Skip to main content

Install CLIs and register your workstation

This page documents how to download and install the Chef 360 Platform CLIs and register your workstation with your Chef 360 Platform deployment.

Prerequisites

Install CLIs

Download and install the CLIs from your Chef 360 Platform Admin Console:

  1. In the Chef 360 Platform Admin Console, select Application from the top navigation menu, select Dashboard, then select Download CLIs.

    Chef 360 Platform Admin Console showing menu with link to download CLIs in the **Dashboard** window.
  2. From the download page, follow the instructions to download and install each CLI tool.

    CLI download page showing instructions for installing CLIs
  3. After the CLIs are installed, run each CLI with the --help flag to verify that it’s installed:

    • chef-courier-cli --help
      
    • chef-platform-auth-cli --help
      
    • chef-node-management-cli --help
      

Install and configure the bash-completion package

Each Chef 360 Platform CLI has a completion bash subcommand. You must install the bash-completion package to run these subcommands.

To install and configure the bash-completion package, follow these steps:

  1. Install the bash-completion package.

    To install the bash-completion package on Linux systems, use the APT or Yum package manager:

    sudo apt-get install bash-completion
    

    or

    sudo yum install bash-completion
    

    To install the bash-completion package on macOS, use Homebrew:

    brew install bash-completion
    
  2. Configure your Bash shell.

    To load the bash-completion package in every shell session by default, you must enable it in the .bash_profile or .bashrc file.

    To enable it on Linux systems, add the following lines to the .bash_profile or .bashrc file:

    if [ -f /etc/bash_completion ] && ! shopt -oq posix; then
        . /etc/bash_completion
    fi
    

    To enable it on macOS, add the following lines to the .bash_profile or .bashrc file:

    if [ -f $(brew --prefix)/etc/bash_completion ]; then
        . $(brew --prefix)/etc/bash_completion
    fi
    

    or

    if [[ -r "$(brew --prefix)/etc/profile.d/bash_completion.sh" ]]; then
        . "$(brew --prefix)/etc/profile.d/bash_completion.sh"
    fi
    

Register your workstation

Before you can use the Chef 360 Platform CLIs, you must register your workstation with Chef 360 Platform.

  1. Create a profile using the register-device subcommand that associates your workstation with a specific tenant, organization, and role:

    chef-platform-auth-cli register-device --device-name <WORKSTATION_NAME> --profile-name <PROFILE_NAME> --url <TENANT_URL> --insecure
    

    Replace:

    • <WORKSTATION_NAME> with a name for the workstation
    • <PROFILE_NAME> with a profile name
    • <TENANT_URL> with the tenant URL, for example https://chef360.example.com:31000

    The CLI responds with an authorization code that includes a link to log into Chef 360 Platform.

    Device Id :  ac:de:48:00:11:22-admin-chef-courier-cli
    Device Name : <DEVICE_NAME>
    OAuth Code : <AUTHORIZATION_CODE>
    
    Please log in and authorise the the device by using the link below:
    https://chef360.example.com/platform/user-accounts/v1/identity/device/ac:de:48:00:11:22-admin-chef-courier-cli/authorise?oauthCode=<AUTHORIZATION_CODE>&appType=chef-courier-cli&deviceName=<WORKSTATION>
    
    Is the device authorised? (y or n)
    

    Paste the link into your browser and log in. The CLI waits for the device registration process to finish in the browser.

  2. Open a browser, navigate to the link returned by the CLI, and log in if you haven’t already.

  3. Select the organization and role you would like to link to this profile and select Submit.

    Chef 360 Platform organization and role selection screen.
  4. On the Device Authorization screen, Chef 360 Platform shows your OAuth code and you can select an expiration date for your session.

    Chef 360 Platform automatically refreshes your access token up to this expiration date.

    After entering this information, select Authorize.

    Chef 360 Platform device authorization screen with OAuth token and expiration date.
  5. Return to your terminal and enter y to continue.

    The CLI displays your device profile and your workstation is authorized to access Chef 360 Platform services.

    Is the device authorised? (y or n)
    > y
    Profile:
    
    [tenant-org-role]
    DeviceId = "ac:de:48:00:11:22-admin-chef-courier-cli"
    Url = "https://demo.chef360.io/"
    OrgName = "Demo Organization"
    RoleName = "org-admin"
    AccessKey = "FIT3SXM...TCYK4V05Y"
    SecretKey = "Cwaygh4FqE2sT...rX4wBu0hp9IE9YpzoGuX"
    
    Device registered successfully
    
  6. Test your connection by getting the role associated with your user account:

    chef-platform-auth-cli user-account self get-role --profile <PROFILE_NAME>
    

    Replace <PROFILE_NAME> with the name of your profile.

  7. Optional: Set your new profile as the default profile.

    The Chef 360 Platform CLIs use a default profile automatically in any command that accepts the --profile argument. If you don’t set a default profile, you will have to specify it in each command with --profile <PROFILE_NAME>.

    Set a default profile:

    chef-platform-auth-cli set-default-profile <PROFILE_NAME>
    

    Replace <PROFILE_NAME> with the name of the default profile.

Verify profiles

Use these commands to verify your profiles and credentials.

  1. List all your profiles with the list-profile-names subcommand. For example:

    chef-platform-auth-cli list-profile-names
    

    The response is similar to the following:

    List of available profile names:
      1. tenant1
      2. default
    

    You can use list-profile-names subcommand with any of the Chef 360 Platform CLIs to get a list of your profiles.

  2. Get details of your default profile using the get-default-profile subcommand:

    chef-platform-auth-cli get-default-profile
    

    The response is similar to the following:

    Default profile:
    
    [default]
    DeviceId = "ac:de:48:00:11:22-admin-chef-courier-cli"
    Url = "http://tenant-1.dev-360.example.com"
    OrgName = "Test OU1"
    RoleName = "org-admin"
    AccessKey = "FIT3SXM...YK4V05Y"
    SecretKey = "Cwaygh4FqE2s...p9IE9YpzoGuX"
    Cafile = ""
    Insecure = true
    

    You can use get-default-profile subcommand with any of the Chef 360 Platform CLIs to get your default profile.

  3. Use cat to get the details of all profiles:

    sudo cat ~/.chef-platform/credentials
    

    The response is similar to the following:

    [default]
    DeviceId = "ac:de:48:00:11:22-user-chef-courier-cli"
    Url = "http://tenant-1.dev-360.example.com"
    AccessKey = "FIT3SXM...CYK4V05Y"
    SecretKey = "Cwaygh4Fq...IE9YpzoGuX"
    TenantId = "13ba9f46-a0c9-4c9e-9a9f-6141f8910c55"
    OrgName = "Test OU1"
    OrgId = "2a0ec5e4-3601-45f9-80d3-efb9fe1fa1e1"
    UserId = "3888996e-a8e6-4730-91a1-8447959e2755"
    RoleName = "org-admin"
    RoleId = "ff808dde-da38-41d2-bd2c-3202fcbb9166"
    AccessToken = ""
    RefreshToken = ""
    ExpiresAt = 0
    
    [tenant1]
    DeviceId = "ac:de:48:00:11:22-user-chef-courier-cli"
    Url = "http://tenant-1.dev-360.example.com"
    AccessKey = "FIT3SX...V05Y"
    SecretKey = "Cwaygh4Fq...YpzoGuX"
    TenantId = "13ba9f46-a0c9-4c9e-9a9f-6141f8910c55"
    OrgName = "Test OU1"
    OrgId = "2a0ec5e4-3601-45f9-80d3-efb9fe1fa1e1"
    UserId = "3888996e-a8e6-4730-91a1-8447959e2755"
    RoleName = "org-admin"
    RoleId = "ff808dde-da38-41d2-bd2c-3202fcbb9166"
    AccessToken = ""
    RefreshToken = ""
    ExpiresAt = 0
    

Assign the Node Manager and Courier Operator roles

The node-manager and courier-operator roles allow you to manage nodes, manage skills on nodes, and run Chef Courier jobs.

