Containerize Ruby client example

Done to eliminate the need for a user to install RVM before using the example.
This change includes the following:
- Adds a ruby-example service to the project's docker-compose
- Adds Dockerfile for building the ruby-example service
- Updates to the Ruby example program and start script to account for these changes
- Updates to start_conjur and integration_tests scripts
  - These scripts now build only the docker-compose services they require
- Documentation regarding the examples are updated across the project

README.md

@@ -55,16 +55,19 @@ The demos show how to use popular Conjur API endpoints:
 - Load the root policy
 - Store and retrieve a secret
 
+There are currently examples in two languages, Python and Ruby.  
 The examples can be run using their respective scripts:
 
 ```shell
-$ ./examples/<language>/run
+$ ./examples/python/start
+$ ./examples/ruby/start
 ```
 
-The scripts generate the defined client and spin up the `docker-compose` environment if  
-they are not already present, set up an environment and run the example.  
-
-There are currently examples in two languages, Python and Ruby.
+Each example performs the following steps:
+- Generate an OpenAPI client with `./bin/generate_client <language>` (if not already present)
+- Spin up the a Conjur environment from `docker-compose` (if not already present)
+- Perform language-specific environment setup
+- Run the example
 
 ## Contributing
 

bin/integration_tests

@@ -23,7 +23,8 @@ cat <<ENV > .env
 CONJUR_AUTHN_API_KEY=$admin_api_key
 ENV
 
-echo "Starting test env..."
+echo "Building and starting test env..."
+docker-compose build test-python
 docker-compose up -d test-python
 
 rm -rf $CURRENT_DIR/output/*

bin/start_conjur

@@ -14,7 +14,7 @@ trap 'echo "ERROR: Test script encountered an error!"; docker-compose logs; clea
 cleanup
 
 echo "Building services..."
-docker-compose build
+docker-compose build pg conjur conjur-https
 
 # Start Conjur server
 echo "Starting Conjur..."

docker-compose.yml

@@ -50,3 +50,15 @@ services:
       - conjur-https
     volumes:
       - .:/opt/conjur-openapi-spec
+
+  example-ruby:
+    build:
+      context: .
+      dockerfile: examples/ruby/Dockerfile.ruby
+    command: ['sleep', '999d']
+    depends_on:
+      - conjur
+      - conjur-https
+    volumes:
+      - ./examples/config/:/config/policy
+      - ./config/https/:/config/https

examples/ruby/Dockerfile.ruby

@@ -0,0 +1,19 @@
+FROM ubuntu:latest
+
+ENV WORK_DIR=/cyberark/
+
+RUN apt-get update && \
+    apt-get install -y ruby-full \
+                       build-essential \
+                       ruby-dev \
+                       curl
+
+SHELL ["/bin/bash", "-c"]
+
+RUN mkdir $WORK_DIR
+WORKDIR $WORK_DIR
+
+COPY ./out/ruby/openapi_client-1.0.0.gem $WORK_DIR
+COPY ./examples/ruby/ruby_client.rb $WORK_DIR
+
+RUN gem install openapi_client-1.0.0.gem

examples/ruby/README.md

@@ -8,15 +8,12 @@ It covers using some of the most popular Conjur OSS endpoints with Ruby:
 - Load the root policy
 - Store and retrieve a secret
 
-The example uses [RVM](https://rvm.io/) to manage Ruby versions and Gemsets.
-
 The `run` script is responsible for executing the example by environment-conscious means by:
-- Ensuring that RVM is installed
 - If needed, generating a new Ruby client from the OpenAPI spec
 - If needed, spinning up a new `docker-compose` environment
 - Building a gem from the Ruby client
-- Creating a new RVM Gemset, and installing the client gem and its dependencies
-- Running the example with the new Gemset
+- Building the Ruby example `docker-compose` service
+- Running the example in new container
 
 Documentation regarding format and use of OpenAPI client instances and their functions is  
 generated with the client, and can be found in the `docs` folder of the client library.

examples/ruby/ruby_client.rb

@@ -4,7 +4,7 @@
 # Load the gem
 require 'openapi_client'
 
-CERT_DIR = 'config/https'
+CERT_DIR = '/config/https'
 SSL_CERT_FILE = 'ca.crt'
 CONJUR_CERT_FILE = 'conjur.crt'
 CONJUR_KEY_FILE = 'conjur.key'
@@ -23,14 +23,14 @@
 new_password = "N3w-Passw0rd!"
 secret = "supersecretstuff"
 secret_id = "sampleSecret"
-empty_policy = IO.read("examples/config/simple.yml")
-policy = IO.read("examples/config/policy.yml")
+empty_policy = IO.read("/config/policy/simple.yml")
+policy = IO.read("/config/policy/policy.yml")
 
 # Setup client configuration
 config = OpenapiClient.configure
 # config.debugging = true
 config.scheme = "https"
-config.host = "localhost"
+config.host = "conjur-https"
 
 config.username = LOGIN
 config.password = ADMIN_API_KEY

examples/ruby/run → examples/ruby/start

@@ -8,13 +8,6 @@ function announce() {
   echo "++++++++++"
 }
 
-if ! command -v rvm > /dev/null; then
-  announce "RVM not installed!"
-  echo "The script requires RVM to manage Ruby Gemsets"
-  echo "Installation instructions can be found at https://rvm.io"
-  exit 1
-fi
-
 if [[ ! -d "./out/ruby" ]]; then
   announce "Client not found. Generating..."
   ./bin/generate_client ruby > /dev/null
@@ -33,19 +26,14 @@ if [[ ! -f ./out/ruby/openapi_client-1.0.0.gem ]]; then
   echo
 fi
 
-announce "Creating new RVM Gemset and installing OpenAPI gem..."
-if [[ ! $(rvm list | grep "ruby-$RUBY_VERSION") ]]; then
-  rvm install $RUBY_VERSION
-fi
-rvm use $RUBY_VERSION
-if [[ ! $(rvm gemset list | grep "openapi") ]]; then
-  rvm gemset create openapi
-fi
-rvm use $RUBY_VERSION@openapi
-gem install ./out/ruby/openapi_client-1.0.0.gem
+announce "Building Ruby example container image..."
+docker-compose build example-ruby
 echo
 
 export CONJUR_ADMIN_API_KEY="$(docker-compose exec conjur conjurctl role retrieve-key dev:user:admin | tr -d '\r')"
 
-announce "Running Ruby example..."
-./examples/ruby/ruby_client.rb
+announce "Running example in container..."
+docker-compose run --rm --no-deps \
+    -e CONJUR_ADMIN_API_KEY=${CONJUR_ADMIN_API_KEY} \
+    example-ruby \
+    ruby ./ruby_client.rb