|
331
|
+
```
|
332
|
+
NAME
|
333
|
+
user - Manage users
|
334
|
+
|
335
|
+
SYNOPSIS
|
336
|
+
conjur [global options] user rotate_api_key [--user arg|-u arg]
|
337
|
+
conjur [global options] user update_password [-p arg|--password arg]
|
338
|
+
|
339
|
+
COMMANDS
|
340
|
+
rotate_api_key - Rotate a user's API key
|
341
|
+
update_password - Update the password of the logged-in user
|
342
|
+
```
|
343
|
+
|
344
|
+
#### `conjur variable`
|
345
|
+
|
346
|
+
```
|
347
|
+
NAME
|
348
|
+
variable - Manage variables
|
349
|
+
|
350
|
+
SYNOPSIS
|
351
|
+
conjur [global options] variable value [-v arg|--version arg] VARIABLE
|
352
|
+
conjur [global options] variable values
|
125
353
|
|
126
|
-
|
354
|
+
COMMANDS
|
355
|
+
value - Get a value
|
356
|
+
values - Access variable values
|
357
|
+
```
|
358
|
+
|
359
|
+
## Contributing
|
127
360
|
|
128
|
-
|
129
|
-
|
130
|
-
You may obtain a copy of the License at
|
361
|
+
We welcome contributions of all kinds to this repository. For instructions on how to get started and descriptions of our development workflows, please see our [contributing
|
362
|
+
guide][contrib].
|
131
363
|
|
132
|
-
|
364
|
+
[contrib]: https://github.com/cyberark/conjur-cli/blob/main/CONTRIBUTING.md
|
365
|
+
|
366
|
+
## License
|
133
367
|
|
134
|
-
|
135
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
136
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
137
|
-
See the License for the specific language governing permissions and
|
138
|
-
limitations under the License.
|
368
|
+
This repository is licensed under Apache License 2.0 - see [`LICENSE`](LICENSE) for more details.
|
data/SECURITY.md
ADDED
@@ -0,0 +1,42 @@
|
|
1
|
+
# Security Policies and Procedures
|
2
|
+
|
3
|
+
This document outlines security procedures and general policies for the CyberArk Conjur
|
4
|
+
suite of tools and products.
|
5
|
+
|
6
|
+
* [Reporting a Bug](#reporting-a-bug)
|
7
|
+
* [Disclosure Policy](#disclosure-policy)
|
8
|
+
* [Comments on this Policy](#comments-on-this-policy)
|
9
|
+
|
10
|
+
## Reporting a Bug
|
11
|
+
|
12
|
+
The CyberArk Conjur team and community take all security bugs in the Conjur suite seriously.
|
13
|
+
Thank you for improving the security of the Conjur suite. We appreciate your efforts and
|
14
|
+
responsible disclosure and will make every effort to acknowledge your
|
15
|
+
contributions.
|
16
|
+
|
17
|
+
Report security bugs by emailing the lead maintainers at security@conjur.org.
|
18
|
+
|
19
|
+
The maintainers will acknowledge your email within 2 business days. Subsequently, we will
|
20
|
+
send a more detailed response within 2 business days of our acknowledgement indicating
|
21
|
+
the next steps in handling your report. After the initial reply to your report, the security
|
22
|
+
team will endeavor to keep you informed of the progress towards a fix and full
|
23
|
+
announcement, and may ask for additional information or guidance.
|
24
|
+
|
25
|
+
Report security bugs in third-party modules to the person or team maintaining
|
26
|
+
the module.
|
27
|
+
|
28
|
+
## Disclosure Policy
|
29
|
+
|
30
|
+
When the security team receives a security bug report, they will assign it to a
|
31
|
+
primary handler. This person will coordinate the fix and release process,
|
32
|
+
involving the following steps:
|
33
|
+
|
34
|
+
* Confirm the problem and determine the affected versions.
|
35
|
+
* Audit code to find any potential similar problems.
|
36
|
+
* Prepare fixes for all releases still under maintenance. These fixes will be
|
37
|
+
released as fast as possible.
|
38
|
+
|
39
|
+
## Comments on this Policy
|
40
|
+
|
41
|
+
If you have suggestions on how this process could be improved please submit a
|
42
|
+
pull request.
