train 1.5.0 → 1.5.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e0d6951ed34583f2ee93e624dfee665eeac69ece0c77e142699fc4c28b87e6d2
-  data.tar.gz: ff38812176b7daf727e44bcd189b3af909199398107a30b42deaee29b784f7cd
+  metadata.gz: 1f8a8136ef1361afa88f951fb3095bd894482ae737d5546c94a2311027383797
+  data.tar.gz: 3214e7d84ffe45af4d0997c444a052d49607fe6fb3d79fbfc737068328b553e5
 SHA512:
-  metadata.gz: 3e8ef41d9b67af33e36093b3ea86db4564e1b39e0eb400fb85aa2f21753c234b08abfe40ce9f3a1703ebd79b52a570b7c7e571a31847b54ea6f1a630e08dda25
-  data.tar.gz: 967d5fe1b319da6da65ecffcaf1bc3674cb8c0e2b3dfb626a75d93a81f37ed8deca17b9fca351d6a319250f95dbe48e1f6e1e43aead1e495fcfa06609d29aee0
+  metadata.gz: 80f9ff5fac3af02c41061434cef335569cb6e4d1b067027c9b7f119e844e5193655eb7d58d1f9b16504b8f8d0c28c51b008f51c7dda27597adfa346088696570
+  data.tar.gz: fe2a5fa5de52041ffeb96d7349cd2949e98ec410bb501494f7643c48b79d546a5a393f99261f961b3dbb05948d0ee728a288b9ec4c5bbba5ed4dbf938e54d1a7

data/CHANGELOG.md

@@ -1,27 +1,35 @@
-<!-- latest_release 1.5.0 -->
-## [v1.5.0](https://github.com/inspec/train/tree/v1.5.0) (2018-09-27)
+<!-- latest_release 1.5.4 -->
+## [v1.5.4](https://github.com/inspec/train/tree/v1.5.4) (2018-10-15)
 
 #### Merged Pull Requests
-- Bump minor version. [#357](https://github.com/inspec/train/pull/357) ([jquick](https://github.com/jquick))
+- Correct example plugin link [#363](https://github.com/inspec/train/pull/363) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
 <!-- latest_release -->
 
-<!-- release_rollup since=1.4.37 -->
-### Changes since 1.4.37 release
+<!-- release_rollup since=1.5.0 -->
+### Changes since 1.5.0 release
 
 #### Merged Pull Requests
-- Bump minor version. [#357](https://github.com/inspec/train/pull/357) ([jquick](https://github.com/jquick)) <!-- 1.5.0 -->
-- Plugins:  Test harness, test fixture, docs, and local-type example [#356](https://github.com/inspec/train/pull/356) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 1.4.40 -->
-- Adding GCP admin_client helper. [#349](https://github.com/inspec/train/pull/349) ([skpaterson](https://github.com/skpaterson)) <!-- 1.4.39 -->
-- Update google-api-client version. [#348](https://github.com/inspec/train/pull/348) ([skpaterson](https://github.com/skpaterson)) <!-- 1.4.38 -->
+- Correct example plugin link [#363](https://github.com/inspec/train/pull/363) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 1.5.4 -->
+- Adds Azure Vault Client [#351](https://github.com/inspec/train/pull/351) ([r-fennell](https://github.com/r-fennell)) <!-- 1.5.3 -->
+- Remove the legacy version bumping from the rakefile [#359](https://github.com/inspec/train/pull/359) ([tas50](https://github.com/tas50)) <!-- 1.5.2 -->
+- Fixes the link pointing back to the plugin docs [#362](https://github.com/inspec/train/pull/362) ([cattywampus](https://github.com/cattywampus)) <!-- 1.5.1 -->
 <!-- release_rollup -->
 
 <!-- latest_stable_release -->
+## [v1.5.0](https://github.com/inspec/train/tree/v1.5.0) (2018-09-27)
+
+#### Merged Pull Requests
+- Update google-api-client version. [#348](https://github.com/inspec/train/pull/348) ([skpaterson](https://github.com/skpaterson))
+- Adding GCP admin_client helper. [#349](https://github.com/inspec/train/pull/349) ([skpaterson](https://github.com/skpaterson))
+- Plugins:  Test harness, test fixture, docs, and local-type example [#356](https://github.com/inspec/train/pull/356) ([clintoncwolfe](https://github.com/clintoncwolfe))
+- Bump minor version. [#357](https://github.com/inspec/train/pull/357) ([jquick](https://github.com/jquick))
+<!-- latest_stable_release -->
+
 ## [v1.4.37](https://github.com/inspec/train/tree/v1.4.37) (2018-09-13)
 
 #### Merged Pull Requests
 - Rescues SystemCallError instead of Errno [#346](https://github.com/inspec/train/pull/346) ([dmccown](https://github.com/dmccown))
 - Add a export method for platforms [#347](https://github.com/inspec/train/pull/347) ([jquick](https://github.com/jquick))
-<!-- latest_stable_release -->
 
 ## [v1.4.35](https://github.com/inspec/train/tree/v1.4.35) (2018-08-23)
 

data/Rakefile

@@ -71,80 +71,3 @@ namespace :test do
     sh('sh', '-c', sh_cmd)
   end
 end
-
-# Print the current version of this gem or update it.
-#
-# @param [Type] target the new version you want to set, or nil if you only want to show
-def train_version(target = nil)
-  path = 'lib/train/version.rb'
-  require_relative path.sub(/.rb$/, '')
-
-  nu_version = target.nil? ? '' : " -> #{target}"
-  puts "Train: #{Train::VERSION}#{nu_version}"
-
-  unless target.nil?
-    raw = File.read(path)
-    nu = raw.sub(/VERSION.*/, "VERSION = '#{target}'.freeze")
-    File.write(path, nu)
-    load(path)
-  end
-end
-
-# Check if a command is available
-#
-# @param [Type] x the command you are interested in
-# @param [Type] msg the message to display if the command is missing
-def require_command(x, msg = nil)
-  return if system("command -v #{x} || exit 1")
-  msg ||= 'Please install it first!'
-  puts "\033[31;1mCan't find command #{x.inspect}. #{msg}\033[0m"
-  exit 1
-end
-
-# Check if a required environment variable has been set
-#
-# @param [String] x the variable you are interested in
-# @param [String] msg the message you want to display if the variable is missing
-def require_env(x, msg = nil)
-  exists = `env | grep "^#{x}="`
-  return unless exists.empty?
-  puts "\033[31;1mCan't find environment variable #{x.inspect}. #{msg}\033[0m"
-  exit 1
-end
-
-# Check the requirements for running an update of this repository.
-def check_update_requirements
-  require_command 'git'
-  require_command 'github_changelog_generator', "\n"\
-    "For more information on how to install it see:\n"\
-    "  https://github.com/skywinder/github-changelog-generator\n"
-  require_env 'CHANGELOG_GITHUB_TOKEN', "\n"\
-    "Please configure this token to make sure you can run all commands\n"\
-    "against GitHub.\n\n"\
-    "See github_changelog_generator homepage for more information:\n"\
-    "  https://github.com/skywinder/github-changelog-generator\n"
-end
-
-# Show the current version of this gem.
-desc 'Show the version of this gem'
-task :version do
-  train_version
-end
-
-desc 'Generate the changelog'
-task :changelog do
-  require_relative 'lib/train/version'
-  system "github_changelog_generator -u chef -p train --future-release #{Train::VERSION}"
-end
-
-# Update the version of this gem and create an updated
-# changelog. It covers everything short of actually releasing
-# the gem.
-desc 'Bump the version of this gem'
-task :bump_version, [:version] do |_, args|
-  v = args[:version] || ENV['to']
-  fail "You must specify a target version!  rake bump_version to=1.2.3" if v.empty?
-  check_update_requirements
-  train_version(v)
-  Rake::Task['changelog'].invoke
-end

