Welcome to lastpassreportingcli’s documentation!¶
Contents:
lastpassreportingcli¶
A tool to report on state of secret rotation based on a cutoff day, by default the incident of lastpass day.
Documentation: https://lastpassreportingcli.readthedocs.org/en/latest
Development Workflow¶
The workflow supports the following steps
lint
test
build
document
upload
graph
These actions are supported out of the box by the corresponding scripts under _CI/scripts directory with sane defaults based on best practices. Sourcing setup_aliases.ps1 for windows powershell or setup_aliases.sh in bash on Mac or Linux will provide with handy aliases for the shell of all those commands prepended with an underscore.
The bootstrap script creates a .venv directory inside the project directory hosting the virtual environment. It uses pipenv for that. It is called by all other scripts before they do anything. So one could simple start by calling _lint and that would set up everything before it tried to actually lint the project
Once the code is ready to be delivered the _tag script should be called accepting one of three arguments, patch, minor, major following the semantic versioning scheme. So for the initial delivery one would call
$ _tag –minor
which would bump the version of the project to 0.1.0 tag it in git and do a push and also ask for the change and automagically update HISTORY.rst with the version and the change provided.
So the full workflow after git is initialized is:
repeat as necessary (of course it could be test - code - lint :) )
code
lint
test
commit and push
develop more through the code-lint-test cycle
tag (with the appropriate argument)
build
upload (if you want to host your package in pypi)
document (of course this could be run at any point)
Important Information¶
This template is based on pipenv. In order to be compatible with requirements.txt so the actual created package can be used by any part of the existing python ecosystem some hacks were needed. So when building a package out of this do not simple call
$ python setup.py sdist bdist_egg
as this will produce an unusable artifact with files missing. Instead use the provided build and upload scripts that create all the necessary files in the artifact.
Project Features¶
TODO
Installation¶
At the command line:
$ pip install lastpassreportingcli
Or, if you have virtualenvwrapper installed:
$ mkvirtualenv lastpassreportingcli
$ pip install lastpassreportingcli
Or, if you are using pipenv:
$ pipenv install lastpassreportingcli
Or, if you are using pipx:
$ pipx install lastpassreportingcli
Usage¶
To develop on lastpassreportingcli:
# The following commands require pipenv as a dependency
# To lint the project
_CI/scripts/lint.py
# To execute the testing
_CI/scripts/test.py
# To create a graph of the package and dependency tree
_CI/scripts/graph.py
# To build a package of the project under the directory "dist/"
_CI/scripts/build.py
# To see the package version
_CI/scripts/tag.py
# To bump semantic versioning [--major|--minor|--patch]
_CI/scripts/tag.py --major|--minor|--patch
# To upload the project to a pypi repo if user and password are properly provided
_CI/scripts/upload.py
# To build the documentation of the project
_CI/scripts/document.py
To use lastpassreportingcli:
lastpass-report --help
usage: lastpass-report [-h] [--log-config LOGGER_CONFIG] [--log-level {debug,info,warning,error,critical}]
[--username USERNAME] [--password PASSWORD] [--mfa MFA]
[--warning-whitelist WARNING_WHITELIST]
{report,export} ...
A tool to report on state of secret rotation based on a cutoff day, by default the incident of lastpass day.
positional arguments:
{report,export} Supported functions for this program.
report Arguments for reporting on the current state of secret rotation.
export Arguments for export all secret rotation state for processing.
optional arguments:
-h, --help show this help message and exit
--log-config LOGGER_CONFIG, -l LOGGER_CONFIG
The location of the logging config json file
--log-level {debug,info,warning,error,critical}, -L {debug,info,warning,error,critical}
Provide the log level. Defaults to info.
--username USERNAME, -u USERNAME
The username of the user we are connecting to lastpass as. Environment variable
"LASTPASS_USERNAME" can be set. If environment variable is not set and argument not provided
value will be interactively requested by the user.
--password PASSWORD, -p PASSWORD
The password of the user we are connecting to lastpass as. Environment variable
"LASTPASS_PASSWORD" can be set. If environment variable is not set and argument not provided
value will be interactively requested by the user.
--mfa MFA, -m MFA The MFA of the user we are connecting to lastpass as. Environment variable "LASTPASS_MFA"
can be set. If environment variable is not set and argument not provided value will be
interactively requested by the user.
--warning-whitelist WARNING_WHITELIST, -w WARNING_WHITELIST
A comma delimited list of secret IDs that will be disregarded from the reports. Environment
variable "LASTPASS_WARNING_WHITELIST" can be set.
lastpass-report report --help
usage: lastpass-report report [-h] [--report-on {all,personal,shared}] [--sort-on {name,percentage}]
[--reverse-sort] [--details] [--filter-folders FILTER_FOLDERS]
optional arguments:
-h, --help show this help message and exit
--report-on {all,personal,shared}, -r {all,personal,shared}
Which categories of secrets to report on, personal, shared or all. Default is all.
Environment variable "LASTPASS_REPORT_ON" can be used to set this.
--sort-on {name,percentage}, -s {name,percentage}
Sorts the report data based on either folder name or percentage done.Defaults to folder
Environment variable "LASTPASS_SORT_ON" can be used to set this.
--reverse-sort, -rs Changes the sorting order on the key chosen.Environment variable "LASTPASS_SORT_REVERSE" can
be used to set this.
