conjur-cli 4.30.1 → 5.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a8cb228dcf6c2031327b97d92324a9d86b64e7d8
-  data.tar.gz: 353e68de0812fbceaac4a596e14a58419f5eb659
+  metadata.gz: 33a3e3fad78dc2dd87aa3fa6a243f0b14803c5e5
+  data.tar.gz: d6df01dfa23da5c6c70a404c18cf2649ee7714b6
 SHA512:
-  metadata.gz: d75a604f908796462f98d9d4fbf97868edf8fa27c6e7cf3dabb4eb612d687da4dab816b5c061471ce04abaf27d5c9218742a05ef8a2fba226a5e3d7cf55f5d86
-  data.tar.gz: 8ba49589b24287583113556ff76de86a7be8c3a72551a2a1fa32af6af5e472996cd4f9ec7c6625c459392f7ac2e3987039c7b3c2aef507556678219ffc9e251e
+  metadata.gz: f461169a657242cf740174c974fb86c2bfdf1b956eb7e81ef0697056426efaa3280b8e33bbcf2e285200b43c0231923bf582f14fbd8fac57a756ce8ace392dcd
+  data.tar.gz: ba975bee2a0cb9ad5131ebbdc0e53850e194e196daaa45b7cd84d0270f8aa53af13742e87efe17d9beff4d65c725ceabce6d9781d2e83c6dd1c70fa1d3e368d1

data/.dockerignore

@@ -1,8 +1,8 @@
+.git
+tmp
 *.deb
 coverage
 */reports
-.git
 vendor
 .idea
 pkg
-Gemfile.lock

data/.gitignore

@@ -1,3 +1,6 @@
+Dockerfile.*
+.DS_Store
+*.swp
 *.deb
 .gems
 .rbenv*
@@ -34,4 +37,3 @@ update_ci.sh
 .ruby-version
 .ruby-gemset
 vendor/bundle
-Dockerfile.*

data/APPLIANCE_VERSION

@@ -0,0 +1 @@
+5.0

data/CHANGELOG.md

@@ -1,4 +1,16 @@
-# 4.31.1
+# 5.1.0
+
+* CLI plugin config is now stored in `~/.conjur-plugins.yml`.
+
+# 5.0.0
+
+* **Breaking change** Ruby Policy DSL is now deprecated in favor of 
+[new YML policy markup](https://developer.conjur.net/reference/policy-markup.html).
+The existing `policy` subcommand has been moved to the `rubydsl` subcommand. 
+The new `policy` command operates on YML policies.
+* Created a new non-Omnibus Debian packaging of the Ruby gems.
+
+# 4.30.1
 
 * Fix the `conjur-api` gem dependency version
 

data/Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:2.1.5
+FROM ruby:2.2.4
 
 RUN mkdir /src
 WORKDIR /src

data/Gemfile

@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-#ruby=ruby-2.1.5
+#ruby=ruby-2.2.4
 #ruby-gemset=conjur-cli
 
 # Specify your gem's dependencies in conjur.gemspec
@@ -13,5 +13,5 @@ group :test, :development do
   gem 'pry'
   gem 'pry-doc'
   gem 'ruby-prof'
-  gem 'conjur-debify', '>= 0.7.0'
+  gem 'conjur-debify', '~> 1.0'
 end

data/PUBLISH.md

@@ -1,6 +1,9 @@
 # Publishing the CLI
 
-We distribute the Conjur CLI as a package for Ubuntu, Centos, OSX and also as a rubygem.
+We distribute the Conjur CLI as an Omnibus package for Ubuntu, Centos, OSX and also as a rubygem.
+
+Experimentally, the CLI is also avaliable as a non-Omnibus deb package called 'rubygems-conjur-cli'
+which depends on ruby2.0.
 
 Steps to publish a new version of the CLI:
 
@@ -17,6 +20,21 @@ Steps to publish a new version of the CLI:
 11. Update the links on the [CLI page](https://github.com/conjurinc/developer-www/blob/master/app/views/pages/cli/index.html.haml) for the devsite.
 12. Promote the devsite to production [in Jenkins](https://jenkins.conjur.net/job/developer-www/) [2](#ref2).
 
