conjur-cli 4.7.5 → 4.8.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +5 -4
- data/lib/conjur/command.rb +57 -0
- data/lib/conjur/command/groups.rb +31 -0
- data/lib/conjur/command/hosts.rb +24 -1
- data/lib/conjur/command/resources.rb +3 -36
- data/lib/conjur/command/roles.rb +1 -12
- data/lib/conjur/command/users.rb +18 -0
- data/lib/conjur/command/variables.rb +18 -1
- data/lib/conjur/version.rb +1 -1
- metadata +2 -9
- data/lib/conjur/command/search.rb +0 -34
data/Gemfile
CHANGED
@@ -3,14 +3,15 @@ source 'https://rubygems.org'
|
|
3
3
|
# Specify your gem's dependencies in conjur.gemspec
|
4
4
|
gemspec
|
5
5
|
|
6
|
-
gem 'conjur-api', git: 'https://github.com/
|
6
|
+
gem 'conjur-api', git: 'https://github.com/conjurinc/api-ruby.git', branch: 'master'
|
7
|
+
|
7
8
|
group :test, :development do
|
8
9
|
gem 'pry'
|
9
10
|
end
|
10
11
|
|
11
12
|
group :development do
|
12
|
-
gem 'conjur-asset-environment-api'
|
13
|
-
gem 'conjur-asset-key-pair-api'
|
14
|
-
gem 'conjur-asset-layer-api'
|
13
|
+
gem 'conjur-asset-environment-api', git: 'git@github.com:inscitiv/conjur-asset-environment', branch: 'master'
|
14
|
+
gem 'conjur-asset-key-pair-api', git: 'git@github.com:conjurinc/conjur-asset-key-pair', branch: 'master'
|
15
|
+
gem 'conjur-asset-layer-api', git: 'git@github.com:conjurinc/conjur-asset-layer', branch: 'master'
|
15
16
|
gem 'conjur-asset-ui-api', git: 'git@github.com:conjurinc/conjur-asset-ui', branch: 'master'
|
16
17
|
end
|
data/lib/conjur/command.rb
CHANGED
@@ -50,6 +50,63 @@ module Conjur
|
|
50
50
|
command.arg_name 'Perform all actions as the specified Role'
|
51
51
|
command.flag [:"as-role"]
|
52
52
|
end
|
53
|
+
|
54
|
+
def command_options_for_list(c)
|
55
|
+
c.desc "Role to act as. By default, the current logged-in role is used."
|
56
|
+
c.flag [:role]
|
57
|
+
|
58
|
+
c.desc "Full-text search on resource id and annotation values"
|
59
|
+
c.flag [:s, :search]
|
60
|
+
|
61
|
+
c.desc "Maximum number of records to return"
|
62
|
+
c.flag [:l, :limit]
|
63
|
+
|
64
|
+
c.desc "Offset to start from"
|
65
|
+
c.flag [:o, :offset]
|
66
|
+
|
67
|
+
c.desc "Show only ids"
|
68
|
+
c.switch [:i, :ids]
|
69
|
+
|
70
|
+
c.desc "Show annotations in 'raw' format"
|
71
|
+
c.switch [:r, :"raw-annotations"]
|
72
|
+
end
|
73
|
+
|
74
|
+
def command_impl_for_list(global_options, options, args)
|
75
|
+
opts = options.slice(:search, :limit, :options, :kind)
|
76
|
+
opts[:acting_as] = options[:role] if options[:role]
|
77
|
+
resources = api.resources(opts)
|
78
|
+
if options[:ids]
|
79
|
+
puts resources.map(&:resourceid)
|
80
|
+
else
|
81
|
+
resources = resources.map &:attributes
|
82
|
+
unless options[:'raw-annotations']
|
83
|
+
resources = resources.map do |r|
|
84
|
+
r['annotations'] = (r['annotations'] || []).inject({}) do |hash, annot|
|
85
|
+
hash[annot['name']] = annot['value']
|
86
|
+
hash
|
87
|
+
end
|
88
|
+
r
|
89
|
+
end
|
90
|
+
end
|
91
|
+
puts JSON.pretty_generate resources
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
|
96
|
+
def display_members(members, options)
|
97
|
+
result = if options[:V]
|
98
|
+
members.collect {|member|
|
99
|
+
{
|
100
|
+
member: member.member.roleid,
|
101
|
+
grantor: member.grantor.roleid,
|
102
|
+
admin_option: member.admin_option
|
103
|
+
}
|
104
|
+
}
|
105
|
+
else
|
106
|
+
members.map(&:member).map(&:roleid)
|
107
|
+
end
|
108
|
+
display result
|
109
|
+
end
|
53
110
|
|
54
111
|
def display(obj, options = {})
|
55
112
|
str = if obj.respond_to?(:attributes)
|
@@ -37,6 +37,37 @@ class Conjur::Command::Groups < Conjur::Command
|
|
37
37
|
end
|
38
38
|
end
|
39
39
|
|
40
|
+
desc "List groups"
|
41
|
+
command :list do |c|
|
42
|
+
command_options_for_list c
|
43
|
+
|
44
|
+
c.action do |global_options, options, args|
|
45
|
+
command_impl_for_list global_options, options.merge(kind: "group"), args
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
desc "Show a group"
|
50
|
+
arg_name "id"
|
51
|
+
command :show do |c|
|
52
|
+
c.action do |global_options,options,args|
|
53
|
+
id = require_arg(args, 'id')
|
54
|
+
display(api.group(id), options)
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
desc "Lists all direct members of the group. The membership list is not recursively expanded."
|
59
|
+
arg_name "group"
|
60
|
+
command "members" do |c|
|
61
|
+
c.desc "Verbose output"
|
62
|
+
c.switch [:V,:verbose]
|
63
|
+
|
64
|
+
c.action do |global_options,options,args|
|
65
|
+
group = require_arg(args, 'group')
|
66
|
+
|
67
|
+
display_members api.group(group).role.members, options
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
40
71
|
desc "Add a new group member"
|
41
72
|
arg_name "group member"
|
42
73
|
command :"members:add" do |c|
|
data/lib/conjur/command/hosts.rb
CHANGED
@@ -25,7 +25,7 @@ class Conjur::Command::Hosts < Conjur::Command
|
|
25
25
|
self.prefix = :host
|
26
26
|
|
27
27
|
desc "Create a new host"
|
28
|
-
arg_name "
|
28
|
+
arg_name "id"
|
29
29
|
command :create do |c|
|
30
30
|
c.arg_name "password"
|
31
31
|
c.flag [:p,:password]
|
@@ -35,10 +35,33 @@ class Conjur::Command::Hosts < Conjur::Command
|
|
35
35
|
c.action do |global_options,options,args|
|
36
36
|
id = args.shift
|
37
37
|
options[:id] = id if id
|
38
|
+
|
39
|
+
unless id
|
40
|
+
ActiveSupport::Deprecation.warn "id argument will be required in future releases"
|
41
|
+
end
|
42
|
+
|
38
43
|
display api.create_host(options), options
|
39
44
|
end
|
40
45
|
end
|
41
46
|
|
47
|
+
desc "Show a host"
|
48
|
+
arg_name "id"
|
49
|
+
command :show do |c|
|
50
|
+
c.action do |global_options,options,args|
|
51
|
+
id = require_arg(args, 'id')
|
52
|
+
display(api.host(id), options)
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
desc "List hosts"
|
57
|
+
command :list do |c|
|
58
|
+
command_options_for_list c
|
59
|
+
|
60
|
+
c.action do |global_options, options, args|
|
61
|
+
command_impl_for_list global_options, options.merge(kind: "host"), args
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
42
65
|
desc "Enroll a new host into conjur"
|
43
66
|
arg_name "host"
|
44
67
|
command :enroll do |c|
|
@@ -165,46 +165,13 @@ class Conjur::Command::Resources < Conjur::Command
|
|
165
165
|
|
166
166
|
desc "List all resources"
|
167
167
|
command :list do |c|
|
168
|
-
c.desc "Role to act as. By default, the current logged-in role is used."
|
169
|
-
c.flag [:role]
|
170
|
-
|
171
168
|
c.desc "Filter by kind"
|
172
169
|
c.flag [:k, :kind]
|
173
170
|
|
174
|
-
c
|
175
|
-
|
176
|
-
|
177
|
-
c.desc "Maximum number of records to return"
|
178
|
-
c.flag [:l, :limit]
|
179
|
-
|
180
|
-
c.desc "Offset to start from"
|
181
|
-
c.flag [:o, :offset]
|
182
|
-
|
183
|
-
c.desc "Show only ids"
|
184
|
-
c.switch [:i, :ids]
|
185
|
-
|
186
|
-
c.desc "Show annotations in 'raw' format"
|
187
|
-
c.switch [:r, :"raw-annotations"]
|
188
|
-
|
171
|
+
command_options_for_list c
|
172
|
+
|
189
173
|
c.action do |global_options, options, args|
|
190
|
-
|
191
|
-
opts[:acting_as] = options[:role] if options[:role]
|
192
|
-
resources = api.resources(opts)
|
193
|
-
if options[:ids]
|
194
|
-
puts resources.map(&:resourceid)
|
195
|
-
else
|
196
|
-
resources = resources.map &:attributes
|
197
|
-
unless options[:'raw-annotations']
|
198
|
-
resources = resources.map do |r|
|
199
|
-
r['annotations'] = (r['annotations'] || []).inject({}) do |hash, annot|
|
200
|
-
hash[annot['name']] = annot['value']
|
201
|
-
hash
|
202
|
-
end
|
203
|
-
r
|
204
|
-
end
|
205
|
-
end
|
206
|
-
puts JSON.pretty_generate resources
|
207
|
-
end
|
174
|
+
command_impl_for_list global_options, options, args
|
208
175
|
end
|
209
176
|
end
|
210
177
|
end
|
data/lib/conjur/command/roles.rb
CHANGED
@@ -70,18 +70,7 @@ class Conjur::Command::Roles < Conjur::Command
|
|
70
70
|
|
71
71
|
c.action do |global_options,options,args|
|
72
72
|
role = args.shift || api.user(api.username).roleid
|
73
|
-
|
74
|
-
api.role(role).members.collect {|member|
|
75
|
-
{
|
76
|
-
member: member.member.roleid,
|
77
|
-
grantor: member.grantor.roleid,
|
78
|
-
admin_option: member.admin_option
|
79
|
-
}
|
80
|
-
}
|
81
|
-
else
|
82
|
-
api.role(role).members.map(&:member).map(&:roleid)
|
83
|
-
end
|
84
|
-
display result
|
73
|
+
display_members api.role(role).members, options
|
85
74
|
end
|
86
75
|
end
|
87
76
|
|
data/lib/conjur/command/users.rb
CHANGED
@@ -59,6 +59,24 @@ class Conjur::Command::Users < Conjur::Command
|
|
59
59
|
end
|
60
60
|
end
|
61
61
|
|
62
|
+
desc "Show a user"
|
63
|
+
arg_name "id"
|
64
|
+
command :show do |c|
|
65
|
+
c.action do |global_options,options,args|
|
66
|
+
id = require_arg(args, 'id')
|
67
|
+
display(api.user(id), options)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
desc "List users"
|
72
|
+
command :list do |c|
|
73
|
+
command_options_for_list c
|
74
|
+
|
75
|
+
c.action do |global_options, options, args|
|
76
|
+
command_impl_for_list global_options, options.merge(kind: "user"), args
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
62
80
|
desc "Update the password of the logged-in user"
|
63
81
|
command :update_password do |c|
|
64
82
|
c.desc "Password to use, otherwise you will be prompted"
|
@@ -25,7 +25,7 @@ class Conjur::Command::Variables < Conjur::Command
|
|
25
25
|
self.prefix = :variable
|
26
26
|
|
27
27
|
desc "Create and store a variable"
|
28
|
-
arg_name "id
|
28
|
+
arg_name "id"
|
29
29
|
command :create do |c|
|
30
30
|
c.arg_name "mime_type"
|
31
31
|
c.flag [:m, :"mime-type"], default_value: "text/plain"
|
@@ -33,12 +33,20 @@ class Conjur::Command::Variables < Conjur::Command
|
|
33
33
|
c.arg_name "kind"
|
34
34
|
c.flag [:k, :"kind"], default_value: "secret"
|
35
35
|
|
36
|
+
c.arg_name "value"
|
37
|
+
c.desc "Initial value"
|
38
|
+
c.flag [:v, :"value"]
|
39
|
+
|
36
40
|
acting_as_option(c)
|
37
41
|
|
38
42
|
c.action do |global_options,options,args|
|
39
43
|
id = args.shift
|
40
44
|
options[:id] = id if id
