conjur-cli 5.6.6 → 6.0.0.rc1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (203) hide show
  1. checksums.yaml +5 -5
  2. data/.dockerignore +1 -1
  3. data/.gitignore +2 -0
  4. data/.rubocop.yml +1 -1
  5. data/APPLIANCE_VERSION +1 -1
  6. data/CHANGELOG.md +3 -42
  7. data/Gemfile +4 -7
  8. data/Humanfile.md +31 -0
  9. data/Jenkinsfile +34 -63
  10. data/README.md +41 -55
  11. data/Rakefile +5 -1
  12. data/bin/conjur +0 -2
  13. data/build-deb.sh +1 -3
  14. data/ci/cli-test.sh +6 -0
  15. data/ci/package.sh +3 -1
  16. data/ci/publish.sh +2 -2
  17. data/ci/secrets/publish.yml +2 -2
  18. data/ci/wait_for_server.sh +10 -0
  19. data/conjur-cli.gemspec +7 -7
  20. data/dev/docker-compose.yml +24 -0
  21. data/dev/start.sh +15 -0
  22. data/dev/stop.sh +5 -0
  23. data/docker-compose.yml +30 -0
  24. data/features/authentication/authenticate.feature +34 -0
  25. data/features/authentication/login.feature +13 -0
  26. data/features/authentication/logout.feature +15 -0
  27. data/{acceptance-features → features}/authentication/whoami.feature +0 -0
  28. data/features/authorization/resource/annotate.feature +22 -0
  29. data/features/authorization/resource/check.feature +47 -0
  30. data/{acceptance-features → features}/authorization/resource/exists.feature +18 -6
  31. data/features/authorization/resource/permitted_roles.feature +35 -0
  32. data/features/authorization/resource/show.feature +34 -0
  33. data/features/authorization/role/exists.feature +28 -0
  34. data/features/authorization/role/members.feature +45 -0
  35. data/features/authorization/role/memberships.feature +43 -0
  36. data/features/conjurenv/check.feature +34 -0
  37. data/features/conjurenv/run.feature +15 -0
  38. data/{acceptance-features → features}/conjurenv/template.feature +8 -3
  39. data/{acceptance-features → features}/directory/user/update_password.feature +8 -2
  40. data/{acceptance-features → features}/directory/variable/value.feature +9 -5
  41. data/{acceptance-features → features}/directory/variable/values-add.feature +8 -3
  42. data/features/hostfactory/tokens.feature +22 -0
  43. data/features/pubkeys/show.feature +18 -0
  44. data/features/step_definitions/authn_steps.rb +22 -0
  45. data/features/step_definitions/cli_steps.rb +28 -0
  46. data/features/step_definitions/file_steps.rb +12 -0
  47. data/features/step_definitions/flow_control_steps.rb +7 -0
  48. data/features/step_definitions/graph_steps.rb +4 -3
  49. data/{acceptance-features → features}/step_definitions/http_steps.rb +0 -0
  50. data/features/step_definitions/overrides.rb +9 -0
  51. data/features/step_definitions/policy_steps.rb +11 -0
  52. data/{acceptance-features → features}/step_definitions/trusted_proxy_steps.rb +0 -0
  53. data/features/support/blank.yml +1 -0
  54. data/features/support/env.rb +21 -7
  55. data/features/support/hooks.rb +31 -116
  56. data/features/support/world.rb +16 -76
  57. data/jenkins.sh +33 -0
  58. data/lib/conjur/authenticator.rb +83 -0
  59. data/lib/conjur/authn.rb +5 -20
  60. data/lib/conjur/cli.rb +13 -6
  61. data/lib/conjur/command.rb +30 -350
  62. data/lib/conjur/command/authn.rb +23 -15
  63. data/lib/conjur/command/host_factories.rb +2 -74
  64. data/lib/conjur/command/hosts.rb +6 -113
  65. data/lib/conjur/command/init.rb +20 -35
  66. data/lib/conjur/command/{secrets.rb → policies.rb} +33 -22
  67. data/lib/conjur/command/pubkeys.rb +3 -63
  68. data/lib/conjur/command/resources.rb +45 -162
  69. data/lib/conjur/command/roles.rb +11 -181
  70. data/lib/conjur/command/rspec/helpers.rb +0 -1
  71. data/lib/conjur/command/rspec/mock_services.rb +4 -4
  72. data/lib/conjur/command/users.rb +2 -159
  73. data/lib/conjur/command/variables.rb +5 -218
  74. data/lib/conjur/complete.rb +2 -2
  75. data/lib/conjur/config.rb +1 -11
  76. data/lib/conjur/conjurenv.rb +12 -9
  77. data/lib/conjur/identifier_manipulation.rb +3 -5
  78. data/lib/conjur/version.rb +2 -2
  79. data/{publish-rubygem.sh → publish.sh} +0 -4
  80. data/spec/authn_spec.rb +4 -0
  81. data/spec/command/hosts_spec.rb +2 -69
  82. data/spec/command/init_spec.rb +16 -11
