Skip to content

Instantly share code, notes, and snippets.

@dividedmind
Created March 11, 2019 16:28
Show Gist options
  • Save dividedmind/5fbd26cb82ecd73808ab82d29595cb6c to your computer and use it in GitHub Desktop.
Save dividedmind/5fbd26cb82ecd73808ab82d29595cb6c to your computer and use it in GitHub Desktop.
Example conjur CLI session using RESTCLIENT_LOG
$ RESTCLIENT_LOG=stderr conjur authn login
Enter your username to log into Conjur: admin
Please enter your password (it will not be echoed):
RestClient.get "https://cuke-master/authn/cucumber/login", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "User-Agent"=>"rest-client/2.0.2 (linux-gnu x86_64) ruby/2.4.1p111"
# => 200 OK | text/html 55 bytes
Logged in
$ RESTCLIENT_LOG=stderr conjur variable values add vaultName/lob8/safe_0/obj_832/password secret123
RestClient.post "https://cuke-master/authn/cucumber/admin/authenticate", "3j1aqpew0f2m02njp46c1pg0rft1j23r8a2zx878p3q5nb251njvkqh", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "Content-Length"=>"55", "Content-Type"=>"text/plain", "User-Agent"=>"rest-client/2.0.2 (linux-gnu x86_64) ruby/2.4.1p111"
# => 200 OK | application/json 568 bytes
RestClient.post "https://cuke-master/secrets/cucumber/variable/vaultName%2Flob8%2Fsafe_0%2Fobj_832%2Fpassword", "secret123", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "Authorization"=>"Token token=\"eyJwcm90ZWN0ZWQiOiJleUpoYkdjaU9pSmpiMjVxZFhJdWIzSm5MM05zYjNOcGJHOHZkaklpTENKcmFXUWlPaUkxTldVNVptRTNaVE01TkRrNFl6SXlaV1JsTkRReFpEazJNR05qTVdZNFlpSjkiLCJwYXlsb2FkIjoiZXlKemRXSWlPaUpoWkcxcGJpSXNJbWxoZENJNk1UVTFNak15TVRBNE1uMD0iLCJzaWduYXR1cmUiOiJuZmNwaW5WTmc5d0tDRjFxUHhKNzh2NG03VUs5T0o3aWUwUUdjemszMkh4Z05Rb0VjWnR6LWY3RHZKN0NBSGp4T0VNVmx1bkxZYU5IbU90UGFmOTkyNVA5eVJNc1liYkFXVUFtakFlUFN2V3BadzNJdEdrQVhKaUV6ZVh6V3F4MUMtdElmaUdjbGMtaExBb1FGbER3RDh4SzlZeVl0LWttR0RidFhXVzVjUkMxT0Z2YTZxUDd3SG40VTQtd3NVdi1QUnBZNUU3VHZDSEg3UEsxbkg1UnQ0MDRjcTVBbnRGeFBwaktIcEcyekFsbmQxcV8wVngxNEI1QnpSRmJURmRKWFBDaS1xaV81dUtXekJObjNqT0tiSGw5c2lKUnVnVWVDeUhnVThyMXlIWDVTQnZqeGVGTFE5aVBlXzFXVTRYMHByVXRxeWQ3dkN3eF9aVXJiZTNqb1lHd3pHNjN3WG5qSlQ5TEFwTjdkeGVMRE1UeG01a01qYXpQdjVuLTdhZVcifQ==\"", "Content-Length"=>"9", "User-Agent"=>"rest-client/2.0.2 (linux-gnu x86_64) ruby/2.4.1p111"
# => 201 Created | text/html 0 bytes
Value added
### Note you can also redirect to a file:
$ export RESTCLIENT_LOG=conjur.log
$ conjur show variable:vaultName/lob8/safe_0/obj_832/password
{
"created_at": "2019-03-07T11:36:11.391+00:00",
"id": "cucumber:variable:vaultName/lob8/safe_0/obj_832/password",
"owner": "cucumber:policy:vaultName/lob8/safe_0",
"policy": "cucumber:policy:vaultName/lob8/safe_0",
"permissions": [
{
"privilege": "execute",
"role": "cucumber:group:vaultName/lob8/safe_0/delegation/consumers",
"policy": "cucumber:policy:vaultName/lob8/safe_0"
},
{
"privilege": "read",
"role": "cucumber:group:vaultName/lob8/safe_0/delegation/consumers",
"policy": "cucumber:policy:vaultName/lob8/safe_0"
}
],
"annotations": [
{
"name": "cyberark-vault",
"value": "true",
"policy": "cucumber:policy:vaultName/lob8/safe_0"
},
{
"name": "cyberark-vault/accounts",
"value": "vaultName/safe_0/obj_832",
"policy": "cucumber:policy:vaultName/lob8/safe_0"
}
],
"secrets": [
{
"version": 1,
"expires_at": null
},
{
"version": 2,
"expires_at": null
},
{
"version": 3,
"expires_at": null
},
{
"version": 4,
"expires_at": null
},
{
"version": 5,
"expires_at": null
},
{
"version": 6,
"expires_at": null
},
{
"version": 7,
"expires_at": null
}
]
}
$ conjur variable value vaultName/lob8/safe_0/obj_832/password
secret123
$ cat conjur.log
RestClient.post "https://cuke-master/authn/cucumber/admin/authenticate", "3j1aqpew0f2m02njp46c1pg0rft1j23r8a2zx878p3q5nb251njvkqh", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "Content-Length"=>"55", "Content-Type"=>"text/plain", "User-Agent"=>"rest-client/2.0.2 (linux-gnu x86_64) ruby/2.4.1p111"
# => 200 OK | application/json 568 bytes
RestClient.get "https://cuke-master/resources/cucumber/variable/vaultName%2Flob8%2Fsafe_0%2Fobj_832%2Fpassword", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "Authorization"=>"Token token=\"eyJwcm90ZWN0ZWQiOiJleUpoYkdjaU9pSmpiMjVxZFhJdWIzSm5MM05zYjNOcGJHOHZkaklpTENKcmFXUWlPaUkxTldVNVptRTNaVE01TkRrNFl6SXlaV1JsTkRReFpEazJNR05qTVdZNFlpSjkiLCJwYXlsb2FkIjoiZXlKemRXSWlPaUpoWkcxcGJpSXNJbWxoZENJNk1UVTFNak15TVRFME9IMD0iLCJzaWduYXR1cmUiOiJFYTVncVdRSG03aE83aE00SzZKVlA3X1lPWFU0VV9Sd0t1SWE2Y0s2Y2w0VkRVTERPZFEzQlJIM0tKQzRmdW9VMTNfT21wYTEtY190TTJacXJETFFZSFc4MWpvTG55TWpGZGZUX09TU3d3dWlNRnNMeENwMzU0N3l4Vzd2QkpXMUZzS21OU2RyblI2MXc4Yk9MUTVNeVNGa3BzRjVqSU1sWDQxT1pQWmRzNnFhX19lUExpbWFIcl9mbHk2X0M0dkE0WVdVX0JMQlhXUVJsZjdJYTFNYVphd0s1OXY5N2xKbU1nWUtiMFlVSFp1aTU0RGRvTTM4ZVFLdXVaWWJYWkZJUzJjSTBXdWk0OGFkYXBGampUM29VMTloN1VLUGxMZXZoZmxDOTdyS1dlU01lUThaN2kxQ2luMWlGSmlCQk9BUERoVjREamIyQ2lKbEdxeU43UFZPNjBJeUYzRlVGeW80b183amtXVVVIX2s4MlB2WTB4cFBZeDJBcm5sTXN4R3MifQ==\"", "User-Agent"=>"rest-client/2.0.2 (linux-gnu x86_64) ruby/2.4.1p111"
# => 200 OK | application/json 961 bytes
RestClient.post "https://cuke-master/authn/cucumber/admin/authenticate", "3j1aqpew0f2m02njp46c1pg0rft1j23r8a2zx878p3q5nb251njvkqh", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "Content-Length"=>"55", "Content-Type"=>"text/plain", "User-Agent"=>"rest-client/2.0.2 (linux-gnu x86_64) ruby/2.4.1p111"
# => 200 OK | application/json 568 bytes
RestClient.get "https://cuke-master/secrets/cucumber/variable/vaultName%2Flob8%2Fsafe_0%2Fobj_832%2Fpassword/", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "Authorization"=>"Token token=\"eyJwcm90ZWN0ZWQiOiJleUpoYkdjaU9pSmpiMjVxZFhJdWIzSm5MM05zYjNOcGJHOHZkaklpTENKcmFXUWlPaUkxTldVNVptRTNaVE01TkRrNFl6SXlaV1JsTkRReFpEazJNR05qTVdZNFlpSjkiLCJwYXlsb2FkIjoiZXlKemRXSWlPaUpoWkcxcGJpSXNJbWxoZENJNk1UVTFNak15TVRFM00zMD0iLCJzaWduYXR1cmUiOiJlMGNmdkJpWVBxYUt1UVF1V05sU2tqSk9vYXVYMVhld05LbFpaSi1UU1hQdXdrdzZjZmp2Vjg5bXVNeEp6Mzczc3BEZWFrZGZia3dZS3gwdmNEdFJvYlJSOURrR2hTWFVkZ1M1Ny1xelVrYVFTZ0xSd2dqWGp2RWpTeXFvV3VPazdwQzktWGdOUlFMTHBrbEhSQllSUUFacUZTdk1hOHJWMnZWdkhGVDZzYTBHMEZ2VGROZlNKV0lqVkZ2S0NzMnNSOUstVUR4UU5JWTE0MFVpd1FHb3dUUHdKdW90eVRjYjhRNEVMUk5wUnotVnZpZ0R2QzNZcEpDSndiZEJtRmN2SE5xeXBOd3U0alRrbXdWTVYzWjJvZ096UHFmeG5za1FtSFVUa21YeVdfdlg4SzRkWHpfeW8zTDR0d1BxZy1Pcmg5d1RCbjVtNG43NlZNai04S1U5Zk52RXh4eXM4TlpoUWk5RnZCZnVZRUxYYlNfWFdON3M3dUdzTEVMZnBPbjIifQ==\"", "User-Agent"=>"rest-client/2.0.2 (linux-gnu x86_64) ruby/2.4.1p111"
# => 200 OK | application/octet-stream 9 bytes
### But NOTE this is raw protocol dump and can contain secrets, like API key above! So be careful when using this DEBUGGING-only feature.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment