Update travis to publish on tags

Zamioculcas bin + project structure stuff

.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec/spec_helper

.travis.yml

@@ -0,0 +1,16 @@
+language: ruby
+rvm:
+  - 1.9.3
+  - 2.0.0
+addons:
+  code_climate:
+    repo_token:
+      secure: "XbKXMtcF/NnFr9JMuJNRzgsUcDcHxGi5jVc2B4HGT4EHDUnOV/06SfTTJMiLz3hgIgH1dpEgt+4cjAzAmZrmZrViY3rOH0MU1f6eAF4+BPMb0JwKYnPxTyPF5RjsWf0aFe6JdYM1S1T7EpP2XUAlV9ppmCYKrYUEa/OAXsz4ruU="
+deploy:
+  provider: rubygems
+  api_key:
+    secure: "CFXaOgtLypVc3/Nn3NFyeTYJ3rR/KNua2FPFHc02h5K/TPm8PMlHsYEB3e9OpithnC5cLqPUUlyZL4Gz7QC4zxX0G4luNVz+ZXdueMk1GBstK9QMsrjOQMKnQTCPaK/3x2/53kuPWMjYSyn5+ICkf/Omq1EVD4YEplhSvIRA9QQ="
+  gem: zanzibar
+  on:
+    tags: true
+    all_branches: true

Gemfile

@@ -1,9 +1,15 @@
 source 'https://rubygems.org'
 
 gem 'savon'
-gem 'savon_spec'
-gem 'rspec'
-gem 'webmock'
+
+group :test do
+  gem 'rake'
+  gem 'savon_spec'
+  gem 'rspec'
+  gem 'webmock'
+  gem "codeclimate-test-reporter"
+  gem 'zanzibar', path: '.'
+end
 
 # Specify your gem's dependencies in zanzibar.gemspec
 gemspec

README.md

@@ -1,5 +1,5 @@
 # Zanzibar
-
+[![Gem Version](https://badge.fury.io/rb/zanzibar.svg)](http://badge.fury.io/rb/zanzibar)
 
 Zanzibar is a utility to retrieve secrets from a Secret Server installation. It supports retrieval of a password, public/private key, or secret attachment.
 