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
6.2.
|
1
|
+
6.2.5
|
data/build-standalone
CHANGED
@@ -1,6 +1,45 @@
|
|
1
1
|
#!/bin/bash -e
|
2
2
|
|
3
|
-
|
3
|
+
IMAGE="cyberark/conjur-cli:latest"
|
4
|
+
|
5
|
+
ENV_VARS=(
|
6
|
+
"CONJUR_MAJOR_VERSION=5"
|
7
|
+
"CONJUR_VERSION=5"
|
8
|
+
"PATH=/usr/local/lib/summon:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
9
|
+
)
|
10
|
+
|
11
|
+
# Flatten resulting image.
|
12
|
+
flatten() {
|
13
|
+
local image="$1"
|
14
|
+
echo "Flattening image '$image'..."
|
15
|
+
|
16
|
+
# Since `--squash` is still experimental, we have to flatten the image
|
17
|
+
# by exporting and importing a container based on the source image. By
|
18
|
+
# doing this though, we lose a lot of the Dockerfile variables that are
|
19
|
+
# required for running the image (ENV, EXPOSE, WORKDIR, etc) so we
|
20
|
+
# manually rebuild them.
|
21
|
+
# See here for more details: https://github.com/moby/moby/issues/8334
|
22
|
+
local container
|
23
|
+
container=$(docker create "$image")
|
24
|
+
|
25
|
+
env_var_params=()
|
26
|
+
for env_var in "${ENV_VARS[@]}"; do
|
27
|
+
env_var_params+=("--change")
|
28
|
+
env_var_params+=("ENV $env_var")
|
29
|
+
done
|
30
|
+
|
31
|
+
docker export "$container" | docker import \
|
32
|
+
"${env_var_params[@]}" \
|
33
|
+
--change 'ENTRYPOINT ["/bin/entry"]' \
|
34
|
+
- "$image"
|
35
|
+
docker rm "$container"
|
36
|
+
}
|
37
|
+
|
38
|
+
# Build the cli standalone container image
|
39
|
+
echo "Building image $IMAGE"
|
40
|
+
|
4
41
|
docker build . \
|
5
|
-
|
6
|
-
|
42
|
+
--file Dockerfile.standalone \
|
43
|
+
--tag "$IMAGE"
|
44
|
+
|
45
|
+
flatten "$IMAGE"
|
data/ci/submit-coverage
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
set -eux
|
4
|
+
|
5
|
+
DIR="coverage"
|
6
|
+
BIN="cc-test-reporter"
|
7
|
+
REPORT="${DIR}/.resultset.json"
|
8
|
+
|
9
|
+
if [[ ! -e ${REPORT} ]]; then
|
10
|
+
echo "SimpleCov report (${REPORT}) not found"
|
11
|
+
ls -laR ${DIR}
|
12
|
+
exit 1
|
13
|
+
fi
|
14
|
+
|
15
|
+
if [[ ! -x ${BIN} ]]; then
|
16
|
+
echo "cc-test-reporter binary not found, not reporting coverage data to code climate"
|
17
|
+
ls -laR ${DIR}
|
18
|
+
# report is present but reporter binary is not, definitely a bug, exit error.
|
19
|
+
exit 1
|
20
|
+
fi
|
21
|
+
|
22
|
+
# Simplecov excludes files not within the current repo, it also needs to
|
23
|
+
# be able to read all the files referenced within the report. As the reports
|
24
|
+
# are generated in containers, the absolute paths contained in the report
|
25
|
+
# are not valid outside that container. This sed fixes the paths
|
26
|
+
# So they are correct relative to the Jenkins workspace.
|
27
|
+
sed -i -E "s+/src+${WORKSPACE}+g" "${REPORT}"
|
28
|
+
|
29
|
+
echo "Coverage reports prepared, submitting to CodeClimate."
|
30
|
+
# vars GIT_COMMIT, GIT_BRANCH & TRID are set by ccCoverage.dockerPrep
|
31
|
+
|
32
|
+
./${BIN} after-build \
|
33
|
+
--coverage-input-type "simplecov"\
|
34
|
+
--id "${TRID}"
|
35
|
+
|
36
|
+
echo "Successfully Reported Coverage Data"
|
data/ci/test.sh
CHANGED
@@ -11,7 +11,7 @@ unset CONJUR_AUTHN_LOGIN
|
|
11
11
|
|
12
12
|
bundle exec rake jenkins || true
|
13
13
|
|
14
|
-
env CONJUR_AUTHN_LOGIN=admin CONJUR_AUTHN_API_KEY=
|
14
|
+
env CONJUR_AUTHN_LOGIN=admin CONJUR_AUTHN_API_KEY='ADmin123!!!!' bundle exec cucumber -r acceptance-features/support \
|
15
15
|
-r acceptance-features/step_definitions \
|
16
16
|
-f pretty \
|
17
17
|
-f junit --out acceptance-features/reports \
|
data/conjur-cli.gemspec
CHANGED
@@ -3,11 +3,11 @@ require File.expand_path('../lib/conjur/version', __FILE__)
|
|
3
3
|
require "English"
|
4
4
|
|
5
5
|
Gem::Specification.new do |gem|
|
6
|
-
gem.authors = ["
|
7
|
-
gem.email = ["
|
6
|
+
gem.authors = ["Conjur Maintainers"]
|
7
|
+
gem.email = ["conj_maintainers@cyberark.com",]
|
8
8
|
gem.summary = %q{Conjur command line interface}
|
9
|
-
gem.homepage = "https://github.com/
|
10
|
-
gem.license = '
|
9
|
+
gem.homepage = "https://github.com/cyberark/conjur-cli"
|
10
|
+
gem.license = 'Apache 2.0'
|
11
11
|
|
12
12
|
gem.files = (`git ls-files`.split($OUTPUT_RECORD_SEPARATOR)
|
13
13
|
.select { |x| x !~ /^Dockerfile/ }
|
@@ -18,23 +18,26 @@ Gem::Specification.new do |gem|
|
|
18
18
|
gem.require_paths = ["lib"]
|
19
19
|
gem.version = Conjur::VERSION
|
20
20
|
|
21
|
+
# Filter out development only executables
|
22
|
+
gem.executables -= %w{parse-changelog.sh}
|
23
|
+
|
21
24
|
gem.add_dependency 'activesupport', '>= 4.2', '< 6'
|
22
25
|
gem.add_dependency 'conjur-api', '~> 5.3'
|
26
|
+
gem.add_dependency 'deep_merge', '~> 1.0'
|
23
27
|
gem.add_dependency 'gli', '>=2.8.0'
|
24
|
-
gem.add_dependency 'highline', '~>
|
28
|
+
gem.add_dependency 'highline', '~> 2.0'
|
25
29
|
gem.add_dependency 'netrc', '~> 0.10'
|
26
|
-
gem.add_dependency 'deep_merge', '~> 1.0'
|
27
|
-
gem.add_dependency 'xdg', '= 2.2.3'
|
28
30
|
gem.add_dependency 'table_print', '~> 1.5'
|
31
|
+
gem.add_dependency 'xdg', '= 2.2.3'
|
29
32
|
|
30
|
-
gem.add_development_dependency '
|
31
|
-
gem.add_development_dependency 'simplecov'
|
33
|
+
gem.add_development_dependency 'addressable'
|
32
34
|
gem.add_development_dependency 'aruba', '~> 0.12'
|
33
35
|
gem.add_development_dependency 'ci_reporter_rspec', '~> 1.0'
|
34
|
-
gem.add_development_dependency '
|
36
|
+
gem.add_development_dependency 'cucumber-api'
|
35
37
|
gem.add_development_dependency 'io-grab', '~> 0.0'
|
36
38
|
gem.add_development_dependency 'json_spec'
|
37
|
-
gem.add_development_dependency 'cucumber-api'
|
38
|
-
gem.add_development_dependency 'addressable'
|
39
39
|
gem.add_development_dependency 'pry-byebug'
|
40
|
+
gem.add_development_dependency 'rake', '~> 12.3.3'
|
41
|
+
gem.add_development_dependency 'rspec', '~> 3.0'
|
42
|
+
gem.add_development_dependency 'simplecov', '~> 0.17', '< 0.18'
|
40
43
|
end
|
data/docker-compose.yml
CHANGED
@@ -6,7 +6,7 @@ services:
|
|
6
6
|
conjur:
|
7
7
|
image: cyberark/conjur
|
8
8
|
command: server -a cucumber
|
9
|
-
depends_on:
|
9
|
+
depends_on:
|
10
10
|
- pg
|
11
11
|
environment:
|
12
12
|
- CONJUR_DATA_KEY
|
@@ -25,6 +25,7 @@ services:
|
|
25
25
|
- CONJUR_ACCOUNT=cucumber
|
26
26
|
- CONJUR_AUTHN_LOGIN=admin
|
27
27
|
- CONJUR_AUTHN_API_KEY
|
28
|
+
- RUBY_VERSION=${RUBY_VERSION}
|
28
29
|
volumes:
|
29
30
|
- .:/src
|
30
31
|
|
data/features/support/env.rb
CHANGED
@@ -6,7 +6,9 @@ require 'aruba/cucumber'
|
|
6
6
|
require 'json_spec/cucumber'
|
7
7
|
require 'simplecov'
|
8
8
|
|
9
|
-
SimpleCov.start
|
9
|
+
SimpleCov.start do
|
10
|
+
command_name "#{ENV['RUBY_VERSION']}"
|
11
|
+
end
|
10
12
|
|
11
13
|
ENV['CONJUR_APPLIANCE_URL'] ||= 'http://localhost/api/v6'
|
12
14
|
ENV['CONJUR_ACCOUNT'] ||= 'cucumber'
|
data/jenkins.sh
CHANGED
data/lib/conjur/command/hosts.rb
CHANGED
@@ -36,7 +36,7 @@ class Conjur::Command::Hosts < Conjur::Command
|
|
36
36
|
host_resourceid = full_resource_id("host:#{host}")
|
37
37
|
|
38
38
|
unless api.resource(host_resourceid).exists?
|
39
|
-
exit_now! "
|
39
|
+
exit_now! "Host '#{host}' not found"
|
40
40
|
end
|
41
41
|
|
42
42
|
# Prepend 'host/' if it wasn't passed in
|