class Conjur::Variable

@example Variables are versioned

variable = api.resource 'myorg:variable:example'
# Unless you set a variables value when you create it, the variable starts out without a value and version_count
# is 0.
var.version_count # => 0
var.value # raises RestClient::ResourceNotFound (404)

# Add a value
var.add_value 'value 1'
var.version_count # => 1
var.value # => 'value 1'

# Add another value
var.add_value 'value 2'
var.version_count # => 2

# 'value' with no argument returns the most recent value
var.value # => 'value 2'

# We can access older versions by their 1 based index:
var.value 1 # => 'value 1'
var.value 2 # => 'value 2'
# Notice that version 0 of a variable is always the most recent:
var.value 0 # => 'value 2'

Public Instance Methods

add_value(value) click to toggle source

Add a new value to the variable.

You must have the **‘’update’‘** permission on a variable to call this method.

@example Add a value to a variable

var = api.variable 'my-secret'
puts var.version_count     #  1
puts var.value             #  'supersecret'
var.add_value "new_secret"
puts var.version_count     # 2
puts var.value             # 'new_secret'

@param [String] value the new value to add @return [void]

# File lib/conjur/variable.rb, line 128
def add_value value
  log do |logger|
    logger << "Adding a value to variable #{id}"
  end
  invalidate do
    route = url_for(:secrets_add, credentials, id)
    Conjur.configuration.version_logic lambda {
        route.post value: value
      }, lambda {
        route.post value
      }
  end
end
as_json(options={}) click to toggle source
Calls superclass method Conjur::BaseObject#as_json
# File lib/conjur/variable.rb, line 80
def as_json options={}
  result = super(options)
  result["mime_type"] = mime_type
  result["kind"] = kind
  result
end
kind() click to toggle source

The kind of secret represented by this variable, for example, ‘’postgres-url’‘ or `’aws-secret-access-key’‘.

You must have the **‘’read’‘** permission on a variable to call this method.

This attribute is only for human consumption, and does not take part in the Conjur permissions model.

@note this is not the same as the ‘kind` part of a qualified Conjur id. @return [String] a string representing the kind of secret.

# File lib/conjur/variable.rb, line 97
def kind
  parser_for(:variable_kind, variable_attributes) || "secret"
end
mime_type() click to toggle source

The MIME Type of the variable’s value.

You must have the **‘’read’‘** permission on a variable to call this method.

This attribute is used by the Conjur services to set a response ‘Content-Type` header when returning the value of a variable. Conjur applies the same MIME Type to all versions of a variable, so if you plan on accessing the variable in a way that depends on a correct `Content-Type` header you should make sure to store appropriate data for the mime type in all versions.

@return [String] a MIME type, such as ‘’text/plain’‘ or `’application/octet-stream’‘.

# File lib/conjur/variable.rb, line 111
def mime_type
  parser_for(:variable_mime_type, variable_attributes) || "text/plain"
end
value(version = nil, options = {}) click to toggle source

Return the version of a variable.

You must have the **‘’execute’‘** permission on a variable to call this method.

When no argument is given, the most recent version is returned.

When a ‘version` argument is given, the method returns a version according to the following rules:

* If `version` is 0, the *most recent* version is returned.
* If `version` is less than 0 or greater than {#version_count}, a `RestClient::ResourceNotFound` exception
 will be raised.
* If {#version_count} is 0, a `RestClient::ResourceNotFound` exception will be raised.
* If `version` is >= 1 and `version` <= {#version_count}, the version at the **1 based** index given by `version`
  will be returned.

@example Fetch all versions of a variable

versions = (1..var.version_count).map do |version|
  var.value version
end

@example Get the current version of a variable

# All of these return the same thing:
var.value
var.value 0
var.value var.version_count

@example Get the value of an expired variable

var.value nil, show_expired: true

@param [Integer] version the **1 based** version. @param options [Hash] @option options [Boolean, false] :show_expired show value even if variable has expired @return [String] the value of the variable

# File lib/conjur/variable.rb, line 197
def value version = nil, options = {}
  options['version'] = version if version
  url_for(:secrets_value, credentials, id, options).get.body
end
version_count() click to toggle source

Return the number of versions of the variable.

You must have the **‘’read’‘** permission on a variable to call this method.

@example

var.version_count # => 4
var.add_value "something new"
var.version_count # => 5

@return [Integer] the number of versions

# File lib/conjur/variable.rb, line 152
def version_count
  Conjur.configuration.version_logic lambda {
      JSON.parse(url_for(:variable, credentials, id).get)['version_count']
    }, lambda {
      secrets = attributes['secrets']
      if secrets.empty?
        0
      else
        secrets.last['version']
      end
    }
end

Private Instance Methods

variable_attributes() click to toggle source
# File lib/conjur/variable.rb, line 204
def variable_attributes
  @variable_attributes ||= url_for(:variable_attributes, credentials, self, id)
end