data/lib/train/transports/azure.rb

@@ -4,10 +4,12 @@ require 'train/plugins'
 require 'ms_rest_azure'
 require 'azure_mgmt_resources'
 require 'azure_graph_rbac'
+require 'azure_mgmt_key_vault'
 require 'socket'
 require 'timeout'
 require 'train/transports/helpers/azure/file_credentials'
 require 'train/transports/clients/azure/graph_rbac'
+require 'train/transports/clients/azure/vault'
 
 module Train::Transports
   class Azure < Train.plugin(1)
@@ -59,7 +61,7 @@ module Train::Transports
         force_platform!('azure', @platform_details)
       end
 
-      def azure_client(klass = ::Azure::Resources::Profiles::Latest::Mgmt::Client)
+      def azure_client(klass = ::Azure::Resources::Profiles::Latest::Mgmt::Client, opts = {})
         if cache_enabled?(:api_call)
           return @cache[:api_call][klass.to_s.to_sym] unless @cache[:api_call][klass.to_s.to_sym].nil?
         end
@@ -67,7 +69,9 @@ module Train::Transports
         if klass == ::Azure::Resources::Profiles::Latest::Mgmt::Client
           @credentials[:base_url] = MsRestAzure::AzureEnvironments::AzureCloud.resource_manager_endpoint_url
         elsif klass == ::Azure::GraphRbac::Profiles::Latest::Client
-          client =  GraphRbac.client(@credentials)
+          client = GraphRbac.client(@credentials)
+        elsif klass == ::Azure::KeyVault::Profiles::Latest::Mgmt::Client
+          client = Vault.client(opts[:vault_name], @credentials)
         end
 
         client ||= klass.new(@credentials)

data/lib/train/transports/clients/azure/graph_rbac.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+
 require 'azure_graph_rbac'
 
 # Wrapper class for ::Azure::GraphRbac::Profiles::Latest::Client allowing custom configuration,
@@ -8,15 +9,19 @@ class GraphRbac
   API_ENDPOINT = MsRestAzure::AzureEnvironments::AzureCloud.active_directory_graph_resource_id
 
   def self.client(credentials)
-    provider = ::MsRestAzure::ApplicationTokenProvider.new(
+    credentials[:credentials] = ::MsRest::TokenCredentials.new(provider(credentials))
+    credentials[:base_url] = API_ENDPOINT
+
+    ::Azure::GraphRbac::Profiles::Latest::Client.new(credentials)
+  end
+
+  def self.provider(credentials)
+    ::MsRestAzure::ApplicationTokenProvider.new(
       credentials[:tenant_id],
       credentials[:client_id],
       credentials[:client_secret],
       settings,
     )
-    credentials[:credentials] = ::MsRest::TokenCredentials.new(provider)
-    credentials[:base_url] = API_ENDPOINT
-    ::Azure::GraphRbac::Profiles::Latest::Client.new(credentials)
   end
 
   def self.settings
@@ -25,4 +30,6 @@ class GraphRbac
     client_settings.token_audience = API_ENDPOINT
     client_settings
   end
+
+  private_class_method :provider, :settings
 end

