Skip to content

Commit

Permalink
Testing for cloud
Browse files Browse the repository at this point in the history
  • Loading branch information
@surkarmakar
surkarmakar committed Jun 20, 2024
1 parent 9682ebd commit 28fb91e
Show file tree
Hide file tree
Showing 3 changed files with 85 additions and 0 deletions.
20 changes: 20 additions & 0 deletions dev/ca.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
rqXRfboQnoZsG4q5WTP468SQvvG5
-----END CERTIFICATE-----
55 changes: 55 additions & 0 deletions dev/start.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ EOF
while true ; do
case "$1" in
-e ) ENTERPRISE="true" ; shift ;;
-c ) CLOUD="true" ; shift ;;
-h | --help ) help && exit 0 ;;
-p ) PYTHON_VERSION="$2" ; shift ; shift ;;
-v ) ANSIBLE_VERSION="$2" ; shift ; shift ;;
Expand Down Expand Up @@ -113,19 +114,72 @@ function deploy_conjur_enterprise {
cp ../policy/root.yml . && setup_conjur_resources
popd
}
function test_ConjurCloud(){

export CONJUR_APPLIANCE_URL='https://conjur-proxy-nginx'
export CONJUR_ACCOUNT='cucumber'
DOCKER_NETWORK='default'
docker compose up -d --build conjur conjur-proxy-nginx
set_conjur_cid "$(docker compose ps -q conjur)"
wait_for_conjur

# get admin credentials
fetch_conjur_cert "$(docker compose ps -q conjur-proxy-nginx)" "cert.crt"
ADMIN_API_KEY="$(user_api_key "$CONJUR_ACCOUNT" admin)"

# start conjur cli and configure conjur
docker compose up --no-deps -d conjur_cli
set_cli_cid "$(docker compose ps -q conjur_cli)"
setup_conjur_resources
set_network "$DOCKER_NETWORK"

# get conjur credentials for ansible
ANSIBLE_API_KEY="$(host_api_key 'ansible/ansible-master')"
refresh_access_token "host/ansible/ansible-master" "$ANSIBLE_API_KEY"

docker compose up -d --build ansible
set_ansible_cid "$(docker compose ps -q ansible)"


DOCKER_COMMANDS=$(cat <<EOF
export CONJUR_AUTHN_LOGIN='host/data/ansible/ansible-master'
export CONJUR_ACCOUNT='conjur'
export CONJUR_CERT_FILE='/cyberark/dev/ca.pem'
export CONJUR_APPLIANCE_URL='https://conjurcloudint.secretsmgr.cyberark.cloud/api'
export CONJUR_AUTHN_API_KEY='1mmwjwwf5xhq22hkhvjd1hxkd741djs6wq108rpnd2y0sk7y1s3p7ch'
echo "---Testing with environment variables-----"
ansible-playbook -vvv /cyberark/dev/test.yaml
echo "----Testing with env vars-------"
ansible-playbook -vvv --extra-vars "conjur_appliance_url=https://conjurcloudint.secretsmgr.cyberark.cloud/api conjur_account=conjur conjur_authn_login=host/data/ansible/ansible-master conjur_authn_api_key=1mmwjwwf5xhq22hkhvjd1hxkd741djs6wq108rpnd2y0sk7y1s3p7ch" /cyberark/dev/test.yaml
EOF
)

docker cp ca.pem dev-ansible-1:/cyberark/dev/ca.pem

docker cp test.yaml dev-ansible-1:/cyberark/dev/test.yaml
docker exec -it dev-ansible-1 bash -c "$DOCKER_COMMANDS"

}

function main() {
# remove previous environment
clean
mkdir -p tmp


if [[ "$ENTERPRISE" == "true" ]]; then
export CONJUR_APPLIANCE_URL='https://conjur-master.mycompany.local'
export CONJUR_ACCOUNT='demo'
DOCKER_NETWORK='dap_net'

# start conjur enterprise leader and follower
deploy_conjur_enterprise

elif [[ "$CLOUD" == "true" ]]; then
test_ConjurCloud

else
export CONJUR_APPLIANCE_URL='https://conjur-proxy-nginx'
export CONJUR_ACCOUNT='cucumber'
Expand All @@ -148,6 +202,7 @@ function main() {
generate_inventory
teardown_and_setup_inventory
setup_conjur_identities

}

main
10 changes: 10 additions & 0 deletions dev/test.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
- hosts: localhost
tasks:
- name: Lookup variable in Conjur
debug:
msg: "{{ lookup('cyberark.conjur.conjur_variable', 'data/vault/IF_Safe_Pavan/safe/username', validate_certs=false) }}"

- name: Lookup variable in Conjur
debug:
msg: "{{ lookup('cyberark.conjur.conjur_variable', 'data/vault/IF_Safe_Pavan/safe/address') }}"

0 comments on commit 28fb91e

Please sign in to comment.