VGS Client
Project description
# VGS Client
[](https://circleci.com/gh/verygoodsecurity/vgs-cli/tree/master)
A command line tool that configures routes in VGS vaults
# Requirements
- Python 3
# Installation
To install the latest version enter
```
pip install vgs-cli
```
# Authentication
All commands provided by vgs-cli require MFA verification.
To authenticate type
```
vgs authenticate
```
Your credentials are short-lived. If you come across a 'Credentials are expired' error, pls re-authenticate.
In order to remove authenticated session type:
```
vgs logout
```
# Commands
## Parameters
| Name | Description | Mandatory | Default value |
| --------------------------------------- | ----------------------------------------------------------------------------- | -------------------------------------- | -------------------------------------- |
| `tenant` | Tenant identifier of a vault | Yes | |
| `environment` | VGS environment. Possible values are `sandbox` and `live` | No | sandbox |
## dump-all
This command dumps routes in a readable YAML format to stdout. We recommend redirecting output to a file for convenience.
```
vgs --tenant=tnteipi8liw --environment=sandbox route --dump-all
```
### Recommended way of using the command
```
vgs --tenant=tnteipi8liw --environment=sandbox route --dump-all > tnteipi8liw.yml
```
### Sample output looks like
```yaml
data:
- attributes:
created_at: '2018-07-17T16:50:37'
destination_override_endpoint: https://httpbin.verygoodsecurity.io
entries:
- classifiers: {}
config:
condition: AND
expression: null
rules:
- condition: null
expression:
field: PathInfo
operator: equals
type: string
values: [/post]
rules: null
- condition: null
expression:
field: ContentType
operator: equals
type: string
values: [application/json]
rules: []
id: a46b73e5-df5a-4780-bc01-9e19b1aa04bc
id_selector: null
operation: REDACT
operations: null
phase: REQUEST
public_token_generator: UUID
targets: [body]
token_manager: PERSISTENT
transformer: JSON_PATH
transformer_config: [$.secret]
host_endpoint: (.*)\.verygoodproxy\.com
id: 6153b3fc-f869-4fdd-824f-5ed6b1e393c5
port: 443
protocol: http
source_endpoint: '*'
updated_at: '2018-07-17T16:50:50'
id: 6153b3fc-f869-4fdd-824f-5ed6b1e393c5
type: rule_chain
- attributes:
created_at: '2018-07-17T16:53:01'
destination_override_endpoint: '*'
entries: []
host_endpoint: (.*)
id: d6c86a9f-c85c-4ced-9998-16b050541f84
port: 443
protocol: http
source_endpoint: '*'
updated_at: '2018-07-17T16:53:01'
id: d6c86a9f-c85c-4ced-9998-16b050541f84
type: rule_chain
version: 1
```
## sync-all
This command synchronizes updates to routes back upstream. It takes a YAML document with routes via stdin.
### Important
For this command to work the following conditions should hold
- YAML document should be a result of a previous output from `dump-all`.
- You can only make changes to the entities in the original YAML document, and you must keep ids as is.
```
vgs --tenant=tnteipi8liw --environment=sandbox route --sync-all < tnteipi8liw.yml
```
## create-all
This command creates new routes in a vault. An input YAML document should take the same form as an output of the `dump-all` command.
A typical use case for this command is a migration of routes from a sandbox environment to live
```
vgs --tenant=tnt3lmevlos --environment=live route --create-all < tnteipi8liw.yml
```
# Typical scenarios
## Migrate routes from a sandbox environment to live
- Sandbox tenant: `tnt_sandbox`
- Live tenant: `tnt_live`
1. Dump routes from a sandbox vault locally
```
vgs --tenant=tnt_sandbox --environment=sandbox route --dump-all > tnt_sandbox.yml
```
2. Re-create routes in a live vault
```
vgs --tenant=tnt_live --environment=live route --create-all < tnt_sandbox.yml
```
3. Dump new routes from a live environment locally. We recommend to keep them in a separate file
```
vgs --tenant=tnt_live --environment=live route --dump-all > tnt_live.yml
```
3. Update migrated routes in `tnt_live.yml`, if needed. Typically you may need to make changes to some upstream configurations that you were using when testing.
4. Sync changes back to tnt_live
```
vgs --tenant=tnt_live --environment=live route --sync-all < tnt_live.yml
```
5. Modify upstream hosts for migrated routes to match your live API's. A typical example is switching development environment to production one on live routes after migration.
[](https://circleci.com/gh/verygoodsecurity/vgs-cli/tree/master)
A command line tool that configures routes in VGS vaults
# Requirements
- Python 3
# Installation
To install the latest version enter
```
pip install vgs-cli
```
# Authentication
All commands provided by vgs-cli require MFA verification.
To authenticate type
```
vgs authenticate
```
Your credentials are short-lived. If you come across a 'Credentials are expired' error, pls re-authenticate.
In order to remove authenticated session type:
```
vgs logout
```
# Commands
## Parameters
| Name | Description | Mandatory | Default value |
| --------------------------------------- | ----------------------------------------------------------------------------- | -------------------------------------- | -------------------------------------- |
| `tenant` | Tenant identifier of a vault | Yes | |
| `environment` | VGS environment. Possible values are `sandbox` and `live` | No | sandbox |
## dump-all
This command dumps routes in a readable YAML format to stdout. We recommend redirecting output to a file for convenience.
```
vgs --tenant=tnteipi8liw --environment=sandbox route --dump-all
```
### Recommended way of using the command
```
vgs --tenant=tnteipi8liw --environment=sandbox route --dump-all > tnteipi8liw.yml
```
### Sample output looks like
```yaml
data:
- attributes:
created_at: '2018-07-17T16:50:37'
destination_override_endpoint: https://httpbin.verygoodsecurity.io
entries:
- classifiers: {}
config:
condition: AND
expression: null
rules:
- condition: null
expression:
field: PathInfo
operator: equals
type: string
values: [/post]
rules: null
- condition: null
expression:
field: ContentType
operator: equals
type: string
values: [application/json]
rules: []
id: a46b73e5-df5a-4780-bc01-9e19b1aa04bc
id_selector: null
operation: REDACT
operations: null
phase: REQUEST
public_token_generator: UUID
targets: [body]
token_manager: PERSISTENT
transformer: JSON_PATH
transformer_config: [$.secret]
host_endpoint: (.*)\.verygoodproxy\.com
id: 6153b3fc-f869-4fdd-824f-5ed6b1e393c5
port: 443
protocol: http
source_endpoint: '*'
updated_at: '2018-07-17T16:50:50'
id: 6153b3fc-f869-4fdd-824f-5ed6b1e393c5
type: rule_chain
- attributes:
created_at: '2018-07-17T16:53:01'
destination_override_endpoint: '*'
entries: []
host_endpoint: (.*)
id: d6c86a9f-c85c-4ced-9998-16b050541f84
port: 443
protocol: http
source_endpoint: '*'
updated_at: '2018-07-17T16:53:01'
id: d6c86a9f-c85c-4ced-9998-16b050541f84
type: rule_chain
version: 1
```
## sync-all
This command synchronizes updates to routes back upstream. It takes a YAML document with routes via stdin.
### Important
For this command to work the following conditions should hold
- YAML document should be a result of a previous output from `dump-all`.
- You can only make changes to the entities in the original YAML document, and you must keep ids as is.
```
vgs --tenant=tnteipi8liw --environment=sandbox route --sync-all < tnteipi8liw.yml
```
## create-all
This command creates new routes in a vault. An input YAML document should take the same form as an output of the `dump-all` command.
A typical use case for this command is a migration of routes from a sandbox environment to live
```
vgs --tenant=tnt3lmevlos --environment=live route --create-all < tnteipi8liw.yml
```
# Typical scenarios
## Migrate routes from a sandbox environment to live
- Sandbox tenant: `tnt_sandbox`
- Live tenant: `tnt_live`
1. Dump routes from a sandbox vault locally
```
vgs --tenant=tnt_sandbox --environment=sandbox route --dump-all > tnt_sandbox.yml
```
2. Re-create routes in a live vault
```
vgs --tenant=tnt_live --environment=live route --create-all < tnt_sandbox.yml
```
3. Dump new routes from a live environment locally. We recommend to keep them in a separate file
```
vgs --tenant=tnt_live --environment=live route --dump-all > tnt_live.yml
```
3. Update migrated routes in `tnt_live.yml`, if needed. Typically you may need to make changes to some upstream configurations that you were using when testing.
4. Sync changes back to tnt_live
```
vgs --tenant=tnt_live --environment=live route --sync-all < tnt_live.yml
```
5. Modify upstream hosts for migrated routes to match your live API's. A typical example is switching development environment to production one on live routes after migration.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
vgs-cli-0.1.1.tar.gz
(7.5 kB
view details)
Built Distribution
File details
Details for the file vgs-cli-0.1.1.tar.gz.
File metadata
- Download URL: vgs-cli-0.1.1.tar.gz
- Upload date:
- Size: 7.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: Python-urllib/3.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 89c5beccda9206f4ed60a0965866105a728cacc1c28bbba8e993aefface6610a |
|
| MD5 | c0eb346dd0bf98df732ba69f6fa19480 |
|
| BLAKE2b-256 | 16e37d26aff065f1f8aeedaa35ed27dae2c546237e0409aacc83a30c9964a532 |
Provenance
File details
Details for the file vgs_cli-0.1.1-py3-none-any.whl.
File metadata
- Download URL: vgs_cli-0.1.1-py3-none-any.whl
- Upload date:
- Size: 9.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.18.4 setuptools/40.6.2 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.7.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d5e34723bfdbeb9c52626ddda6e448775bf9aee0fbe30c51d995c01c1b505058 |
|
| MD5 | b95250d02e9bb06b453196c33e2ae65d |
|
| BLAKE2b-256 | 6e3aee9eac0dea11433572e075cbb92b2b7c78cdd17e49d231c9d85eb98db2e9 |