  83. data/spec/command/pubkeys_spec.rb +1 -46
  84. data/spec/command/resources_spec.rb +21 -170
  85. data/spec/command/roles_spec.rb +5 -181
  86. data/spec/command/users_spec.rb +3 -79
  87. data/spec/command_spec.rb +1 -20
  88. data/spec/complete_spec.rb +1 -23
  89. data/spec/config_spec.rb +1 -1
  90. data/spec/spec_helper.rb +4 -5
  91. data/test.sh +29 -25
  92. metadata +92 -212
  93. data/.githooks/pre_commit/run_specs.rb +0 -23
  94. data/Dockerfile +0 -15
  95. data/Dockerfile.fpm +0 -18
  96. data/Dockerfile.publish +0 -12
  97. data/Dockerfile.standalone +0 -33
  98. data/Dockerfile.validate-packaging +0 -9
  99. data/VERSION +0 -1
  100. data/acceptance-features/audit/audit_event_send.feature +0 -107
  101. data/acceptance-features/audit/fetch.feature +0 -16
  102. data/acceptance-features/audit/send.feature +0 -51
  103. data/acceptance-features/authentication/authenticate.feature +0 -10
  104. data/acceptance-features/authentication/login.feature +0 -12
  105. data/acceptance-features/authentication/logout.feature +0 -13
  106. data/acceptance-features/authorization/resource/annotate.feature +0 -35
  107. data/acceptance-features/authorization/resource/check.feature +0 -24
  108. data/acceptance-features/authorization/resource/create.feature +0 -21
  109. data/acceptance-features/authorization/resource/deny.feature +0 -12
  110. data/acceptance-features/authorization/resource/give.feature +0 -24
  111. data/acceptance-features/authorization/resource/permit.feature +0 -20
  112. data/acceptance-features/authorization/resource/permitted_roles.feature +0 -16
  113. data/acceptance-features/authorization/resource/show.feature +0 -28
  114. data/acceptance-features/authorization/role/create.feature +0 -13
  115. data/acceptance-features/authorization/role/exists.feature +0 -19
  116. data/acceptance-features/authorization/role/grant_to.feature +0 -21
  117. data/acceptance-features/authorization/role/graph.feature +0 -57
  118. data/acceptance-features/authorization/role/members.feature +0 -23
  119. data/acceptance-features/authorization/role/memberships.feature +0 -27
  120. data/acceptance-features/bootstrap.feature +0 -13
  121. data/acceptance-features/conjurenv/check.feature +0 -21
  122. data/acceptance-features/conjurenv/run.feature +0 -10
  123. data/acceptance-features/directory/group/create.feature +0 -20
  124. data/acceptance-features/directory/group/retire.feature +0 -54
  125. data/acceptance-features/directory/host/create.feature +0 -23
  126. data/acceptance-features/directory/host/retire.feature +0 -6
  127. data/acceptance-features/directory/hostfactory/create.feature +0 -28
  128. data/acceptance-features/directory/hostfactory/tokens.feature +0 -16
  129. data/acceptance-features/directory/layer/create.feature +0 -10
  130. data/acceptance-features/directory/layer/hosts-add.feature +0 -9
  131. data/acceptance-features/directory/layer/hosts-remove.feature +0 -10
  132. data/acceptance-features/directory/layer/retire.feature +0 -43
  133. data/acceptance-features/directory/user/create.feature +0 -23
  134. data/acceptance-features/directory/user/retire.feature +0 -6
  135. data/acceptance-features/directory/variable/create.feature +0 -14
  136. data/acceptance-features/directory/variable/retire.feature +0 -17
  137. data/acceptance-features/dsl/policy_owner.feature +0 -45
  138. data/acceptance-features/dsl/resource_owner.feature +0 -17
  139. data/acceptance-features/dsl/retire.feature +0 -15
  140. data/acceptance-features/global-privilege/elevate.feature +0 -20
  141. data/acceptance-features/global-privilege/reveal.privilege +0 -20
  142. data/acceptance-features/pubkeys/add.feature +0 -22
  143. data/acceptance-features/pubkeys/delete.feature +0 -9
  144. data/acceptance-features/pubkeys/names.feature +0 -26
  145. data/acceptance-features/pubkeys/show.feature +0 -27
  146. data/acceptance-features/step_definitions/cli_steps.rb +0 -57
  147. data/acceptance-features/step_definitions/graph_steps.rb +0 -22
  148. data/acceptance-features/step_definitions/user_steps.rb +0 -51
  149. data/acceptance-features/support/env.rb +0 -23
