PyPI - illumio-pylo - Versions diffs - 0.2.5__py3-none-any.whl - Mend

illumio-pylo 0.2.5__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (73) hide show

illumio_pylo/API/APIConnector.py +1308 -0
illumio_pylo/API/AuditLog.py +42 -0
illumio_pylo/API/ClusterHealth.py +136 -0
illumio_pylo/API/CredentialsManager.py +286 -0
illumio_pylo/API/Explorer.py +1077 -0
illumio_pylo/API/JsonPayloadTypes.py +240 -0
illumio_pylo/API/RuleSearchQuery.py +128 -0
illumio_pylo/API/__init__.py +0 -0
illumio_pylo/AgentStore.py +139 -0
illumio_pylo/Exception.py +44 -0
illumio_pylo/Helpers/__init__.py +3 -0
illumio_pylo/Helpers/exports.py +508 -0
illumio_pylo/Helpers/functions.py +166 -0
illumio_pylo/IPList.py +135 -0
illumio_pylo/IPMap.py +285 -0
illumio_pylo/Label.py +25 -0
illumio_pylo/LabelCommon.py +48 -0
illumio_pylo/LabelGroup.py +68 -0
illumio_pylo/LabelStore.py +403 -0
illumio_pylo/LabeledObject.py +25 -0
illumio_pylo/Organization.py +258 -0
illumio_pylo/Query.py +331 -0
illumio_pylo/ReferenceTracker.py +41 -0
illumio_pylo/Rule.py +671 -0
illumio_pylo/Ruleset.py +306 -0
illumio_pylo/RulesetStore.py +101 -0
illumio_pylo/SecurityPrincipal.py +62 -0
illumio_pylo/Service.py +256 -0
illumio_pylo/SoftwareVersion.py +125 -0
illumio_pylo/VirtualService.py +17 -0
illumio_pylo/VirtualServiceStore.py +75 -0
illumio_pylo/Workload.py +506 -0
illumio_pylo/WorkloadStore.py +289 -0
illumio_pylo/__init__.py +82 -0
illumio_pylo/cli/NativeParsers.py +96 -0
illumio_pylo/cli/__init__.py +134 -0
illumio_pylo/cli/__main__.py +10 -0
illumio_pylo/cli/commands/__init__.py +32 -0
illumio_pylo/cli/commands/credential_manager.py +168 -0
illumio_pylo/cli/commands/iplist_import_from_file.py +185 -0
illumio_pylo/cli/commands/misc.py +7 -0
illumio_pylo/cli/commands/ruleset_export.py +129 -0
illumio_pylo/cli/commands/update_pce_objects_cache.py +44 -0
illumio_pylo/cli/commands/ven_duplicate_remover.py +366 -0
illumio_pylo/cli/commands/ven_idle_to_visibility.py +287 -0
illumio_pylo/cli/commands/ven_upgrader.py +226 -0
illumio_pylo/cli/commands/workload_export.py +251 -0
illumio_pylo/cli/commands/workload_import.py +423 -0
illumio_pylo/cli/commands/workload_relabeler.py +510 -0
illumio_pylo/cli/commands/workload_reset_names_to_null.py +83 -0
illumio_pylo/cli/commands/workload_used_in_rule_finder.py +80 -0
illumio_pylo/docs/Doxygen +1757 -0
illumio_pylo/tmp.py +104 -0
illumio_pylo/utilities/__init__.py +0 -0
illumio_pylo/utilities/cli.py +10 -0
illumio_pylo/utilities/credentials.example.json +20 -0
illumio_pylo/utilities/explorer_report_exporter.py +86 -0
illumio_pylo/utilities/health_monitoring.py +102 -0
illumio_pylo/utilities/iplist_analyzer.py +148 -0
illumio_pylo/utilities/iplists_stats_duplicates_unused_finder.py +75 -0
illumio_pylo/utilities/resources/iplists-import-example.csv +3 -0
illumio_pylo/utilities/resources/iplists-import-example.xlsx +0 -0
illumio_pylo/utilities/resources/workload-exporter-filter-example.csv +3 -0
illumio_pylo/utilities/resources/workloads-import-example.csv +2 -0
illumio_pylo/utilities/resources/workloads-import-example.xlsx +0 -0
illumio_pylo/utilities/ven_compatibility_report_export.py +240 -0
illumio_pylo/utilities/ven_idle_to_illumination.py +344 -0
illumio_pylo/utilities/ven_reassign_pce.py +183 -0
illumio_pylo-0.2.5.dist-info/LICENSE +176 -0
illumio_pylo-0.2.5.dist-info/METADATA +197 -0
illumio_pylo-0.2.5.dist-info/RECORD +73 -0
illumio_pylo-0.2.5.dist-info/WHEEL +5 -0
illumio_pylo-0.2.5.dist-info/top_level.txt +1 -0

illumio_pylo/cli/commands/ven_duplicate_remover.py ADDED Viewed

@@ -0,0 +1,366 @@
+import datetime
+import click
+import illumio_pylo as pylo
+import argparse
+from typing import Dict, List, Literal, Optional
+from .misc import make_filename_with_timestamp
+from . import Command
+command_name = 'ven-duplicate-remover'
+objects_load_filter = ['labels']
+def fill_parser(parser: argparse.ArgumentParser):
+    parser.add_argument('--verbose', '-v', action='store_true',
+                        help='')
+    parser.add_argument('--proceed-with-deletion', action='store_true',
+                        help='Actually operate deletions. Considered as a dry-run if not specified.')
