virgil

command module

v2.0.0+incompatible Latest Latest Go to latest Published: Jul 13, 2016 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/FidelityInternational/virgil

Links

Open Source Insights

README ¶

virgil

Overview

virgil generates Firewall Policies based on Cloud Foundry security groups.

The BOSH API is used to generate the source section of the firewall rules based on jobs names as "dea-partition*" or "diego_cell-partition".

The Cloud Foundry security groups are used for Destination, Port and Protocol and the rule set is then compressed to remove duplicates.

Usage

As a CLI

virgil can be used as a CLI to produce YAML files of the generated polcies.

go get github.com/FidelityInternational/virgil
virgil \
--cf-system-domain='domain.example.com' \
--cf-user='cf_admin_user' \
--cf-password='cf_admin_password' \
--bosh-user='bosh_username' \
--bosh-password='bosh_password' \
--bosh-uri='https://bosh.example.com:25555' \
output_file_name.yml

Additional parameters available are --bosh-port and --skip-ssl-validation.

To get additional help with the CLI use:

virgil --help

As a library

virgil can also be used as a library to plug in to other tools to act directly on the generated objects.

The library option is currently just a stripped back version of the CLI code, the aim is to rework this in future versions to make it easier to use.

import (
  "github.com/cloudfoundry-community/go-cfclient"
  "gopkg.in/FidelityInternational/virgil.v2/bosh"
  "gopkg.in/FidelityInternational/virgil.v2/utility"
  "github.com/cloudfoundry-community/gogobosh"
)
cfConfig := &cfclient.Config{
  ApiAddress:        "https://api.domain.example.com",
  Username:          "cf_admin_user",
  Password:          "cf_admin_password",
  SkipSslValidation: false,
}
boshConfig := &gogobosh.Config{
  Username:          "bosh_username",
  Password:          "bosh_password",
  BOSHAddress:       "bosh.example.com",
  SkipSslValidation: false,
}
cfClient, _ := cfclient.NewClient(cfConfig)
boshClient := gogobosh.NewClient(boshConfig)
allSecGroups, _ := cfClient.ListSecGroups()
deployments, _ := boshClient.GetDeployments()
deployment := bosh.FindDeployment(deployments, "^cf-.+")
boshVMs, _ := boshClient.GetDeploymentVMs(deployment)
runtimeVMs := bosh.FindVMs(boshVMs, "^(dea|diego_cell)-partition.+")
sources := bosh.GetAllIPs(runtimeVMs)
secGroups := utility.GetUsedSecGroups(allSecGroups)
firewallRules := utility.GetFirewallRules(sources, secGroups)

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
bosh
utility

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL