kong-deck-tools 0.1.0__tar.gz

kong_deck_tools-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Michael Tan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

kong_deck_tools-0.1.0/PKG-INFO

@@ -0,0 +1,144 @@
+Metadata-Version: 2.4
+Name: kong-deck-tools
+Version: 0.1.0
+Summary: Kong API Gateway configuration tools for certificate management and cross-environment comparison
+Author: Michael Tan
+License: MIT
+Project-URL: Homepage, https://github.com/michaeltan/kong-deck-tools
+Project-URL: Repository, https://github.com/michaeltan/kong-deck-tools
+Keywords: kong,api-gateway,deck,configuration,certificates
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: System Administrators
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: System :: Systems Administration
+Classifier: Topic :: Utilities
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: ruamel.yaml>=0.18.0
+Dynamic: license-file
+
+# kong-deck-tools
+
+Kong API Gateway configuration tools for certificate management and cross-environment comparison.
+
+## Overview
+
+This package provides CLI tools for managing Kong API Gateway configurations:
+
+1. **Extract certificates** from Kong configurations into separate files, allowing templates to be safely committed to git while keeping sensitive certificate data separate
+2. **Enforce consistent key ordering** across all configurations, making it easy to compare configurations across different environments (local, staging, production)
+
+## Installation
+
+```bash
+pip install kong-deck-tools
+```
+
+## Usage
+
+### kong-templatize
+
+Splits a Kong configuration into a template and a certificate values file:
+
+```bash
+kong-templatize config.yaml
+```
+
+**Input:** `config.yaml` (full Kong configuration with certificates)
+
+**Output:**
+- `config.tmpl.yaml` - Template with Helm-style placeholders for certificates
+- `config.certs.values.yaml` - Extracted certificate values (name, cert, key)
+
+The script also prettifies the template by reordering YAML keys for consistency and readability.
+
+### kong-hydrate
+
+Reconstructs a full Kong configuration from template and values:
+
+```bash
+kong-hydrate config.tmpl.yaml
+```
+
+**Input:** `config.tmpl.yaml` (template file; values file `config.certs.values.yaml` is derived automatically)
+
+**Output:** `config.rendered.yaml` (complete Kong configuration)
+
+## Workflow with Kong deck
+
+```bash
+# 1. Export current Kong configuration
+deck gateway dump -o config.yaml
+
+# 2. Extract certificates and create template
+kong-templatize config.yaml
+
+# 3. Commit template to git (certificates stay separate)
+git add config.tmpl.yaml
+git commit -m "Update Kong configuration"
+
+# 4. Before deploying, hydrate the template with certificates
+kong-hydrate config.tmpl.yaml
+
+# 5. Compare with current Kong state
+deck gateway diff config.rendered.yaml
+
+# 6. Apply changes
+deck gateway sync config.rendered.yaml
+```
+
+## Key Ordering
+
+The `kong-templatize` command enforces consistent key ordering to make configs:
+- **Human-readable**: Important fields (name, enabled) appear first
+- **Diff-friendly**: Consistent ordering reduces noise in git diffs
+- **Hierarchical**: Configuration objects (routes, plugins) appear after their properties
+
+Key ordering by entity type:
+- **Plugins**: name -> enabled -> config -> protocols -> tags
+- **Services**: name -> enabled -> host -> port -> protocol -> timeouts -> tags -> plugins -> routes
+- **Routes**: name -> hosts -> paths -> protocols -> strip_path -> preserve_host -> ... -> plugins
+- **Upstreams**: name -> algorithm -> slots -> hash_* -> tags -> healthchecks -> targets
+- **Consumers**: username -> custom_id -> tags
+
+## Requirements
+
+- Python 3.8+
+- Kong deck CLI (for dumping/syncing configurations)
+
+## Development
+
+### Install in development mode
+
+```bash
+git clone https://github.com/michaeltan/kong-deck-tools.git
+cd kong-deck-tools
+pip install -e .
+```
+
+### Publishing to PyPI
+
+```bash
+# Install uv (if not already installed)
+brew install uv
+
+# Build the package
+uv build
+
+# Upload to PyPI
+uv publish
+```
+
+## License
+
+MIT

kong_deck_tools-0.1.0/README.md

@@ -0,0 +1,115 @@
+# kong-deck-tools
+
+Kong API Gateway configuration tools for certificate management and cross-environment comparison.
+
+## Overview
+
+This package provides CLI tools for managing Kong API Gateway configurations:
+
+1. **Extract certificates** from Kong configurations into separate files, allowing templates to be safely committed to git while keeping sensitive certificate data separate
+2. **Enforce consistent key ordering** across all configurations, making it easy to compare configurations across different environments (local, staging, production)
+
+## Installation
+
+```bash
+pip install kong-deck-tools
+```
+
+## Usage
+
+### kong-templatize
+
+Splits a Kong configuration into a template and a certificate values file:
+
+```bash
+kong-templatize config.yaml
+```
+
+**Input:** `config.yaml` (full Kong configuration with certificates)
+
+**Output:**
+- `config.tmpl.yaml` - Template with Helm-style placeholders for certificates
+- `config.certs.values.yaml` - Extracted certificate values (name, cert, key)
+
+The script also prettifies the template by reordering YAML keys for consistency and readability.
+
+### kong-hydrate
+
+Reconstructs a full Kong configuration from template and values:
+
+```bash
+kong-hydrate config.tmpl.yaml
+```
+
+**Input:** `config.tmpl.yaml` (template file; values file `config.certs.values.yaml` is derived automatically)
+
+**Output:** `config.rendered.yaml` (complete Kong configuration)
+
+## Workflow with Kong deck
+
+```bash
+# 1. Export current Kong configuration
+deck gateway dump -o config.yaml
+
+# 2. Extract certificates and create template
+kong-templatize config.yaml
+
+# 3. Commit template to git (certificates stay separate)
+git add config.tmpl.yaml
+git commit -m "Update Kong configuration"
+
+# 4. Before deploying, hydrate the template with certificates
+kong-hydrate config.tmpl.yaml
+
+# 5. Compare with current Kong state
+deck gateway diff config.rendered.yaml
+
+# 6. Apply changes
+deck gateway sync config.rendered.yaml
+```
+
+## Key Ordering
+
+The `kong-templatize` command enforces consistent key ordering to make configs:
+- **Human-readable**: Important fields (name, enabled) appear first
+- **Diff-friendly**: Consistent ordering reduces noise in git diffs
+- **Hierarchical**: Configuration objects (routes, plugins) appear after their properties
+
+Key ordering by entity type:
+- **Plugins**: name -> enabled -> config -> protocols -> tags
+- **Services**: name -> enabled -> host -> port -> protocol -> timeouts -> tags -> plugins -> routes
+- **Routes**: name -> hosts -> paths -> protocols -> strip_path -> preserve_host -> ... -> plugins
+- **Upstreams**: name -> algorithm -> slots -> hash_* -> tags -> healthchecks -> targets
+- **Consumers**: username -> custom_id -> tags
+
+## Requirements
+
+- Python 3.8+
+- Kong deck CLI (for dumping/syncing configurations)
+
+## Development
+
+### Install in development mode
+
+```bash
+git clone https://github.com/michaeltan/kong-deck-tools.git
+cd kong-deck-tools
+pip install -e .
+```
+
+### Publishing to PyPI
+
+```bash
+# Install uv (if not already installed)
+brew install uv
+
+# Build the package
+uv build
+
+# Upload to PyPI
+uv publish
+```
+
+## License
+
+MIT

kong_deck_tools-0.1.0/pyproject.toml

@@ -0,0 +1,45 @@
+[build-system]
+requires = ["setuptools>=61.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "kong-deck-tools"
+version = "0.1.0"
+description = "Kong API Gateway configuration tools for certificate management and cross-environment comparison"
+readme = "README.md"
+license = {text = "MIT"}
+requires-python = ">=3.8"
+authors = [
+    {name = "Michael Tan"}
+]
+keywords = ["kong", "api-gateway", "deck", "configuration", "certificates"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Environment :: Console",
+    "Intended Audience :: Developers",
+    "Intended Audience :: System Administrators",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: OS Independent",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.8",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: System :: Systems Administration",
+    "Topic :: Utilities",
+]
+dependencies = [
+    "ruamel.yaml>=0.18.0",
+]
+
+[project.urls]
+Homepage = "https://github.com/michaeltan/kong-deck-tools"
+Repository = "https://github.com/michaeltan/kong-deck-tools"
+
+[project.scripts]
+kong-templatize = "kong_deck_tools.templatize:main"
+kong-hydrate = "kong_deck_tools.hydrate:main"
+
+[tool.setuptools.packages.find]
+where = ["src"]

kong_deck_tools-0.1.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

kong_deck_tools-0.1.0/src/kong_deck_tools/__init__.py

@@ -0,0 +1,8 @@
+"""
+kong-deck-tools: Kong API Gateway configuration management tools.
+
+Tools for managing Kong configurations by extracting certificates into separate
+files and enforcing consistent key ordering for easy cross-environment comparison.
+"""
+
+__version__ = "0.1.0"

kong_deck_tools-0.1.0/src/kong_deck_tools/hydrate.py

@@ -0,0 +1,135 @@
+#!/usr/bin/env python3
+"""
+hydrate.py
+Renders a Kong template file by substituting certificate values from values file.
+This reverses the templatize operation.
+
+Usage: kong-hydrate <template_file>
+Example: kong-hydrate config.tmpl.yaml
+
+Uses ruamel.yaml for format preservation to ensure lossless round-trips.
+"""
+
+import re
+import sys
+from io import StringIO
+from pathlib import Path
+from ruamel.yaml import YAML
+
+
+def load_certificate_values(file_path):
+    """Load certificate values from values file."""
+    with open(file_path, 'r') as f:
+        content = f.read()
+
+    # Split by 'name:' but keep the delimiter
+    parts = re.split(r'(?=^name: )', content, flags=re.MULTILINE)
+
+    yaml = YAML()
+    yaml.preserve_quotes = True
+
+    certs = []
+    for part in parts:
+        part = part.strip()
+        if part:
+            try:
+                cert_doc = yaml.load(StringIO(part))
+                if cert_doc and 'name' in cert_doc:
+                    certs.append(cert_doc)
+            except Exception:
+                pass
+
+    return certs
+
+
+def load_yaml(file_path):
+    """Load a single YAML document with format preservation."""
+    yaml = YAML()
+    yaml.preserve_quotes = True
+    yaml.default_flow_style = False
+
+    with open(file_path, 'r') as f:
+        return yaml.load(f)
+
+
+def main():
+    if len(sys.argv) < 2:
+        print("Usage: kong-hydrate <template_file>")
+        print("Example: kong-hydrate config.tmpl.yaml")
+        sys.exit(1)
+
+    template_file = sys.argv[1]
+
+    # Validate input file exists
+    if not Path(template_file).exists():
+        print(f"Error: Template file '{template_file}' not found")
+        sys.exit(1)
+
+    # Derive basename by stripping .tmpl.yaml or .tmpl.yml extension
+    basename = template_file
+    for ext in ['.tmpl.yaml', '.tmpl.yml']:
+        if basename.endswith(ext):
+            basename = basename[:-len(ext)]
+            break
+
+    values_file = f"{basename}.certs.values.yaml"
+    output_file = f"{basename}.rendered.yaml"
+
+    if not Path(values_file).exists():
+        print(f"Error: Values file '{values_file}' not found")
+        sys.exit(1)
+
+    print("Rendering Kong configuration...")
+    print(f"   Template: {template_file}")
+    print(f"   Values:   {values_file}")
+    print("")
+
+    # Load template
+    template = load_yaml(template_file)
+
+    # Load certificate values
+    cert_values = load_certificate_values(values_file)
+
+    # Create a mapping of SNI name to certificate data
+    cert_map = {}
+    for cert_doc in cert_values:
+        if cert_doc and 'name' in cert_doc:
+            cert_map[cert_doc['name']] = {
+                'cert': cert_doc.get('cert', ''),
+                'key': cert_doc.get('key', '')
+            }
+
+    # Substitute certificates in template
+    if 'certificates' in template:
+        for cert in template['certificates']:
+            if 'snis' in cert and len(cert['snis']) > 0:
+                sni_name = cert['snis'][0]['name']
+                if sni_name in cert_map:
+                    print(f"   Substituting certificate for: {sni_name}")
+                    cert_value = cert_map[sni_name]['cert']
+                    key_value = cert_map[sni_name]['key']
+
+                    # Ensure keys end with newline to match Kong's format
+                    if not key_value.endswith('\n'):
+                        key_value = key_value + '\n'
+
+                    cert['cert'] = cert_value
+                    cert['key'] = key_value
+
+    # Write rendered output with format preservation
+    yaml = YAML()
+    yaml.preserve_quotes = True
+    yaml.default_flow_style = False
+    yaml.width = 4096  # Prevent line wrapping
+
+    with open(output_file, 'w') as f:
+        yaml.dump(template, f)
+
+    print("")
+    print("Configuration rendered successfully!")
+    print(f"   Output: {output_file}")
+    print("")
+
+
+if __name__ == '__main__':
+    main()

kong_deck_tools-0.1.0/src/kong_deck_tools/templatize.py

@@ -0,0 +1,236 @@
+#!/usr/bin/env python3
+"""
+templatize.py
+Splits Kong configuration into template and values files, then prettifies.
+This creates diff-friendly, Helm-ready configuration files.
+
+Usage: kong-templatize <config_file>
+Example: kong-templatize config.yaml
+"""
+
+import sys
+from pathlib import Path
+from ruamel.yaml import YAML
+from ruamel.yaml.comments import CommentedMap
+
+
+# Key ordering definitions for each entity type
+PLUGIN_KEY_ORDER = ['name', 'enabled', 'config', 'protocols', 'tags']
+SERVICE_KEY_ORDER = ['name', 'enabled', 'host', 'port', 'protocol',
+                     'connect_timeout', 'read_timeout', 'write_timeout',
+                     'retries', 'tags']
+SERVICE_TRAILING_KEYS = ['plugins', 'routes']
+ROUTE_KEY_ORDER = ['name', 'hosts', 'paths', 'protocols', 'strip_path',
+                   'preserve_host', 'https_redirect_status_code', 'path_handling',
+                   'regex_priority', 'request_buffering', 'response_buffering', 'tags']
+ROUTE_TRAILING_KEYS = ['plugins']
+UPSTREAM_KEY_ORDER = ['name', 'algorithm', 'slots', 'hash_on', 'hash_fallback',
+                      'hash_on_cookie_path', 'use_srv_name', 'tags']
+UPSTREAM_TRAILING_KEYS = ['healthchecks', 'targets']
+TARGET_KEY_ORDER = ['target', 'weight', 'tags']
+CONSUMER_KEY_ORDER = ['username', 'custom_id', 'tags']
+
+
+def reorder_keys(obj, key_order, trailing_keys=None):
+    """Reorder keys in a CommentedMap according to specified order."""
+    if not isinstance(obj, dict):
+        return obj
+
+    trailing_keys = trailing_keys or []
+    ordered = CommentedMap()
+
+    # First, add keys in specified order
+    for key in key_order:
+        if key in obj:
+            ordered[key] = obj[key]
+
+    # Then add remaining keys (except trailing ones)
+    all_specified = set(key_order) | set(trailing_keys)
+    for key in obj:
+        if key not in all_specified:
+            ordered[key] = obj[key]
+
+    # Finally add trailing keys
+    for key in trailing_keys:
+        if key in obj:
+            ordered[key] = obj[key]
+
+    return ordered
+
+
+def reorder_plugins(plugins):
+    """Reorder keys in plugin configurations."""
+    if not plugins:
+        return plugins
+    return [reorder_keys(p, PLUGIN_KEY_ORDER) for p in plugins]
+
+
+def reorder_routes(routes):
+    """Reorder keys in route configurations."""
+    if not routes:
+        return routes
+    result = []
+    for route in routes:
+        ordered = reorder_keys(route, ROUTE_KEY_ORDER, ROUTE_TRAILING_KEYS)
+        if 'plugins' in ordered:
+            ordered['plugins'] = reorder_plugins(ordered['plugins'])
+        result.append(ordered)
+    return result
+
+
+def reorder_services(services):
+    """Reorder keys in service configurations."""
+    if not services:
+        return services
+    result = []
+    for service in services:
+        ordered = reorder_keys(service, SERVICE_KEY_ORDER, SERVICE_TRAILING_KEYS)
+        if 'plugins' in ordered:
+            ordered['plugins'] = reorder_plugins(ordered['plugins'])
+        if 'routes' in ordered:
+            ordered['routes'] = reorder_routes(ordered['routes'])
+        result.append(ordered)
+    return result
+
+
+def reorder_targets(targets):
+    """Reorder keys in target configurations."""
+    if not targets:
+        return targets
+    return [reorder_keys(t, TARGET_KEY_ORDER) for t in targets]
+
+
+def reorder_upstreams(upstreams):
+    """Reorder keys in upstream configurations."""
+    if not upstreams:
+        return upstreams
+    result = []
+    for upstream in upstreams:
+        ordered = reorder_keys(upstream, UPSTREAM_KEY_ORDER, UPSTREAM_TRAILING_KEYS)
+        if 'targets' in ordered:
+            ordered['targets'] = reorder_targets(ordered['targets'])
+        result.append(ordered)
+    return result
+
+
+def reorder_consumers(consumers):
+    """Reorder keys in consumer configurations."""
+    if not consumers:
+        return consumers
+    return [reorder_keys(c, CONSUMER_KEY_ORDER) for c in consumers]
+
+
+def prettify_config(config):
+    """Prettify the entire configuration by reordering keys."""
+    if 'plugins' in config:
+        config['plugins'] = reorder_plugins(config['plugins'])
+    if 'services' in config:
+        config['services'] = reorder_services(config['services'])
+    if 'upstreams' in config:
+        config['upstreams'] = reorder_upstreams(config['upstreams'])
+    if 'consumers' in config:
+        config['consumers'] = reorder_consumers(config['consumers'])
+    return config
+
+
+def extract_certificates(config):
+    """Extract certificates from config into a list of certificate values."""
+    certs = []
+    if 'certificates' in config and config['certificates']:
+        for cert in config['certificates']:
+            if 'snis' in cert and cert['snis']:
+                cert_entry = CommentedMap()
+                cert_entry['name'] = cert['snis'][0]['name']
+                cert_entry['cert'] = cert.get('cert', '')
+                cert_entry['key'] = cert.get('key', '')
+                certs.append(cert_entry)
+    return certs
+
+
+def create_template(config):
+    """Create template by replacing certificate values with Helm placeholders."""
+    if 'certificates' in config and config['certificates']:
+        for cert in config['certificates']:
+            cert['cert'] = "{{ .Values.certificates[.snis[0].name].cert }}"
+            cert['key'] = "{{ .Values.certificates[.snis[0].name].key }}"
+    return config
+
+
+def main():
+    if len(sys.argv) < 2:
+        print("Usage: kong-templatize <config_file>")
+        print("Example: kong-templatize config.yaml")
+        sys.exit(1)
+
+    input_file = sys.argv[1]
+
+    # Validate input file exists
+    input_path = Path(input_file)
+    if not input_path.exists():
+        print(f"Error: Input file '{input_file}' not found")
+        sys.exit(1)
+
+    # Extract basename (remove .yaml or .yml extension)
+    basename = input_file
+    for ext in ['.yaml', '.yml']:
+        if basename.endswith(ext):
+            basename = basename[:-len(ext)]
+            break
+
+    # Define output files
+    template_file = f"{basename}.tmpl.yaml"
+    values_file = f"{basename}.certs.values.yaml"
+
+    print(f"Processing Kong configuration: {input_file}")
+    print("")
+
+    # Initialize YAML parser
+    yaml = YAML()
+    yaml.preserve_quotes = True
+    yaml.default_flow_style = False
+    yaml.width = 4096  # Prevent line wrapping
+
+    # Load input configuration
+    with open(input_file, 'r') as f:
+        config = yaml.load(f)
+
+    # Step 1: Extract certificates to values file
+    print("Extracting certificates to values file...")
+    certs = extract_certificates(config)
+
+    if certs:
+        with open(values_file, 'w') as f:
+            for cert in certs:
+                yaml.dump(cert, f)
+        print(f"   Certificates extracted to: {values_file}")
+    else:
+        print("   No certificates found or extraction failed")
+        # Create empty values file
+        with open(values_file, 'w') as f:
+            pass
+
+    # Step 2: Create template with Helm placeholders
+    print("Creating template with Helm placeholders...")
+    template = create_template(config)
+    print(f"   Template created: {template_file}")
+    print("")
+
+    # Step 3: Prettify the template file with key reordering
+    print("Prettifying template structure...")
+    template = prettify_config(template)
+
+    # Write template file
+    with open(template_file, 'w') as f:
+        yaml.dump(template, f)
+
+    print("")
+    print("Kong configuration processed successfully!")
+    print("")
+    print("Files created:")
+    print(f"   Template: {template_file}")
+    print(f"   Values:   {values_file}")
+    print("")
+
+
+if __name__ == '__main__':
+    main()

kong_deck_tools-0.1.0/src/kong_deck_tools.egg-info/PKG-INFO

@@ -0,0 +1,144 @@
+Metadata-Version: 2.4
+Name: kong-deck-tools
+Version: 0.1.0
+Summary: Kong API Gateway configuration tools for certificate management and cross-environment comparison
+Author: Michael Tan
+License: MIT
+Project-URL: Homepage, https://github.com/michaeltan/kong-deck-tools
+Project-URL: Repository, https://github.com/michaeltan/kong-deck-tools
+Keywords: kong,api-gateway,deck,configuration,certificates
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: System Administrators
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: System :: Systems Administration
+Classifier: Topic :: Utilities
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: ruamel.yaml>=0.18.0
+Dynamic: license-file
+
+# kong-deck-tools
+
+Kong API Gateway configuration tools for certificate management and cross-environment comparison.
+
+## Overview
+
+This package provides CLI tools for managing Kong API Gateway configurations:
+
+1. **Extract certificates** from Kong configurations into separate files, allowing templates to be safely committed to git while keeping sensitive certificate data separate
+2. **Enforce consistent key ordering** across all configurations, making it easy to compare configurations across different environments (local, staging, production)
+
+## Installation
+
+```bash
+pip install kong-deck-tools
+```
+
+## Usage
+
+### kong-templatize
+
+Splits a Kong configuration into a template and a certificate values file:
+
+```bash
+kong-templatize config.yaml
+```
+
+**Input:** `config.yaml` (full Kong configuration with certificates)
+
+**Output:**
+- `config.tmpl.yaml` - Template with Helm-style placeholders for certificates
+- `config.certs.values.yaml` - Extracted certificate values (name, cert, key)
+
+The script also prettifies the template by reordering YAML keys for consistency and readability.
+
+### kong-hydrate
+
+Reconstructs a full Kong configuration from template and values:
+
+```bash
+kong-hydrate config.tmpl.yaml
+```
+
+**Input:** `config.tmpl.yaml` (template file; values file `config.certs.values.yaml` is derived automatically)
+
+**Output:** `config.rendered.yaml` (complete Kong configuration)
+
+## Workflow with Kong deck
+
+```bash
+# 1. Export current Kong configuration
+deck gateway dump -o config.yaml
+
+# 2. Extract certificates and create template
+kong-templatize config.yaml
+
+# 3. Commit template to git (certificates stay separate)
+git add config.tmpl.yaml
+git commit -m "Update Kong configuration"
+
+# 4. Before deploying, hydrate the template with certificates
+kong-hydrate config.tmpl.yaml
+
+# 5. Compare with current Kong state
+deck gateway diff config.rendered.yaml
+
+# 6. Apply changes
+deck gateway sync config.rendered.yaml
+```
+
+## Key Ordering
+
+The `kong-templatize` command enforces consistent key ordering to make configs:
+- **Human-readable**: Important fields (name, enabled) appear first
+- **Diff-friendly**: Consistent ordering reduces noise in git diffs
+- **Hierarchical**: Configuration objects (routes, plugins) appear after their properties
+
+Key ordering by entity type:
+- **Plugins**: name -> enabled -> config -> protocols -> tags
+- **Services**: name -> enabled -> host -> port -> protocol -> timeouts -> tags -> plugins -> routes
+- **Routes**: name -> hosts -> paths -> protocols -> strip_path -> preserve_host -> ... -> plugins
+- **Upstreams**: name -> algorithm -> slots -> hash_* -> tags -> healthchecks -> targets
+- **Consumers**: username -> custom_id -> tags
+
+## Requirements
+
+- Python 3.8+
+- Kong deck CLI (for dumping/syncing configurations)
+
+## Development
+
+### Install in development mode
+
+```bash
+git clone https://github.com/michaeltan/kong-deck-tools.git
+cd kong-deck-tools
+pip install -e .
+```
+
+### Publishing to PyPI
+
+```bash
+# Install uv (if not already installed)
+brew install uv
+
+# Build the package
+uv build
+
+# Upload to PyPI
+uv publish
+```
+
+## License
+
+MIT

kong_deck_tools-0.1.0/src/kong_deck_tools.egg-info/SOURCES.txt

@@ -0,0 +1,12 @@
+LICENSE
+README.md
+pyproject.toml
+src/kong_deck_tools/__init__.py
+src/kong_deck_tools/hydrate.py
+src/kong_deck_tools/templatize.py
+src/kong_deck_tools.egg-info/PKG-INFO
+src/kong_deck_tools.egg-info/SOURCES.txt
+src/kong_deck_tools.egg-info/dependency_links.txt
+src/kong_deck_tools.egg-info/entry_points.txt
+src/kong_deck_tools.egg-info/requires.txt
+src/kong_deck_tools.egg-info/top_level.txt

kong_deck_tools-0.1.0/src/kong_deck_tools.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

kong_deck_tools-0.1.0/src/kong_deck_tools.egg-info/entry_points.txt

@@ -0,0 +1,3 @@
+[console_scripts]
+kong-hydrate = kong_deck_tools.hydrate:main
+kong-templatize = kong_deck_tools.templatize:main

kong_deck_tools-0.1.0/src/kong_deck_tools.egg-info/requires.txt

@@ -0,0 +1 @@
+ruamel.yaml>=0.18.0

kong_deck_tools-0.1.0/src/kong_deck_tools.egg-info/top_level.txt

@@ -0,0 +1 @@
+kong_deck_tools