|
41
45
|
|
46
|
+
unless id
|
47
|
+
ActiveSupport::Deprecation.warn "id argument will be required in future releases"
|
48
|
+
end
|
49
|
+
|
42
50
|
mime_type = options.delete(:m)
|
43
51
|
kind = options.delete(:k)
|
44
52
|
|
@@ -59,6 +67,15 @@ class Conjur::Command::Variables < Conjur::Command
|
|
59
67
|
end
|
60
68
|
end
|
61
69
|
|
70
|
+
desc "List variables"
|
71
|
+
command :list do |c|
|
72
|
+
command_options_for_list c
|
73
|
+
|
74
|
+
c.action do |global_options, options, args|
|
75
|
+
command_impl_for_list global_options, options.merge(kind: "variable"), args
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
62
79
|
desc "Add a value"
|
63
80
|
arg_name "variable ( value | STDIN )"
|
64
81
|
command :"values:add" do |c|
|
data/lib/conjur/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-cli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.8.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2014-
|
13
|
+
date: 2014-04-02 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: conjur-api
|
@@ -258,7 +258,6 @@ files:
|
|
258
258
|
- lib/conjur/command/rspec/mock_services.rb
|
259
259
|
- lib/conjur/command/rspec/output_matchers.rb
|
260
260
|
- lib/conjur/command/script.rb
|
261
|
-
- lib/conjur/command/search.rb
|
262
261
|
- lib/conjur/command/secrets.rb
|
263
262
|
- lib/conjur/command/users.rb
|
264
263
|
- lib/conjur/command/variables.rb
|
@@ -297,18 +296,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
297
296
|
- - ! '>='
|
298
297
|
- !ruby/object:Gem::Version
|
299
298
|
version: '0'
|
300
|
-
segments:
|
301
|
-
- 0
|
302
|
-
hash: -1518604036623995460
|
303
299
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
304
300
|
none: false
|
305
301
|
requirements:
|
306
302
|
- - ! '>='
|
307
303
|
- !ruby/object:Gem::Version
|
308
304
|
version: '0'
|
309
|
-
segments:
|
310
|
-
- 0
|
311
|
-
hash: -1518604036623995460
|
312
305
|
requirements: []
|
313
306
|
rubyforge_project:
|
314
307
|
rubygems_version: 1.8.25
|
@@ -1,34 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Copyright (C) 2014 Conjur Inc
|
3
|
-
#
|
4
|
-
# Permission is hereby granted, free of charge, to any person obtaining a copy of
|
5
|
-
# this software and associated documentation files (the "Software"), to deal in
|
6
|
-
# the Software without restriction, including without limitation the rights to
|
7
|
-
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
8
|
-
# the Software, and to permit persons to whom the Software is furnished to do so,
|
9
|
-
# subject to the following conditions:
|
10
|
-
#
|
11
|
-
# The above copyright notice and this permission notice shall be included in all
|
12
|
-
# copies or substantial portions of the Software.
|
13
|
-
#
|
14
|
-
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
15
|
-
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
16
|
-
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
17
|
-
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
18
|
-
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
19
|
-
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
20
|
-
#
|
21
|
-
require 'conjur/api'
|
22
|
-
require 'conjur/command'
|
23
|
-
|
24
|
-
class Conjur::Command::Init < Conjur::Command
|
25
|
-
desc "Search through Conjur assets"
|
26
|
-
|
27
|
-
arg_name "pattern"
|
28
|
-
Conjur::CLI.command :search do |c|
|
29
|
-
c.action do |global_options,options,args|
|
30
|
-
pattern = args.shift
|
31
|
-
puts api.resources(search: pattern).map {|r| r.resource_id }
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|