+Publishing the experimental deb:
+
+1. `./build-deb.sh`
+2. `summon -f ci/secrets/publish.yml ./publish.sh <component> <distribution>`
+
+Installing from experimental deb:
+
+```sh-session
+# apt-get install -y wget apt-transport-https
+# echo 'deb https://conjurinc.artifactoryonline.com/conjurinc/debian-public v4 master' >> /etc/apt/sources.list
+# wget -qO - https://conjurinc.artifactoryonline.com/conjurinc/api/gpg/key/public | apt-key add -
+# apt-get update
+# apt-get install conjur-cli
+```
+
 ---
 
 <a id="ref1">1</a>:

data/Rakefile

@@ -1,21 +1,27 @@
 #!/usr/bin/env rake
 require "bundler/gem_tasks"
-require 'ci/reporter/rake/rspec'
-require 'ci/reporter/rake/cucumber'
-require 'cucumber'
-require 'cucumber/rake/task'
-require 'rspec/core/rake_task'
 
-RSpec::Core::RakeTask.new :spec
-Cucumber::Rake::Task.new :features
+begin
+  require 'ci/reporter/rake/rspec'
+  require 'ci/reporter/rake/cucumber'
+  require 'cucumber'
+  require 'cucumber/rake/task'
+  require 'rspec/core/rake_task'
 
-task :jenkins => ['ci:setup:rspec', :spec] do
-  File.write('build_number', ENV['BUILD_NUMBER']) if ENV['BUILD_NUMBER']
-  require 'fileutils'
-  FileUtils.rm_rf 'features/reports'
-  Cucumber::Rake::Task.new do |t|
-    t.cucumber_opts = "--tags ~@real-api --format pretty --format junit --out features/reports"
-  end.runner.run
-end
+  RSpec::Core::RakeTask.new :spec
+  Cucumber::Rake::Task.new :features
+
+  task :jenkins => ['ci:setup:rspec', :spec] do
+    File.write('build_number', ENV['BUILD_NUMBER']) if ENV['BUILD_NUMBER']
+    require 'fileutils'
+    FileUtils.rm_rf 'features/reports'
+    Cucumber::Rake::Task.new do |t|
+      t.cucumber_opts = "--tags ~@real-api --format pretty --format junit --out features/reports"
+    end.runner.run
+  end
 
-task default: [:spec, :features]
+  task default: [:spec, :features]
+rescue LoadError
+  $stderr.puts $!
+  $stderr.puts "This error will be ignored"
+end

data/build-deb.sh

@@ -3,17 +3,14 @@
 export DEBUG=true 
 export GLI_DEBUG=true 
 
-# Make sure Gemfile.lock exists
-gem install -N bundler
-bundle
-
 debify clean
 
-debify package \
-	--dockerfile ci/Dockerfile.fpm \
-	cli \
-	-- \
-	--depends ruby2.0
+docker build -t conjur-cli-fpm -f Dockerfile.fpm .
+docker build -t conjur-cli-validate-packaging -f Dockerfile.validate-packaging .
+
+mkdir -p tmp/deb
 
-debify test -t 4.6-stable cli ci/test.sh
+docker run -v $PWD/tmp/deb:/share --rm conjur-cli-fpm
 
+# Test that the install succeeds
+docker run --rm -v $PWD/tmp/deb:/share conjur-cli-validate-packaging

data/ci/install.sh

@@ -0,0 +1,11 @@
+#!/bin/bash -e
+
+set -o pipefail
+
+cd /share && dpkg-scanpackages . /dev/null | gzip -c9 > Packages.gz
+
+echo deb file:///share / >> /etc/apt/sources.list
+
+apt-get update && apt-get install -y --force-yes rubygem-conjur-cli
+
+conjur help

data/ci/package.sh

@@ -0,0 +1,17 @@
+#!/bin/bash -ex
+
+mkdir -p /tmp/gems
+mkdir -p /tmp/src
+
+rm -f /share/*
+
+rake build
+
+gem install --no-ri --no-rdoc --install-dir /tmp/gems pkg/*.gem
+
+ITERATION=$(date +%s)
+
+find /tmp/gems/cache -name '*.gem' | xargs -rn1 \
+fpm --prefix $(gem environment gemdir) --iteration $ITERATION -s gem -t deb
+
+cp -a *.deb /share

