Spec-driven network API CLI for operators, with first-class ClearPass support

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for mathias-granlund from gravatar.com mathias-granlund

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers
Report project as malware

Project description

 _   _      _   _
| \ | | ___| |_| | ___   ___  _ __ ___
|  \| |/ _ \ __| |/ _ \ / _ \| '_ ` _ \
| |\  |  __/ |_| | (_) | (_) | | | | | |
|_| \_|\___|\__|_|\___/ \___/|_| |_| |_|

A CLI for working with network APIs — easy, consistent, safe, and fast.

Version Python Platform

About

netloom is a plugin-backed network API CLI for operators and automation engineers. It lets you interact with network APIs through a consistent CLI with a shared command model, context-aware help and tab completion. It keeps server profiles and discovery data organized locally, and supports day-to-day tasks such as list, create, update or delete objects as well as compare and copy configuration between servers.

HPE Aruba ClearPass is a bundled plugin with netloom.

Installation

Install from PyPI:

pip install netloom-tool

Install directly from GitHub:

pip install git+https://github.com/mathias-granlund/netloom

Install the bundled man pages:

netloom-install-manpage
man netloom
man netloom-clearpass

Configuration

Example templates are included as defaults.env.example, profiles.env.example, and credentials.env.example.

For ClearPass, the minimal layout is:

~/.config/netloom/config.env
~/.config/netloom/plugins/clearpass/defaults.env
~/.config/netloom/plugins/clearpass/profiles/<profile>.env
~/.config/netloom/plugins/clearpass/credentials/<profile>.env

Required profile connection settings in profiles/<profile>.env:

NETLOOM_SERVER="server.example.com:443"

Required credentials in credentials/<profile>.env:

NETLOOM_CLIENT_ID="your-client-id"
NETLOOM_CLIENT_SECRET_REF="<profile>/client-secret"
# Optional plaintext fallback:
# NETLOOM_CLIENT_SECRET="your-client-secret"

If you use an OS keychain, store the referenced secret with:

python -m keyring set netloom/clearpass <profile>/client-secret

You can also resolve NETLOOM_CLIENT_SECRET_REF from Delinea Secret Server with a reference such as:

NETLOOM_CLIENT_SECRET_REF="secretserver://prod/Shared/ClearPass/API?field=password"

Shared Secret Server provider config lives under:

~/.config/netloom/keystores/secretserver/defaults.env
~/.config/netloom/keystores/secretserver/profiles/<profile>.env
~/.config/netloom/keystores/secretserver/credentials/<profile>.env

Typical Secret Server provider settings:

NETLOOM_SECRETSERVER_URL="https://vault.example.com/SecretServer"
NETLOOM_SECRETSERVER_USERNAME="svc-netloom"
NETLOOM_SECRETSERVER_PASSWORD_REF="prod/secretserver-password"
NETLOOM_SECRETSERVER_NETWORK_DEVICE_PATH_TEMPLATE="/Shared/ClearPass/network-devices/{name}"

When that provider is configured, netloom policyelements network-device add, update, replace, and copy can backfill missing radius_secret and tacacs_secret values from Delinea by device name. The current integration is read-only and only fetches those secret fields.

First Run / Quick Start

netloom load clearpass
netloom server use <profile>
netloom cache update
netloom identities endpoint list --limit=10

That initial cache update is what enables richer help, completion, and live module/service discovery for the active server.

CLI Examples

List a few endpoints from the active profile:

netloom identities endpoint list --limit=10

Filter a list request with shorthand syntax:

netloom identities endpoint list --filter=name:contains:guest

Fetch one object and print it to the terminal:

netloom policyelements network-device get --id=1001 --console

Compare the same service between two profiles:

netloom policyelements network-device diff --from=<source-profile> --to=<target-profile> --all --max-items=25

Preview a cross-profile copy without writing changes:

netloom policyelements network-device copy --from=<source-profile> --to=<target-profile> --all --dry-run

Feature Roadmap

  • Multi-service copy workflows
  • Extended validation and dry-run features
  • Version tracking for config changes
  • Low-priority CLI semantics and naming cleanup
  • GUI on top of CLI

Deeper Docs

For full command reference and plugin-specific details:

  • Shared CLI reference: man netloom or man/netloom.md
  • ClearPass plugin reference: man netloom-clearpass or man/netloom-clearpass.md
  • Shell completion setup and generic --filter= syntax: man netloom
  • ClearPass-oriented filter and workflow examples: man netloom-clearpass
  • Live action help from your current cache: netloom <module> <service> ?

Detailed release history is in CHANGELOG.md.

Development

pip install -e .[dev]
pytest -q
ruff check .
ruff format .
python -m build
python -m twine check dist/*
netloom-generate-manpages
netloom-generate-manpages --check

License

Proprietary / Internal Use
See LICENSE.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for mathias-granlund from gravatar.com mathias-granlund

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

This version

1.11.1

1.9.5

1.8.3

1.7.1

1.6.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

netloom_tool-1.11.1.tar.gz (176.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

netloom_tool-1.11.1-py3-none-any.whl (127.1 kB view details)

Uploaded Python 3

File details

Details for the file netloom_tool-1.11.1.tar.gz.

File metadata

  • Download URL: netloom_tool-1.11.1.tar.gz
  • Upload date:
  • Size: 176.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for netloom_tool-1.11.1.tar.gz
Algorithm Hash digest
SHA256 8795f6e8109e3ec68c0cb6216cc56732a247e622b384f0de62f11329805f0794
MD5 d2e0339fdfb3b662ecbec069293e3b36
BLAKE2b-256 afa17e1e2806c4702ad78f1b362c604a854b442a4a676e26724bb6a011549a59

See more details on using hashes here.

Provenance

The following attestation bundles were made for netloom_tool-1.11.1.tar.gz:

Publisher: package.yml on mathias-granlund/netloom

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file netloom_tool-1.11.1-py3-none-any.whl.

File metadata

  • Download URL: netloom_tool-1.11.1-py3-none-any.whl
  • Upload date:
  • Size: 127.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for netloom_tool-1.11.1-py3-none-any.whl
Algorithm Hash digest
SHA256 e47fc8eab276379489e25ebe936e7da000f9ae2a2b4c9061493e215c855a7a7b
MD5 16d58ed6d9832c2fdfda2a42dad5a198
BLAKE2b-256 1d2f2b6d3eef04d732782e16f80aaec84dcafaf68f8b6b0e3a4b54cdd5a480e7

See more details on using hashes here.

Provenance

The following attestation bundles were made for netloom_tool-1.11.1-py3-none-any.whl:

Publisher: package.yml on mathias-granlund/netloom

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page