https://github.com/broadinstitute/python-cert_manager

Python interface to the Sectigo Certificate Manager REST API

https://github.com/broadinstitute/python-cert_manager

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (11.8%) to scientific vocabulary

Keywords from Contributors

projection interactive archival generic sequences observability autograding hacking shellcodes modular
Last synced: 10 months ago · JSON representation

Repository

Python interface to the Sectigo Certificate Manager REST API

Basic Info
  • Host: GitHub
  • Owner: broadinstitute
  • License: bsd-3-clause
  • Language: Python
  • Default Branch: main
  • Size: 694 KB
Statistics
  • Stars: 38
  • Watchers: 24
  • Forks: 22
  • Open Issues: 3
  • Releases: 0
Created over 7 years ago · Last pushed 11 months ago
Metadata Files
Readme Changelog License Codeowners

docs/README.md

python-cert_manager

This library provides a Python interface to the Sectigo Certificate Manager REST API. python-cert_manager is open sourced under the BSD 3-Clause license.

checks

Basics

cert_manager runs on Python >= 3.9

Features

There are many API endpoints under Certificate Manager, and this library currently supports a subset of those endpoints. The current list of written and tested endpoint classes includes:

  • Organization (/organization)
  • Person (/person)
  • SSL (/ssl)
  • Client Administrator (/admin)
  • Domain (/domain)
  • Report (/report)

Other endpoints we hope to add in the near future:

  • Code Signing Certificates (/csod)
  • Custom Fields (/customField)
  • Domain Control Validation (/dcv)
  • Device Certificates (/device)
  • Discovery (/discovery)
  • SMIME (/smime)

Installing

You can use pip to install cert_manager:

sh pip install cert_manager

Examples

This is a simple example that just shows initializing the Client object and using it to query the Organization and SSL endpoints:

```python from certmanager import Organization from certmanager import Client from cert_manager import SSL

client = Client( baseurl="https://cert-manager.com/api", loginuri="SomeOrg", username="yourusername", password="yourpassword", )

org = Organization(client=client) ssl = SSL(client=client)

print(ssl.types) print(org.all()) ```

The most common process you would do, however, is enroll and then collect a certificate you want to order from the Certificate Manager:

```python from time import sleep

from certmanager import Organization from certmanager import Client from cert_manager import SSL

client = Client( baseurl="https://cert-manager.com/api", loginuri="SomeOrg", username="yourusername", password="yourpassword", )

We need to enroll the certificate under an organization, so we will need to query the API for that

org = Organization(client=client)

We need the SSL module to enroll the certificate

ssl = SSL(client=client)

certorg = org.find(deptname="MyDept") with open("host.csr", "r") as filep: csr = filep.read()

result = ssl.enroll(certtypename="InCommon SSL (SHA-2)", csr=csr, term=365, orgid=certorg[0]["id"])

This is just for demonstration purposes.

Doing a wait loop like this to poll for the certificate is not the best way to go about this.

while(True): # Collect the certificate from Sectigo try: certpem = ssl.collect(certid=result["sslId"], certformat="x509CO") print(certpem) break except PendingError: print("Certificate is still pending...sleeping for 60s") sleep(60) continue except Exception: # For some unexpected exception, exit break ```

Contributing

Pull requests to add functionality and fix bugs are always welcome. Please check the CONTRIBUTING.md for specifics on contributions.

Testing

We try to have a high level of test coverage on the code. Therefore, when adding anything to the repo, tests should be written to test a new feature or to test a bug fix so that there won't be a regression. This library is setup to be pretty simple to build a working development environment using Docker. Therefore, it is suggested that you have Docker installed where you clone this repository to make development easier.

To start a development environment, you should be able to just run the dev.bash script. This script will use the Containerfile in this repository to build a Docker container with all the dependencies for development installed using Poetry.

sh ./dev.bash

The first time you run the script, it should build the Docker image and then drop you into the container's shell. The directory where you cloned this repository should be volume mounted in to /working, which should also be the current working directory. From there, you can make changes as you see fit. Tests can be run from the /working directory by simply typing pytest as pytest has been setup to with the correct parameters.

Changelog

To generate the CHANGELOG.md, you will need Docker and a GitHub personal access token. We currently use github-changelog-generator for this purpose. The following should generate the file using information from GitHub:

sh docker run -it --rm \ -e CHANGELOG_GITHUB_TOKEN='yourtokenhere' \ -v "$(pwd)":/working \ -w /working \ ferrarimarco/github-changelog-generator --verbose

To generate the log for an upcoming release that has not yet been tagged, you can run a command to include the upcoming release version. For example, 2.0.0:

sh docker run -it --rm \ -e CHANGELOG_GITHUB_TOKEN='yourtokenhere' \ -v "$(pwd)":/working \ -w /working \ ferrarimarco/github-changelog-generator --verbose --future-release 2.0.0 --unreleased

As a note, this repository uses the default labels for formatting the CHANGELOG.md. Label information can be found here: Advanced-change-log-generation-examples

Releases

Releases to the codebase are typically done using the bump2version tool. This tool takes care of updating the version in all necessary files, updating its own configuration, and making a GitHub commit and tag. We typically do version bumps as part of a PR, so you don't want to have bump2version tag the version at the same time it does the commit as commit hashes may change. Therefore, to bump the version a patch level, one would run the command:

sh bump2version --verbose --no-tag patch

Once the PR is merged, you can then checkout the new main branch and tag it using the new version number that is now in .bumpversion.cfg:

sh git checkout main git pull --rebase git tag 1.0.0 -m 'Bump version: 0.1.0 → 1.0.0' git push --tags

Owner

  • Name: Broad Institute
  • Login: broadinstitute
  • Kind: organization
  • Location: Cambridge, MA

Broad Institute of MIT and Harvard

GitHub Events

Total
  • Issues event: 2
  • Watch event: 3
  • Delete event: 22
  • Issue comment event: 9
  • Push event: 26
  • Pull request event: 45
  • Pull request review event: 13
  • Pull request review comment event: 1
  • Fork event: 2
  • Create event: 23
Last Year
  • Issues event: 2
  • Watch event: 3
  • Delete event: 22
  • Issue comment event: 9
  • Push event: 26
  • Pull request event: 45
  • Pull request review event: 13
  • Pull request review comment event: 1
  • Fork event: 2
  • Create event: 23

Committers

Last synced: about 1 year ago

All Time
  • Total Commits: 208
  • Total Committers: 15
  • Avg Commits per committer: 13.867
  • Development Distribution Score (DDS): 0.269
Past Year
  • Commits: 17
  • Committers: 3
  • Avg Commits per committer: 5.667
  • Development Distribution Score (DDS): 0.294
Top Committers
Name Email Commits
dependabot[bot] 4****] 152
coreone c****e 40
Joachim Burket j****t 2
Alex Tremblay a****y@g****m 2
Peter Bajurny F****T@g****m 2
Jan Zumpe jz@j****e 1
Loïc Jaquemet l****b@g****m 1
Matej Zerovnik m****j@z****i 1
MoIn 9****6 1
Nate Werner n****e@g****m 1
Zenon Mousmoulas z****m 1
backstage-bits[bot] 1****] 1
mikkohirvonen m****n@h****i 1
ravanapel 5****l 1
stea-uw 1****w 1
Committer Domains (Top 20 + Academic)

Issues and Pull Requests

Last synced: 10 months ago

All Time
  • Total issues: 8
  • Total pull requests: 216
  • Average time to close issues: 6 months
  • Average time to close pull requests: 7 days
  • Total issue authors: 6
  • Total pull request authors: 10
  • Average comments per issue: 1.63
  • Average comments per pull request: 0.84
  • Merged pull requests: 164
  • Bot issues: 0
  • Bot pull requests: 159
Past Year
  • Issues: 1
  • Pull requests: 56
  • Average time to close issues: N/A
  • Average time to close pull requests: 3 days
  • Issue authors: 1
  • Pull request authors: 4
  • Average comments per issue: 0.0
  • Average comments per pull request: 0.18
  • Merged pull requests: 27
  • Bot issues: 0
  • Bot pull requests: 34
Top Authors
Issue Authors
  • matejzero (2)
  • joachimBurket (2)
  • peiffer-umn (1)
  • mikkohirvonen (1)
  • NetworkSeb (1)
  • titansmc (1)
Pull Request Authors
  • dependabot[bot] (158)
  • coreone (27)
  • mikkohirvonen (21)
  • FISHMANPET (2)
  • stea-uw (2)
  • MoIn4096 (2)
  • jzmp (1)
  • NateWerner (1)
  • backstage-bits[bot] (1)
  • joachimBurket (1)
Top Labels
Issue Labels
Pull Request Labels
dependencies (158) maintenance (123) python (115) github_actions (43) enhancement (12) ignore-for-release (5) bug (4)

Packages

  • Total packages: 1
  • Total downloads:
    • pypi 1,257 last-month
  • Total dependent packages: 0
  • Total dependent repositories: 0
  • Total versions: 7
  • Total maintainers: 3
pypi.org: cert_manager

Python interface to the Sectigo Certificate Manager REST API

  • Versions: 7
  • Dependent Packages: 0
  • Dependent Repositories: 0
  • Downloads: 1,257 Last month
Rankings
Downloads: 6.3%
Dependent packages count: 9.9%
Average: 27.3%
Dependent repos count: 65.6%
Maintainers (3)
Last synced: 11 months ago

Dependencies

.github/workflows/checks.yaml actions
  • actions/cache v3 composite
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
  • codecov/codecov-action v3.1.1 composite
.github/workflows/deploy.yaml actions
  • actions/cache v3 composite
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
.github/workflows/test_deploy.yaml actions
  • actions/cache v3 composite
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
Dockerfile docker
  • python 3.10-slim build
poetry.lock pypi
  • argparse 1.4.0 develop
  • astroid 2.11.7 develop
  • bleach 5.0.1 develop
  • bump2version 1.0.1 develop
  • cffi 1.15.1 develop
  • codecov 2.1.12 develop
  • colorama 0.4.5 develop
  • commonmark 0.9.1 develop
  • coverage 7.0.4 develop
  • cryptography 38.0.3 develop
  • dill 0.3.5.1 develop
  • docutils 0.19 develop
  • extras 1.0.0 develop
  • fixtures 4.0.1 develop
  • green 3.4.3 develop
  • importlib-metadata 4.12.0 develop
  • isort 5.10.1 develop
  • jaraco.classes 3.2.2 develop
  • jeepney 0.8.0 develop
  • keyring 23.9.1 develop
  • lazy-object-proxy 1.7.1 develop
  • linecache2 1.0.0 develop
  • lxml 4.9.1 develop
  • mccabe 0.7.0 develop
  • mock 5.0.0 develop
  • more-itertools 8.14.0 develop
  • pathspec 0.10.1 develop
  • pbr 5.10.0 develop
  • pkginfo 1.8.3 develop
  • platformdirs 2.5.2 develop
  • pycodestyle 2.9.1 develop
  • pycparser 2.21 develop
  • pydocstyle 6.2.3 develop
  • pyflakes 2.4.0 develop
  • pygments 2.13.0 develop
  • pylama 8.3.8 develop
  • pylint 2.13.9 develop
  • pywin32-ctypes 0.2.0 develop
  • pyyaml 6.0 develop
  • readme-renderer 37.1 develop
  • requests-toolbelt 0.9.1 develop
  • responses 0.22.0 develop
  • rfc3986 2.0.0 develop
  • rich 12.5.1 develop
  • secretstorage 3.3.3 develop
  • setuptools 65.5.1 develop
  • six 1.16.0 develop
  • snowballstemmer 2.2.0 develop
  • testtools 2.5.0 develop
  • tomli 2.0.1 develop
  • traceback2 1.4.0 develop
  • twine 4.0.2 develop
  • typed-ast 1.5.4 develop
  • types-toml 0.10.8 develop
  • typing-extensions 4.3.0 develop
  • unidecode 1.3.4 develop
  • unittest2 1.1.0 develop
  • webencodings 0.5.1 develop
  • wheel 0.38.4 develop
  • wrapt 1.14.1 develop
  • yamllint 1.28.0 develop
  • zipp 3.8.1 develop
  • certifi 2022.12.7
  • charset-normalizer 2.1.1
  • idna 3.3
  • requests 2.28.1
  • toml 0.10.2
  • urllib3 1.26.12
pyproject.toml pypi
  • bump2version * develop
  • codecov * develop
  • coverage >=4.4.2 develop
  • fixtures * develop
  • green >=2.12.0 develop
  • mock >=2.0.0 develop
  • pydocstyle <7 develop
  • pyflakes < 2.5.0 develop
  • pylama * develop
  • pylint * develop
  • pyyaml ==6.0 develop
  • responses * develop
  • testtools * develop
  • twine * develop
  • unittest2 >=1.1.0 develop
  • wheel * develop
  • yamllint * develop
  • python ^3.7
  • requests *
  • toml >=0.9,<0.11