The Auditree tool for adding external evidence
Project description
auditree-plant
The Auditree tool for adding external evidence.
Introduction
Auditree plant
is a command line tool that assists in adding evidence to an
evidence locker. It provides a thoughtful way to add evidence to an
evidence locker by managing the evidence metadata so that checks and dependent fetchers
executed as part of the Auditree compliance framework can apply
appropriate time to live validations.
Prerequisites
- Supported for execution on OSX and LINUX.
- Supported for execution with Python 3.6 and above.
Python 3 must be installed, it can be downloaded from the Python site or installed using your package manager.
Python version can be checked with:
python --version
or
python3 --version
The plant
tool is available for download from PyPI.
Installation
It is best practice, but not mandatory, to run plant
from a dedicated Python
virtual environment. Assuming that you have the Python virtualenv
package already installed, you can create a virtual environment named venv
by
executing virtualenv venv
which will create a venv
folder at the location of
where you executed the command. Alternatively you can use the python venv
module
to do the same.
python3 -m venv venv
Assuming that you have a virtual environment and that virtual environment is in
the current directory then to install a new instance of plant
, activate
your virtual environment and use pip
to install plant
like so:
. ./venv/bin/activate
pip install auditree-plant
As we add new features to plant
you will want to upgrade your plant
package. To upgrade plant
to the most recent version do:
. ./venv/bin/activate
pip install auditree-plant --upgrade
See pip documentation for additional options when using pip
.
Configuration
Since Auditree plant
interacts with Git repositories, it requires Git remote
hosting service credentials in order to do its thing. Auditree plant
will by
default look for a username
and token
in a ~/.credentials
file. You can
override the credentials file location by using the --creds
option on a plant
CLI execution. Valid section headings include github
, github_enterprise
, bitbucket
,
and gitlab
. Below is an example of the expected credentials entry.
[github]
username=your-gh-username
token=your-gh-token
Execution
Auditree plant
is a simple CLI that performs the function of adding evidence
to an evidence locker. As such, it has two execution modes; a push-remote
mode
and a dry-run
mode. Both modes will clone a git repository and place it into the
$TMPDIR/plant
folder. Both modes will also provide handy progress output as
plant
processes the new evidence. However, push-remote
will push the changes
to the remote repository before removing the locally cloned copy whereas dry-run
will not. When provided an absolute path to a local git repository using the
--repo-path
option, plant
will perform its plant-like duties as described
on the specified local git repository. This can come in handy when looking to
chain your plant
execution after a successful run of the compliance automation
fetchers and checks.
As most CLIs, Auditree plant
comes with a help facility.
plant -h
plant push-remote -h
plant dry-run -h
push-remote mode
Use the push-remote
mode when you want your changes to be applied to the remote
evidence locker. You can provide as many evidence path/evidence detail
key/value pairs as you need as part of the --config
or as contents of your
--config-file
.
plant push-remote https://github.com/org-foo/repo-bar --config '{"/absolute/path/to/my/evidence.ext":{"category":"foo"}}'
plant push-remote https://github.com/org-foo/repo-bar --config-file ./path/to/my/config_file.json
plant push-remote https://github.com/org-foo/repo-bar --repo-path $TMPDIR"compliance" --config-file ./path/to/my/config_file.json
dry-run mode
Use the dry-run
mode when you don't want your changes to be applied to the remote
evidence locker and are just interested in seeing what effect the execution will have
on your evidence locker before you commit to pushing your changes to the remote repository.
You can provide as many evidence path/evidence detail key/value pairs as you
need as part of the --config
or as contents of your --config-file
.
plant dry-run https://github.com/org-foo/repo-bar --config '{"/absolute/path/to/my/evidence.ext":{"category":"foo"}}'
plant dry-run https://github.com/org-foo/repo-bar --config-file ./path/to/my/config_file.json
plant dry-run https://github.com/org-foo/repo-bar --repo-path $TMPDIR"compliance" --config-file ./path/to/my/config_file.json
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file auditree-plant-1.0.0.tar.gz
.
File metadata
- Download URL: auditree-plant-1.0.0.tar.gz
- Upload date:
- Size: 9.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/49.2.0 requests-toolbelt/0.9.1 tqdm/4.48.0 CPython/3.8.3
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 887194ead385c63ff93f8083f26d517e538ac9516910fae2584d58f3a50e781d |
|
MD5 | bbc3ccff5ff4a0300d5dd9dce8910474 |
|
BLAKE2b-256 | 4628f726c2b2a950d3597678c086c45f7888c916b3d20ee40af5d4649fa5a01f |
File details
Details for the file auditree_plant-1.0.0-py2.py3-none-any.whl
.
File metadata
- Download URL: auditree_plant-1.0.0-py2.py3-none-any.whl
- Upload date:
- Size: 12.4 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/49.2.0 requests-toolbelt/0.9.1 tqdm/4.48.0 CPython/3.8.3
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1289975d8042dc2eeb1fbd95a1edeaaa08312b0ce5677a4de54bb260b5a3698e |
|
MD5 | 949cc6374abfce9a02791b89d2b584d0 |
|
BLAKE2b-256 | 1a59777fc1b227c9677a32be691b0462ff9a1d193fc29e47d3c690a99b232b1e |