data/lib/train/transports/clients/azure/vault.rb

@@ -0,0 +1,41 @@
+# encoding: utf-8
+
+require 'azure_mgmt_key_vault'
+
+# Wrapper class for ::Azure::KeyVault::Profiles::Latest::Mgmt::Client allowing custom configuration,
+# for example, defining additional settings for the ::MsRestAzure::ApplicationTokenProvider.
+class Vault
+  AUTH_ENDPOINT = MsRestAzure::AzureEnvironments::AzureCloud.active_directory_endpoint_url
+  RESOURCE_ENDPOINT = 'https://vault.azure.net'.freeze
+
+  def self.client(vault_name, credentials)
+    raise ::Train::UserError, 'Vault Name cannot be nil' if vault_name.nil?
+
+    credentials[:credentials] = ::MsRest::TokenCredentials.new(provider(credentials))
+    credentials[:base_url] = api_endpoint(vault_name)
+
+    ::Azure::KeyVault::Profiles::Latest::Mgmt::Client.new(credentials)
+  end
+
+  def self.provider(credentials)
+    ::MsRestAzure::ApplicationTokenProvider.new(
+      credentials[:tenant_id],
+      credentials[:client_id],
+      credentials[:client_secret],
+      settings,
+    )
+  end
+
+  def self.api_endpoint(vault_name)
+    "https://#{vault_name}#{MsRestAzure::AzureEnvironments::AzureCloud.key_vault_dns_suffix}"
+  end
+
+  def self.settings
+    client_settings = MsRestAzure::ActiveDirectoryServiceSettings.get_azure_settings
+    client_settings.authentication_endpoint = AUTH_ENDPOINT
+    client_settings.token_audience = RESOURCE_ENDPOINT
+    client_settings
+  end
+
+  private_class_method :provider, :api_endpoint, :settings
+end

data/lib/train/version.rb

@@ -3,5 +3,5 @@
 # Author:: Dominik Richter (<dominik.richter@gmail.com>)
 
 module Train
-  VERSION = '1.5.0'.freeze
+  VERSION = '1.5.4'.freeze
 end

data/test/unit/transports/azure_test.rb

@@ -81,10 +81,23 @@ describe 'azure transport' do
     end
 
     it 'can use azure_client graph client' do
-      GRAPH_API_CLIENT      = Azure::GraphRbac::Profiles::Latest::Client
+      GRAPH_API_CLIENT = Azure::GraphRbac::Profiles::Latest::Client
       client = connection.azure_client(GRAPH_API_CLIENT)
       client.class.must_equal GRAPH_API_CLIENT
     end
+
+    it 'can use azure_client vault client' do
+      VAULT_API_CLIENT = ::Azure::KeyVault::Profiles::Latest::Mgmt::Client
+      client = connection.azure_client(VAULT_API_CLIENT, vault_name: 'Test Vault')
+      client.class.must_equal VAULT_API_CLIENT
+    end
+
+    it 'cannot instantiate azure_client vault client without a vault name' do
+      VAULT_API_CLIENT = ::Azure::KeyVault::Profiles::Latest::Mgmt::Client
+      assert_raises(Train::UserError) do
+        connection.azure_client(VAULT_API_CLIENT)
+      end
+    end
   end
 
   describe 'connect' do

data/train.gemspec

@@ -36,6 +36,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'aws-sdk', '~> 2'
   spec.add_dependency 'azure_mgmt_resources', '~> 0.15'
   spec.add_dependency 'azure_graph_rbac', '~> 0.16'
+  spec.add_dependency 'azure_mgmt_key_vault', '~> 0.17'
   spec.add_dependency 'google-api-client', '~> 0.23.9'
   spec.add_dependency 'googleauth', '~> 0.6.6'
   spec.add_dependency 'inifile'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: train
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 1.5.4
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-09-27 00:00:00.000000000 Z
+date: 2018-10-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
@@ -162,6 +162,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.16'
+- !ruby/object:Gem::Dependency
+  name: azure_mgmt_key_vault
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.17'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.17'
 - !ruby/object:Gem::Dependency
   name: google-api-client
   requirement: !ruby/object:Gem::Requirement
@@ -268,6 +282,7 @@ files:
 - lib/train/transports/azure.rb
 - lib/train/transports/cisco_ios_connection.rb
 - lib/train/transports/clients/azure/graph_rbac.rb
+- lib/train/transports/clients/azure/vault.rb
 - lib/train/transports/docker.rb
 - lib/train/transports/gcp.rb
 - lib/train/transports/helpers/azure/file_credentials.rb