Have you checked out how we secured a Node.js port of Quake2 using Nginx and Conjur and you want to give it a try yourself?
Here's how to do it.
First, install the Conjur CLI. You'll need this to login to Conjur.
cd pkg && INSCITIV_ENV=stage rvm 1.9.2@myproject do bundle exec ../bin/conjur datafile:upload "Jenkins artifacts: myproject" *.gem |
exit_code = Open3.popen3(env, cmd, opts) do |stdin, stdout, stderr, thread| | |
stdin.close | |
# Create a thread to read from each stream | |
threads = [[:stdout, stdout], [:stderr, stderr]].collect do |method, stream| | |
Thread.new do | |
until (line = stream.gets).nil? | |
callback.send(method, line) | |
end | |
end | |
end |
Have you checked out how we secured a Node.js port of Quake2 using Nginx and Conjur and you want to give it a try yourself?
Here's how to do it.
First, install the Conjur CLI. You'll need this to login to Conjur.
# Simple script which creates two groups, blue and green. Each | |
# group contains a couple of users. The groups have different permissions | |
# on 'webservice' resources. In an SDF gatekeeper scenario, the 'blue' | |
# team will be able to 'read' service a, and the 'green' team will be | |
# able to 'read' service b. Neither team can perform any action besides 'read'. | |
# The owner of the 'webservice' resources (which is the user that runs this script) | |
# has all permissions on all records, via Conjur ownership. | |
# Create the blue team | |
blue = group "blue" do |
Upgrade Conjur CLI | |
$ sudo /opt/conjur/embedded/bin/gem install conjur-cli --no-rdoc --no-ri | |
test_layer = nil | |
group "security_admin" do | |
owns do | |
scope "v1" do | |
ops = group "ops" do | |
owns do | |
test_layer = layer "test" | |
layer "production" | |
end |