Pact poc2

.dockerignore

@@ -17,11 +17,14 @@ coverage
 demo
 dev
 docker
+gems/slosilo/Gemfile.lock
+gems/slosilo/spec/reports
 log
 package
 run
 spec/reports
 spec/reports-audit
+
 tmp
 
 # Ignore directories that are only relevant in gh

.github/CODEOWNERS

@@ -1,10 +1 @@
-* @cyberark/conjur-core-team @conjurinc/conjur-core-team @conjurdemos/conjur-core-team
-
-# Changes to .trivyignore require Security Architect approval
-.trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
-
-# Changes to .codeclimate.yml require Quality Architect approval
-.codeclimate.yml @cyberark/quality-architects @conjurinc/quality-architects @conjurdemos/quality-architects
-
-# Changes to SECURITY.md require Security Architect approval
-SECURITY.md @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
+* @jeniaSakirko @cyberark/ConjurCloud

.gitignore

@@ -73,4 +73,24 @@ conjur_git_commit
 # AuthnOIDC V2 w/ Identity setup
 dev/policies/authenticators/authn-oidc/identity-users.yml
 
+gem/slosilo/*.gem
+gem/slosilo/*.rbc
+gem/slosilo/.bundle
+gem/slosilo/.yardoc
+gem/slosilo/InstalledFiles
+gem/slosilo/_yardoc
+gem/slosilo/coverage
+gem/slosilo/doc/
+gem/slosilo/lib/bundler/man
+gem/slosilo/pkg
+gem/slosilo/rdoc
+gem/slosilo/spec/reports
+gem/slosilo/test/tmp
+gem/slosilo/test/version_tmp
+gem/slosilo/tmp
+gem/slosilo/.rvmrc
+gem/slosilo/.project
+gem/slosilo/.kateproject.d
+gem/slosilo/.idea
+
 VERSION

CHANGELOG.md

@@ -9,6 +9,76 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Nothing should go in this section, please add to the latest unreleased version
   (and update the corresponding date), or add a new version.
 
+## [1.0.1-cloud] - 2023-06-21
+### Changed
+- Improve DB connection usage https://ca-il-jira.il.cyber-ark.com:8443/browse/ONYX-34591
+- Pull Slosilo library to Conjur
+- Change Slosilo id from "authn:account:host/user" to "authn:account:host/user:current"
+- Add update slosilo key option to slosilo put key function
+
+## [1.0.0-cloud] - 2023-06-07
+### Changed
+- Improve DB queries for Edge https://ca-il-jira.il.cyber-ark.com:8443/browse/ONYX-37081
+- Change Slosilo id regex to support: authn:conjur:user/host in addition to authn:conjur
+- Split Slosilo key for hosts and users
+- Fix No continuation in replication when an error occurs https://ca-il-jira.il.cyber-ark.com:8443/browse/ONYX-35741
+
+## [0.0.11-cloud] - 2023-05-24
+### Changed
+- Remove edge-hosts for edge endpoint
+- oidc user name to be compare as lowercase https://ca-il-jira.il.cyber-ark.com:8443/browse/ONYX-37450
+- Support versions field in all secrets endpoint https://ca-il-jira.il.cyber-ark.com:8443/browse/ONYX-37056
+
+## [0.0.10-cloud] - 2023-05-16
+### Added
+- Implementation health endpoint
+  https://ca-il-jira.il.cyber-ark.com:8443/browse/ONYX-37338
+
+## [0.0.9-cloud] - 2023-05-09
+### Added
+- Add an option to get all secrets from edge api with encode bse64, by Accept-Encoding header
+  https://ca-il-jira.il.cyber-ark.com:8443/browse/ONYX-35742
+
+## [0.0.8-cloud] - 2023-04-30
+### Added
+- New edge-hosts endpoints for edge
+- Api change. Host API key is return as hashed
+  https://ca-il-jira.il.cyber-ark.com:8443/browse/ONYX-35892
+
+## [0.0.7-cloud] - 2023-03-27
+### Changed
+- Merge from master 2023-03-27 to 2023-03-26
+
+## [0.0.6-cloud] - 2023-03-19
+### Security
+- Updated github-pages version in docs/Gemfile to allow upgrading activesupport
+  to v7.0.4.2 to resolve CVE-2022-22796
+  [cyberark/conjur#2729](https://github.com/cyberark/conjur/pull/2729)
+- Upgraded rack to v2.2.6.3 to resolve CVE-2023-27530
+  [cyberark/conjur#2739](https://github.com/cyberark/conjur/pull/2739)
+- Upgraded rack to v2.2.6.4 to resolve CVE-2023-27539
+  [cyberark/conjur#2750](https://github.com/cyberark/conjur/pull/2750)
+
+## [0.0.5-cloud] - 2023-03-15
+### Changed
+- Add get SlosiloKey api
+
+## [0.0.4-cloud] - 2023-03-12
+### Changed
+- Change count=true not to consider limit and sum all
+
+## [0.0.3-cloud] - 2023-03-06
+### Changed
+- Change edge group name
+
+## [0.0.2-cloud] - 2023-03-06
+### Added
+- Edge host endpoint and secret endpoint
+
+## [0.0.1-cloud] - 2022-01-13
+### Changed
+- Remove auto-release options to allow for a pseudo-fork development on a branch
+
 ## [1.19.5] - 2023-05-16
 
 ### Security
@@ -64,7 +134,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
   [cyberark/conjur#2739](https://github.com/cyberark/conjur/pull/2739)
 - Upgraded rack to v2.2.6.4 to resolve CVE-2023-27539
   [cyberark/conjur#2750](https://github.com/cyberark/conjur/pull/2750)
-- Updated nokogiri to 1.14.3 for CVE-2023-29469 and CVE-2023-28484 and rails to
+- Updated nokogiri to 1.14.3 for CVE-2023-29469 and CVE-2023-28484 and rails to 
   6.1.7.3 for CVE-2023-28120 in Gemfile.lock, nokogiri to 1.1.4.3 for CVE-2023-29469
   and commonmarker to 0.23.9 for CVE-2023-24824 and CVE-2023-26485 in docs/Gemfile.lock
   (all Medium severity issues flagged by Dependabot)

Dockerfile

@@ -1,4 +1,4 @@
-FROM cyberark/ubuntu-ruby-fips:latest
+FROM cyberark/ubuntu-ruby-fips:2.0.7-618
 
 ENV DEBIAN_FRONTEND=noninteractive \
     PORT=80 \

Dockerfile.test

@@ -1,4 +1,4 @@
 ARG VERSION=latest
-FROM conjur:${VERSION}
+FROM conjur-cloud:${VERSION}
 
 RUN bundle --no-deployment --without ''

Gemfile

@@ -36,7 +36,7 @@ gem 'bcrypt'
 gem 'gli', require: false
 gem 'listen'
 gem 'rexml', '~> 3.2'
-gem 'slosilo', '~> 3.0'
+gem 'slosilo',  path: 'gems/slosilo'
 
 # Explicitly required as there are vulnerabilities in older versions
 gem "ffi", ">= 1.9.24"
@@ -99,6 +99,7 @@ group :development, :test do
   gem 'rspec-core'
   gem 'rspec-rails'
   gem 'ruby-debug-ide'
+  gem 'pact'
 
   # We use a post-coverage hook to sleep covered processes until we're ready to
   # collect the coverage reports in CI. Because of this, we don't want bundler

Gemfile.lock

@@ -13,6 +13,11 @@ PATH
       activesupport (>= 4.2)
       safe_yaml
 
+PATH
+  remote: gems/slosilo
+  specs:
+    slosilo (3.0.1)
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -89,6 +94,7 @@ GEM
       thor (~> 1.0)
     ast (2.4.2)
     attr_required (1.0.1)
+    awesome_print (1.9.2)
     aws-eventstream (1.2.0)
     aws-partitions (1.553.0)
     aws-sdk-core (3.126.0)
@@ -211,13 +217,17 @@ GEM
     event_emitter (0.2.6)
     eventmachine (1.2.7)
     excon (0.91.0)
+    expgen (0.1.1)
+      parslet
     faye-websocket (0.11.1)
       eventmachine (>= 0.12.0)
       websocket-driver (>= 0.5.1)
     ffi (1.15.4)
     ffi-compiler (1.0.1)
       ffi (>= 1.0.0)
       rake
+    filelock (1.1.1)
+    find_a_port (1.0.1)
     gli (2.21.0)
     globalid (1.1.0)
       activesupport (>= 5.0)
@@ -245,6 +255,7 @@ GEM
       activesupport (>= 4.2.0)
       multi_json (>= 1.2)
     jmespath (1.6.1)
+    json (2.6.3)
     json-jwt (1.13.0)
       activesupport (>= 4.2)
       aes_key_wrap
@@ -308,9 +319,32 @@ GEM
       validate_email
       validate_url
       webfinger (>= 1.0.1)
+    pact (1.63.0)
+      pact-mock_service (~> 3.0, >= 3.3.1)
+      pact-support (~> 1.16, >= 1.16.9)
+      rack-test (>= 0.6.3, < 3.0.0)
+      rspec (~> 3.0)
+      term-ansicolor (~> 1.0)
+      thor (>= 0.20, < 2.0)
+      webrick (~> 1.3)
+    pact-mock_service (3.11.1)
+      filelock (~> 1.1)
+      find_a_port (~> 1.0.1)
+      json
+      pact-support (~> 1.16, >= 1.16.4)
+      rack (~> 2.0)
+      rspec (>= 2.14)
+      thor (>= 0.19, < 2.0)
+      webrick (~> 1.3)
+    pact-support (1.17.0)
+      awesome_print (~> 1.9)
+      diff-lcs (~> 1.4)
+      expgen (~> 0.1)
+      term-ansicolor (~> 1.0)
     parallel (1.21.0)
     parser (3.0.3.2)
       ast (~> 2.4.1)
+    parslet (2.0.0)
     pg (1.2.3)
     powerpack (0.1.3)
     pry (0.13.1)
@@ -440,7 +474,6 @@ GEM
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.12.3)
     simplecov_json_formatter (0.1.4)
-    slosilo (3.0.1)
     spring (2.1.0)
     spring-commands-cucumber (1.0.1)
       spring (>= 0.9.1)
@@ -457,11 +490,16 @@ GEM
       activesupport (>= 3)
       attr_required (>= 0.0.5)
       httpclient (>= 2.4)
+    sync (0.5.0)
     sys-uname (1.2.2)
       ffi (~> 1.1)
     table_print (1.5.7)
+    term-ansicolor (1.7.1)
+      tins (~> 1.0)
     thor (1.2.1)
     timeout (0.3.2)
+    tins (1.32.1)
+      sync
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unf (0.1.4)
@@ -535,6 +573,7 @@ DEPENDENCIES
   net-ssh
   nokogiri (>= 1.8.2)
   openid_connect
+  pact
   parallel
   pg
   pry-byebug
@@ -561,7 +600,7 @@ DEPENDENCIES
   sequel-postgres-schemata
   sequel-rails
   simplecov
-  slosilo (~> 3.0)
+  slosilo!
   spring
   spring-commands-cucumber
   spring-commands-rspec