Add support for policy API version 2 (#99)

Author: muntzerr

examples/add_policy.py

@@ -32,7 +32,7 @@ def usage():
 #
 sdclient = SdSecureClient(sdc_token, 'https://secure.sysdig.com')
 
-ok, res = sdclient.add_policy(policy_json)
+ok, res = sdclient.add_policy_json(policy_json)
 
 #
 # Return the result

examples/add_policy_v1.py

@@ -0,0 +1,44 @@
+#!/usr/bin/env python
+#
+# Add a new policy
+#
+
+import os
+import sys
+import json
+sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))
+from sdcclient import SdSecureClientV1
+
+
+def usage():
+    print('usage: %s <sysdig-token>' % sys.argv[0])
+    print('Reads policy json from standard input')
+    print('You can find your token at https://secure.sysdig.com/#/settings/user')
+    sys.exit(1)
+
+
+#
+# Parse arguments
+#
+if len(sys.argv) != 2:
+    usage()
+
+sdc_token = sys.argv[1]
+
+policy_json = sys.stdin.read()
+
+#
+# Instantiate the SDC client
+#
+sdclient = SdSecureClientV1(sdc_token, 'https://secure.sysdig.com')
+
+ok, res = sdclient.add_policy(policy_json)
+
+#
+# Return the result
+#
+if ok:
+    print(json.dumps(res, indent=2))
+else:
+    print(res)
+    sys.exit(1)

examples/create_default_policies_v1.py

@@ -0,0 +1,44 @@
+#!/usr/bin/env python
+#
+# Create the default set of policies given the falco rules file.
+# Existing policies with the same name are unchanged. New policies
+# as needed will be added. Returns JSON representing the new
+# policies created.
+#
+
+import os
+import sys
+import json
+sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))
+from sdcclient import SdSecureClientV1
+
+
+def usage():
+    print('usage: %s <sysdig-token>' % sys.argv[0])
+    print('You can find your token at https://secure.sysdig.com/#/settings/user')
+    sys.exit(1)
+
+
+#
+# Parse arguments
+#
+if len(sys.argv) != 2:
+    usage()
+
+sdc_token = sys.argv[1]
+
+#
+# Instantiate the SDC client
+#
+sdclient = SdSecureClientV1(sdc_token, 'https://secure.sysdig.com')
+
+ok, res = sdclient.create_default_policies()
+
+#
+# Return the result
+#
+if ok:
+    print(json.dumps(res, indent=2))
+else:
+    print(res)
+    sys.exit(1)

examples/delete_all_policies.py

@@ -37,7 +37,7 @@ def usage():
     print(res)
     sys.exit(1)
 else:
-    policies = res['policies']
+    policies = res
 
 for policy in policies:
     print("deleting policy: " + str(policy['id']))

examples/delete_all_policies_v1.py

@@ -0,0 +1,47 @@
+#!/usr/bin/env python
+#
+# Delete all secure policies.
+#
+
+import os
+import sys
+import json
+sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))
+from sdcclient import SdSecureClientV1
+
+
+def usage():
+    print('usage: %s <sysdig-token>' % sys.argv[0])
+    print('You can find your token at https://secure.sysdig.com/#/settings/user')
+    sys.exit(1)
+
+
+#
+# Parse arguments
+#
+if len(sys.argv) != 2:
+    usage()
+
+sdc_token = sys.argv[1]
+
+#
+# Instantiate the SDC client
+#
+sdclient = SdSecureClientV1(sdc_token, 'https://secure.sysdig.com')
+
+# Get a list of policyIds
+ok, res = sdclient.list_policies()
+policies = []
+
+if not ok:
+    print(res)
+    sys.exit(1)
+else:
+    policies = res['policies']
+
+for policy in policies:
+    print("deleting policy: " + str(policy['id']))
+    ok, res = sdclient.delete_policy_id(policy['id'])
+    if not ok:
+        print(res)
+        sys.exit(1)

examples/delete_policy_v1.py

@@ -0,0 +1,63 @@
+#!/usr/bin/env python
+#
+# Delete a policy, by either id or name.
+#
+
+import os
+import sys
+import json
+import getopt
+sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))
+from sdcclient import SdSecureClientV1
+
+
+def usage():
+    print('usage: %s [-i|--id <id>] [-n|--name <name>] <sysdig-token>' % sys.argv[0])
+    print('-i|--id: the id of the policy to delete')
+    print('-n|--name: the name of the policy to delete')
+    print('You can find your token at https://secure.sysdig.com/#/settings/user')
+    sys.exit(1)
+
+
+#
+# Parse arguments
+#
+try:
+    opts, args = getopt.getopt(sys.argv[1:], "i:n:", ["id=", "name="])
+except getopt.GetoptError:
+    usage()
+
+id = ""
+name = ""
+for opt, arg in opts:
+    if opt in ("-i", "--id"):
+        id = arg
+    elif opt in ("-n", "--name"):
+        name = arg
+
+if len(id) + len(name) == 0:
+    usage()
+
+if len(args) < 1:
+    usage()
+
+sdc_token = args[0]
+
+#
+# Instantiate the SDC client
+#
+sdclient = SdSecureClientV1(sdc_token, 'https://secure.sysdig.com')
+
+if len(id) > 0:
+    ok, res = sdclient.delete_policy_id(id)
+else:
+    ok, res = sdclient.delete_policy_name(name)
+
+#
+# Return the result
+#
+if ok:
+    print(json.dumps(res, indent=2))
+else:
+    print(res)
+    sys.exit(1)