  150. data/acceptance-features/support/hooks.rb +0 -178
  151. data/acceptance-features/support/world.rb +0 -176
  152. data/acceptance-features/trusted_proxies.feature +0 -82
  153. data/bin/conjurize +0 -26
  154. data/bin/jsonfield +0 -70
  155. data/build-standalone +0 -6
  156. data/deprecations.sh +0 -38
  157. data/features/conjurize.feature +0 -134
  158. data/features/dsl_context.feature +0 -36
  159. data/features/dsl_host_create.feature +0 -11
  160. data/features/dsl_ownership.feature +0 -30
  161. data/features/dsl_permission.feature +0 -45
  162. data/features/dsl_resource_create.feature +0 -23
  163. data/features/dsl_role_create.feature +0 -11
  164. data/features/dsl_user_create.feature +0 -23
  165. data/features/jsonfield.feature +0 -49
  166. data/features/role_graph.feature +0 -58
  167. data/features/step_definitions/conjurize_steps.rb +0 -5
  168. data/features/step_definitions/dsl_steps.rb +0 -52
  169. data/features/support/conjur.conf +0 -6
  170. data/lib/conjur/command/assets.rb +0 -121
  171. data/lib/conjur/command/audit.rb +0 -155
  172. data/lib/conjur/command/bootstrap.rb +0 -129
  173. data/lib/conjur/command/dsl_command.rb +0 -75
  174. data/lib/conjur/command/elevate.rb +0 -76
  175. data/lib/conjur/command/field.rb +0 -45
  176. data/lib/conjur/command/groups.rb +0 -208
  177. data/lib/conjur/command/ids.rb +0 -34
  178. data/lib/conjur/command/layers.rb +0 -211
  179. data/lib/conjur/command/ldapsync.rb +0 -118
  180. data/lib/conjur/command/rspec/audit_helpers.rb +0 -68
  181. data/lib/conjur/command/rubydsl.rb +0 -93
  182. data/lib/conjur/command/script.rb +0 -48
  183. data/lib/conjur/command/server.rb +0 -67
  184. data/lib/conjur/conjurize.rb +0 -71
  185. data/lib/conjur/conjurize/script.rb +0 -150
  186. data/lib/conjur/dsl/runner.rb +0 -273
  187. data/publish-deb.sh +0 -6
  188. data/push-image +0 -29
  189. data/spec/command/assets_spec.rb +0 -115
  190. data/spec/command/audit_spec.rb +0 -376
  191. data/spec/command/elevate_spec.rb +0 -28
  192. data/spec/command/env_spec.rb +0 -168
  193. data/spec/command/groups_spec.rb +0 -77
  194. data/spec/command/host_factories_spec.rb +0 -38
  195. data/spec/command/layers_spec.rb +0 -35
  196. data/spec/command/ldapsync_spec.rb +0 -28
  197. data/spec/command/rubydsl_spec.rb +0 -63
  198. data/spec/command/variable_expiration_spec.rb +0 -164
  199. data/spec/command/variables_spec.rb +0 -192
  200. data/spec/conjurize/script_spec.rb +0 -62
  201. data/spec/conjurize_spec.rb +0 -70
  202. data/spec/dsl/runner_spec.rb +0 -93
  203. data/spec/env_spec.rb +0 -214
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA256:
3
- metadata.gz: 8cc3ac80bea03dc862fae9891a7ddc2397ada7c1a1c1fda95e5f87bcdb310b3e
4
- data.tar.gz: 7c60ea0c636462b00c0bcc8e0eb6a5f8feeba86caecb022599603d72f39fcbf4
2
+ SHA1:
3
+ metadata.gz: 6c66aad137ca989c44d4457f7310664747027f0a
4
+ data.tar.gz: 2c6db52a45ae0b89b1c361d63385bc6a67ea86dd
5
5
  SHA512:
6
- metadata.gz: 879008991469f78a22f2814f3f8d9eb2627a746ff46d89a992422d69bc8e14338d29d12415c0f4665af5311407139c9882a55f4efb220eb0ae7e92caa19a099f
7
- data.tar.gz: e7d5716bb41eab4b46ce11d07baf1d73714a0e14382584472c9073ac0b5e6a39cf452d70a7f3f9207f9ea55c6cf4e33b35e5cbc78c329f132f0f1f8db43ead5a
6
+ metadata.gz: 33eb8f41c248b2954cec5efe6aeaf7bd0996b69cacfc6d6af3544a3c6da1239e426aa1d3b69940deb3d6917aa084548f9c8506dee535fdf6c9c50c75fa85edc5
7
+ data.tar.gz: db6e99feb08b30907df699d09142c52dcb70c10db7f666cd0e5909b91b0b6b3fb495e6c863ab2523ee0cb2dc4e0110f8828b91de1b819dec871fbea3dc235a66
data/.dockerignore CHANGED
@@ -1,7 +1,7 @@
1
+ Gemfile.lock
1
2
  tmp
2
3
  *.deb
3
4
  coverage
4
5
  */reports
5
6
  vendor
6
- .idea
7
7
  pkg
data/.gitignore CHANGED
@@ -10,12 +10,14 @@
10
10
  *.json
11
11
  *.pem
12
12
  testdata/
13
+ dev/data_key
13
14
  *.gem
14
15
  *.rbc
15
16
  .bundle
16
17
  .config
17
18
  .yardoc
18
19
  Gemfile.lock
20
+ Dockerfile.*
19
21
  InstalledFiles
20
22
  _yardoc
21
23
  coverage
data/.rubocop.yml CHANGED
@@ -5,7 +5,7 @@ Style/MethodDefParentheses:
5
5
  EnforcedStyle: require_no_parentheses
6
6
 
7
7
  Style/StringLiterals:
8
- Enabled: false # more trouble than it's worth
8
+ EnforcedStyle: double_quotes
9
9
 
10
10
  Lint/EndAlignment:
11
11
  EnforcedStyleAlignWith: start_of_line
data/APPLIANCE_VERSION CHANGED
@@ -1 +1 @@
1
- 4.9
1
+ 5.0
data/CHANGELOG.md CHANGED
@@ -1,46 +1,7 @@
1
- # [5.6.6](https://github.com/cyberark/conjur-cli/releases/tag/v5.6.6)
1
+ # 6.0.0.rc1
2
2
 
3
- * Adds standalone Docker image (`cyberark/conjur-cli:4`)
4
-
5
- # 5.6.5
6
-
7
- * Fix init cert check when Conjur behind a SNI - [#209](https://github.com/cyberark/conjur-cli/pull/209)
8
-
9
- # 5.6.4
10
-
11
- * Allow activesupport 5 as a dependency.
12
-
13
- # 5.6.3
14
-
15
- * Fix the gemspec to reflect dependency changes.
16
-
17
- # 5.6.2
18
-
19
- * License changed to Apache 2.0
20
- * Don't let conjur-api drift to v5.
21
-
22
- # 5.6.1
23
-
24
- * Fix handling of `-k / --kind` argument to `resource list`.
25
-
26
- # 5.6.0
27
-
28
- The following enhancements require Conjur server 4.9.1.0 or later:
29
-
30
- * Supports filter and pagination of role-listing methods `role memberships`, `role members`, and `resource permitted_roles`.
31
- * Supports non-recursive (`--no-recursive`) retrieval of `role memberships`.
32
-
33
- On older server versions, the new options will be ignored by the server.
34
-
35
- # 5.5.0
36
-
37
- * Use `CONJUR_AUTHN_TOKEN_FILE` as the Conjur access token file, if it's available in the environment.
38
-
39
- # 5.4.0
40
-
41
- * Deprecated several commands in favor of using policy.
42
- * Add `policy` subcommand for `ldap-sync`, get rid of `jobs` and `now` subcommands.
43
- * Relax constraint on activesupport gem
3
+ * Provides compatibility with [cyberark/conjur](https://github.com/cyberark/conjur), Conjur 5 CE.
4
+ * License changed to Apache 2.0.
44
5
 
45
6
  # 5.3.0
46
7
 
data/Gemfile CHANGED
@@ -1,14 +1,11 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
- #ruby=ruby-2.4.1
3
+ #ruby=ruby-2.2.5
4
4
  #ruby-gemset=conjur-cli
5
5
 
6
6
  # Specify your gem's dependencies in conjur.gemspec
7
7
  gemspec
8
8
 
9
- group :test, :development do
10
- gem 'pry' # Don't be tempted to change this to pry-byebug until we drop support for 1.9
11
- gem 'pry-doc'
12
- gem 'ruby-prof'
13
- gem 'conjur-debify', '~> 1.0', require: false
14
- end
9
+ gem 'activesupport', '~> 4.2'
10
+
11
+ gem 'conjur-api', '~> 5'
data/Humanfile.md ADDED
@@ -0,0 +1,31 @@
1
+ This text file is intended to describe in human terms the actions that are
2
+ needed to set this project up which cannot be easily specified in a
3
+ machine-readable way due to lack of required tools (or the lack of my
4
+ knowledge of them).
5
+
6
+ The intent is for this document to reflect the current state. The timestamp of
7
+ when the state was changed/checked should be included with the description
8
+ to emphasize this, even though in principle git log should also have this information.
9
+
10
+ For pull requests, when the requester is unable to perform the change of state
11
+ or state should only be changed after merging, a note to that effect should be
12
+ included instead. The onus is then on whoever is merging to actually apply the
13
+ changes and update the timestamp in this document.
14
+
15
+ # Dockerhub builds
16
+
17
+ The dockerhub repository should be created as a public automatic build
18
+ repository, linked to the github repo for automatic build on push.
19
+
20
+ To accomplish that, follow the guide at https://docs.docker.com/docker-hub/github/
21
+
22
+ ## Settings
23
+
24
+ Dockerhub repo: https://hub.docker.com/r/conjurinc/cli5/
25
+ Github repo: https://github.com/conjurinc/cli-ruby
26
+
27
+ ### [Automated build settings](https://hub.docker.com/r/conjurinc/cli5/~/settings/automated-builds/):
28
+
29
+ - Automatically build on pushes: yes.
30
+
31
+ [Configuration true as of 2017-06-14T20:41+00:00.]
data/Jenkinsfile CHANGED
@@ -3,14 +3,13 @@ pipeline {
3
3
 
4
4
  options {
5
5
  timestamps()
6
- buildDiscarder(logRotator(numToKeepStr: '30'))
6
+ buildDiscarder(logRotator(daysToKeepStr: '30'))
7
7
  }
8
8
 
9
9
  stages {
10
-
11
10
  stage('Test 2.2') {
12
11
  environment {
13
- RUBY_VERSION = '2.2'
12
+ RUBY_VERSION = '2.2.8'
14
13
  }
15
14
  steps {
16
15
  sh './test.sh'
@@ -20,7 +19,7 @@ pipeline {
20
19
 
21
20
  stage('Test 2.3') {
22
21
  environment {
23
- RUBY_VERSION = '2.3'
22
+ RUBY_VERSION = '2.3.5'
24
23
  }
25
24
  steps {
26
25
  sh './test.sh'
@@ -30,7 +29,7 @@ pipeline {
30
29
 
31
30
  stage('Test 2.4') {
32
31
  environment {
33
- RUBY_VERSION = '2.4'
32
+ RUBY_VERSION = '2.4.2'
34
33
  }
35
34
  steps {
36
35
  sh './test.sh'
@@ -38,70 +37,42 @@ pipeline {
38
37
  }
39
38
  }
40
39
 
41
- stage('Build deb') {
42
- steps {
43
- sh './build-deb.sh'
44
- archiveArtifacts "tmp/deb/*"
45
- }
46
- }
47
-
48
- stage('Publish deb') {
49
- when {
50
- branch 'v4'
51
- }
52
-
53
- steps {
54
- sh './publish-deb.sh $(cat APPLIANCE_VERSION) stable'
55
- }
56
- }
57
-
58
- stage('Build standalone Docker image') {
59
- steps {
60
- sh './build-standalone'
61
- }
62
- }
63
-
64
- stage('Publish standalone Docker image to DockerHub') {
65
- steps {
66
- sh './push-image'
67
- }
68
- }
69
-
70
- // Only publish to RubyGems if the HEAD is
71
- // tagged with the same version as in version.rb
72
- stage('Publish to RubyGems') {
40
+ // Only publish to RubyGems if branch is 'master'
41
+ // AND someone confirms this stage within 5 minutes
42
+ stage('Publish to RubyGems?') {
73
43
  agent { label 'releaser-v2' }
74
44
 
75
45
  when {
76
- expression {
77
- def exitCode = sh returnStatus: true, script: ''' set +x
78
- echo "Determining if publishing is requested..."
79
-
80
- VERSION=`cat lib/conjur/version.rb | grep \'VERSION\\s*=\' | sed -e "s/.*\'\\(.*\\)\'.*/\\1/"`
81
- echo Declared version: $VERSION
82
-
83
- # Jenkins git plugin is broken and always fetches with `--no-tags`
84
- # (or `--tags`, neither of which is what you want), so tags end up
85
- # not being fetched. Try to fix that.
86
- # (Unfortunately this fetches all remote heads, so we may have to find
87
- # another solution for bigger repos.)
88
- git fetch -q
89
-
90
- # note when tag not found git rev-parse will just print its name
91
- TAG=`git rev-parse tags/v$VERSION 2>/dev/null || :`
92
- echo Tag v$VERSION: $TAG
93
-
94
- HEAD=`git rev-parse HEAD`
95
- echo HEAD: $HEAD
96
-
97
- test "$HEAD" = "$TAG"
98
- '''
99
- return exitCode == 0
46
+ allOf {
47
+ branch 'master'
48
+ expression {
49
+ boolean publish = false
50
+
51
+ if(env.PUBLISH_GEM == "true") {
52
+ return true
53
+ }
54
+
55
+ try {
56
+ timeout(time: 5, unit: 'MINUTES') {
57
+ input(message: 'Publish to RubyGems?')
58
+ publish = true
59
+ }
60
+ } catch (final ignore) {
61
+ publish = false
62
+ }
63
+
64
+ return publish
65
+ }
100
66
  }
101
67
  }
102
68
  steps {
103
- checkout scm
104
- sh './publish-rubygem.sh'
69
+ // Clean up first
70
+ sh 'docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd'
71
+
72
+ sh './publish.sh'
73
+
74
+ // Clean up again...
75
+ sh 'docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd'
105
76
  deleteDir()
106
77
  }
107
78
  }
data/README.md CHANGED
@@ -1,84 +1,70 @@
1
1
  # Conjur
2
2
 