Follow these steps to give your user account the node-manager and courier-operator roles:

  1. Assign the node-manager role and courier-operator role using the user-account user assign-role subcommand:

    chef-platform-auth-cli user-account user assign-role --body '{"name": "node-manager", "roleId": "6e7df273-928b-41ec-b6f6-e3f5138a6f9e"}' --userId <USER_ID> --profile <ORG_ADMIN_PROFILE_NAME>
    
    chef-platform-auth-cli user-account user assign-role --body '{"name": "courier-operator", "roleId": "ac12c3a6-95f7-429d-b3fc-584ce1cf74de"}' --userId <USER_ID> --profile <ORG_ADMIN_PROFILE_NAME>
    

    Replace:

    • <USER_ID> with your user ID
    • <ORG_ADMIN_PROFILE_NAME> with your profile that has the org-admin role

Create profiles for the Node Manager and Courier Operator roles

Create a profile for each role that you added to your user account in the previous step.

To create a profile, follow these steps:

  1. Create a profile using the register-device subcommand that associates your workstation with a specific tenant, organization, and role:

    chef-platform-auth-cli register-device --device-name <WORKSTATION_NAME> --profile-name <PROFILE_NAME> --url <TENANT_URL> --insecure
    

    Replace:

    • <WORKSTATION_NAME> with a name for the workstation.
    • <PROFILE_NAME> with a profile name for the role that this profile will use. For example, add the courier-operator profile name for the courier-operator role.
    • <TENANT_URL> with the tenant URL, for example https://chef360.example.com:31000.

    The CLI responds with an authorization code that includes a link to log into Chef 360 Platform.

    Device Id :  ac:de:48:00:11:22-admin-chef-courier-cli
    Device Name : <DEVICE_NAME>
    OAuth Code : <AUTHORIZATION_CODE>
    
    Please log in and authorise the the device by using the link below:
    https://chef360.example.com/platform/user-accounts/v1/identity/device/ac:de:48:00:11:22-admin-chef-courier-cli/authorise?oauthCode=<AUTHORIZATION_CODE>&appType=chef-courier-cli&deviceName=<WORKSTATION>
    
    Is the device authorised? (y or n)
    

    Paste the link into your browser and log in. The CLI waits for the device registration process to finish in the browser.

  2. Open a browser, navigate to the link returned by the CLI, and log in if you haven’t already.

  3. Select the organization and role you would like to link to this profile and select Submit.

    Chef 360 Platform organization and role selection screen.
  4. On the Device Authorization screen, Chef 360 Platform shows your OAuth code and you can select an expiration date for your session.

    Chef 360 Platform automatically refreshes your access token up to this expiration date.

    After entering this information, select Authorize.

    Chef 360 Platform device authorization screen with OAuth token and expiration date.
  5. Return to your terminal and enter y to continue.

    The CLI displays your device profile and your workstation is authorized to access Chef 360 Platform services.

    Is the device authorised? (y or n)
    > y
    Profile:
    
    [tenant-org-role]
    DeviceId = "ac:de:48:00:11:22-admin-chef-courier-cli"
    Url = "https://demo.chef360.io/"
    OrgName = "Demo Organization"
    RoleName = "org-admin"
    AccessKey = "FIT3SXM...TCYK4V05Y"
    SecretKey = "Cwaygh4FqE2sT...rX4wBu0hp9IE9YpzoGuX"
    
    Device registered successfully
    
  6. Optional: Test your connection by getting the role associated with your user account:

    chef-platform-auth-cli user-account self get-role --profile <PROFILE_NAME>
    

    Replace <PROFILE_NAME> with the name of your profile.

  7. Optional: Set your new profile as the default profile.

    The Chef 360 Platform CLIs use a default profile automatically in any command that accepts the --profile argument. If you don’t set a default profile, you will have to specify it in each command with --profile <PROFILE_NAME>.

    Set a default profile:

    chef-platform-auth-cli set-default-profile <PROFILE_NAME>
    

    Replace <PROFILE_NAME> with the name of the default profile.

  8. Repeat this procedure so that you have separate profiles for the Node Manager and Courier Operator roles.

More information

Next step

Thank you for your feedback!

×