README.md in conjur-cli-5.6.6 vs README.md in conjur-cli-6.0.0.rc1

- old
+ new

@@ -1,85 +1,71 @@ # Conjur -Command-line interface to Conjur. +*NOTE*: This is work-in-progress, for a future (as yet unreleased) version of Conjur. +_It will not work with Conjur 4._ +Command-line interface to Conjur 5. + A complete reference guide is available at [developer.conjur.net](http://developer.conjur.net/reference). -Note that this `v4` branch is for Conjur 4.x. Use `master` for Conjur 5.x and later. +## Quick start -## Installation +```sh-session +$ docker run -it -v $PWD:/work conjurinc/cli5 +root@2b5f618dfdcb:/# conjur -v +conjur version 6.0.0.pre.beta.2 +``` -Add this line to your application's Gemfile: +## Docker images - gem 'conjur-cli', require: 'conjur/cli' +[![Docker Build Status](https://img.shields.io/docker/build/conjurinc/cli5.svg)](https://hub.docker.com/r/conjurinc/cli5/) -And then execute: +Images for development/experimental use are automatically built [on docker hub](https://hub.docker.com/r/conjurinc/cli5/). +These are based off [Dockerfile.standalone](Dockerfile.standalone) and can be rebuilt with: - $ bundle + docker build . -f Dockerfile.standalone -t conjurinc/cli5 -Or install it yourself as: +Note these images are not subject to any QA at the moment and so should never be used in production, especially without specific image id pin. - $ gem install conjur-cli +## Development -### Using Docker +Create a sandbox environment in Docker using the `./dev` folder: -This software is included in the standalone `cyberark/conjur-cli:4` Docker -image. Docker containers are designed to be ephemeral, which means they don't -store state after the container exits. - -You can start an ephemeral session with the Conjur CLI software like so: - ```sh-session -$ docker run --rm -it cyberark/conjur-cli:4 -root@b27a95721e7d:~# +$ cd dev +dev $ ./start.sh ``` -Any initialization you do or files you create in that session will be discarded -(permanently lost) when you exit the shell. Changes that you make to the Conjur -server will remain. +This will drop you into a bash shell in a container called `cli`. The sandbox also includes a Postgres container and Conjur server container. The environment is already setup to connect the CLI to the server: -You can also use a folder on your filesystem to persist the data that the Conjur -CLI uses to connect. For example: +* **CONJUR_APPLIANCE_URL** `http://conjur` +* **CONJUR_ACCOUNT** `cucumber` -```sh-session -$ mkdir mydata -$ chmod 700 mydata -$ docker run --rm -it -v $(PWD)/mydata:/root cyberark/conjur-cli:4 init -h https://conjur.myorg.com -SHA1 Fingerprint=16:C8:F8:AC:7B:57:BD:5B:58:B4:13:27:22:8E:3F:A2:12:01:DB:68 +You can obtain the API key for the role `cucumber:user:admin` from the Docker logs of the Conjur container. Use it to login: -Please verify this certificate on the appliance using command: - openssl x509 -fingerprint -noout -in ~conjur/etc/ssl/conjur.pem - -Trust this certificate (yes/no): yes -Wrote certificate to /root/conjur-conjur.pem -Wrote configuration to /root/.conjurrc -$ ls -lA mydata -total 8 -drwxr-xr-x 2 you staff 64 Mar 28 19:30 .cache --rw-r--r-- 1 you staff 128 Mar 28 19:30 .conjurrc --rw-r--r-- 1 you staff 2665 Mar 28 19:30 conjur-conjur.pem -$ docker run --rm -it -v $(PWD)/mydata:/root cyberark/conjur-cli:4 authn login -u your-user-name -Please enter your password (it will not be echoed): +```sh-session +root@2b5f618dfdcb:/# conjur authn login admin +Please enter admin's password (it will not be echoed): Logged in -$ ls -lA mydata -total 12 -drwxr-xr-x 2 you staff 64 Mar 28 19:26 .cache --rw-r--r-- 1 you staff 128 Mar 28 19:20 .conjurrc --rw------- 1 you staff 143 Mar 28 19:27 .netrc --rw-r--r-- 1 you staff 2665 Mar 28 19:20 conjur-conjur.pem -$ ``` -*Security notice:* the file `.netrc`, created or updated by `conjur authn -login`, contains a user identity credential that can be used to access the -Conjur API. You should remove it after use or otherwise secure it like you would -another netrc file. +At this point, you can use any CLI command you like. -### Bash completion +### Running Cucumber -To enable bash completions, run this command: +To install dev packages, run `bundle` from within the container: - $ conjur shellinit >> ~/.bashrc +```sh-session +root@2b5f618dfdcb:/# cd /usr/src/cli-ruby/ +root@2b5f618dfdcb:/usr/src/cli-ruby# bundle +``` + +Then you can run the cucumber tests: + +```sh-session +root@2b5f618dfdcb:/usr/src/cli-ruby# cucumber +... +``` ## Contributing 1. Fork it 2. Create your feature branch (`git checkout -b my-new-feature`)