Skip to main content

CI/CD pipeline integration by using the REST API of nevisAdmin4

The configuration management of the Identity Suite is built from the ground-up with GitOps and DevOps principles in mind. It integrates seamlessly into your existing CI/CD automations, deployment processes and secure infrastructure.

With managing the configuration and deployment of inventories, projects and patterns via REST API endpoints of nevisAdmin 4, you can integrate the deployment of Identity Suite with other configuration review and deployment steps, to fit your workflow and compliance requirements. Automate these tasks with popular CI/CD tools, like GitHub Actions, Terraform, Argo CD, Jenkins, just to name a few.

For detailed REST API endpoint references, visit nevisAdmin 4 documentation.

Example deployment script in Python

The following Python script guides through a simplified deployment scenario via the following steps:

  • Step 1: Get Token
  • Step 2: Create Deployment
  • Step 3: Generate Preview
  • Step 4: Poll until state == GENERATED
  • Step 5: Plan Deployment
  • Step 6: Poll until state == PLANNED
  • Step 7: Start Deployment
  • Step 8: Poll until state == DEPLOYED
#!/usr/bin/env python

import requests
import time
import argparse
import os
import glob

# Configuration
BASE_URL = "https://<nevisadmin_host_here>/nevisadmin/api/v1"
USERNAME = os.getenv("NEVIS_USERNAME")
PASSWORD = os.getenv("NEVIS_PASSWORD")
HOST_EXPRESSION = "*"
POLL_INTERVAL = 5  # Time in seconds between polling for state changes

# Get authentication token
def get_token():
    url = f"{BASE_URL}/login?tokenType=bearer"
    payload = {
        "userKey": USERNAME,
        "password": PASSWORD
    }
    print(f"Username: {USERNAME}")
    print(f"Password: {PASSWORD[0] + '*' * (len(PASSWORD) - 2) + PASSWORD[-1]}")
    response = requests.post(url, json=payload)
    response.raise_for_status()
    return response.json()["token"]

# Create a deployment
def create_deployment(token, project_key, inventory_key):
    url = f"{BASE_URL}/deployments"
    headers = {
        "Authorization": f"Bearer {token}"
    }
    payload = {
        "projectKey": project_key,
        "inventoryKey": inventory_key,
        "hostExpression": HOST_EXPRESSION,
        "state": "DEPLOYING"
    }
    response = requests.post(url, json=payload, headers=headers)
    response.raise_for_status()
    return response.json()["deploymentId"]

# Poll deployment state until desired state is reached
def poll_deployment_state(token, deployment_id, desired_state):
    url = f"{BASE_URL}/deployments/{deployment_id}"
    headers = {
        "Authorization": f"Bearer {token}"
    }
    while True:
        response = requests.get(url, headers=headers)
        response.raise_for_status()
        state = response.json()["state"]
        print(f"Deployment state: {state}")
        if state == desired_state:
            break
        time.sleep(POLL_INTERVAL)

# Generate preview
def generate_preview(token, deployment_id):
    url = f"{BASE_URL}/deployments/{deployment_id}/generation"
    headers = {
        "Authorization": f"Bearer {token}"
    }
    response = requests.put(url, headers=headers)
    response.raise_for_status()
    print("Preview generation started.")

# Plan deployment
def plan_deployment(token, deployment_id):
    url = f"{BASE_URL}/deployments/{deployment_id}/plan"
    headers = {
        "Authorization": f"Bearer {token}"
    }
    response = requests.put(url, headers=headers)
    response.raise_for_status()
    print("Deployment planning started.")

# Start deployment
def start_deployment(token, deployment_id):
    url = f"{BASE_URL}/deployments/{deployment_id}/deploy"
    headers = {
        "Authorization": f"Bearer {token}"
    }
    response = requests.put(url, headers=headers)
    response.raise_for_status()
    print("Deployment started.")

def main():
    # Usage: NEVIS_USERNAME=admin NEVIS_PASSWORD=***** python deploy-project.py --project <project_name> --inventory <inventory_name>
    
    # Parse arguments for project key
    parser = argparse.ArgumentParser(description='Deploy nevisAdmin 4 Project')
    parser.add_argument('--project', required=True, help='project name')
    parser.add_argument('--inventory', required=True, help='inventory name (e.g., TEST or PROD)')
    args = parser.parse_args()
    project_key = args.project
    inventory_key = args.inventory
    # Step 1: Get Token
    token = get_token()
    print("Token obtained.")
    # Step 2: Create Deployment
    deployment_id = create_deployment(token, project_key, inventory_key)
    print(f"Deployment created with ID: {deployment_id}")
    # Step 3: Generate Preview
    generate_preview(token, deployment_id)
    # Step 4: Poll until state == GENERATED
    poll_deployment_state(token, deployment_id, "GENERATED")
    print("Deployment preview generated.")
    # Step 5: Plan Deployment
    plan_deployment(token, deployment_id)
    # Step 6: Poll until state == PLANNED
    poll_deployment_state(token, deployment_id, "PLANNED")
    print("Deployment planned.")
    # Step 7: Start Deployment
    start_deployment(token, deployment_id)
    # Step 8: Poll until state == DEPLOYED
    poll_deployment_state(token, deployment_id, "DEPLOYED")
    print("Deployment successfully completed.")
if __name__ == "__main__":
    main()

Usage: 

NEVIS_USERNAME=admin NEVIS_PASSWORD=***** python deploy-project.py --project <project_name> --inventory <inventory_name>