Giter Site home page Giter Site logo

python-cli's Introduction

Britive CLI - Pure Python Implementation

PyBritive is intended to be used as a CLI application for communicating with the Britive Platform.

Installation

pybritive will be installed via the Python package installer, pip.

pip install pybritive

NOTE: The end user is free to install the CLI into a virtual environment or in the global scope, so it is available everywhere.

Alternate Installation

You can always pull the latest version directly from GitHub using one of the following commands:

pip install $(curl -s https://api.github.com/repos/britive/python-cli/releases/latest \
    | jq -r '.assets[] | select(.content_type == "application/x-gzip") | .browser_download_url')

Or

pip install $(curl -s https://api.github.com/repos/britive/python-cli/releases/latest \
    | grep "browser_download_url.*.tar.gz" | cut -d : -f 2,3 | tr -d \")

Documentation

Community Projects

NOTE: Britive, Inc. does not provide support for community projects. Community projects are also not considered when ensuring backwards compatibility for releases. The list below is provided as-is and use of these projects is subject to the licensing/restrictions of each individual project.

python-cli's People

Contributors

twratl avatar theborch avatar palakchheda avatar michaelbrewer avatar mpatnode avatar

Stargazers

NightHawk avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

theborch palakchheda michaelbrewer mahadev-vasireddy derekbelrose

python-cli's Issues

Feature: Automate integration into lifecycle of GCP Commands

Apologies as I'm trying to navigate using pybritive and it's been a little rocky. I'm trying to script something like a setup script for our environment where users read a bunch of secrets from GCP requiring a profile checkout, and then check back in.

Currently, my understanding of the flow is:

  1. pybritive checkout " -t -m gcloudauth
  2. pipe the result of that to sh to active the service account
  3. run gcloud commands
  4. pybritive checkin " -m gcloudauth
  5. grep out the service account name and gcloud auth revoke <SA> to reset the gcloud environment

I'd love to make two requests that I know might be a little hard, but would greatly complement this user flow:

  1. deeper integration with gcloudauth. Piping the setup command is semi-trivial, but it seems like on the backend, checkin should provide the cleanup command
    a) alternatively, it'd be great if the checkout command and checkin command automatically handled resetting the default account to the user's local default (since otherwise we have to remember and manage that). In short, pybritive should be a wrapper around running some commands where it temporarily enchances gcloud, and then at the end resets and cleans up

  2. pybritive clear gcloud-auth-key-files should accept a -t command, otherwise it just throws Error: No tenants found in /Users/charlie.croom/.britive/pybritive.config. Cannot continue.. If I can specify -t in all the other commands, it should work here (also I'm not sure why that prevents cleaning up local files anyways)

Thanks for reading :) A little sad the JS library is going away since that could have been easier to integrate into our JS scripts...but I know y'all are probably just trying to make it work. Appreciate ya!

tenant url gets constructed incorrectly.

pybritive login command fails with the following error (side note: replaced the actual tenant name with [redacted]):

$ pybritive login

Credentials for tenant https://[redacted].britive-app.com not found.
Performing interactive login against tenant https://[redacted].britive-app.com
Traceback (most recent call last):
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/connection.py", line 174, in _new_conn
    conn = connection.create_connection(
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/util/connection.py", line 72, in create_connection
    for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
  File "/opt/homebrew/Cellar/[email protected]/3.10.6_1/Frameworks/Python.framework/Versions/3.10/lib/python3.10/socket.py", line 955, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno 8] nodename nor servname provided, or not known

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/connectionpool.py", line 703, in urlopen
    httplib_response = self._make_request(
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/connectionpool.py", line 386, in _make_request
    self._validate_conn(conn)
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/connectionpool.py", line 1042, in _validate_conn
    conn.connect()
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/connection.py", line 358, in connect
    self.sock = conn = self._new_conn()
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/connection.py", line 186, in _new_conn
    raise NewConnectionError(
urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPSConnection object at 0x1055ac0a0>: Failed to establish a new connection: [Errno 8] nodename nor servname provided, or not known