@@ -51,6 +51,20 @@ secrets.download_attachment(:scrt_id => 3456, :path => 'secrets/')
 
 ```
 
+### Command Line
+
+Zanzibar comes bundled with the [`zamioculcas`](http://en.wikipedia.org/wiki/Zamioculcas) command-line utility that can be used for fetching passwords and downloading keys from outside of Ruby.
+
+`Zamioculcas` supports most actions provided by Zanzibar itself. Because it operates on the command-line, it can be used as part of a pipeline or within a bash script.
+
+```bash
+# if you don't pipe in a password, you will be prompted to enter one.
+# this will download the private key from secret 1984 to the current directory
+cat ./local-password | zamioculcas 1984 -s server.example.com -d example.com -t privatekey
+
+ssh user@someremote -i ./private_key
+```
+
 ## Contributing
 
 1. Fork it ( https://github.com/Cimpress-MCP/zanzibar/fork )

Rakefile

@@ -1,10 +1,8 @@
 require "bundler/gem_tasks"
+require "bundler/setup" # load up our gem environment (incl. local zanzibar)
+require 'rspec/core/rake_task'
+require 'zanzibar/version'
 
-task 'test' do
-  Dir.chdir('test')
-  system("rspec zanzibar_spec.rb")
-end
+task :default => [:test]
 
-task 'install_dependencies' do
-  system('bundle install')
-end
+RSpec::Core::RakeTask.new(:test)

bin/zamioculcas

@@ -0,0 +1,70 @@
+#! ruby
+
+require 'zanzibar'
+require 'optparse'
+
+options = {
+  :domain => 'local'
+}
+
+OptionParser.new do |opts|
+  opts.banner = "Usage: zamioculcas -d domain [-w wsdl] [-k] [-p] [secret_id]"
+
+  opts.on("-d", "--domain DOMAIN", "Specify domain") do |v|
+    options[:domain] = v
+  end
+
+  opts.on("-w", "--wsdl WSDL", "Specify WSDL location") do |v|
+    options[:wsdl] = v
+  end
+
+  opts.on("-s", "--server SERVER", "Secret server hostname or IP") do |v|
+    options[:server] = v
+  end
+
+  opts.on("-k", "--no-check-certificate", "Don't run SSL certificate checks") do |v|
+    options[:globals] = {:ssl_verify_mode => :none}
+  end
+
+  opts.on("-p", "--password PASSWORD", "Specify password") do |v|
+    options[:pwd] = v
+  end
+
+  opts.on("-t", "--type TYPE", "Specify the type of secret") do |v|
+    options[:type] = v
+  end
+
+  opts.on("-u", "--user USER", "Specify the username") do |v|
+    options[:username] = v
+  end
+  
+end.parse!
+
+raise OptionParser::MissingArgument if options[:server].nil?
+options[:type] = "password" if options[:type].nil?
+
+unless STDIN.tty? || options[:pwd]
+  options[:pwd] = $stdin.read.strip
+end
+
+secret_id = Integer(ARGV.pop)
+if(!secret_id)
+  fail "no secret!"
+end
+
+unless options[:wsdl] || options[:server].nil?
+  options[:wsdl] = "https://#{options[:server]}/webservices/sswebservice.asmx?wsdl"
+end
+
+scrt = Zanzibar::Zanzibar.new(options)
+
+case options[:type]
+when "password"
+  $stdout.write "#{scrt.get_password(secret_id)}\n"
+when "privatekey"
+  scrt.download_private_key(:scrt_id=>secret_id)
+when "publickey"
+  scrt.download_public_key(:scrt_id=>secret_id)
+else
+  $stderr.write "#{options[:type]} is not a known type."
+end

lib/zanzibar.rb

@@ -10,9 +10,16 @@ module Zanzibar
   class Zanzibar
 
     ##
-    # @param args{:domain, :wsdl, :pwd, :globals{}}
+    # @param args{:domain, :wsdl, :pwd, :username, :globals{}}
 
     def initialize(args = {})
+
+      if args[:username]
+        @@username = args[:username]
+      else
+        @@username = ENV['USER']
+      end
+
       if args[:wsdl]
         @@wsdl = args[:wsdl]
       else
@@ -46,7 +53,7 @@ module Zanzibar
     # @return [String] the password for the current user
 
     def prompt_for_password
-      puts "Please enter password for #{ENV['USER']}:"
+      puts "Please enter password for #{@@username}:"
       return STDIN.noecho(&:gets).chomp
     end
 
@@ -73,13 +80,13 @@ module Zanzibar
 
     def get_token
       begin
-        response = @@client.call(:authenticate, message: { username: ENV['USER'], password: @@password, organization: "", domain: @@domain }).hash
+        response = @@client.call(:authenticate, message: { username: @@username, password: @@password, organization: "", domain: @@domain }).hash
         if response[:envelope][:body][:authenticate_response][:authenticate_result][:errors]
-          raise "Error generating the authentication token for user #{ENV['USER']}: #{response[:envelope][:body][:authenticate_response][:authenticate_result][:errors][:string]}"
+          raise "Error generating the authentication token for user #{@@username}: #{response[:envelope][:body][:authenticate_response][:authenticate_result][:errors][:string]}"
         end
         response[:envelope][:body][:authenticate_response][:authenticate_result][:token]
       rescue Savon::Error => err
-        raise "There was an error generating the authentiaton token for user #{ENV['USER']}: #{err}"
+        raise "There was an error generating the authentiaton token for user #{@@username}: #{err}"
       end
     end
 
@@ -108,12 +115,19 @@ module Zanzibar
     def get_password(scrt_id)
       begin
         secret = get_secret(scrt_id)
-        return secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item][1][:value]
+        secret_items = secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item]
+        return get_secret_item_by_field_name(secret_items,"Password")[:value]
       rescue Savon::Error => err
         raise "There was an error getting the password for secret #{scrt_id}: #{err}"
       end
     end
 
+    def get_secret_item_by_field_name(secret_items, field_name)
+      secret_items.each do |item|
+        return item if item[:field_name] == field_name
+      end
+    end
+
     ## Get the secret item id that relates to a key file or attachment.
     # Will raise on error
     # @param [Integer] the secret id
@@ -122,25 +136,12 @@ module Zanzibar
 
     def get_scrt_item_id(scrt_id, type, token)
       secret = get_secret(scrt_id, token)
-      case type
-        when 'privatekey'
-          ## Get private key item id
-          secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
-            return item[:id] if item[:field_name] == 'Private Key'
-          end
-        when 'publickey'
-          ## Get public key item id
-          secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
-            return item[:id] if item[:field_name] == 'Public Key'
-          end
-        when 'attachment'
-          ## Get attachment item id. This currently only supports secrets with one attachment.
-          secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item].each do |item|
-            return item[:id] if item[:field_name] == 'Attachment'
-          end
-        else
-          raise "Unknown type, #{type}."
-        end
+      secret_items = secret[:envelope][:body][:get_secret_response][:get_secret_result][:secret][:items][:secret_item]
+      begin
+        return get_secret_item_by_field_name(secret_items, type)[:id]
+      rescue
+        raise "Unknown type, #{type}."
+      end
     end
 
     ## Downloads the private key for a secret and places it where Zanzibar is running, or :path if specified
@@ -152,7 +153,7 @@ module Zanzibar
       FileUtils.mkdir_p(args[:path]) if args[:path]
       path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
       begin
-        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'privatekey', token)}).hash
+        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'Private Key', token)}).hash
         if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
           raise "There was an error getting the private key for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
         end
@@ -173,7 +174,7 @@ module Zanzibar
       FileUtils.mkdir_p(args[:path]) if args[:path]
       path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
       begin
-        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'publickey', token)}).hash
+        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'Public Key', token)}).hash
         if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
           raise "There was an error getting the public key for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
       end
@@ -194,7 +195,7 @@ module Zanzibar
       FileUtils.mkdir_p(args[:path]) if args[:path]
       path = args[:path] ? args[:path] : '.' ## The File.join below doesn't handle nils well, so let's take that possibility away.
       begin
-        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'attachment', token)}).hash
+        response = @@client.call(:download_file_attachment_by_item_id, message: { token: token, secretId: args[:scrt_id], secretItemId: args[:scrt_item_id] || get_scrt_item_id(args[:scrt_id], 'Attachment', token)}).hash
         if response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:errors]
           raise "There was an error getting the attachment for secret #{args[:scrt_id]}: #{response[:envelope][:body][:download_file_attachment_by_item_id_response][:download_file_attachment_by_item_id_result][:string]}"
       end

lib/zanzibar/version.rb

@@ -1,3 +1,3 @@
 module Zanzibar
-  VERSION = "0.0.8"
+  VERSION = "0.1.9"
 end

spec/spec/spec_helper.rb

@@ -15,6 +15,9 @@
 #
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 require 'webmock/rspec'
+require "codeclimate-test-reporter"
+CodeClimate::TestReporter.start
+
 RSpec.configure do |config|
   # rspec-expectations config goes here. You can use an alternate
   # assertion/expectation library such as wrong or the stdlib/minitest
@@ -39,6 +42,10 @@ RSpec.configure do |config|
     mocks.verify_partial_doubles = true
   end
 
+  config.after(:suite) do
+    WebMock.disable_net_connect!(:allow => 'codeclimate.com')
+  end
+  
 # The settings below are suggested to provide a good initial experience
 # with RSpec, but feel free to customize to your heart's content.
 =begin

spec/zanzibar_spec.rb

@@ -1,4 +1,4 @@
-require '../lib/zanzibar.rb'
+require 'zanzibar'
 require 'savon'
 require 'webmock'
 require 'rspec'
@@ -8,14 +8,14 @@ include WebMock::API
 
 describe "Zanzibar Test" do
 
-  client = Zanzibar::Zanzibar.new(:domain => "zanzitest.net", :pwd=>'password', :wsdl => "scrt.wsdl")
-  auth_xml = File.read('responses/authenticate_response.xml')
-  secret_xml = File.read('responses/get_secret_response.xml')
-  secret_with_key_xml = File.read('responses/get_secret_with_keys_response.xml')
-  secret_with_attachment_xml = File.read('responses/get_secret_with_attachment_response.xml')
-  private_key_xml = File.read('responses/download_private_key_response.xml')
-  public_key_xml = File.read('responses/download_public_key_response.xml')
-  attachment_xml = File.read('responses/attachment_response.xml')
+  client = Zanzibar::Zanzibar.new(:domain => "zanzitest.net", :pwd=>'password', :wsdl => "spec/scrt.wsdl")
+  auth_xml = File.read('spec/responses/authenticate_response.xml')
+  secret_xml = File.read('spec/responses/get_secret_response.xml')
+  secret_with_key_xml = File.read('spec/responses/get_secret_with_keys_response.xml')
+  secret_with_attachment_xml = File.read('spec/responses/get_secret_with_attachment_response.xml')
+  private_key_xml = File.read('spec/responses/download_private_key_response.xml')
+  public_key_xml = File.read('spec/responses/download_public_key_response.xml')
+  attachment_xml = File.read('spec/responses/attachment_response.xml')
 
 
   it 'should return an auth token' do

test/.rspec

@@ -1,2 +0,0 @@
---color
---require spec_helper

zanzibar.gemspec

@@ -18,6 +18,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
+  spec.add_dependency "rubyntlm", "~> 0.4.0"
   spec.add_development_dependency "bundler", "~> 1.7"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_runtime_dependency "savon", "~> 2.8.0"