Apigee Management API command-line interface with multi-factor authentication (MFA) and single sign-on (SSO)/SAML support
Project description
Welcome to the Apigee Management API command-line interface!
This is not an officially supported Google product, and is not affiliated with Apigee or Google in any way.
Apigee CLI is a user-friendly command-line interface to the Apigee Management API providing features that automate steps that are too cumbersome to perform manually or are non-existent in existing tools such as multi-factor authentication (MFA) and single sign-on (SSO)/SAML.
It is intended for general administrative use from your shell, as a package for developers, and to support automation for common development tasks, such as test automation or Continuous Integration/Continuous Deployment (CI/CD).
Please note that this CLI is still highly experimental and may change significantly based on client needs.
Usage: apigee [OPTIONS] COMMAND [ARGS]...
Welcome to the Apigee Management API command-line interface!
Docs: https://mdelotavo.github.io/apigee-cli/
PyPI: https://pypi.org/project/apigeecli/
GitHub: https://github.com/mdelotavo/apigee-cli
Options:
-V, --version Show the version and exit.
-h, --help Show this message and exit.
Commands:
apiproducts API products enable you to bundle and distribute your APIs...
apis The proxy APIs let you perform operations on API proxies,...
apps Management APIs available for working with developer apps.
auth Custom authorization commands.
backups Download configuration files from Apigee that can later be...
caches A lightweight persistence store that can be used by...
configure Configure Apigee Edge credentials.
deployments API proxies that are actively deployed in environments on...
developers Developers implement client/consumer apps and must be...
keyvaluemaps Key/value maps at the environment scope can be accessed by...
maskconfigs Specify data that will be filtered out of trace sessions.
permissions Permissions for roles in an organization on Apigee Edge.
sharedflows You can use the following APIs to manage shared flows and...
targetservers TargetServers are used to decouple TargetEndpoint...
userroles Roles for users in an organization on Apigee Edge.
Installation
The easiest way to install apigee-cli is to use pip in a virtualenv:
$ pip install apigeecli
or, if you are not installing in a virtualenv, to install globally:
$ sudo pip install apigeecli
or for your user:
$ pip install --user apigeecli
If you have the apigee-cli installed and want to upgrade to the latest version you can run:
$ pip install --upgrade apigeecli
Getting Started
Before using apigee-cli, you need to tell it about your Apigee Edge credentials. You can do this in three ways:
Environment variables
Config file
Command-line arguments
The quickest way to get started is to run the apigee configure command:
$ apigee configure Apigee username (email) []: my_email Apigee password []: my_pass Apigee MFA key (optional) []: my_key Identity zone name (to support SAML authentication) []: Use OAuth, no MFA (optional)? [y/N]: n Default Apigee organization (recommended) []: my_org Default team/resource prefix (optional) []:
You can also do the same thing using command-line arguments:
$ apigee configure -P default -u <my_email> -p <my_pass> -o <my_org> -mfa '' -z '' --no-token --prefix ''
You may need to specify empty strings as above. Also note the --prefix option. This option will filter the output of some commands, such as the list type commands, by the prefix which may be useful to some people, but if you want to avoid confusion just keep this value empty. You can also explicitly specify the --prefix for those commands if you need it on the fly.
To use environment variables, do the following:
$ export APIGEE_USERNAME=<my_email> $ export APIGEE_PASSWORD=<my_pass> $ export APIGEE_MFA_SECRET=<my_key> $ export APIGEE_ZONENAME=<my_zonename> $ export APIGEE_IS_TOKEN=<bool> $ export APIGEE_ORG=<my_org> $ export APIGEE_CLI_PREFIX=<my_prefix>
To use the configuration file, create an INI formatted file like this:
[default] username = my_email org = my_org mfa_secret = my_key prefix = my_prefix password = my_pass [produser] org = my_org username = my_email password = my_pass mfa_secret = my_key
and place it in ~/.apigee/credentials.
As you can see, you can have multiple profiles defined in the configuration file. You can then specify which profile to use by using the -P/--profile option. If no profile is specified the default profile is used.
Using SAML authentication
If you specified an Identity zone name (to support SAML authentication) during setup, the CLI will automatically use SAML authentication. If you are not currently signed in by your identity provider, you will be prompted to sign in:
$ apigee apis list SSO authorization page has automatically been opened in your default browser. Follow the instructions in the browser to complete this authorization request. If your browser did not automatically open, go to the following URL and sign in: https://{zoneName}.login.apigee.com/passcode then copy the Temporary Authentication Code. Please enter the Temporary Authentication Code:
zoneName will be the Identity zone name you previously configured.
Refer to the official Apigee documentation to learn more about how to Access the Edge API with SAML.
Deploy API Proxy bundles
You can also deploy API proxy bundles to Apigee.
This command is an enhanced version of the Apigee API Proxy Deploy Tool.
It supports a bunch of useful features such as MFA, SAML, seamless deployments and automatic handling of missing and broken deployments.
$ apigee apis deploy -n API_NAME -e ENVIRONMENT -d DIRECTORY_WITH_APIPROXY
Some notable options:
Deployment options: [mutually_exclusive] The deployment options -i, --import-only / -I, --no-import-only import only and not deploy -s, --seamless-deploy / -S, --no-seamless-deploy seamless deploy the bundle
Cleaning up undeployed revisions
If deploying via CI/CD you may end up with a lot of undeployed revisions. In this case, you can make use of the clean command to delete all undeployed revisions.
$ apigee apis clean -n API_NAME
You can also specify to keep the last few revisions:
$ apigee apis clean -n API_NAME --save-last 10
To only show which revisions will be deleted but not actually delete anything, use the following option:
--dry-run / --no-dry-run show revisions to be deleted but do not delete
Push commands
Some commands support the push subcommand which combines CRUD API calls to manage the creation, update and sometimes deletion of resources using a single command.
Push commands read JSON from a file and can be invoked like so:
$ apigee keyvaluemaps push -e <env> -f <file_path.json>
This will create the KVM if it does not exist, and update it if it does.
More Commands
For more commands, examples and use cases, please refer to <https://github.com/mdelotavo/apigee-cli-docs>.
Some notable pages:
Plugins
Commands (plugins) can be dynamically loaded into the CLI at runtime. This will be documented soon.
Getting Help
Next Steps
You may want to make use of our Apigee CI/CD Docker releases:
$ docker pull darumatic/apigee-cicd
Disclaimer
This is not an officially supported Google product.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for apigeecli-0.45.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1614b41b6201edcd2d610244d7ebeac33efa53a3162b15de57fcfd0e97099173 |
|
MD5 | 3fbbcdfef2de401969f62758c974973e |
|
BLAKE2b-256 | 1ce6c893dbd81535d534c1240cc9d402e6941ac33290082b82eb53d6feedf748 |