3
- Command-line interface to Conjur.
3
+ *NOTE*: This is work-in-progress, for a future (as yet unreleased) version of Conjur.
4
+ _It will not work with Conjur 4._
4
5
 
5
- A complete reference guide is available at [developer.conjur.net](http://developer.conjur.net/reference).
6
-
7
- Note that this `v4` branch is for Conjur 4.x. Use `master` for Conjur 5.x and later.
6
+ Command-line interface to Conjur 5.
8
7
 
9
- ## Installation
8
+ A complete reference guide is available at [developer.conjur.net](http://developer.conjur.net/reference).
10
9
 
11
- Add this line to your application's Gemfile:
10
+ ## Quick start
12
11
 
13
- gem 'conjur-cli', require: 'conjur/cli'
12
+ ```sh-session
13
+ $ docker run -it -v $PWD:/work conjurinc/cli5
14
+ root@2b5f618dfdcb:/# conjur -v
15
+ conjur version 6.0.0.pre.beta.2
16
+ ```
14
17
 
15
- And then execute:
18
+ ## Docker images
16
19
 
17
- $ bundle
20
+ [![Docker Build Status](https://img.shields.io/docker/build/conjurinc/cli5.svg)](https://hub.docker.com/r/conjurinc/cli5/)
18
21
 
19
- Or install it yourself as:
22
+ Images for development/experimental use are automatically built [on docker hub](https://hub.docker.com/r/conjurinc/cli5/).
23
+ These are based off [Dockerfile.standalone](Dockerfile.standalone) and can be rebuilt with:
20
24
 
21
- $ gem install conjur-cli
25
+ docker build . -f Dockerfile.standalone -t conjurinc/cli5
22
26
 
23
- ### Using Docker
27
+ Note these images are not subject to any QA at the moment and so should never be used in production, especially without specific image id pin.
24
28
 
25
- This software is included in the standalone `cyberark/conjur-cli:4` Docker
26
- image. Docker containers are designed to be ephemeral, which means they don't
27
- store state after the container exits.
29
+ ## Development
28
30
 
29
- You can start an ephemeral session with the Conjur CLI software like so:
31
+ Create a sandbox environment in Docker using the `./dev` folder:
30
32
 
31
33
  ```sh-session
32
- $ docker run --rm -it cyberark/conjur-cli:4
33
- root@b27a95721e7d:~#
34
+ $ cd dev
35
+ dev $ ./start.sh
34
36
  ```
35
37
 
36
- Any initialization you do or files you create in that session will be discarded
37
- (permanently lost) when you exit the shell. Changes that you make to the Conjur
38
- server will remain.
38
+ This will drop you into a bash shell in a container called `cli`. The sandbox also includes a Postgres container and Conjur server container. The environment is already setup to connect the CLI to the server:
39
+
40
+ * **CONJUR_APPLIANCE_URL** `http://conjur`
41
+ * **CONJUR_ACCOUNT** `cucumber`
39
42
 
40
- You can also use a folder on your filesystem to persist the data that the Conjur
41
- CLI uses to connect. For example:
43
+ You can obtain the API key for the role `cucumber:user:admin` from the Docker logs of the Conjur container. Use it to login:
42
44
 