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/homebrew/lib/python3.10/site-packages/requests/adapters.py", line 489, in send
    resp = conn.urlopen(
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/connectionpool.py", line 787, in urlopen
    retries = retries.increment(
  File "/opt/homebrew/lib/python3.10/site-packages/urllib3/util/retry.py", line 592, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='https', port=443): Max retries exceeded with url: //[redacted].britive-app.com.britive-app.com/api/auth/cli/retrieve-tokens (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x1055ac0a0>: Failed to establish a new connection: [Errno 8] nodename nor servname provided, or not known'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/homebrew/lib/python3.10/site-packages/pybritive/cli_interface.py", line 19, in safe_cli
    cli()
  File "/opt/homebrew/lib/python3.10/site-packages/click/core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "/opt/homebrew/lib/python3.10/site-packages/click/core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "/opt/homebrew/lib/python3.10/site-packages/click/core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/opt/homebrew/lib/python3.10/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/opt/homebrew/lib/python3.10/site-packages/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "/opt/homebrew/lib/python3.10/site-packages/click/decorators.py", line 26, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/opt/homebrew/lib/python3.10/site-packages/pybritive/helpers/build_britive.py", line 32, in wrapper
    return f(ctx=ctx, **kwargs)
  File "/opt/homebrew/lib/python3.10/site-packages/pybritive/commands/login.py", line 15, in login
    ctx.obj.britive.login(explicit=True)
  File "/opt/homebrew/lib/python3.10/site-packages/pybritive/britive_cli.py", line 78, in login
    token=self.credential_manager.get_token(),
  File "/opt/homebrew/lib/python3.10/site-packages/pybritive/helpers/credentials.py", line 119, in get_token
    self.perform_interactive_login()  # will write the credentials out and update self.credentials as needed
  File "/opt/homebrew/lib/python3.10/site-packages/pybritive/helpers/credentials.py", line 66, in perform_interactive_login
    response = self.retrieve_tokens()
  File "/opt/homebrew/lib/python3.10/site-packages/pybritive/helpers/credentials.py", line 98, in retrieve_tokens
    return requests.post(url, headers=headers, json=auth_params)
  File "/opt/homebrew/lib/python3.10/site-packages/requests/api.py", line 115, in post
    return request("post", url, data=data, json=json, **kwargs)
  File "/opt/homebrew/lib/python3.10/site-packages/requests/api.py", line 59, in request
    return session.request(method=method, url=url, **kwargs)
  File "/opt/homebrew/lib/python3.10/site-packages/requests/sessions.py", line 587, in request
    resp = self.send(prep, **send_kwargs)
  File "/opt/homebrew/lib/python3.10/site-packages/requests/sessions.py", line 701, in send
    r = adapter.send(request, **kwargs)
  File "/opt/homebrew/lib/python3.10/site-packages/requests/adapters.py", line 565, in send
    raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='https', port=443): Max retries exceeded with url: //[redacted].britive-app.com.britive-app.com/api/auth/cli/retrieve-tokens (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x1055ac0a0>: Failed to establish a new connection: [Errno 8] nodename nor servname provided, or not known'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/homebrew/bin/pybritive", line 8, in <module>
    sys.exit(safe_cli())
  File "/opt/homebrew/lib/python3.10/site-packages/pybritive/cli_interface.py", line 21, in safe_cli
    raise click.ClickException(str(e)) # from None
click.exceptions.ClickException: HTTPSConnectionPool(host='https', port=443): Max retries exceeded with url: //[redacted].britive-app.com.britive-app.com/api/auth/cli/retrieve-tokens (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x1055ac0a0>: Failed to establish a new connection: [Errno 8] nodename nor servname provided, or not known'))

Specifically, this part where the CLI is trying to reach <tenant>.britive-app.com.britive-app.com/api/auth/cli/retrieve-tokens:

Max retries exceeded with url: //[redacted].britive-app.com.britive-app.com/api/auth/cli/retrieve-tokens (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x1055ac0a0>: Failed to establish a new connection: [Errno 8] nodename nor servname provided, or not known'

`pybritive ls profiles -f json` lacks profile name

When listing accounts to be checked out pybritive ls profiles -f json does not include the profile name, which would later on be used for checkout

[
  {
    "Application": "AWS",
    "Environment": "111111111111111111 (name-of-env-prod)",
    "Profile": "111111111111111111-role-name",
    "Description": "XXXXXXXXX.",
    "Type": "AWS"
  },
]

Where as npm brivitve cli used to offer this

britive listprofiles -f json

[
    {
        "application": "AWS",
        "environmentName": "111111111111111111 (name-of-env-prod)",
        "name": "AWS/name-of-env-prod/111111111111111111-role-name",
        "description": "XXXXXXXXX.",
        "type": "AWS"
    },
]

Then you can use the name field to checkout the environment

name=AWS/name-of-env-prod/111111111111111111-role-name
britive checkout -r us-east-2 -a profileName $name -s

NOTE: Although a long form name is supported if you combine "$Application/$Environment/$Profile"
pybritive checkout -a profile "AWS/111111111111111111 (name-of-env-prod)/111111111111111111-role-name" -m integrate

`pybritive configure` do not support setting the proxy

Relates to migration from britive cli to pybritive and loss of functionality (See #139 )

When configuring a corp. proxy, the old britive cli allows for this

britive configure --tenant_domain=MY_TENANT_ID.britive-app.com --proxy=http://MY_CORT_PORXY:8080

Migration also does not work with pybritive configure import

`pybritive checkout` lacks region support

Currently the britive cli, installed via NPM, is going away and replaced with pybritive and one of the features missing it setting the region to checkout:

britive checkout -r ${region} -a ${profileName} ${britiveName} -s

It is an AWS only feature, but it required for our automation scripts

-r, --region=region Specify region for checkout (AWS only)

This is not support by pybritive

pybritive checkout -m integrate -a ${profileName} ${britiveName}

[Feature Request] Open console URLs in browsers with a flag

Currently, I open britive console URLs from the terminal by piping to open (macOS) or xdg-open (linux/ubuntu), like:

$ pybritive checkout --silent --console <APP>/<ENV>/<PROFILE> | xargs open

It is likely that this is also works on Windows, but this is untested:

C:\> pybritive checkout --silent --console <APP>/<ENV>/<PROFILE> | start

It would be nice to support this natively in the CLI with a flag, like:

$ pybritive checkout --console --web <APP>/<ENV>/<PROFILE>

Or, more simply, --web flag could implicitly checkout console access under the hood, like:

$ pybritive checkout --web <APP>/<ENV>/<PROFILE>

A python module like webbrowser could help here.

Support `--quiet` or `--silent` flag

When using pybritive in bash scripts, the output often contains human-friendly messages that make it difficult to pipe the output of one command into another.

Reproduction Steps:

$ pybritive logout
$ pybritive ls profiles --format=json
Credentials for tenant https://tenant.britive-app.com not found.
Performing interactive login against tenant https://tenant.britive-app.com.
Authenticated to tenant https://tenant.britive-app.com via interactive login.
[
  {...},
  {...}
]

This makes it difficult to do something like:

$ pybritive ls profiles --format=json | jq -rc '.[]' | fzf

Because jq errors out when the input is not valid json.

It would be nice to be able to be silence human-friendly messages by doing something like:

$ pybritive logout
$ pybritive ls profiles --format=json --silent
[
  {...},
  {...}
]

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.