+    parser.add_argument('--do-not-require-deletion-confirmation', action='store_true',
+                        help='Ask for confirmation for each deletion')
+    parser.add_argument('--filter-label', '-fl', action='append',
+                        help='Only look at workloads matching specified labels')
+    parser.add_argument('--ignore-unmanaged-workloads', '-iuw', action='store_true',
+                        help='Do not touch unmanaged workloads nor include them to detect duplicates')
+    parser.add_argument('--report-format', '-rf', action='append', type=str, choices=['csv', 'xlsx'], default=None,
+                        help='Which report formats you want to produce (repeat option to have several)')
+    parser.add_argument('--do-not-delete-the-most-recent-workload', '-nrc', action='store_true',
+                        help='Workload which was created the last will not be deleted')
+    parser.add_argument('--do-not-delete-the-most-recently-heartbeating-workload', '-nrh', action='store_true',
+                        help='Workload which was heartbeating the last will not be deleted')
+    parser.add_argument('--do-not-delete-if-last-heartbeat-is-more-recent-than', type=int, default=None,
+                        help='Workload which was heartbeating the last will not be deleted if the last heartbeat is more recent than the specified number of days')
+    parser.add_argument('--override-pce-offline-timer-to', type=int, default=None,
+                        help='Override the PCE offline timer to the specified number of days')
+    parser.add_argument('--limit-number-of-deleted-workloads', '-l', type=int, default=None,
+                        help='Limit the number of workloads to be deleted, for a limited test run for example.')
+def __main(args, org: pylo.Organization, pce_cache_was_used: bool, **kwargs):
+    report_wanted_format: List[Literal['csv','xlsx']] = args['report_format']
+    if report_wanted_format is None:
+        report_wanted_format = ['xlsx']
+    arg_verbose = args['verbose']
+    arg_proceed_with_deletion = args['proceed_with_deletion'] is True
+    arg_do_not_require_deletion_confirmation = args['do_not_require_deletion_confirmation'] is True
+    arg_ignore_unmanaged_workloads = args['ignore_unmanaged_workloads'] is True
+    arg_do_not_delete_the_most_recent_workload = args['do_not_delete_the_most_recent_workload'] is True
+    arg_do_not_delete_the_most_recently_heartbeating_workload = args['do_not_delete_the_most_recently_heartbeating_workload'] is True
+    arg_do_not_delete_if_last_heartbeat_is_more_recent_than = args['do_not_delete_if_last_heartbeat_is_more_recent_than']
+    arg_override_pce_offline_timer_to = args['override_pce_offline_timer_to']
+    arg_limit_number_of_deleted_workloads = args['limit_number_of_deleted_workloads']
+    output_file_prefix = make_filename_with_timestamp('ven-duplicate-removal_')
+    output_file_csv = output_file_prefix + '.csv'
+    output_file_excel = output_file_prefix + '.xlsx'
+    csv_report_headers = [{'name':'name'},
+                          {'name':'hostname'}]
+    # insert all label dimensions
+    for label_type in org.LabelStore.label_types:
+        csv_report_headers.append({'name': 'label_'+label_type, 'wrap_text': False})
+    csv_report_headers += [
+                          'online',
+                          {'name':'last_heartbeat', 'max_width': 15, 'wrap_text': False},
+                          {'name': 'created_at', 'max_width': 15, 'wrap_text': False},
+                          'action',
+                          {'name':'link_to_pce','max_width': 15, 'wrap_text': False, 'link_text': 'See in PCE', 'is_url': True},
+                          {'name':'href', 'max_width': 15, 'wrap_text': False}]
+    csv_report = pylo.ArraysToExcel()
+    sheet: pylo.ArraysToExcel.Sheet = csv_report.create_sheet('duplicates', csv_report_headers, force_all_wrap_text=True, multivalues_cell_delimiter=',')
+    filter_labels: List[pylo.Label] = []  # the list of labels to filter the workloads against
+    if args['filter_label'] is not None:
+        for label_name in args['filter_label']:
+            label = org.LabelStore.find_label_by_name(label_name)
+            if label is None:
+                raise pylo.PyloEx("Cannot find label '{}' in the PCE".format(label_name))
+            filter_labels.append(label)
+    # <editor-fold desc="Download workloads from PCE">
+    if not pce_cache_was_used:
+        print("* Downloading Workloads data from the PCE (it may take moment for large amounts of workloads) ... ", flush=True, end='')
+        if args['filter_label'] is None:
+            workloads_json = org.connector.objects_workload_get(async_mode=True, max_results=1000000)
+        else:
+            filter_labels_list_of_list: List[List[pylo.Label]] = []
+            # convert filter_labels dict to an array of arrays
+            for label_type, label_list in org.LabelStore.Utils.list_to_dict_by_type(filter_labels).items():
+                filter_labels_list_of_list.append(label_list)
+            # convert filter_labels_list_of_list to a matrix of all possibilities
+            # example: [[a,b],[c,d]] becomes [[a,c],[a,d],[b,c],[b,d]]
+            filter_labels_matrix = [[]]
+            for label_list in filter_labels_list_of_list:
+                new_matrix = []
+                for label in label_list:
+                    for row in filter_labels_matrix:
+                        new_row = row.copy()
+                        new_row.append(label.href)
+                        new_matrix.append(new_row)
+                filter_labels_matrix = new_matrix
+            workloads_json = org.connector.objects_workload_get(async_mode=False, max_results=1000000, filter_by_label=filter_labels_matrix)
+        org.WorkloadStore.load_workloads_from_json(workloads_json)
+    print("OK! {} workloads loaded".format(org.WorkloadStore.count_workloads()))
+    # </editor-fold>
+    all_workloads: List[pylo.Workload]  # the list of all workloads to be processed
+    if pce_cache_was_used:
+        # if some filters were used, let's apply them now
+        print("* Filtering workloads loaded from cache based on their labels... ", end='', flush=True)
+        # if some label filters were used, we will apply them at later stage
+        all_workloads: List[pylo.Workload] = list((org.WorkloadStore.find_workloads_matching_all_labels(filter_labels)).values())
+        print("OK! {} workloads left after filtering".format(len(all_workloads)))
+    else:
+        # filter was already applied during the download from the PCE
+        all_workloads = org.WorkloadStore.workloads
+    def add_workload_to_report(workload: pylo.Workload, action: str):
+        url_link_to_pce = workload.get_pce_ui_url()
+        new_row = {
+                'hostname': workload.hostname,
+                'online': workload.online,
+                'last_heartbeat': workload.ven_agent.get_last_heartbeat_date().strftime('%Y-%m-%d %H:%M'),
+                'href': workload.href,
+                'link_to_pce': url_link_to_pce,
+                'action': action
+        }
+        for label_type in org.LabelStore.label_types:
+            new_row['label_'+label_type] = workload.get_label_name(label_type, '')
+        sheet.add_line_from_object(new_row)
+    duplicated_hostnames = DuplicateRecordManager(arg_override_pce_offline_timer_to)
+    print(" * Looking for VEN with duplicated hostname(s)")
+    for workload in all_workloads:
+        if workload.deleted:
+            continue
+        if workload.unmanaged and arg_ignore_unmanaged_workloads:
+            continue
+        duplicated_hostnames.add_workload(workload)
+    print(" * Found {} duplicated hostnames".format(duplicated_hostnames.count_duplicates()))
+    delete_tracker = org.connector.new_tracker_workload_multi_delete()
+    for dup_hostname, dup_record in duplicated_hostnames._records.items():
+        if not dup_record.has_duplicates():
+            continue
+        print("  - hostname '{}' has duplicates. ({} online, {} offline, {} unmanaged)".format(dup_hostname,
+                                                                                         len(dup_record.online),
+                                                                                         len(dup_record.offline),
+                                                                                         len(dup_record.unmanaged)))
+        latest_created_workload = dup_record.find_latest_created_at()
+        latest_heartbeat_workload = dup_record.find_latest_heartbeat()
+        print("     - Latest created at {} and latest heartbeat at {}".format(latest_created_workload.created_at, latest_heartbeat_workload.ven_agent.get_last_heartbeat_date()))
+        if dup_record.count_online() == 0:
+            print("     - IGNORED: there is no VEN online")
+            for wkl in dup_record.offline:
+                add_workload_to_report(wkl, "ignored (no VEN online)")
+            continue
+        if dup_record.count_online() > 1:
+            print("     - WARNING: there are more than 1 VEN online")
+        # Don't delete online workloads but still show them in the report
+        for wkl in dup_record.online:
+            add_workload_to_report(wkl, "ignored (VEN is online)")
+        for wkl in dup_record.offline:
+            if arg_do_not_delete_the_most_recent_workload and  wkl is latest_created_workload:
+                print("    - IGNORED: wkl {}/{} is the most recent".format(wkl.get_name_stripped_fqdn(), wkl.href))
+                add_workload_to_report(wkl, "ignored (it is the most recently created)")
+            elif arg_do_not_delete_the_most_recently_heartbeating_workload and wkl is latest_heartbeat_workload:
+                print("    - IGNORED: wkl {}/{} is the most recently heartbeating".format(wkl.get_name_stripped_fqdn(), wkl.href))
+                add_workload_to_report(wkl, "ignored (it is the most recently heartbeating)")
+            elif arg_do_not_delete_if_last_heartbeat_is_more_recent_than is not None and wkl.ven_agent.get_last_heartbeat_date() > datetime.datetime.now() - datetime.timedelta(days=arg_do_not_delete_if_last_heartbeat_is_more_recent_than):
+                print("    - IGNORED: wkl {}/{} has a last heartbeat more recent than {} days".format(wkl.get_name_stripped_fqdn(), wkl.href, arg_do_not_delete_if_last_heartbeat_is_more_recent_than))
+                add_workload_to_report(wkl, "ignored (last heartbeat is more recent than {} days)".format(arg_do_not_delete_if_last_heartbeat_is_more_recent_than))
+            else:
+                if arg_limit_number_of_deleted_workloads is not None and delete_tracker.count_entries() >= arg_limit_number_of_deleted_workloads:
+                    print("    - IGNORED: wkl {}/{} because the limit of {} workloads to be deleted was reached".format(wkl.get_name_stripped_fqdn(), wkl.href, arg_limit_number_of_deleted_workloads))
+                    add_workload_to_report(wkl, "ignored (limit of {} workloads to be deleted was reached)".format(arg_limit_number_of_deleted_workloads))
+                else:
+                    delete_tracker.add_workload(wkl)
+                    print("    - added offline wkl {}/{} to the delete list".format(wkl.get_name_stripped_fqdn(), wkl.href))
+        for wkl in dup_record.unmanaged:
+            if arg_limit_number_of_deleted_workloads is not None and delete_tracker.count_entries() >= arg_limit_number_of_deleted_workloads:
+                print("    - IGNORED: wkl {}/{} because the limit of {} workloads to be deleted was reached".format(wkl.get_name_stripped_fqdn(), wkl.href, arg_limit_number_of_deleted_workloads))
+                add_workload_to_report(wkl, "ignored (limit of {} workloads to be deleted was reached)".format(arg_limit_number_of_deleted_workloads))
+            else:
+                delete_tracker.add_workload(wkl)
+                print("    - added unmanaged wkl {}/{} to the delete list".format(wkl.get_name_stripped_fqdn(), wkl.href))
+    print()
+    if delete_tracker.count_entries() < 1:
+        print(" * No workloads to be deleted")
+    elif arg_proceed_with_deletion:
+        print(" * Found {} workloads to be deleted. Listing:".format(delete_tracker.count_entries()))
+        for wkl in delete_tracker.workloads:
+            print("    - {} (href: {} url: {})".format(wkl.get_name_stripped_fqdn(), wkl.href, wkl.get_pce_ui_url()))
+        print()
+        if arg_do_not_require_deletion_confirmation:
+            print(" * '--do-not-require-deletion-confirmation' option was used, no confirmation will be asked")
+        else:
+            confirm = click.confirm(" * Are you sure you want to proceed with the deletion of {} workloads?".format(delete_tracker.count_entries()), abort=True)
+            if not confirm:
+                print(" * Aborted by user")
+                return
+        print(" * Executing deletion requests ... ".format(output_file_csv), end='', flush=True)
+        delete_tracker.execute(unpair_agents=True)
+        print("DONE")
+        for wkl in delete_tracker.workloads:
+            error_msg = delete_tracker.get_error_by_href(wkl.href)
+            if error_msg is None:
+                add_workload_to_report(wkl, "deleted")
+            else:
+                print("    - an error occurred when deleting workload {}/{} : {}".format(wkl.get_name_stripped_fqdn(), wkl.href, error_msg))
+                add_workload_to_report(wkl, "API error: " + error_msg)
+        print()
+        print(" * {} workloads deleted / {} with errors".format(delete_tracker.count_entries()-delete_tracker.count_errors(), delete_tracker.count_errors()))
+        print()
+    else:
+        print(" * Found {} workloads to be deleted BUT NO '--proceed-with-deletion' OPTION WAS USED".format(delete_tracker.count_entries()))
+        for wkl in delete_tracker.workloads:
+            add_workload_to_report(wkl, "TO BE DELETED (no confirm option used)")
+    if sheet.lines_count() >= 1:
+        if len(report_wanted_format) < 1:
+            print(" * No report format was specified, no report will be generated")
+        else:
+            sheet.reorder_lines(['hostname']) # sort by hostname for better readability
+            for report_format in report_wanted_format:
+                output_filename = output_file_prefix + '.' + report_format
+                print(" * Writing report file '{}' ... ".format(output_filename), end='', flush=True)
+                if report_format == 'csv':
+                    sheet.write_to_csv(output_filename)
+                elif report_format == 'xlsx':
+                    csv_report.write_to_excel(output_filename)
+                else:
+                    raise pylo.PyloEx("Unknown format for report: '{}'".format(report_format))
+                print("DONE")
+    else:
+        print("\n** WARNING: no entry matched your filters so reports were not generated !\n")
+# make this command available to the CLI system
+command_object = Command(command_name, __main, fill_parser, objects_load_filter)
+class DuplicateRecordManager:
+    class DuplicatedRecord:
+        def __init__(self, pce_offline_timer_override: Optional[int] = None):
+            self.offline = []
+            self.online = []
+            self.unmanaged= []
+            self.all: List[pylo.Workload] = []
+            self._pce_offline_timer_override: Optional[int] = pce_offline_timer_override
+        def add_workload(self, workload: 'pylo.Workload'):
+            self.all.append(workload)
+            if workload.unmanaged:
+                self.unmanaged.append(workload)
+            elif self._pce_offline_timer_override is None:
+                if workload.online:
+                    self.online.append(workload)
+                else:
+                    self.offline.append(workload)
+            else:
+                if workload.ven_agent.get_last_heartbeat_date() > datetime.datetime.now() - datetime.timedelta(days=self._pce_offline_timer_override):
+                    self.online.append(workload)
+                else:
+                    self.offline.append(workload)
+        def count_workloads(self):
+            return len(self.unmanaged) + len(self.online) + len(self.offline)
+        def count_online(self):
+            return len(self.online)
+        def count_offline(self):
+            return len(self.offline)
+        def count_unmanaged(self):
+            return len(self.unmanaged)
+        def has_duplicates(self):
+            if len(self.offline) + len(self.online) + len(self.unmanaged) > 1:
+                return True
+            return False
+        def find_latest_created_at(self)-> 'pylo.Workload':
+            latest: Optional[pylo.Workload] = None
+            for wkl in self.all:
+                if wkl.unmanaged:
+                    continue
+                if latest is None or wkl.created_at > latest.created_at:
+                    latest = wkl
+            return latest
+        def find_latest_heartbeat(self)-> 'pylo.Workload':
+            latest: Optional[pylo.Workload] = None
+            for wkl in self.all:
+                if wkl.unmanaged:
+                    continue
+                if latest is None or wkl.ven_agent.get_last_heartbeat_date() > latest.ven_agent.get_last_heartbeat_date():
+                    latest = wkl
+            return latest
+    def __init__(self, pce_offline_timer_override: Optional[int] = None):
+        self._records: Dict[str, DuplicateRecordManager.DuplicatedRecord] = {}
+        self._pce_offline_timer_override: Optional[int] = pce_offline_timer_override
+    def count_record(self):
+        return len(self._records)
+    def count_workloads(self):
+        total = 0
+        for record in self._records.values():
+            total += record.count_workloads()
+    def records(self) -> List['DuplicateRecordManager.DuplicatedRecord']:
+        return list(self._records.values())
+    def count_duplicates(self):
+        count = 0
+        for record in self._records.values():
+            if record.has_duplicates():
+                count += 1
+        return count
+    def add_workload(self, workload: pylo.Workload):
+        lower_hostname = workload.get_name_stripped_fqdn().lower()
+        if lower_hostname not in self._records:
+            self._records[lower_hostname] = self.DuplicatedRecord(self._pce_offline_timer_override)
+        record = self._records[lower_hostname]
+        record.add_workload(workload)

illumio_pylo/cli/commands/ven_idle_to_visibility.py ADDED Viewed

@@ -0,0 +1,287 @@
+from typing import Dict, List, Any, Union
+from dataclasses import dataclass
+import sys
+import argparse
+import math
+import illumio_pylo as pylo
+from .misc import make_filename_with_timestamp
+from . import Command
+from ..NativeParsers import LabelParser
+command_name = 'ven-idle-to-visibility'
+objects_load_filter = ['workloads', 'labels']
+def fill_parser(parser: argparse.ArgumentParser):
+    parser.add_argument('--filter-on-href-from-file', type=str, required=False, default=None,
+                        help='Filter agents on workload href found in specific csv file')
+    parser.add_argument('--ignore-incompatibilities', type=str, nargs='+', required=False, default=None,
+                        help="Ignore specific incompatibilities and force mode switch!")
+    parser.add_argument('--ignore-all-incompatibilities', action='store_true',
+                        help="Don't check compatibility report and just do the change!")
+    parser.add_argument('-c', '--confirm', action='store_true',
+                        help='Request upgrade of the Agents')
+    parser.add_argument('-m', '--mode', type=str.lower, required=True, choices=['build', 'test'],
+                        help='Select if you want to switch from IDLE to BUILD or TEST')
+@dataclass
+class MyBuiltInParser:
+    filter_env_label = LabelParser('--filter-env-label', '-env', 'env', is_required=False, allow_multiple=True)
+    filter_app_label = LabelParser('--filter-app-label', '-app', 'app', is_required=False, allow_multiple=True)
+    filter_role_label = LabelParser('--filter-role-label', '-role', 'role', is_required=False, allow_multiple=True)
+    filter_loc_label = LabelParser('--filter-loc-label', '-loc', 'loc', is_required=False, allow_multiple=True)
+def __main(args, org: pylo.Organization, native_parsers: MyBuiltInParser, **kwargs):
+    confirmed_updates = args['confirm']
+    switch_to_mode = args['mode']
+    href_filter_file = args['filter_on_href_from_file']
+    options_ignore_all_incompatibilities = args['ignore_all_incompatibilities']
+    option_ignore_incompatibilities: Union[None, Dict[str, bool]] = None
+    if args['ignore_incompatibilities'] is not None:
+        option_ignore_incompatibilities = {}
+        for entry in args['ignore_incompatibilities']:
+            option_ignore_incompatibilities[entry] = True
+    minimum_supported_version = pylo.SoftwareVersion("18.2.0-0")
+    output_file_prefix = make_filename_with_timestamp('ven-mode-update-results_')
+    output_file_csv = output_file_prefix + '.csv'
+    output_file_excel = output_file_prefix + '.xlsx'
+    csv_report_headers = ['name', 'hostname', 'role', 'app', 'env', 'loc', 'changed_mode', 'details', 'href']
+    csv_report = pylo.ArrayToExport(csv_report_headers)
+    def add_workload_to_report(wkl: pylo.Workload, changed_mode: str, details: str):
+        labels = workload.get_labels_str_list()
+        new_row = {
+            'hostname': wkl.hostname,
+            'role': labels[0],
+            'app': labels[1],
+            'env': labels[2],
+            'loc': labels[3],
+            'href': wkl.href,
+            'status': wkl.get_status_string(),
+            'changed_mode': changed_mode,
+            'details': details
+        }
+        csv_report.add_line_from_object(new_row)
+    href_filter_data = None
+    if href_filter_file is not None:
+        print(" * Loading CSV input file '{}'...".format(href_filter_file), flush=True, end='')
+        href_filter_data = pylo.CsvExcelToObject(href_filter_file,
+                                                 expected_headers=[{'name': 'href', 'optional': False}])
+        print('OK')
+        print("   - CSV has {} columns and {} lines (headers don't count)".format(href_filter_data.count_columns(),
+                                                                                  href_filter_data.count_lines()),
+              flush=True)
+    agents = {}
+    for agent in org.AgentStore.items_by_href.values():
+        if agent.mode == 'idle':
+            agents[agent.href] = agent
+    print(" * Found {} IDLE Agents".format(len(agents)))
+    count_idle_agents_total = len(agents)
+    print(" * Parsing filters")
+    env_label_list = native_parsers.filter_env_label.results
+    if env_label_list is None:
+        print("   * No Environment Labels specified")
+    else:
