conjur-cli 4.7.3 → 4.7.4

data/Gemfile

@@ -12,5 +12,5 @@ group :development do
   gem 'conjur-asset-environment-api'
   gem 'conjur-asset-key-pair-api'
   gem 'conjur-asset-layer-api'
-  gem 'conjur-asset-ui-api', git: 'git@github.com:conjurinc/conjur-asset-ui', branch: 'new-audit'
+  gem 'conjur-asset-ui-api', git: 'git@github.com:conjurinc/conjur-asset-ui', branch: 'master'
 end

data/lib/conjur/command/init.rb

@@ -37,13 +37,13 @@ class Conjur::Command::Init < Conjur::Command
   end
 
   Conjur::CLI.command :init do |c|
-    c.desc "Conjur account name (required)"
-    c.flag ["a", "account"]
-    
     c.desc "Hostname of the Conjur endpoint (required for virtual appliance)"
     c.flag ["h", "hostname"]
 
-    c.desc "Conjur SSL certificate (will be obtained from host unless provided in parameter)"
+    c.desc "Conjur account name (will be obtained from the host unless provided by this option)"
+    c.flag ["a", "account"]
+    
+    c.desc "Conjur SSL certificate (will be obtained from host unless provided by this option)"
     c.flag ["c", "certificate"]
 
     c.desc "File to write the configuration to"
@@ -56,9 +56,19 @@ class Conjur::Command::Init < Conjur::Command
     c.action do |global_options,options,args|
       hl = HighLine.new $stdin, $stderr
 
-      # using .to_s to overcome https://github.com/JEG2/highline/issues/69
-      account = options[:account] || hl.ask("Enter your account name: ").to_s
       hostname = options[:hostname] || hl.ask("Enter the hostname (and optional port) of your Conjur endpoint: ").to_s
+      exit_now! "Hostname should not include the protocol" if hostname =~ /^https?\:/
+      if hostname
+        Conjur.configuration.core_url = "https://#{hostname}/api"
+      end
+      
+      account = options[:account]
+      account ||= if hostname
+        account = Conjur::Core::API.info['account'] or raise "Exepcting 'account' in Core info"
+      else
+        # using .to_s to overcome https://github.com/JEG2/highline/issues/69
+        hl.ask("Enter your account name: ").to_s
+      end
       
       if (certificate = options[:certificate]).blank?
         unless hostname.blank?
@@ -80,7 +90,7 @@ class Conjur::Command::Init < Conjur::Command
 
           puts "\nPlease verify this certificate on the appliance using command:
                 openssl x509 -fingerprint -noout -in ~conjur/etc/ssl/conjur.pem\n\n"
-          exit_now! unless hl.ask("Trust this certificate (yes/no): ").strip == "yes"
+          exit_now! "You decided not to trust the certificate" unless hl.ask("Trust this certificate (yes/no): ").strip == "yes"
         end
       end
       

data/lib/conjur/command/roles.rb

@@ -52,7 +52,7 @@ class Conjur::Command::Roles < Conjur::Command
     end
   end
 
-  desc "Lists role memberships"
+  desc "Lists role memberships. The role membership list is recursively expanded."
   arg_name "role"
   command :memberships do |c|
     c.action do |global_options,options,args|
@@ -62,7 +62,7 @@ class Conjur::Command::Roles < Conjur::Command
     end
   end
 
-  desc "Lists all members of the role"
+  desc "Lists all direct members of the role. The membership list is not recursively expanded."
   arg_name "role"
   command :members do |c|
     c.desc "Verbose output"
@@ -102,7 +102,7 @@ class Conjur::Command::Roles < Conjur::Command
     end
   end
 
-  desc "Revoke a role from another role."
+  desc "Revoke a role from another role. You must have admin permission on the revoking role."
   arg_name "role member"
   command :revoke_from do |c|
     c.action do |global_options,options,args|

data/lib/conjur/command/search.rb

@@ -0,0 +1,34 @@
+#
+# Copyright (C) 2014 Conjur Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+require 'conjur/api'
+require 'conjur/command'
+
+class Conjur::Command::Init < Conjur::Command
+  desc "Search through Conjur assets"
+
+  arg_name "pattern"
+  Conjur::CLI.command :search do |c|
+    c.action do |global_options,options,args|
+      pattern = args.shift
+      puts api.resources(search: pattern).map {|r| r.resource_id }
+    end
+  end
+end

data/lib/conjur/command/variables.rb

@@ -82,4 +82,19 @@ class Conjur::Command::Variables < Conjur::Command
       $stdout.write api.variable(id).value(options[:version])
     end
   end
+
+  desc "Store value into temporary file and print out it's name" 
+  arg_name "variable"
+  command :"to_file" do |c|
+    c.desc "Version number"
+    c.flag [:v, :version]
+    c.action do |global_options,options,args|
+      id = require_arg(args, 'variable')
+      value = api.variable(id).value(options[:version])
+      tempfile = `mktemp /dev/shm/conjur.XXXXXX`.strip
+      File.open(tempfile,'w') { |f| f.write(value) }
+      puts tempfile
+    end
+    
+  end
 end

data/lib/conjur/version.rb

@@ -19,6 +19,6 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
 module Conjur
-  VERSION = "4.7.3"
+  VERSION = "4.7.4"
   ::Version=VERSION
 end

data/spec/command/init_spec.rb

@@ -7,12 +7,25 @@ describe Conjur::Command::Init do
     before {
       File.stub(:exists?).and_return false
     }
-    describe_command 'init -a the-account' do
-      it "writes config file" do
-        # Stub hostname
-        HighLine.any_instance.stub(:ask).and_return ""
-        File.should_receive(:open)
-        invoke
+    context "auto-fetching fingerprint" do
+      before {
+        HighLine.any_instance.stub(:ask).with("Enter the hostname (and optional port) of your Conjur endpoint: ").and_return "the-host"
+        Object.any_instance.should_receive(:`).with("echo | openssl s_client -connect the-host:443  2>/dev/null | openssl x509 -fingerprint").and_return "the-fingerprint"
+        HighLine.any_instance.stub(:ask).with(/^Trust this certificate/).and_return "yes"
+      }
+      describe_command 'init' do
+        it "fetches account and writes config file" do
+          # Stub hostname
+          Conjur::Core::API.should_receive(:info).and_return "account" => "the-account"
+          File.should_receive(:open)
+          invoke
+        end
+      end
+      describe_command 'init -a the-account' do
+        it "writes config file" do
+          File.should_receive(:open)
+          invoke
+        end
       end
     end
     describe_command 'init -a the-account -h foobar' do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-cli
 version: !ruby/object:Gem::Version
-  version: 4.7.3
+  version: 4.7.4
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-03-19 00:00:00.000000000 Z
+date: 2014-03-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: conjur-api
@@ -258,6 +258,7 @@ files:
 - lib/conjur/command/rspec/mock_services.rb
 - lib/conjur/command/rspec/output_matchers.rb
 - lib/conjur/command/script.rb
+- lib/conjur/command/search.rb
 - lib/conjur/command/secrets.rb
 - lib/conjur/command/users.rb
 - lib/conjur/command/variables.rb
@@ -283,8 +284,6 @@ files:
 - spec/conjurrc
 - spec/dsl/runner_spec.rb
 - spec/spec_helper.rb
-- tamr.rb
-- update_ci.sh
 homepage: https://github.com/conjurinc/cli-ruby
 licenses:
 - MIT
@@ -300,7 +299,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -1132226365283430876
+      hash: -2016326109517341057
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -309,7 +308,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -1132226365283430876
+      hash: -2016326109517341057
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.25

data/tamr.rb

@@ -1,15 +0,0 @@
-policy "tamr-1.0.0" do
-  group "admin" do
-    owns do
-      ops, developers, build = [
-        group("ops"),
-        group("developers"),
-        group("build")
-      ]
-
-      layer "sandbox" do
-        add_member "admin_host", developers
-      end
-    end
-  end
-end