examples/get_policy_v1.py

@@ -0,0 +1,42 @@
+#!/usr/bin/env python
+#
+# Get a specific policy
+#
+
+import os
+import sys
+import json
+sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))
+from sdcclient import SdSecureClientV1
+
+
+def usage():
+    print('usage: %s <sysdig-token> <policy name>' % sys.argv[0])
+    print('You can find your token at https://secure.sysdig.com/#/settings/user')
+    sys.exit(1)
+
+
+#
+# Parse arguments
+#
+if len(sys.argv) != 3:
+    usage()
+
+sdc_token = sys.argv[1]
+name = sys.argv[2]
+
+#
+# Instantiate the SDC client
+#
+sdclient = SdSecureClientV1(sdc_token, 'https://secure.sysdig.com')
+
+ok, res = sdclient.get_policy(name)
+
+#
+# Return the result
+#
+if ok:
+    print(json.dumps(res, indent=2))
+else:
+    print(res)
+    sys.exit(1)

examples/list_policies.py

@@ -12,50 +12,30 @@
 
 
 def usage():
-    print('usage: %s [-o|--order-only] <sysdig-token>' % sys.argv[0])
-    print('-o|--order-only: Only display the list of policy ids in evaluation order. Suitable for use by set_policy_order.py')
+    print('usage: %s <sysdig-token>' % sys.argv[0])
     print('You can find your token at https://secure.sysdig.com/#/settings/user')
     sys.exit(1)
 
 
-try:
-    opts, args = getopt.getopt(sys.argv[1:], "o", ["order-only"])
-except getopt.GetoptError:
-    usage()
-
-order_only = False
-for opt, arg in opts:
-    if opt in ("-o", "--order-only"):
-        order_only = True
-
 #
 # Parse arguments
 #
-if len(args) < 1:
+if len(sys.argv) != 2:
     usage()
 
-sdc_token = args[0]
+sdc_token = sys.argv[1]
 
 #
 # Instantiate the SDC client
 #
 sdclient = SdSecureClient(sdc_token, 'https://secure.sysdig.com')
 
-ok, res = sdclient.get_policy_priorities()
+ok, res = sdclient.list_policies()
 
 if not ok:
     print(res)
     sys.exit(1)
 
-# Strip the surrounding json to only keep the list of policy ids
-res = res['priorities']['policyIds']
-
-if not order_only:
-    priorities = res
-    ok, res = sdclient.list_policies()
-    if ok:
-        res['policies'].sort(key=lambda p: priorities.index(p['id']))
-
 #
 # Return the result
 #

examples/list_policies_v1.py

@@ -0,0 +1,66 @@
+#!/usr/bin/env python
+#
+# List the current set of secure policies.
+#
+
+import os
+import sys
+import json
+import getopt
+sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))
+from sdcclient import SdSecureClientV1
+
+
+def usage():
+    print('usage: %s [-o|--order-only] <sysdig-token>' % sys.argv[0])
+    print('-o|--order-only: Only display the list of policy ids in evaluation order. Suitable for use by set_policy_order.py')
+    print('You can find your token at https://secure.sysdig.com/#/settings/user')
+    sys.exit(1)
+
+
+try:
+    opts, args = getopt.getopt(sys.argv[1:], "o", ["order-only"])
+except getopt.GetoptError:
+    usage()
+
+order_only = False
+for opt, arg in opts:
+    if opt in ("-o", "--order-only"):
+        order_only = True
+
+#
+# Parse arguments
+#
+if len(args) < 1:
+    usage()
+
+sdc_token = args[0]
+
+#
+# Instantiate the SDC client
+#
+sdclient = SdSecureClientV1(sdc_token, 'https://secure.sysdig.com')
+
+ok, res = sdclient.get_policy_priorities()
+
+if not ok:
+    print(res)
+    sys.exit(1)
+
+# Strip the surrounding json to only keep the list of policy ids
+res = res['priorities']['policyIds']
+
+if not order_only:
+    priorities = res
+    ok, res = sdclient.list_policies()
+    if ok:
+        res['policies'].sort(key=lambda p: priorities.index(p['id']))
+
+#
+# Return the result
+#
+if ok:
+    print(json.dumps(res, indent=2))
+else:
+    print(res)
+    sys.exit(1)