+        print("   * Environment Labels specified")
+        for label in env_label_list:
+            print("     - label named '{}'".format(label.name))
+    loc_label_list = native_parsers.filter_loc_label.results
+    if loc_label_list is None:
+        print("   * No Location Labels specified")
+    else:
+        print("   * Location Labels specified")
+        for label in loc_label_list:
+            print("     - label named '{}'".format(label.name))
+    app_label_list = native_parsers.filter_app_label.results
+    if app_label_list is None:
+        print("   * No Application Labels specified")
+    else:
+        print("   * Application Labels specified")
+        for label in app_label_list:
+            print("     - label named '{}'".format(label.name))
+    role_label_list = native_parsers.filter_role_label.results
+    if role_label_list is None:
+        print("   * No Role Labels specified")
+    else:
+        print("   * Role Labels specified")
+        for label in role_label_list:
+            print("     - label named '{}'".format(label.name))
+    print("  * DONE")
+    print(" * Applying filters to the list of Agents...", flush=True, end='')
+    for agent_href in list(agents.keys()):
+        agent = agents[agent_href]
+        workload = agent.workload
+        if env_label_list is not None and (workload.env_label is None or workload.env_label not in env_label_list):
+            del agents[agent_href]
+            continue
+        if loc_label_list is not None and (workload.loc_label is None or workload.loc_label not in loc_label_list):
+            del agents[agent_href]
+            continue
+        if app_label_list is not None and (workload.app_label is None or workload.app_label not in app_label_list):
+            del agents[agent_href]
+            continue
+        if role_label_list is not None and (workload.role_label is None or workload.role_label not in role_label_list):
+            del agents[agent_href]
+            continue
+        if href_filter_data is not None:
+            workload_href_found = False
+            for href_entry in href_filter_data.objects():
+                workload_href = href_entry['href']
+                if workload_href is not None and workload_href == workload.href:
+                    workload_href_found = True
+                    break
+            if not workload_href_found:
+                del agents[agent_href]
+                continue
+    print("OK! {} VENs are matching filters (from initial list of {} IDLE VENs).".format(len(agents), count_idle_agents_total))
+    print()
+    print(" ** Request Compatibility Report for each Agent in IDLE mode **")
+    agent_count = 0
+    agent_green_count = 0
+    agent_mode_changed_count = 0
+    agent_skipped_not_online = 0
+    agent_has_no_report_count = 0
+    agent_report_failed_count = 0
+    try:
+        for agent in agents.values():
+            agent_count += 1
+            print(" - Agent #{}/{}: wkl NAME:'{}' HREF:{} Labels:{}".format(agent_count, len(agents), agent.workload.get_name(),
+                                                                            agent.workload.href,
+                                                                            agent.workload.get_labels_str())
+                  )
+            if not agent.workload.online:
+                print("    - Agent is not ONLINE so we're skipping it")
+                agent_skipped_not_online += 1
+                add_workload_to_report(agent.workload, 'no', 'VEN is not online')
+                continue
+            if options_ignore_all_incompatibilities:
+                if not confirmed_updates:
+                    print("    - ** SKIPPING Agent mode change process as option '--confirm' was not used")
+                    add_workload_to_report(agent.workload, 'no', '--confirm option was not used')
+                    continue
+                print("    - Request Agent mode switch to BUILD/TEST...", end='', flush=True)
+                org.connector.objects_agent_change_mode(agent.workload.href, switch_to_mode)
+                print("OK")
+                agent_mode_changed_count += 1
+                add_workload_to_report(agent.workload, 'yes', '')
+                continue
+            print("    - Downloading report...", flush=True, end='')
+            report = org.connector.agent_get_compatibility_report(agent_href=agent.href, return_raw_json=False)
+            print('OK')
+            if report.empty:
+                print("    - ** SKIPPING : Report does not exist")
+                agent_has_no_report_count += 1
