DataSecOps Framework CLI for Snowflake Native App

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jonhopper-dataengineers from gravatar.com jonhopper-dataengineers

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

DataSecOps CLI

A command-line interface for the Data Engineers DataSecOps Native App on Snowflake. Streamlines dbt development, source control workflows, and framework configuration management for teams using the DataSecOps Framework.

What is this?

The DataSecOps CLI is the local developer companion to the Data Engineers DataSecOps Native App — a Snowflake Native App that provides governance, configuration management, and standardised development workflows for data teams.

This CLI connects to the native app and gives developers:

  • dbt development commands — run, build, test, lint, and manage dbt projects via dbt Fusion
  • Source control operations — branching, committing, rebasing, and deploying via GitPython with naming conventions enforced by the framework
  • Configuration downloads — pull SQLFluff rules, CI/CD pipelines, dbt packages, and Cortex Code skills from the native app to your local project
  • MCP server — expose framework governance rules to AI coding assistants (VS Code, Cursor, Cortex Code, Claude Code)

Installation

pip install datasecops-cli

With MCP server support:

pip install "datasecops-cli[mcp]"

Requires Python 3.10 or later.

Prerequisites

  • A Snowflake connection configured in ~/.snowflake/connections.toml
  • The Data Engineers DataSecOps Native App installed in your Snowflake account
  • A project profile created in the native app

Optional:

  • dbt Fusion (or dbt-core with dbt-snowflake) for dbt commands
  • Cortex Code for skill downloads
  • Node.js 18+ for GitHub/Azure DevOps MCP servers

Quick Start

1. Run the setup script

The setup script creates a virtual environment, installs the CLI, and writes your local configuration.

Linux / macOS:

chmod +x setup.sh && ./setup.sh

Windows (PowerShell):

.\setup.ps1

You'll be prompted for your Snowflake connection name and the native app database name.

2. Activate the virtual environment and run

source .venv/bin/activate   # Linux/macOS
.\.venv\Scripts\Activate.ps1  # Windows

datasecops

Features

Menu Capabilities
Development dbt run, build, test, lint (SQLFluff), deps, seed, compile, snapshot, freshness, docs
Git Branch create/checkout/delete, commit & push, rebase, squash, deploy to environment branches, cherry-pick
Downloads SQLFluff config, CI/CD pipelines (GitHub Actions / Azure DevOps), dbt packages, Cortex Code skills

MCP Server

The package includes an MCP (Model Context Protocol) server that exposes your framework's governance configuration to AI coding assistants. Instead of static skill files, the MCP server gives AI tools live access to your native app's current rules.

Available Tools

Category Tools
Configuration get_branching_rules, get_linting_rules, get_dbt_packages, get_pipeline_config, get_dbt_versions
Project get_project_settings, get_project_profiles, get_deployment_targets, get_available_skills
Linting lint_sql, fix_sql, lint_project
Source Control validate_branch_name, get_deployment_workflow

Setup for AI Tools

Cortex Code:

cortex mcp add datasecops-framework -- datasecops-mcp

VS Code / Cursor — add to .vscode/mcp.json or .cursor/mcp.json:

{
  "mcpServers": {
    "datasecops-framework": {
      "command": "datasecops-mcp",
      "args": []
    }
  }
}

Recommended MCP Server Stack

For full integration with Snowflake, dbt, and your source control platform, configure these MCP servers alongside the framework server:

Server Purpose Install
datasecops-framework Governance rules, linting, branch validation Included (datasecops-mcp)
dbt Lineage, model discovery, codegen, semantic layer pip install dbt-mcp
GitHub PRs, issues, CI checks, releases npx -y @modelcontextprotocol/server-github
Azure DevOps PRs, pipelines, work items, boards npx -y @tiberriver256/mcp-server-azure-devops

See the Getting Started Guide for full configuration instructions for each editor and platform.

Configuration

The CLI reads from a .datasecops.yml file in your project root (created by the setup script):

connection_name: "my_connection"
app_database: "DATA_ENGINEERS_DATASECOPS_FRAMEWORK"

Project profiles, linting rules, pipeline templates, and deployment targets are all managed centrally in the native app and pulled down by the CLI.

Documentation

  • Getting Started Guide — install CLI, configure MCP servers for VS Code/Cursor/Cortex Code with Snowflake, dbt, and GitHub/Azure DevOps
  • MCP Server Reference — full tool documentation, architecture, and usage examples
  • Development Guide — project structure, setup scripts, native app API reference, and publishing details

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jonhopper-dataengineers from gravatar.com jonhopper-dataengineers

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

0.4.9

0.4.8

0.4.7

0.4.6

0.4.5

0.4.4

0.4.3

0.4.2

0.4.1

0.4.0

0.3.4

0.3.3

0.3.2

0.3.1

0.3.0

0.2.9

0.2.8

0.2.7

0.2.6

0.2.5

This version

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

datasecops_cli-0.2.4.tar.gz (51.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

datasecops_cli-0.2.4-py3-none-any.whl (30.9 kB view details)

Uploaded Python 3

File details

Details for the file datasecops_cli-0.2.4.tar.gz.

File metadata

  • Download URL: datasecops_cli-0.2.4.tar.gz
  • Upload date:
  • Size: 51.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for datasecops_cli-0.2.4.tar.gz
Algorithm Hash digest
SHA256 93c91d409b7254160311978f3b3fe787797ba0257b4fd898fff106928fbb0f48
MD5 cbbd72486cd82a3be9bc122ec1b57048
BLAKE2b-256 244617ea259becf316635b29d3348dbd90d4f319840fa95de1e8b93b1b3b76ba

See more details on using hashes here.

Provenance

The following attestation bundles were made for datasecops_cli-0.2.4.tar.gz:

Publisher: publish-cli.yml on DataEngineersNZ/snowflake-datasecops-framework-cli

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file datasecops_cli-0.2.4-py3-none-any.whl.

File metadata

  • Download URL: datasecops_cli-0.2.4-py3-none-any.whl
  • Upload date:
  • Size: 30.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for datasecops_cli-0.2.4-py3-none-any.whl
Algorithm Hash digest
SHA256 fd024f8dd2ee76352877c3cb7c1749297ee8469be5e7acb1431691a9ca3df55f
MD5 e95bf91ca0a112b6fa3ed8c359aebd25
BLAKE2b-256 bb1f4933a43a88cbd48d15dd386b7fbef31c9287472b4b57da44440341d1a032

See more details on using hashes here.

Provenance

The following attestation bundles were made for datasecops_cli-0.2.4-py3-none-any.whl:

Publisher: publish-cli.yml on DataEngineersNZ/snowflake-datasecops-framework-cli

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page