--details, -d Shows a detailed view of the folder report.Environment variable "LASTPASS_REPORT_DETAIL" can
be used to set this.
--filter-folders FILTER_FOLDERS, -f FILTER_FOLDERS
Filters based on comma delimited folder names.Environment variable
"LASTPASS_REPORT_FILTER_FOLDERS" can be used to set this.
lastpass-report export --help
usage: lastpass-report export [-h] --filename FILENAME
optional arguments:
-h, --help show this help message and exit
--filename FILENAME, -f FILENAME
The filename to export the secret status report on.Environment variable
"LASTPASS_EXPORT_FILENAME" can be used to set this.
Contributing¶
Contributions are welcome, and they are greatly appreciated! Every little bit helps, and credit will always be given.
Submit Feedback¶
If you are proposing a feature:
Explain in detail how it would work.
Keep the scope as narrow as possible, to make it easier to implement.
Get Started!¶
Ready to contribute? Here’s how to set up lastpassreportingcli for local development. Using of pipenv is highly recommended.
Clone your fork locally:
$ git clone https://github.com/schubergphilis/lastpassreportingcli
Install your local copy into a virtualenv. Assuming you have pipenv installed, this is how you set up your clone for local development:
$ cd lastpassreportingcli/ $ pipenv install --ignore-pipfile
Create a branch for local development:
$ git checkout -b name-of-your-bugfix-or-feature
Now you can make your changes locally. Do your development while using the CI capabilities and making sure the code passes lint, test, build and document stages.
Commit your changes and push your branch to the server:
$ git add . $ git commit -m "Your detailed description of your changes." $ git push origin name-of-your-bugfix-or-feature
Submit a merge request
lastpassreportingcli¶
lastpassreportingcli package¶
Subpackages¶
lastpassreportingcli.library package¶
Submodules¶
lastpassreportingcli.library.datamodels module¶
Main code for datamodels.
- class lastpassreportingcli.library.datamodels.FolderMetrics(folder: lastpasslib.datamodels.Folder, cutoff_date: datetime.datetime, warning_whitelist: list = <factory>)[source]¶
Bases:
object- cutoff_date: datetime¶
- folder: Folder¶
- property full_path¶
- property has_warnings¶
- property is_completed¶
- property is_in_progress¶
- property is_in_root¶
- property is_personal¶
- property name¶
- property number_of_secrets¶
- property number_of_secrets_to_update¶
- property number_of_updated_secrets¶
- property number_of_warnings¶
- property path¶
- property percentage_done¶
- property percentage_left¶
- property to_json¶
- warning_whitelist: list¶
- property warnings¶
- class lastpassreportingcli.library.datamodels.PresentationFolder(folder: lastpassreportingcli.library.datamodels.FolderMetrics)[source]¶
Bases:
object- folder: FolderMetrics¶
- property is_personal¶
- property name¶
- property percentage_color¶
- property presentation_row¶
- property warning_color¶
lastpassreportingcli.library.validators module¶
Main code for datamodels.
- lastpassreportingcli.library.validators.comma_delimited_list_variable(value)[source]¶
Support for environment variables with comma delimited lists of values.
- lastpassreportingcli.library.validators.default_environment_variable(variable_name)[source]¶
Closure to pass the variable name to the inline custom Action.
- Parameters:
variable_name – The variable to look up as environment variable.
- Returns:
The Action object.
- lastpassreportingcli.library.validators.environment_variable_boolean(value)[source]¶
Parses an environment variable as a boolean.
- Parameters:
value – The value of the environment variable.
- Returns:
True if environment variable is one of the supported values, False otherwise.
Module contents¶
lastpassreportingcli package.
Import all parts from lastpassreportingcli here
Submodules¶
lastpassreportingcli.lastpassreportingcli module¶
Main code for lastpassreportingcli.
- lastpassreportingcli.lastpassreportingcli.create_csv_payload(folders, cutoff_date, warning_whitelist)[source]¶
- lastpassreportingcli.lastpassreportingcli.create_report(folder_metrics, report_on, sort_on, reverse_sort)[source]¶
- lastpassreportingcli.lastpassreportingcli.export_secret_state(folders, filename, cutoff_date, warning_whitelist)[source]¶
- lastpassreportingcli.lastpassreportingcli.get_arguments()[source]¶
Gets us the cli arguments.
Returns the args as parsed from the argsparser.
lastpassreportingcli.lastpassreportingcliexceptions module¶
Custom exception code for lastpassreportingcli.
Module contents¶
lastpassreportingcli package.
Import all parts from lastpassreportingcli here
Credits¶
Development Lead¶
Costas Tyfoxylos <ctyfoxylos@schubergphilis.com>
Contributors¶
None yet. Why not be the first?
History¶
0.0.1 (10-03-2023)¶
First code creation
0.1.0 (24-03-2023)¶
Initial official release.
0.2.0 (31-03-2023)¶
Add secret type on the export report.
0.3.0 (31-03-2023)¶
Implement whitelisting of secrets argument.
0.3.1 (31-03-2023)¶
Remove debugging statement.
0.3.2 (31-03-2023)¶
Simplify secret disregarding.
0.3.3 (08-06-2023)¶
Bump dependecies for yubikey support.