lib/chef-config/mixin/train_transport.rb
# Author:: Bryan McLellan <btm@loftninjas.org> # Copyright:: Copyright (c) Chef Software Inc. # License:: Apache License, Version 2.0 # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # require_relative "credentials" autoload :Train, "train" require_relative "../config" require "chef-utils/dist" unless defined?(ChefUtils::Dist) module ChefConfig module Mixin module TrainTransport include ChefConfig::Mixin::Credentials attr_accessor :logger def initialize(logger) @logger = logger end # # Returns a RFC099 credentials profile as a hash # def load_credentials(profile) # Tomlrb.load_file returns a hash with keys as strings credentials = parse_credentials_file if contains_split_fqdn?(credentials, profile) logger.warn("Credentials file #{credentials_file_path} contains target '#{profile}' as a Hash, expected a string.") logger.warn("Hostnames must be surrounded by single quotes, e.g. ['host.example.org']") end # host names must be specified in credentials file as ['foo.example.org'] with quotes if !credentials.nil? && !credentials[profile].nil? credentials[profile].transform_keys(&:to_sym) # return symbolized keys to match Train.options() else nil end end # Toml creates hashes when a key is separated by periods, e.g. # [host.example.org] => { host: { example: { org: {} } } } # # Returns true if the above example is true # # A hostname has to be specified as ['host.example.org'] # This will be a common mistake so we should catch it # def contains_split_fqdn?(hash, fqdn) fqdn.split(".").reduce(hash) do |h, k| v = h[k] if Hash === v v else break false end end end # ChefConfig::Mixin::Credentials.credentials_file_path is designed around knife, # overriding it here. # # Credentials file preference: # # 1) target_mode.credentials_file # 2) /etc/chef/TARGET_MODE_HOST/credentials # 3) #credentials_file_path from parent ($HOME/.chef/credentials) # def credentials_file_path tm_config = config.target_mode profile = tm_config.host credentials_file = if tm_config.credentials_file && File.exist?(tm_config.credentials_file) tm_config.credentials_file elsif File.exist?(config.platform_specific_path("#{ChefConfig::Config.etc_chef_dir}/#{profile}/credentials")) config.platform_specific_path("#{ChefConfig::Config.etc_chef_dir}/#{profile}/credentials") else super end raise ArgumentError, "No credentials file found for target '#{profile}'" unless credentials_file raise ArgumentError, "Credentials file specified for target mode does not exist: '#{credentials_file}'" unless File.exist?(credentials_file) logger.debug("Loading credentials file '#{credentials_file}' for target '#{profile}'") credentials_file end def build_transport return nil unless config.target_mode? # TODO: Consider supporting parsing the protocol from a URI passed to `--target` # train_config = {} # Load the target_mode config context from config, and place any valid settings into the train configuration tm_config = config.target_mode protocol = tm_config.protocol train_config = tm_config.to_hash.select { |k| Train.options(protocol).key?(k) } logger.trace("Using target mode options from #{ChefUtils::Dist::Infra::PRODUCT} config file: #{train_config.keys.join(", ")}") if train_config # Load the credentials file, and place any valid settings into the train configuration credentials = load_credentials(tm_config.host) if credentials valid_settings = credentials.select { |k| Train.options(protocol).key?(k) } valid_settings[:enable_password] = credentials[:enable_password] if credentials.key?(:enable_password) train_config.merge!(valid_settings) logger.trace("Using target mode options from credentials file: #{valid_settings.keys.join(", ")}") if valid_settings end train_config[:logger] = logger # Train handles connection retries for us Train.create(protocol, train_config) rescue SocketError => e # likely a dns failure, not caught by train e.message.replace "Error connecting to #{train_config[:target]} - #{e.message}" raise e rescue Train::PluginLoadError logger.error("Invalid target mode protocol: #{protocol}") exit(1) end def config raise NotImplementedError end end end end