43
45
  ```sh-session
44
- $ mkdir mydata
45
- $ chmod 700 mydata
46
- $ docker run --rm -it -v $(PWD)/mydata:/root cyberark/conjur-cli:4 init -h https://conjur.myorg.com
47
- SHA1 Fingerprint=16:C8:F8:AC:7B:57:BD:5B:58:B4:13:27:22:8E:3F:A2:12:01:DB:68
48
-
49
- Please verify this certificate on the appliance using command:
50
- openssl x509 -fingerprint -noout -in ~conjur/etc/ssl/conjur.pem
51
-
52
- Trust this certificate (yes/no): yes
53
- Wrote certificate to /root/conjur-conjur.pem
54
- Wrote configuration to /root/.conjurrc
55
- $ ls -lA mydata
56
- total 8
57
- drwxr-xr-x 2 you staff 64 Mar 28 19:30 .cache
58
- -rw-r--r-- 1 you staff 128 Mar 28 19:30 .conjurrc
59
- -rw-r--r-- 1 you staff 2665 Mar 28 19:30 conjur-conjur.pem
60
- $ docker run --rm -it -v $(PWD)/mydata:/root cyberark/conjur-cli:4 authn login -u your-user-name
61
- Please enter your password (it will not be echoed):
46
+ root@2b5f618dfdcb:/# conjur authn login admin
47
+ Please enter admin's password (it will not be echoed):
62
48
  Logged in
63
- $ ls -lA mydata
64
- total 12
65
- drwxr-xr-x 2 you staff 64 Mar 28 19:26 .cache
66
- -rw-r--r-- 1 you staff 128 Mar 28 19:20 .conjurrc
67
- -rw------- 1 you staff 143 Mar 28 19:27 .netrc
68
- -rw-r--r-- 1 you staff 2665 Mar 28 19:20 conjur-conjur.pem
69
- $
70
49
  ```
71
50
 
72
- *Security notice:* the file `.netrc`, created or updated by `conjur authn
73
- login`, contains a user identity credential that can be used to access the
74
- Conjur API. You should remove it after use or otherwise secure it like you would
75
- another netrc file.
51
+ At this point, you can use any CLI command you like.
76
52
 
77
- ### Bash completion
53
+ ### Running Cucumber
78
54
 
79
- To enable bash completions, run this command:
55
+ To install dev packages, run `bundle` from within the container:
80
56
 
81
- $ conjur shellinit >> ~/.bashrc
57
+ ```sh-session
58
+ root@2b5f618dfdcb:/# cd /usr/src/cli-ruby/
59
+ root@2b5f618dfdcb:/usr/src/cli-ruby# bundle
60
+ ```
61
+
62
+ Then you can run the cucumber tests:
63
+
64
+ ```sh-session
65
+ root@2b5f618dfdcb:/usr/src/cli-ruby# cucumber
66
+ ...
67
+ ```
82
68
 
83
69
  ## Contributing
84
70
 
data/Rakefile CHANGED
@@ -8,7 +8,11 @@ begin
8
8
  require 'cucumber/rake/task'
9
9
  require 'rspec/core/rake_task'
10
10
 
11
- RSpec::Core::RakeTask.new :spec
11
+ # ci_reporter_rspec cleans and then writes results to spec/reports
12
+ RSpec::Core::RakeTask.new :spec do |t|
13
+ t.rspec_opts = '--tag ~wip --format junit'
14
+ end
15
+
12
16
  Cucumber::Rake::Task.new :features
13
17
 
14
18
  task :jenkins => ['ci:setup:rspec', :spec] do
data/bin/conjur CHANGED
@@ -23,6 +23,4 @@
23
23
  require 'active_support'
24
24
  require 'conjur/cli'
25
25
 
26
- require 'patches/gli'
27
-
28
26
  exit Conjur::CLI.run(ARGV)
data/build-deb.sh CHANGED
@@ -3,9 +3,7 @@
3
3
  export DEBUG=true
4
4
  export GLI_DEBUG=true
5
5
 
6
- if [[ "$(id -un)" == "jenkins" ]]; then
7
- docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd
8
- fi
6
+ debify clean
9
7
 
10
8
  docker build -t conjur-cli-fpm -f Dockerfile.fpm .
11
9
  docker build -t conjur-cli-validate-packaging -f Dockerfile.validate-packaging .