Photo by on mk. s Unsplash The Rodney Dangerfield of the CF CLI, show it some respect! I was assigned to take a look at all the environment variables being used for a foundation. Normally, I would put together a quick query against the Cloud Controller database, but I found this data to be encrypted. However, you can pull the information from the CF CLI, but you need to know how to log in and loop through the results. A bit of Python, a dancing gopher, and proper course etiquette are all you need. Grab your putter and head to the first hole! Hole 1 – Login Quick and easy, use the CLI to log into your desired CF foundation: cf cf login

# or 

cf login --sso After a successful login, the token and other information will be stored in ~/.cf/config.json Hole 2 – Create Python Script The script below will use the token from the last step which is stored in ~/.cf/config.json #!/usr/bin/env python3
import requests
from requests.structures import CaseInsensitiveDict

import sys
import warnings


# Disable SSL Warnings - important for KubeCF
if not sys.warnoptions:
    warnings.simplefilter("ignore")

# Login
system_domain = sys.argv[1]
token = sys.argv[2]

headers = CaseInsensitiveDict()
headers["Accept"] = "application/json"
headers["Authorization"] = token

apps_url = "https://api." + system_domain + "/v3/apps/?per_page=100"

entries = requests.get(apps_url, headers=headers, verify=False).json()

total_results = entries["pagination"]["total_results"]
total_pages = entries["pagination"]["total_pages"]
current_page = 1
apps = {}

while True:
    print("Processing page " + str(current_page) + "/" + str(total_pages))

    for entry in entries["resources"]:

        env_vars_url = entry["links"]["environment_variables"]["href"]
        env_vars = requests.get(env_vars_url, headers=headers, verify=False).json()

        line_label = "app:" + entry["name"]+",env"
        apps[line_label] = []

        for key, value in env_vars["var"].items():
            apps[line_label].append(str(key) + "=" + str(value))


    current_page += 1

    if entries["pagination"]["next"] is None:
        break

    entries = requests.get(entries["pagination"]["next"]["href"], headers=headers, verify=False).json()


for key, value in apps.items():
    print(str(key) + ":" + str(value)) Save this file and call it scrape.py Hole 3 – Run the Script This is where the magic of the happens. After you’ve logged in successfully, the bearer token is stored locally and can be retrieved on-demand, and is also refreshed as needed. Cool, huh? More details on the command can be found at cf oauth-token https://cli.cloudfoundry.org/en-US/v6/oauth-token.html If you clicked on that link and were underwhelmed, welcome to the club and you can be excused for having never heard of the command before. Keep going, you’ll see how valuable it truly is. Assuming you named the script , you can now run it against your foundation; the first parameter is the system domain of your foundation, and the second parameter is the command to retrieve the bearer token: scrape.py python3 scrape.py system_url.nip.io "$(cf oauth-token)" The script will loop through the visible apps and pull back the list of environment variables. Users with or similar permissions will loop through all orgs and spaces; otherwise, it will loop through just the orgs and spaces you have permissions to. cloud_controller.admin The output will look similar to: Processing page 1/1
app:my-test-app,env:['MYENV=test'] If you’d like an example of a scraping org, space, and alternate login combinations, I’ve created . The notes at the top include instructions if you’re attempting to run this against a locally deployed KubeCF. this example script Enjoy! Remember to return your putter and scorecard back to the front desk. Also published here

Keep

Spin Up a BOSH VM Faster Using BoshLite

Read My Stories

Too Long; Didn't Read

Make resilience your competitive advantage

How to Script the CF API With `CF OAUTH-TOKEN` and Python

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

How to Stop Giving Away Money to AWS by Running KubeCF with Kind on MacOS

100 Days of AI Day 1: From Newsletter to Podcast, Leveraging AI for Audio Transformation

10 Threats to an Open API Ecosystem

10 Indications That You Should Invest in Automation Via APIs

10 Best Practices for Securing Your API

How to Stop Giving Away Money to AWS by Running KubeCF with Kind on MacOS

100 Days of AI Day 1: From Newsletter to Podcast, Leveraging AI for Audio Transformation

10 Threats to an Open API Ecosystem

10 Indications That You Should Invest in Automation Via APIs

10 Best Practices for Securing Your API

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps