Skip to content

brightbox/brightbox-cli

Repository files navigation

Brightbox Cloud Command Line Interface

‘brightbox-cli` is a set of cli tools to interact with the Brightbox Cloud API.

You will need a Brightbox account in order to make use of these tools.

You can sign up at cloud.brightbox.com/signup

Installation instructions

Install from Rubygems

$ gem install brightbox-cli

Usage

The Brightbox CLI is a suite of tools that are accessible through the ‘brightbox` command in a similar way to how you access `git` commands.

For a list of available commands use:

$ brightbox help

To login with your user credentials use:

$ brightbox login [email protected]

To instead add api client (account-specific) credentials use:

$ brightbox config client_add cli-2igtb theclientsecret
Using config file /home/ubuntu/.brightbox/config
Creating new api client config cli-2igtb

To browse available resources use the resource name as the command:

$ brightbox servers
... List of servers
$ brightbox images
... List of images

Two factor authentication ===

If you’ve enabled two factor authentication for your user, you should be prompted for a one time password (OTP) when it is required unless you have set up a two factor helper (see below).

The previous configuration setting ‘two_factor` is no longer required when using v4.0 or greater. This is ignored and can be removed.

Integrating with a password manager

You can retrieve your passwords from an external password manager by specifying a password helper command. This command will be executed any time your password is required and its output used as your password.

Configure the command in your config file (usually ~/.brightbox/config) in the appropriate section:

[[email protected]]
username = [email protected]
password_helper_command = pass john-example-com-brightbox

You can also specify a separate helper command to retrive two factor pins:

[[email protected]]
username = [email protected]
password_helper_command = pass john-example-com-brightbox
two_factor_helper_command = get-two-factor-pin john-example-com-brightbox

Using GPG to secure passwords

If you use an OAuth application to access your accounts (www.brightbox.com/docs/guides/manager/oauth-applications/) then you frequently need to renter your password.

From v1.5.0 you can store your password locally encrypted by GPG (www.gnupg.org/) which will decrypt the password when needed. This will prompt for your GPG key if not available to the GPG agent using your OS’s configured pinentry program.

You need to have setup GPG with your own keys and have configured the pinentry to prompt you when the key is locked.

The password file is named after your configuration’s alias:

$ brightbox config
 alias                 client_id  secret           api_url                         auth_url
------------------------------------------------------------------------------------------------------------------
 *main                 app-12345  xxxxxxxxxxxxxxx  https://api.gb1.brightbox.com   https://api.gb1.brightbox.com
------------------------------------------------------------------------------------------------------------------

The alias here is ‘main`. To prepare the password run this command:

$ gpg --encrypt --recipient [email protected] > ~/.brightbox/main.password.gpg
(type your password)<RETURN>
<CTRL+D>
# Test it with...
$ gpg --decrypt ~/.brightbox/main.password.gpg
password!2015
$ brightbox accounts
INFO: Decrypting /home/user/.brightbox/main.password.gpg to obtain password
gpg: encrypted with 2048-bit RSA key, ID ABCDE890, created 2015-01-01
      "Jason Null <[email protected]>"
Your API credentials have been updated, please re-run your command.

Now when making commands you should only have to unlock your keyring to avoid typing your password.

If you are prompted to enter your password still then the file may be named incorrectly or there may be an issue with your GPG configuration.

To remove the password delete the ‘~/.brightbox/main.password.gpg` file.

Integrating with a password manager

You can retrieve your passwords from an external password manager by specifying a password helper command. This command will be executed any time your password is required and its output used as your password.

Configure the command in your config file (usually ~/.brightbox/config) in the appropriate section:

[[email protected]]
username = [email protected]
password_helper_command = pass john-example-com-brightbox

Documentation

BASH Auto-completion

A bash shell auto-completion script is provided to allow autocompletion of all sub-commands, options and resource identifiers. It is automatically configured by the Debian/Ubuntu packages, but if you’re installing from a gem you can manually tell bash about it like this:

complete -C _brightbox-bash-completer -o filenames brightbox

The command ‘_brightbox-bash-completer` should be installed in the system path when you install the gem. If for whatever reason it is not in the path, just specify the full path to it:

complete -C /full/path/to/bin/_brightbox-bash-completer -o filenames brightbox

UPGRADE NOTES

Version 4.0.0 removes the older, backward compatible binaries for users of the original ‘brightbox` (brightbox-deployment) gem.

So ‘brightbox-servers` will no longer work. Use the subcommand variation `brightbox servers` instead.

Alternatives

There are a number of alternative ways to manage Brightbox resources:

Testing

You should be able to run the specs and features with the following steps:

$ bundle install
$ bundle exec rake

The specs use VCR to playback filtered recordings from real API sessions. This process is not perfect, please report an issue

Packaging

Vendoring libraries

gems can be vendored into ‘lib/brightbox-cli/vendor/` for packaging and will be prioritised over any gems.

Debian/Ubuntu packaging

Packaging scripts are available in github.com/NeilW/brightbox-cli-debian-packaging

License

Copyright © 2010-2013 John Leach, Brightbox Systems Ltd <[email protected]>

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.