Class: ChefConfig::Config

Inherits:

Object

• Object
• ChefConfig::Config

Extended by:

Mixin::FuzzyHostnameMatcher, Mixlib::Config

Defined in:

lib/chef-config/config.rb

Constant Summary

USER =

Character classes for Addressable See www.ietf.org/rfc/rfc3986.txt 3.2.1 The user part may not have a : in it

Addressable::URI::CharacterClasses::UNRESERVED + Addressable::URI::CharacterClasses::SUB_DELIMS

PASSWORD =

The password part may have any valid USERINFO characters

USER + "\\:"

Class Method Summary

• ._this_file ⇒ Object

  Path to this file in the current install.

• .add_event_logger(logger) ⇒ Object
• .add_formatter(name, file_path = nil) ⇒ Object
• .derive_path_from_chef_repo_path(child_path) ⇒ Object
• .embedded_dir ⇒ Object

  If installed via an omnibus installer, this gives the path to the “embedded” directory which contains all of the software packaged with omnibus.

• .enable_fips_mode ⇒ Object private

  Set fips mode in openssl.

• .env ⇒ Object

  This provides a hook which rspec can stub so that we can avoid twiddling global state in tests.

• .export_no_proxy(value) ⇒ Object private
• .export_proxies ⇒ Object

  Public method that users should call to export proxies to the appropriate environment variables.

• .export_proxy(scheme, path, user, pass) ⇒ Object private

  Builds a proxy uri and exports it to the appropriate environment variables.

• .find_chef_repo_path(cwd) ⇒ Object
• .from_string(string, filename) ⇒ Object

  Evaluates the given string as config.

• .guess_internal_locale ⇒ Object

  Chef requires an English-language UTF-8 locale to function properly.

• .init_openssl ⇒ Object

  Initialize openssl.

• .inspect ⇒ Object
• .is_valid_url?(uri) ⇒ Boolean
• .path_accessible?(path) ⇒ Boolean

  Returns true only if the path exists and is readable and writeable for the user.

• .platform_specific_path(path) ⇒ Object
• .proxy_uri(scheme, host, port) ⇒ Object

  Given a scheme, host, and port, return the correct proxy URI based on the set environment variables, unless exluded by no_proxy, in which case nil is returned.

• .set_defaults_for_nix ⇒ Object
• .set_defaults_for_windows ⇒ Object
• .windows_home_path ⇒ Object

Instance Method Summary

• #user ⇒ Object

  Daemonization Settings ## What user should Chef run as?.

Methods included from Mixin::FuzzyHostnameMatcher

fuzzy_hostname_match?, fuzzy_hostname_match_any?

Class Method Details

._this_file ⇒ Object

Path to this file in the current install.

# File 'lib/chef-config/config.rb', line 1033

def self._this_file
  File.expand_path(__FILE__)
end

.add_event_logger(logger) ⇒ Object

# File 'lib/chef-config/config.rb', line 69

def self.add_event_logger(logger)
  event_handlers << logger
end

.add_formatter(name, file_path = nil) ⇒ Object

# File 'lib/chef-config/config.rb', line 65

def self.add_formatter(name, file_path = nil)
  formatters << [name, file_path]
end

.derive_path_from_chef_repo_path(child_path) ⇒ Object

# File 'lib/chef-config/config.rb', line 145

def self.derive_path_from_chef_repo_path(child_path)
  if chef_repo_path.kind_of?(String)
    PathHelper.join(chef_repo_path, child_path)
  else
    chef_repo_path.uniq.map { |path| PathHelper.join(path, child_path) }
  end
end

.embedded_dir ⇒ Object

If installed via an omnibus installer, this gives the path to the “embedded” directory which contains all of the software packaged with omnibus. This is used to locate the cacert.pem file on windows.

# File 'lib/chef-config/config.rb', line 1022

def self.embedded_dir
  Pathname.new(_this_file).ascend do |path|
    if path.basename.to_s == "embedded"
      return path.to_s
    end
  end

  nil
end

.enable_fips_mode ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Set fips mode in openssl. Do any patching necessary to make sure Chef runs do not crash.

# File 'lib/chef-config/config.rb', line 1040

def self.enable_fips_mode
  OpenSSL.fips_mode = true
  require "digest"
  require "digest/sha1"
  require "digest/md5"
  # Remove pre-existing constants if they do exist to reduce the
  # amount of log spam and warnings.
  Digest.send(:remove_const, "SHA1") if Digest.const_defined?("SHA1")
  Digest.const_set("SHA1", OpenSSL::Digest::SHA1)
  OpenSSL::Digest.send(:remove_const, "MD5") if OpenSSL::Digest.const_defined?("MD5")
  OpenSSL::Digest.const_set("MD5", Digest::MD5)
  ChefConfig.logger.debug "FIPS mode is enabled."
end

.env ⇒ Object

This provides a hook which rspec can stub so that we can avoid twiddling global state in tests.

# File 'lib/chef-config/config.rb', line 731

def self.env
  ENV
end

.export_no_proxy(value) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/chef-config/config.rb', line 929

def self.export_no_proxy(value)
  ENV["no_proxy"] = value unless ENV["no_proxy"]
  ENV["NO_PROXY"] = value unless ENV["NO_PROXY"]
end

.export_proxies ⇒ Object

Public method that users should call to export proxies to the appropriate environment variables. This method should be called after the config file is parsed and loaded. TODO add some post-file-parsing logic that automatically calls this so users don’t have to

# File 'lib/chef-config/config.rb', line 885

def self.export_proxies
  export_proxy("http", http_proxy, http_proxy_user, http_proxy_pass) if http_proxy
  export_proxy("https", https_proxy, https_proxy_user, https_proxy_pass) if https_proxy
  export_proxy("ftp", ftp_proxy, ftp_proxy_user, ftp_proxy_pass) if ftp_proxy
  export_no_proxy(no_proxy) if no_proxy
end

.export_proxy(scheme, path, user, pass) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Builds a proxy uri and exports it to the appropriate environment variables. Examples:

http://username:password@hostname:port
https://username@hostname:port
ftp://hostname:port

when

scheme = "http", "https", or "ftp"
hostport = hostname:port or scheme://hostname:port
user = username
pass = password

# File 'lib/chef-config/config.rb', line 909

def self.export_proxy(scheme, path, user, pass)
  path = "#{scheme}://#{path}" unless path.include?("://")
  # URI.split returns the following parts:
  # [scheme, userinfo, host, port, registry, path, opaque, query, fragment]
  uri = Addressable::URI.encode(path, Addressable::URI)

  if user && !user.empty?
    userinfo = Addressable::URI.encode_component(user, USER)
    if pass
      userinfo << ":#{Addressable::URI.encode_component(pass, PASSWORD)}"
    end
    uri.userinfo = userinfo
  end

  path = uri.to_s
  ENV["#{scheme}_proxy".downcase] = path unless ENV["#{scheme}_proxy".downcase]
  ENV["#{scheme}_proxy".upcase] = path unless ENV["#{scheme}_proxy".upcase]
end

.find_chef_repo_path(cwd) ⇒ Object

# File 'lib/chef-config/config.rb', line 129

def self.find_chef_repo_path(cwd)
  # In local mode, we auto-discover the repo root by looking for a path with "cookbooks" under it.
  # This allows us to run config-free.
  path = cwd
  until File.directory?(PathHelper.join(path, "cookbooks")) || File.directory?(PathHelper.join(path, "cookbook_artifacts"))
    new_path = File.expand_path("..", path)
    if new_path == path
      ChefConfig.logger.warn("No cookbooks directory found at or above current directory.  Assuming #{cwd}.")
      return cwd
    end
    path = new_path
  end
  ChefConfig.logger.info("Auto-discovered chef repository at #{path}")
  path
end

.from_string(string, filename) ⇒ Object

Evaluates the given string as config.

filename is used for context in stacktraces, but doesn’t need to be the name of an actual file.

# File 'lib/chef-config/config.rb', line 46

def self.from_string(string, filename)
  self.instance_eval(string, filename, 1)
end

.guess_internal_locale ⇒ Object

Chef requires an English-language UTF-8 locale to function properly. We attempt to use the ‘locale -a’ command and search through a list of preferences until we find one that we can use. On Ubuntu systems we should find ‘C.UTF-8’ and be able to use that even if there is no English locale on the server, but Mac, Solaris, AIX, etc do not have that locale. We then try to find an English locale and fall back to ‘C’ if we do not. The choice of fallback is pick-your-poison. If we try to do the work to return a non-US UTF-8 locale then we fail inside of providers when things like ‘svn info’ return Japanese and we can’t parse them. OTOH, if we pick ‘C’ then we will blow up on UTF-8 characters. Between the warn we throw and the Encoding exception that ruby will throw it is more obvious what is broken if we drop UTF-8 by default rather than drop English.

If there is no ‘locale -a’ then we return ‘en_US.UTF-8’ since that is the most commonly available English UTF-8 locale. However, all modern POSIXen should support ‘locale -a’.

# File 'lib/chef-config/config.rb', line 968

def self.guess_internal_locale
  # https://github.com/opscode/chef/issues/2181
  # Some systems have the `locale -a` command, but the result has
  # invalid characters for the default encoding.
  #
  # For example, on CentOS 6 with ENV['LANG'] = "en_US.UTF-8",
  # `locale -a`.split fails with ArgumentError invalid UTF-8 encoding.
  cmd = Mixlib::ShellOut.new("locale -a").run_command
  cmd.error!
  locales = cmd.stdout.split
  case
  when locales.include?("C.UTF-8")
    "C.UTF-8"
  when locales.include?("en_US.UTF-8"), locales.include?("en_US.utf8")
    "en_US.UTF-8"
  when locales.include?("en.UTF-8")
    "en.UTF-8"
  else
    # Will match en_ZZ.UTF-8, en_ZZ.utf-8, en_ZZ.UTF8, en_ZZ.utf8
    guesses = locales.select { |l| l =~ /^en_.*UTF-?8$/i }
    unless guesses.empty?
      guessed_locale = guesses.first
      # Transform into the form en_ZZ.UTF-8
      guessed_locale.gsub(/UTF-?8$/i, "UTF-8")
    else
      ChefConfig.logger.warn "Please install an English UTF-8 locale for Chef to use, falling back to C locale and disabling UTF-8 support."
      "C"
    end
  end
rescue
  if ChefConfig.windows?
    ChefConfig.logger.debug "Defaulting to locale en_US.UTF-8 on Windows, until it matters that we do something else."
  else
    ChefConfig.logger.debug "No usable locale -a command found, assuming you have en_US.UTF-8 installed."
  end
  "en_US.UTF-8"
end

.init_openssl ⇒ Object

Initialize openssl

# File 'lib/chef-config/config.rb', line 536

def self.init_openssl
  if fips
    self.enable_fips_mode
  end
end

.inspect ⇒ Object

# File 'lib/chef-config/config.rb', line 50

def self.inspect
  configuration.inspect
end

.is_valid_url?(uri) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/chef-config/config.rb', line 86

def self.is_valid_url?(uri)
  url = uri.to_s.strip
  /^http:\/\// =~ url || /^https:\/\// =~ url || /^chefzero:/ =~ url
end

.path_accessible?(path) ⇒ Boolean

Returns true only if the path exists and is readable and writeable for the user.

Returns:

• (Boolean)

# File 'lib/chef-config/config.rb', line 256

def self.path_accessible?(path)
  File.exists?(path) && File.readable?(path) && File.writable?(path)
end

.platform_specific_path(path) ⇒ Object

# File 'lib/chef-config/config.rb', line 54

def self.platform_specific_path(path)
  path = PathHelper.cleanpath(path)
  if ChefConfig.windows?
    # turns \etc\chef\client.rb and \var\chef\client.rb into C:/chef/client.rb
    if env["SYSTEMDRIVE"] && path[0] == '\\' && path.split('\\')[2] == "chef"
      path = PathHelper.join(env["SYSTEMDRIVE"], path.split('\\', 3)[2])
    end
  end
  path
end

.proxy_uri(scheme, host, port) ⇒ Object

Given a scheme, host, and port, return the correct proxy URI based on the set environment variables, unless exluded by no_proxy, in which case nil is returned

# File 'lib/chef-config/config.rb', line 937

def self.proxy_uri(scheme, host, port)
  proxy_env_var = ENV["#{scheme}_proxy"].to_s.strip

  # Check if the proxy string contains a scheme. If not, add the url's scheme to the
  # proxy before parsing. The regex /^.*:\/\// matches, for example, http://. Reusing proxy
  # here since we are really just trying to get the string built correctly.
  proxy = if !proxy_env_var.empty?
            if proxy_env_var =~ /^.*:\/\//
              URI.parse(proxy_env_var)
            else
              URI.parse("#{scheme}://#{proxy_env_var}")
            end
          end

  return proxy unless fuzzy_hostname_match_any?(host, ENV["no_proxy"])
end

.set_defaults_for_nix ⇒ Object

# File 'lib/chef-config/config.rb', line 709

def self.set_defaults_for_nix
  # Those lists of regular expressions define what chef considers a
  # valid user and group name
  #
  # user/group cannot start with '-', '+' or '~'
  # user/group cannot contain ':', ',' or non-space-whitespace or null byte
  # everything else is allowed (UTF-8, spaces, etc) and we delegate to your O/S useradd program to barf or not
  # copies: http://anonscm.debian.org/viewvc/pkg-shadow/debian/trunk/debian/patches/506_relaxed_usernames?view=markup
  default :user_valid_regex, [ /^[^-+~:,\t\r\n\f\0]+[^:,\t\r\n\f\0]*$/ ]
  default :group_valid_regex, [ /^[^-+~:,\t\r\n\f\0]+[^:,\t\r\n\f\0]*$/ ]
end

.set_defaults_for_windows ⇒ Object

# File 'lib/chef-config/config.rb', line 698

def self.set_defaults_for_windows
  # Those lists of regular expressions define what chef considers a
  # valid user and group name
  # From http://technet.microsoft.com/en-us/library/cc776019(WS.10).aspx
  principal_valid_regex_part = '[^"\/\\\\\[\]\:;|=,+*?<>]+'
  default :user_valid_regex, [ /^(#{principal_valid_regex_part}\\)?#{principal_valid_regex_part}$/ ]
  default :group_valid_regex, [ /^(#{principal_valid_regex_part}\\)?#{principal_valid_regex_part}$/ ]

  default :fatal_windows_admin_check, false
end

.windows_home_path ⇒ Object

# File 'lib/chef-config/config.rb', line 735

def self.windows_home_path
  ChefConfig.logger.deprecation("Chef::Config.windows_home_path is now deprecated.  Consider using Chef::Util::PathHelper.home instead.")
  PathHelper.home
end

Instance Method Details

#user ⇒ Object

Daemonization Settings ## What user should Chef run as?

# File 'lib/chef-config/config.rb', line 278

default :user, nil