You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
We need to configure custom connection parameters for accessing the Conjur API, like proxies, TLS certificates and other TLS-related options. However, we can’t apply these settings globally because we have other uses of RestClient with different parameters.
Describe the solution you would like
Given conjur-api has a configuration object, having an extra key for passing a Hash of RestClient options sounds like a natural solution.
I noticed conjur-api patches RestClient for applying custom parameters, meaning it potentially conflicts with other gems that use RestClient too. If conjur-api supported local RestClient options, that monkey patching would not be needed.
However, we can’t apply these settings globally because we have other uses of RestClient with different parameters.
This is definitely not ideal, and is likely to bite other consumers of the library.
I've been exploring your suggestion, and removing the monkey patching in favour of the additional key on Conjur configuration seems (to me) entirely viable. The places where RestClient is invoked across the codebase are few, and it does not seem to implicitly slip into other dependencies or to other projects using conjur-api-ruby.
I think we can flesh out the changes over the coming day.
Please know that the project is open to contribution and we're more than happy to collaborate.
Is your feature request related to a problem? Please describe.
We need to configure custom connection parameters for accessing the Conjur API, like proxies, TLS certificates and other TLS-related options. However, we can’t apply these settings globally because we have other uses of RestClient with different parameters.
Describe the solution you would like
Given conjur-api has a configuration object, having an extra key for passing a Hash of RestClient options sounds like a natural solution.
I noticed conjur-api patches RestClient for applying custom parameters, meaning it potentially conflicts with other gems that use RestClient too. If conjur-api supported local RestClient options, that monkey patching would not be needed.
conjur-api-ruby/lib/conjur/api.rb
Lines 53 to 57 in a0b2be4
I also noticed Conjur::Configuration has options ssl_certificate and cert_file, but they do not seem to apply when using
Conjur::API.new_from_key
.Describe alternatives you have considered
Isolating the calls to the Conjur in a separate Ruby environment so that the global variables do not interfere, but that sounds quite overkill.
The text was updated successfully, but these errors were encountered: