Skip to content

Commit

Permalink
Use Conjur CLI v8.0
Browse files Browse the repository at this point in the history
  • Loading branch information
szh committed Mar 8, 2023

Verified

This commit was signed with the committer’s verified signature.
scala-steward Scala Steward
1 parent 48ab8b1 commit 394e820
Showing 4 changed files with 15 additions and 14 deletions.
1 change: 1 addition & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -36,6 +36,7 @@ jobs:
strategy:
matrix:
kube-tag:
- v1.26.0
- v1.21.2
- v1.18.2
- v1.16.9
8 changes: 4 additions & 4 deletions ci/secrets.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
GCLOUD_CLUSTER_NAME: !var ci/google-container-engine-testbed/gcloud-cluster-name
GCLOUD_PROJECT_NAME: !var ci/google-container-engine-testbed/gcloud-project-name
GCLOUD_SERVICE_KEY: !var:file ci/google-container-engine-testbed/gcloud-service-key
GCLOUD_ZONE: !var ci/google-container-engine-testbed/gcloud-zone
GCLOUD_CLUSTER_NAME: !var ci/gke/rapid/cluster-name
GCLOUD_PROJECT_NAME: !var ci/gke/project-name
GCLOUD_SERVICE_KEY: !var:file ci/gke/service-key
GCLOUD_ZONE: !var ci/gke/zone

DOCKER_REGISTRY_URL: us.gcr.io
DOCKER_REGISTRY_PATH: us.gcr.io/conjur-gke-dev
10 changes: 5 additions & 5 deletions conjur-oss/templates/NOTES.txt
Original file line number Diff line number Diff line change
@@ -75,22 +75,22 @@

Start a container with Conjur CLI and authenticate with the new user:

docker run --rm -it --entrypoint bash cyberark/conjur-cli:5
docker run --rm -it --entrypoint bash cyberark/conjur-cli:8
# Or if using MiniKube, use the following command from the host:
# docker run --rm -it --network host --entrypoint bash cyberark/conjur-cli:5
# docker run --rm -it --network host --entrypoint bash cyberark/conjur-cli:8

# Here ENDPOINT is the DNS name https endpoint for your Conjur service.
# NOTE: Ensure that the target endpoint matches at least one of the expected server
# SSL certificate names otherwise SSL verification will fail and you will not
# be able to log in.
# NOTE: Also ensure that the URL does not contain a slash (`/`) at the end of the URL
conjur init -u <ENDPOINT> -a {{ .Values.account.name | quote }}
conjur init -u <ENDPOINT> -a {{ .Values.account.name | quote }} --self-signed

# API key here is the key that creation of the account provided you in step #2
conjur authn login -u admin -p <API_KEY>
conjur login -i admin -p <API_KEY>

# Check that you are identified as the admin user
conjur authn whoami
conjur whoami

4. Next Steps
- Go through the Conjur Tutorials: https://www.conjur.org/tutorials/
10 changes: 5 additions & 5 deletions examples/common/README.md
Original file line number Diff line number Diff line change
@@ -469,9 +469,9 @@ export CLI_POD="$(kubectl get pods -n conjur-oss -l app=conjur-cli \
-o jsonpath='{.items[0].metadata.name}')"
CONJUR_URL="https://conjur-oss.conjur-oss.svc.cluster.local"
kubectl exec -n conjur-oss $CLI_POD \
-- bash -c "yes yes | conjur init -a $CONJUR_ACCOUNT -u $CONJUR_URL"
kubectl exec -n conjur-oss $CLI_POD -- conjur authn login \
-u admin -p $ADMIN_PASSWORD
-- bash -c "yes yes | conjur init -a $CONJUR_ACCOUNT -u $CONJUR_URL --self-signed"
kubectl exec -n conjur-oss $CLI_POD -- conjur login \
-i admin -p $ADMIN_PASSWORD
```

And then create a `conjur` alias if your shell supports aliases:
@@ -493,15 +493,15 @@ After that initial setup, Conjur commands can be executed using the `conjur`
command alias, if you've created one:

```sh-session
$ conjur list variables | grep alice
$ conjur list -k variable | grep alice
"myConjurAccount:user:alice",
$
```

Or by using the `CONJUR_CMD` environment variable:

```sh-session
$ $CONJUR_CMD list variables | grep alice
$ $CONJUR_CMD list -k variable | grep alice
"myConjurAccount:user:alice",
$
```

0 comments on commit 394e820

Please sign in to comment.