+                add_workload_to_report(agent.workload, 'no', 'Compatibility report does not exist')
+                continue
+            print("    - Report status is '{}'".format(report.global_status))
+            if report.global_status == 'green':
+                agent_green_count += 1
+                if not confirmed_updates:
+                    print("    - ** SKIPPING Agent mode change process as option '--confirm' was not used")
+                    add_workload_to_report(agent.workload, 'no', '--confirm option was not used')
+                    continue
+                print("    - Request Agent mode switch to BUILD/TEST...", end='', flush=True)
+                org.connector.objects_agent_change_mode(agent.workload.href, switch_to_mode)
+                print("OK")
+                agent_mode_changed_count += 1
+                add_workload_to_report(agent.workload, 'yes', '')
+            else:
+                print("       - the following issues were found in the report:", flush=True)
+                failed_items = report.get_failed_items()
+                issues_remaining = False
+                for failed_item in failed_items:
+                    if option_ignore_incompatibilities is not None and failed_item in option_ignore_incompatibilities:
+                        print("         -{} (ignored because it's part of --ignore-incompatibilities list)".format(failed_item))
+                    else:
+                        print("         -{}".format(failed_item))
+                        issues_remaining = True
+                if not issues_remaining:
+                    agent_green_count += 1
+                    if not confirmed_updates:
+                        print("    - ** SKIPPING Agent mode change process as option '--confirm' was not used")
+                        add_workload_to_report(agent.workload, 'no', '--confirm option was not used')
+                        continue
+                    print("    - Request Agent mode switch to BUILD/TEST...", end='', flush=True)
+                    org.connector.objects_agent_change_mode(agent.workload.href, switch_to_mode)
+                    print("OK")
+                    agent_mode_changed_count += 1
+                    add_workload_to_report(agent.workload, 'yes', '')
+                    continue
+                add_workload_to_report(agent.workload, 'no',
+                                       'compatibility report has reported issues: {}'.format(pylo.string_list_to_text(failed_items.keys()))
+                                       )
+                agent_report_failed_count += 1
+    except:
+        pylo.log.error("An unexpected error happened, an intermediate report will be written and original traceback displayed")
+        pylo.log.error(" * Writing report file '{}' ... ".format(output_file_csv))
+        csv_report.write_to_csv(output_file_csv)
+        pylo.log.error("DONE")
+        pylo.log.error(" * Writing report file '{}' ... ".format(output_file_excel))
+        csv_report.write_to_excel(output_file_excel)
+        pylo.log.error("DONE")
+        raise
+    def myformat(name, value):
+        return "{:<42} {:>6}".format(name, value)
+        # return "{:<18} {:>6}".format(name, "${:.2f}".format(value))
+    print("\n\n*** Statistics ***")
+    print(myformat(" - IDLE Agents count (after filters):", agent_count))
+    if confirmed_updates:
+        print(myformat(" - Agents mode changed count:", agent_mode_changed_count))
+    else:
+        print(myformat(" - Agents with successful report count:", agent_green_count))
+    print(myformat(" - SKIPPED because not online count:", agent_skipped_not_online))
+    print(myformat(" - SKIPPED because report was not found:", agent_has_no_report_count))
+    print(myformat(" - Agents with failed reports:", agent_report_failed_count ))
+    print()
+    print(" * Writing report file '{}' ... ".format(output_file_csv), end='', flush=True)
+    csv_report.write_to_csv(output_file_csv)
+    print("DONE")
+    print(" * Writing report file '{}' ... ".format(output_file_excel), end='', flush=True)
+    csv_report.write_to_excel(output_file_excel)
+    print("DONE")
+    if not confirmed_updates:
+        print()
+        print(" ***** No Agent was switched to Illumination because --confirm option was not used *****")
+        print()
+command_object = Command(command_name, __main, fill_parser,
+                         load_specific_objects_only=objects_load_filter,
+                         native_parsers_as_class=MyBuiltInParser()
+                         )