data/ci/publish.sh

@@ -0,0 +1,35 @@
+#!/bin/bash -e
+
+distribution=$1
+component=$2
+
+if [ "$distribution" == "" ]; then
+  echo Distribution is required
+  exit 1
+fi
+if [ "$component" == "" ]; then
+  echo Component is required
+  exit 1
+fi
+
+if [ "$ART_USERNAME" == "" -o "$ART_PASSWORD" == "" ]; then
+  echo Usage: summon -f ci/secrets/publish.yml ./publish.sh
+  exit 1
+fi
+
+docker build -t conjur-cli-publish -f Dockerfile.publish .
+
+for package in *.deb; do
+  echo Publishing "$package"
+  docker run \
+    --rm \
+    -v $PWD/tmp/deb:/src \
+    conjur-cli-publish \
+    upload \
+    --url https://conjurinc.artifactoryonline.com/conjurinc \
+    --user $ART_USERNAME \
+    --password $ART_PASSWORD \
+    --deb "$distribution"/"$component"/amd64 \
+    $package \
+    debian-public
+done

data/ci/secrets/publish.yml

@@ -0,0 +1,2 @@
+ART_USERNAME: !var artifactory/users/jenkins/username
+ART_PASSWORD: !var artifactory/users/jenkins/password

data/conjur.gemspec

@@ -15,7 +15,6 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version       = Conjur::VERSION
 
-
   gem.add_dependency 'activesupport', '~> 4.2'
   gem.add_dependency 'conjur-api', '~> 4.21'
   gem.add_dependency 'gli', '>=2.8.0'

data/jenkins.sh

@@ -1,7 +1,7 @@
 #!/bin/bash -ex
 
 # Constants
-RUBY_VERSION_DEFAULT="2.1.5"
+RUBY_VERSION_DEFAULT="2.2.4"
 
 # Arguments
 RUBY_VERSION=${1-${RUBY_VERSION_DEFAULT}}

data/lib/conjur/cli.rb

@@ -110,6 +110,7 @@ module Conjur
 
     init!
 
+    program_desc 'Command-line toolkit for managing roles, resources and privileges'
     version Conjur::VERSION
 
     pre do |global,command,options,args|
@@ -134,7 +135,7 @@ module Conjur
         exit_now!("Role '#{as_role}' does not exist, or you don't have permission to use it") unless role.exists?
         options[:ownerid] = role.roleid
       end
-      
+
       true
     end
 
@@ -143,11 +144,11 @@ module Conjur
       code.call
       @current_command = nil
     end
-    
+
     on_error do |exception|
       require 'rest-client'
       require 'patches/conjur/error'
-        
+
       run_default_handler = true
       if @current_command != nil && !command_version_compatible?(@current_command)
         $stderr.puts "error: this command is not supported by the current Conjur server version"

data/lib/conjur/command/plugin.rb

@@ -23,6 +23,7 @@ require 'rubygems'
 require 'rubygems/commands/install_command'
 require 'rubygems/commands/uninstall_command'
 require 'yaml'
+require 'fileutils'
 
 require 'conjur/command'
 
@@ -121,18 +122,17 @@ end
 
 def modify_plugin_list(op, plugin_name)
   config_exists = false
-  Conjur::Config.default_config_files.each do |f|
-    if File.file?(f)
-      config_exists = true
-      config = YAML.load(IO.read(f)).stringify_keys rescue {}
+  Conjur::Config.plugin_config_files.each do |f|
+    if !File.file?(f)
+      FileUtils.touch(f)
+    end
 
-      config['plugins'] ||= []
-      config['plugins'] += [plugin_name] if op == 'add'
-      config['plugins'] -= [plugin_name] if op == 'remove'
-      config['plugins'].uniq!
+    config = YAML.load(IO.read(f)).stringify_keys rescue {}
+    config['plugins'] ||= []
+    config['plugins'] += [plugin_name] if op == 'add'
+    config['plugins'] -= [plugin_name] if op == 'remove'
+    config['plugins'].uniq!
 
-      File.write(f, YAML.dump(config))
-    end
+    File.write(f, YAML.dump(config))
   end
-  exit_now! 'No Conjur config file found, run "conjur init"' unless config_exists
 end

data/lib/conjur/command/{policy.rb → rubydsl.rb}

@@ -20,12 +20,13 @@
 #
 require 'conjur/command/dsl_command'
 
-class Conjur::Command::Policy < Conjur::DSLCommand
-  desc "Manage policies"
-  command :policy do |policy|
-    policy.desc "Load a policy from Conjur DSL"
-    policy.long_desc <<-DESC
-Loads a Conjur policy from DSL, applying particular conventions to the role and resource
+class Conjur::Command::RubyDSL < Conjur::DSLCommand
+  desc "Manage Ruby DSL policies (deprecated)"
+  long_desc 'DEPRECATED. Declarative YML policy supercedes Ruby policy DSL.'
+  command :rubydsl do |rubydsl|
+    rubydsl.desc "Load a policy from Conjur DSL"
+    rubydsl.long_desc <<-DESC
+Loads a Conjur policy from Ruby DSL, applying particular conventions to the role and resource
 ids.
 
 The first path element of each id is the collection. Policies can be separated into collections
@@ -40,8 +41,8 @@ annotations on the policy. The policy role becomes the owner of the owned policy
 --as-group and --as-role options can be used to set the owner of the policy role. The default
 owner of the policy role is the logged-in user (you), as always.
     DESC
-    policy.arg_name "FILE"
-    policy.command :load do |c|
+    rubydsl.arg_name "FILE"
+    rubydsl.command :load do |c|
       acting_as_option(c)
       collection_option(c)
       context_option(c)
@@ -61,9 +62,9 @@ owner of the policy role is the logged-in user (you), as always.
       end
     end
 
-    policy.desc 'Decommision a policy'
-    policy.arg_name 'POLICY'
-    policy.command :retire do |c|
+    rubydsl.desc 'Decommision a policy'
+    rubydsl.arg_name 'POLICY'
+    rubydsl.command :retire do |c|
       retire_options c
 
       c.action do |global_options, options, args |
@@ -71,22 +72,22 @@ owner of the policy role is the logged-in user (you), as always.
 
         # policy isn't a rolsource (yet), but we can pretend
         Policy = Struct.new(:role, :resource)
-        policy = Policy.new(api.role(id), api.resource(id))
+        rubydsl = Policy.new(api.role(id), api.resource(id))
+
+        validate_retire_privileges(rubydsl, options)
+
+        retire_resource(rubydsl)
 
-        validate_retire_privileges(policy, options)
-        
-        retire_resource(policy)
-        
         # The policy resource is owned by the policy role. Having the
         # policy role is what allows us to administer it. So, we have
         # to give the resource away before we can revoke the role.
-        give_away_resource(policy, options)
-        
-        retire_role(policy)
+        give_away_resource(rubydsl, options)
+
+        retire_role(rubydsl)
 
         puts 'Policy retired'
       end
     end
-    
+
   end
 end

data/lib/conjur/command/script.rb

@@ -21,7 +21,7 @@
 require 'conjur/command/dsl_command'
 
 class Conjur::Command::Script < Conjur::DSLCommand
-  desc "Execute Conjur DSL scripts"
+  desc "Execute Ruby DSL scripts"
   command :script do |script|
     script.desc "Run a Conjur DSL script"
     script.arg_name "script"

data/lib/conjur/config.rb

@@ -30,6 +30,10 @@ module Conjur
         @@attributes = {}
       end
 
+      def plugin_config_files
+        [ File.expand_path("~/.conjur-plugins.yml") ]
+      end
+
       def user_config_files
         if ENV['CONJURRC']
           return ENV['CONJURRC']
@@ -46,7 +50,7 @@ module Conjur
       end
 
       def default_config_files
-        ['/etc/conjur.conf', user_config_files].flatten.uniq
+        ['/etc/conjur.conf', user_config_files, plugin_config_files].flatten.uniq
       end
 
       def load(config_files = default_config_files)

data/lib/conjur/version.rb

@@ -19,6 +19,6 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
 module Conjur
-  VERSION = "4.30.1"
+  VERSION = '5.1.0'
   ::Version=VERSION
 end

data/publish.sh

@@ -1,9 +1,6 @@
-#!/bin/bash -exu
+#!/bin/bash -e
 
-export DEBUG=true 
-export GLI_DEBUG=true 
+distribution=$1
+component=${2:-`echo $GIT_BRANCH | sed 's/^origin\///' | tr '/' '.'`}
 
-DISTRIBUTION=$1
-COMPONENT=${2:-`echo $GIT_BRANCH | sed 's/^origin\///' | tr '/' '.'`}
-
-debify publish --component $COMPONENT $DISTRIBUTION cli
+exec summon -f ci/secrets/publish.yml ./ci/publish.sh $distribution $component

data/spec/command/init_spec.rb

@@ -1,41 +1,35 @@
 require 'spec_helper'
 require 'highline'
 
-GITHUB_FP = "SHA1 Fingerprint=A0:C4:A7:46:00:ED:A7:2D:C0:BE:CB:9A:8C:B6:07:CA:58:EE:74:5E"
+GITHUB_FP = "SHA1 Fingerprint=D7:9F:07:61:10:B3:92:93:E3:49:AC:89:84:5B:03:80:C1:9E:2F:8B"
 GITHUB_CERT = <<EOF
 -----BEGIN CERTIFICATE-----
-MIIF4DCCBMigAwIBAgIQDACTENIG2+M3VTWAEY3chzANBgkqhkiG9w0BAQsFADB1
+MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
-IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE0MDQwODAwMDAwMFoXDTE2MDQxMjEy
-MDAwMFowgfAxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
-BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF
-Ewc1MTU3NTUwMRcwFQYDVQQJEw41NDggNHRoIFN0cmVldDEOMAwGA1UEERMFOTQx
-MDcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
-YW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIEluYy4xEzARBgNVBAMTCmdp
-dGh1Yi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx1Nw8r/3z
-Tu3BZ63myyLot+KrKPL33GJwCNEMr9YWaiGwNksXDTZjBK6/6iBRlWVm8r+5TaQM
-Kev1FbHoNbNwEJTVG1m0Jg/Wg1dZneF8Cd3gE8pNb0Obzc+HOhWnhd1mg+2TDP4r
-bTgceYiQz61YGC1R0cKj8keMbzgJubjvTJMLy4OUh+rgo7XZe5trD0P5yu6ADSin
-dvEl9ME1PPZ0rd5qM4J73P1LdqfC7vJqv6kkpl/nLnwO28N0c/p+xtjPYOs2ViG2
-wYq4JIJNeCS66R2hiqeHvmYlab++O3JuT+DkhSUIsZGJuNZ0ZXabLE9iH6H6Or6c
-JL+fyrDFwGeNAgMBAAGjggHuMIIB6jAfBgNVHSMEGDAWgBQ901Cl1qCt7vNKYApl
-0yHU+PjWDzAdBgNVHQ4EFgQUakOQfTuYFHJSlTqqKApD+FF+06YwJQYDVR0RBB4w
-HIIKZ2l0aHViLmNvbYIOd3d3LmdpdGh1Yi5jb20wDgYDVR0PAQH/BAQDAgWgMB0G
-A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5o
-dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzEuY3JsMDSg
-MqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzEu
-Y3JsMEIGA1UdIAQ7MDkwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBz
-Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEF
-BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHRw
-Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxp
-ZGF0aW9uU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQAD
-ggEBAG/nbcuC8++QhwnXDxUiLIz+06scipbbXRJd0XjAMbD/RciJ9wiYUhcfTEsg
-ZGpt21DXEL5+q/4vgNipSlhBaYFyGQiDm5IQTmIte0ZwQ26jUxMf4pOmI1v3kj43
-FHU7uUskQS6lPUgND5nqHkKXxv6V2qtHmssrA9YNQMEK93ga2rWDpK21mUkgLviT
-PB5sPdE7IzprOCp+Ynpf3RcFddAkXb6NqJoQRPrStMrv19C1dqUmJRwIQdhkkqev
-ff6IQDlhC8BIMKmCNK33cEYDfDWROtW7JNgBvBTwww8jO1gyug8SbGZ6bZ3k8OV8
-XX4C2NesiZcLYbc2n7B9O+63M2k=
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowdTEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGlnaUNlcnQgU0hBMiBFeHRlbmRlZCBW
+YWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAAh/FnKIaFjI5j2ryxQDji0/XspQUY
+uD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9om9KxjxKws9LniB8f7zh3VFNfgHk/
+LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzikIKHaq7q12TWmFXo/a8aUGxUvBHy
+/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIclho3YIeSwTQyJ3DkmF93215SF2AQh
+cJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6Ku8hI3UarS2bhjWMnHe1c63YlC3k
+8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOCAUkwggFFMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
+Z2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2Vy
+dC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2
+MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
+b20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNKYApl0yHU+PjWDzAfBgNVHSMEGDAW
+gBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAnbbQkIbh
+hgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18CK3mtlC4ohpNiAexKSHc59rGPCHg
+4xFJcKx6HQGkyhE6V6t9VypAdP3THYUYUN9XR3WhfVUgLkc3UHKMf4Ib0mKPLQNa
+2sPIoc4sUqIAY+tzunHISScjl2SFnjgOrWNoPLpSgVh5oywM395t6zHyuqB8bPEs
+1OG9d4Q3A84ytciagRpKkk47RpqF/oOi+Z6Mo8wNXrM9zwR4jxQUezKcxwCmXMS1
+oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn
+8TUoE6smftX3eg==
 -----END CERTIFICATE-----
 EOF
 

data/spec/command/{policy_spec.rb → rubydsl_spec.rb}

@@ -1,7 +1,7 @@
 require 'spec_helper'
 require 'conjur/dsl/runner'
 
-describe Conjur::Command::Policy do
+describe Conjur::Command::RubyDSL do
   context "when logged in", logged_in: true do
     let(:role) do
       double("role", exists?: true, api_key: "the-api-key", roleid: "the-role")
@@ -22,8 +22,8 @@ describe Conjur::Command::Policy do
       allow(api).to receive(:role).with("the-account:policy:#{collection}/the-policy-1.0.0").and_return role
       allow(api).to receive(:resource).with("the-account:policy:#{collection}/the-policy-1.0.0").and_return resource
     }
-    
-    describe_command 'policy:load --collection the-collection http://example.com/policy.rb' do
+
+    describe_command 'rubydsl:load --collection the-collection http://example.com/policy.rb' do
       let(:collection) { "the-collection" }
       before {
         allow(File).to receive(:exists?).with("http://example.com/policy.rb").and_return false
@@ -33,7 +33,7 @@ describe Conjur::Command::Policy do
         expect(invoke).to eq(0)
       end
     end
-    describe_command 'policy:load --collection the-collection policy.rb' do
+    describe_command 'rubydsl:load --collection the-collection policy.rb' do
       let(:collection) { "the-collection" }
       it "creates the policy" do
         expect(invoke).to eq(0)
@@ -44,16 +44,16 @@ describe Conjur::Command::Policy do
       before {
         stub_const("ENV", "USER" => "alice", "HOSTNAME" => "localhost")
       }
-      describe_command 'policy:load --as-group the-group policy.rb' do
+      describe_command 'rubydsl:load --as-group the-group policy.rb' do
         let(:group) { double(:group, exists?: true) }
         it "creates the policy" do
           allow(Conjur::Command.api).to receive(:role).with("the-account:group:the-group").and_return group
           expect_any_instance_of(Conjur::DSL::Runner).to receive(:owner=).with("the-account:group:the-group")
-          
+
           expect(invoke).to eq(0)
         end
       end
-      describe_command 'policy:load policy.rb' do
+      describe_command 'rubydsl:load policy.rb' do
         it "creates the policy with default collection" do
           expect(invoke).to eq(0)
         end

data/spec/complete_spec.rb

@@ -21,9 +21,7 @@ describe Conjur::CLI::Complete do
       end
 
       context 'with "conjur p"' do
-        it { expects_completions_for('p').to include 'plugin',
-                                                     'policy',
-                                                     'pubkeys' }
+        it { expects_completions_for('p').to include 'plugin', 'pubkeys' }
       end
 
       context 'with "conjur host l"' do
@@ -31,8 +29,8 @@ describe Conjur::CLI::Complete do
                                                           'list' }
       end
 
-      context 'with "conjur policy"' do
-        it { expects_completions_for('policy ').to include 'load' }
+      context 'with "conjur rubydsl"' do
+        it { expects_completions_for('rubydsl ').to include 'load' }
       end
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-cli
 version: !ruby/object:Gem::Version
-  version: 4.30.1
+  version: 5.1.0
 platform: ruby
 authors:
 - Rafal Rzepecki
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-03-02 00:00:00.000000000 Z
+date: 2016-03-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -268,8 +268,12 @@ files:
 - .overcommit.yml
 - .project
 - .rubocop.yml
+- APPLIANCE_VERSION
 - CHANGELOG.md
 - Dockerfile
+- Dockerfile.fpm
+- Dockerfile.publish
+- Dockerfile.validate-packaging
 - Gemfile
 - LICENSE
 - PUBLISH.md
@@ -338,14 +342,13 @@ files:
 - bin/conjurize
 - bin/jsonfield
 - build-deb.sh
-- ci/Dockerfile.fpm
+- ci/install.sh
+- ci/package.sh
+- ci/publish.sh
+- ci/secrets/publish.yml
 - ci/test.sh
 - conjur.gemspec
 - debify.sh
-- distrib/bin/_conjur
-- distrib/bin/conjur
-- distrib/bin/conjurize
-- distrib/bin/jsonfield
 - features/conjurize.feature
 - features/dsl_context.feature
 - features/dsl_host_create.feature
@@ -387,7 +390,6 @@ files:
 - lib/conjur/command/init.rb
 - lib/conjur/command/layers.rb
 - lib/conjur/command/plugin.rb
-- lib/conjur/command/policy.rb
 - lib/conjur/command/pubkeys.rb
 - lib/conjur/command/resources.rb
 - lib/conjur/command/roles.rb
@@ -396,6 +398,7 @@ files:
 - lib/conjur/command/rspec/helpers.rb
 - lib/conjur/command/rspec/mock_services.rb
 - lib/conjur/command/rspec/output_matchers.rb
+- lib/conjur/command/rubydsl.rb
 - lib/conjur/command/script.rb
 - lib/conjur/command/secrets.rb
 - lib/conjur/command/server.rb
@@ -424,10 +427,10 @@ files:
 - spec/command/hosts_spec.rb
 - spec/command/init_spec.rb
 - spec/command/layers_spec.rb
-- spec/command/policy_spec.rb
 - spec/command/pubkeys_spec.rb
 - spec/command/resources_spec.rb
 - spec/command/roles_spec.rb
+- spec/command/rubydsl_spec.rb
 - spec/command/users_spec.rb
 - spec/command/variable_expiration_spec.rb
 - spec/command/variables_spec.rb
@@ -494,10 +497,10 @@ test_files:
 - spec/command/hosts_spec.rb
 - spec/command/init_spec.rb
 - spec/command/layers_spec.rb
-- spec/command/policy_spec.rb
 - spec/command/pubkeys_spec.rb
 - spec/command/resources_spec.rb
 - spec/command/roles_spec.rb
+- spec/command/rubydsl_spec.rb
 - spec/command/users_spec.rb
 - spec/command/variable_expiration_spec.rb
 - spec/command/variables_spec.rb

data/distrib/bin/_conjur

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-conjur-plugin-service cli ./bin/_conjur "$@"

data/distrib/bin/conjur

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-conjur-plugin-service cli ./bin/conjur "$@"

data/distrib/bin/conjurize

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-conjur-plugin-service cli ./bin/conjurize "$@"

data/distrib/bin/jsonfield

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-conjur-plugin-service cli ./bin/jsonfield "$@"