Merge pull request #1 from cyberark/telday-patch-1

Initial PR

.github/CODEOWNERS

@@ -2,8 +2,8 @@
 # org the new repo will be in. GitHub automatically applies the correct version.
 
 # Uncomment the appropriate team line to automatically tag the owning team on PRs
-# * @cyberark/community-and-integrations-team @conjurinc/community-and-integrations-team @conjurdemos/community-and-integrations-team
 # * @cyberark/conjur-core-team @conjurinc/conjur-core-team @conjurdemos/conjur-core-team
+* @cyberark/community-and-integrations-team @conjurinc/community-and-integrations-team @conjurdemos/community-and-integrations-team
 
 # Changes to .trivyignore require Security Architect approval
 .trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects

.github/ISSUE_TEMPLATE/bug.md

@@ -0,0 +1,42 @@
+---
+name: Bug
+about: Create a bug report to help us improve
+title: ''
+labels: component/conjur-sdk, kind/bug
+assignees: ''
+
+---
+
+## Summary
+A clear and concise description of what the bug is.
+
+## Steps to Reproduce
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+## Expected Results
+A clear and concise description of what you expected to happen.
+
+## Actual Results (including error logs, if applicable)
+A clear and concise description of what actually did happen.
+
+## Reproducible
+   * [ ] Always 
+   * [ ] Sometimes
+   * [ ] Non-Reproducible
+
+## Version/Tag number
+What version of the product are you running? Any version info that you can share is helpful. 
+For example, you might give the version from Docker logs, the Docker tag, a specific download URL, 
+the output of the `/info` route, etc.
+
+## Environment setup
+Can you describe the environment in which this product is running? Is it running on a VM / in a container / in a cloud? 
+Which cloud provider? Which container orchestrator (including version)? 
+The more info you can share about your runtime environment, the better we may be able to reproduce the issue.
+
+## Additional Information
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature-request.md

@@ -0,0 +1,27 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: kind/enhancement, component/conjur-sdk
+assignees: ''
+
+---
+
+## Is your feature request related to a problem? Please describe.
+
+A clear and concise description of what the problem is. Ex. `I would like to see [...] because [...]`.
+Please include the intended use case and what the feature would improve on so that we can prioritize
+the feature accordingly.
+
+## Describe the solution you would like
+
+A clear and concise description of what the desired end result(s) would be.
+
+## Describe alternatives you have considered
+
+A clear and concise description of any alternative solutions or features that may be related to this that
+you have considered.
+
+## Additional context
+
+Add any other context information about the feature request here.

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,29 +1,22 @@
-## Initial Pull Request
+### What does this PR do?
+- _What's changed? Why were these changes made?_
+- _How should the reviewer approach this PR, especially if manual tests are required?_
+- _Are there relevant screenshots you can add to the PR description?_
 
-### Checklist:
+### What ticket does this PR close?
+Resolves #[relevant GitHub issues, eg 76]
+Relates to cyberark/conjur-openapi-spec#[Relevant Conjur OpenAPI spec issue number]
 
-#### TODO:
-- [ ] Fill out `README.md`, addressing all TODOs
-  - [ ] Name
-  - [ ] Certification Level
-  - [ ] Requirements
-  - [ ] Usage Instructions
-- [ ] Edit the `CONTRIBUTING.md` with development and contribution guidelines for your specific
-      project
-  - [ ] Development
-  - [ ] Testing
-  - [ ] Releases
-- [ ] Update `CHANGELOG.md` with information on previous versions (if applicable)
-- [ ] Add issue templates to `.github/ISSUE_TEMPLATE/` if the defaults in https://github.com/cyberark/.github
-      don't work for your use case
-- [ ] The project comes by default with an Apache 2.0 License (in `LICENSE`) - if you would
-      prefer to use some other license, you'll need to revise this file
+### Checklists
 
-#### Migrating From Another Repo:
-- [ ] If changing repo name, make sure to update any references to the old name
-- [ ] Update any links to refer to the new repo location
+#### Change log
+- [ ] The CHANGELOG has been updated, or
+- [ ] This PR does not include user-facing changes and doesn't require a CHANGELOG update
 
-#### Important
-- [ ] If this repo will be public, also follow these [requirements](https://github.com/cyberark/employee-guidelines/blob/master/guidelines/public_repos_checklist.md)
-- [ ] Remove the "new project" issue template from the project: `.github/ISSUE_TEMPLATE/new-project.md`
-- [ ] (Final TODO) **Delete the PR template** (`.github/pull_request_template.md`) - the project will use the default org PR template
+#### Test coverage
+- [ ] This PR includes new unit and integration tests to go with the code changes, or
+- [ ] The changes in this PR do not require tests
+
+#### Documentation
+- [ ] Docs (e.g. `README`s) were updated in this PR, and/or there is a follow-on issue to update docs, or
+- [ ] This PR does not require updating any documentation

.gitignore

@@ -0,0 +1,22 @@
+.env
+**/.DS_STORE
+
+
+## From client generated .gitignore file
+*.class
+
+# Mobile Tools for Java (J2ME)
+client/.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.ear
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+
+# build files
+**/target
+client/target
+client/build

.gitleaks.toml

@@ -0,0 +1,187 @@
+title = "conjur-sdk-java Gitleaks Configuration"
+
+# This is a sample config file for gitleaks. You can configure gitleaks what to search for and what to whitelist.
+# The output you are seeing here is the default gitleaks config. If GITLEAKS_CONFIG environment variable
+# is set, gitleaks will load configurations from that path. If option --config-path is set, gitleaks will load
+# configurations from that path. Gitleaks does not whitelist anything by default.
+# - https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf
+# - https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+[[rules]]
+description = "AWS Client ID"
+regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}'''
+tags = ["key", "AWS"]
+
+[[rules]]
+description = "AWS Secret Key"
+regex = '''(?i)aws(.{0,20})?(?-i)['\"][0-9a-zA-Z\/+]{40}['\"]'''
+tags = ["key", "AWS"]
+
+[[rules]]
+description = "AWS MWS key"
+regex = '''amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}'''
+tags = ["key", "AWS", "MWS"]
+
+[[rules]]
+description = "PKCS8"
+regex = '''-----BEGIN PRIVATE KEY-----'''
+tags = ["key", "PKCS8"]
+
+[[rules]]
+description = "RSA"
+regex = '''-----BEGIN RSA PRIVATE KEY-----'''
+tags = ["key", "RSA"]
+
+[[rules]]
+description = "SSH"
+regex = '''-----BEGIN OPENSSH PRIVATE KEY-----'''
+tags = ["key", "SSH"]
+
+[[rules]]
+description = "PGP"
+regex = '''-----BEGIN PGP PRIVATE KEY BLOCK-----'''
+tags = ["key", "PGP"]
+
+[[rules]]
+description = "Facebook Secret Key"
+regex = '''(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]'''
+tags = ["key", "Facebook"]
+
+[[rules]]
+description = "Facebook Client ID"
+regex = '''(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]'''
+tags = ["key", "Facebook"]
+
+[[rules]]
+description = "Facebook access token"
+regex = '''EAACEdEose0cBA[0-9A-Za-z]+'''
+tags = ["key", "Facebook"]
+
+[[rules]]
+description = "Twitter Secret Key"
+regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}['\"]'''
+tags = ["key", "Twitter"]
+
+[[rules]]
+description = "Twitter Client ID"
+regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{18,25}['\"]'''
+tags = ["client", "Twitter"]
+
+[[rules]]
+description = "Github"
+regex = '''(?i)github(.{0,20})?(?-i)['\"][0-9a-zA-Z]{35,40}['\"]'''
+tags = ["key", "Github"]
+
+[[rules]]
+description = "LinkedIn Client ID"
+regex = '''(?i)linkedin(.{0,20})?(?-i)['\"][0-9a-z]{12}['\"]'''
+tags = ["client", "Twitter"]
+
+[[rules]]
+description = "LinkedIn Secret Key"
+regex = '''(?i)linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]'''
+tags = ["secret", "Twitter"]
+
+[[rules]]
+description = "Slack"
+regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})?'''
+tags = ["key", "Slack"]
+
+[[rules]]
+description = "EC"
+regex = '''-----BEGIN EC PRIVATE KEY-----'''
+tags = ["key", "EC"]
+
+[[rules]]
+description = "Generic API key"
+regex = '''(?i)(api_key|apikey)(.{0,20})?['|"][0-9a-zA-Z]{32,45}['|"]'''
+tags = ["key", "API", "generic"]
+
+[[rules]]
+description = "Generic Secret"
+regex = '''(?i)secret(.{0,20})?['|"][0-9a-zA-Z]{32,45}['|"]'''
+tags = ["key", "Secret", "generic"]
+
+[[rules]]
+description = "Google API key"
+regex = '''AIza[0-9A-Za-z\\-_]{35}'''
+tags = ["key", "Google"]
+
+[[rules]]
+description = "Google Cloud Platform API key"
+regex = '''(?i)(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z\\-_]{35}]['\"]'''
+tags = ["key", "Google", "GCP"]
+
+[[rules]]
+description = "Google OAuth"
+regex = '''(?i)(google|gcp|auth)(.{0,20})?['"][0-9]+-[0-9a-z_]{32}\.apps\.googleusercontent\.com['"]'''
+tags = ["key", "Google", "OAuth"]
+
+[[rules]]
+description = "Google OAuth access token"
+regex = '''ya29\.[0-9A-Za-z\-_]+'''
+tags = ["key", "Google", "OAuth"]
+
+[[rules]]
+description = "Heroku API key"
+regex = '''(?i)heroku(.{0,20})?['"][0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}['"]'''
+tags = ["key", "Heroku"]
+
+[[rules]]
+description = "MailChimp API key"
+regex = '''(?i)(mailchimp|mc)(.{0,20})?['"][0-9a-f]{32}-us[0-9]{1,2}['"]'''
+tags = ["key", "Mailchimp"]
+
+[[rules]]
+description = "Mailgun API key"
+regex = '''(?i)(mailgun|mg)(.{0,20})?['"][0-9a-z]{32}['"]'''
+tags = ["key", "Mailgun"]
+
+[[rules]]
+description = "Password in URL"
+regex = '''[a-zA-Z]{3,10}:\/\/[^\/\s:@]{3,20}:[^\/\s:@]{3,20}@.{1,100}\/?.?'''
+tags = ["key", "URL", "generic"]
+
+[[rules]]
+description = "PayPal Braintree access token"
+regex = '''access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}'''
+tags = ["key", "Paypal"]
+
+[[rules]]
+description = "Picatic API key"
+regex = '''sk_live_[0-9a-z]{32}'''
+tags = ["key", "Picatic"]
+
+[[rules]]
+description = "Slack Webhook"
+regex = '''https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24}'''
+tags = ["key", "slack"]
+
+[[rules]]
+description = "Stripe API key"
+regex = '''(?i)stripe(.{0,20})?['\"][sk|rk]_live_[0-9a-zA-Z]{24}'''
+tags = ["key", "Stripe"]
+
+[[rules]]
+description = "Square access token"
+regex = '''sq0atp-[0-9A-Za-z\-_]{22}'''
+tags = ["key", "square"]
+
+[[rules]]
+description = "Square OAuth secret"
+regex = '''sq0csp-[0-9A-Za-z\\-_]{43}'''
+tags = ["key", "square"]
+
+[[rules]]
+description = "Twilio API key"
+regex = '''(?i)twilio(.{0,20})?['\"][0-9a-f]{32}['\"]'''
+tags = ["key", "twilio"]
+
+[allowlist]
+files = [
+  '''(.*?)(jpg|gif|doc|pdf|bin)$''',
+  '''(.*?)conjur.key$''',
+  '''.gitleaks.toml''',
+  '''ldap-server.key.pem''',
+  '''(.*?)intermediate.key''',
+  '''(.*?)intermediate_encrypted.key'''
+]

CHANGELOG.md

@@ -4,11 +4,7 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
-
+## Unreleased
 ### Added
-### Changed
-### Deprecated
-### Removed
-### Fixed
-### Security
+- Basic client infrastructure and generation tools as well as minimal templates.
+  [cyberark/conjur-sdk-java#1](https://github.com/cyberark/conjur-sdk-java/pull/1)