diff --git a/README.md b/README.md index ff7e57b..3e427cd 100644 --- a/README.md +++ b/README.md @@ -38,29 +38,29 @@ secrets = Zanzibar::Zanzibar.new(:domain => 'mydomain.net', :wsdl => "https://my # Zanzibar::Zanzibar.new(:domain => 'mydomain.net', :wsdl => "https://my.scrt.server/webservices/sswebservice.asmx?wsdl", :globals => {:ssl_verify_mode => :none}) ## Simple password -> takes secret id as argument -secrets.get_secret(1234) +secrets.get_password(1234) -## Private Key -> takes hash as argument, requires :scrt_id, optional :scrt_item_id, :path -secrets.download_private_key(:scrt_id => 2345, :path => 'secrets/') +## Private Key -> takes hash as argument, requires :scrt_id, :type, optional :scrt_item_id, :path +secrets.download_secret_file(:scrt_id => 2345, :path => 'secrets/', :type => "Private Key") -## Public Key -> takes hash as argument, requires :scrt_id, optional :scrt_item_id, :path -secrets.download_public_key(:scrt_id => 2345, :path => 'secrets/') +## Public Key -> takes hash as argument, requires :scrt_id, :type, optional :scrt_item_id, :path +secrets.download_secret_file(:scrt_id => 2345, :path => 'secrets/', :type => "Public Key") -## Attachment; only supports secrets with single attachment -> takes hash as argument, requires :scrt_id, optional :scrt_item_id, :path -secrets.download_attachment(:scrt_id => 3456, :path => 'secrets/') +## Attachment; only supports secrets with single attachment -> takes hash as argument, requires :scrt_id, :path, optional :scrt_item_id, :path +secrets.download_secret_file(:scrt_id => 2345, :path => 'secrets/', :type => "Attachment") ``` ### Command Line -Zanzibar comes bundled with the [`zamioculcas`](http://en.wikipedia.org/wiki/Zamioculcas) command-line utility that can be used for fetching passwords and downloading keys from outside of Ruby. +Zanzibar comes bundled with the `zanzibar` command-line utility that can be used for fetching passwords and downloading keys from outside of Ruby. -`Zamioculcas` supports most actions provided by Zanzibar itself. Because it operates on the command-line, it can be used as part of a pipeline or within a bash script. +`zanzibar` supports most actions provided by Zanzibar itself. Because it operates on the command-line, it can be used as part of a pipeline or within a bash script. ```bash # if you don't pipe in a password, you will be prompted to enter one. # this will download the private key from secret 1984 to the current directory -cat ./local-password | zamioculcas 1984 -s server.example.com -d example.com -t privatekey +cat ./local-password | zanzibar 1984 -s server.example.com -d example.com -t privatekey ssh user@someremote -i ./private_key ``` diff --git a/bin/zamioculcas b/bin/zamioculcas index 0909502..fc92f00 100644 --- a/bin/zamioculcas +++ b/bin/zamioculcas @@ -1,69 +1,2 @@ -#! ruby - -require 'zanzibar' -require 'optparse' - -options = { - domain: 'local' -} - -OptionParser.new do |opts| - opts.banner = 'Usage: zamioculcas -d domain [-w wsdl] [-k] [-p] [secret_id]' - - opts.on('-d', '--domain DOMAIN', 'Specify domain') do |v| - options[:domain] = v - end - - opts.on('-w', '--wsdl WSDL', 'Specify WSDL location') do |v| - options[:wsdl] = v - end - - opts.on('-s', '--server SERVER', 'Secret server hostname or IP') do |v| - options[:server] = v - end - - opts.on('-k', '--no-check-certificate', "Don't run SSL certificate checks") do |_v| - options[:globals] = { ssl_verify_mode: :none } - end - - opts.on('-p', '--password PASSWORD', 'Specify password') do |v| - options[:pwd] = v - end - - opts.on('-t', '--type TYPE', 'Specify the type of secret') do |v| - options[:type] = v - end - - opts.on('-u', '--user USER', 'Specify the username') do |v| - options[:username] = v - end -end.parse! - -fail OptionParser::MissingArgument if options[:server].nil? -options[:type] = 'password' if options[:type].nil? - -unless STDIN.tty? || options[:pwd] - options[:pwd] = $stdin.read.strip -end - -secret_id = Integer(ARGV.pop) -unless secret_id - fail 'no secret!' -end - -unless options[:wsdl] || options[:server].nil? - options[:wsdl] = "https://#{options[:server]}/webservices/sswebservice.asmx?wsdl" -end - -scrt = Zanzibar::Zanzibar.new(options) - -case options[:type] -when 'password' - $stdout.write "#{scrt.get_password(secret_id)}\n" -when 'privatekey' - scrt.download_private_key(scrt_id: secret_id) -when 'publickey' - scrt.download_public_key(scrt_id: secret_id) -else - $stderr.write "#{options[:type]} is not a known type." -end +#! ruby +system("zanzibar #{ARGV.join(" ")}") diff --git a/bin/zanzibar b/bin/zanzibar new file mode 100755 index 0000000..c2231ec --- /dev/null +++ b/bin/zanzibar @@ -0,0 +1,70 @@ +#! ruby + +require 'zanzibar' +require 'optparse' + +options = { + :domain => 'local' +} + +OptionParser.new do |opts| + opts.banner = "Usage: zamioculcas -d domain [-w wsdl] [-k] [-p] [secret_id]" + + opts.on("-d", "--domain DOMAIN", "Specify domain") do |v| + options[:domain] = v + end + + opts.on("-w", "--wsdl WSDL", "Specify WSDL location") do |v| + options[:wsdl] = v + end + + opts.on("-s", "--server SERVER", "Secret server hostname or IP") do |v| + options[:server] = v + end + + opts.on("-k", "--no-check-certificate", "Don't run SSL certificate checks") do |v| + options[:globals] = {:ssl_verify_mode => :none} + end + + opts.on("-p", "--password PASSWORD", "Specify password") do |v| + options[:pwd] = v + end + + opts.on("-t", "--type TYPE", "Specify the type of secret") do |v| + options[:type] = v + end + + opts.on("-u", "--user USER", "Specify the username") do |v| + options[:username] = v + end + +end.parse! + +raise OptionParser::MissingArgument if options[:server].nil? +options[:type] = "password" if options[:type].nil? + +unless STDIN.tty? || options[:pwd] + options[:pwd] = $stdin.read.strip +end + +secret_id = Integer(ARGV.pop) +if(!secret_id) + fail "no secret!" +end + +unless options[:wsdl] || options[:server].nil? + options[:wsdl] = "https://#{options[:server]}/webservices/sswebservice.asmx?wsdl" +end + +scrt = Zanzibar::Zanzibar.new(options) + +case options[:type] +when "password" + $stdout.write "#{scrt.get_password(secret_id)}\n" +when "privatekey" + scrt.download_private_key(:scrt_id=>secret_id) +when "publickey" + scrt.download_public_key(:scrt_id=>secret_id) +else + $stderr.write "#{options[:type]} is not a known type." +end