From a73e5c9dd8b3dffe544dd44f51a4516deb3cfe84 Mon Sep 17 00:00:00 2001
From: Jon Morrow <jmorrow@chef.io>
Date: Mon, 17 Aug 2020 18:42:24 -0700
Subject: Cloud Config

Signed-off-by: Jon Morrow <jmorrow@chef.io>
---
 VERSION                                         |  2 +-
 chef-config/lib/chef-config/mixin/chef_cloud.rb | 55 +++++++++++++++++++++++++
 lib/chef/api_client/registration.rb             | 12 +++---
 lib/chef/application.rb                         |  5 +++
 lib/chef/application/base.rb                    |  2 +
 lib/chef/application/client.rb                  |  3 ++
 omnibus/package-scripts/chef/postinst           |  6 +++
 7 files changed, 78 insertions(+), 7 deletions(-)
 create mode 100644 chef-config/lib/chef-config/mixin/chef_cloud.rb

diff --git a/VERSION b/VERSION
index 1b78b3ed30..6ea831b059 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-16.4.35
\ No newline at end of file
+16.4.36
\ No newline at end of file
diff --git a/chef-config/lib/chef-config/mixin/chef_cloud.rb b/chef-config/lib/chef-config/mixin/chef_cloud.rb
new file mode 100644
index 0000000000..1f12a82cc0
--- /dev/null
+++ b/chef-config/lib/chef-config/mixin/chef_cloud.rb
@@ -0,0 +1,55 @@
+#
+# Author:: Jon Morrow (jmorrow@chef.io)
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require_relative "../path_helper"
+
+module ChefConfig
+  module Mixin
+    module ChefCloud
+      CHEF_CLOUD_CLIENT_CONFIG = "/Library/Managed Preferences/io.chef.chef_client.plist"
+
+      def cloud_config?
+        File.file?(CHEF_CLOUD_CLIENT_CONFIG)
+      end
+      module_function :cloud_config?
+
+      def parse_cloud_config
+        return nil unless cloud_config?
+
+        begin
+          plist_cmd = Mixlib::ShellOut.new("plutil -convert json '" + CHEF_CLOUD_CLIENT_CONFIG + "' -o -")
+          plist_cmd.run_command
+          plist_cmd.error!
+          JSON.parse(plist_cmd.stdout)
+        rescue => e
+          # TOML's error messages are mostly rubbish, so we'll just give a generic one
+          message = "Unable to parse chef client cloud config.\n"
+          message << e.message
+          raise ChefConfig::ConfigurationError, message
+        end
+      end
+
+      # Load chef client cloud config configuration.
+      #
+      # @api internal
+      # @return [void]
+      def load_cloud_config
+        Config.merge!(Hash[parse_cloud_config.map { |k, v| [k.to_sym, v] }])
+      end
+    end
+  end
+end
diff --git a/lib/chef/api_client/registration.rb b/lib/chef/api_client/registration.rb
index b05a2852a8..2454c7774e 100644
--- a/lib/chef/api_client/registration.rb
+++ b/lib/chef/api_client/registration.rb
@@ -157,12 +157,12 @@ class Chef
       end
 
       def http_api
-        @http_api ||= Chef::ServerAPI.new(Chef::Config[:chef_server_url],
-          {
-            api_version: "0",
-            client_name: Chef::Config[:validation_client_name],
-            signing_key_filename: Chef::Config[:validation_key],
-          })
+        options = {}
+        options[:api_version] = "0"
+        options[:client_name] = Chef::Config[:validation_client_name]
+        options[:raw_key] = Chef::Config[:validation_key_contents]
+        options[:signing_key_filename] = Chef::Config[:validation_key] unless options[:raw_key]
+        @http_api ||= Chef::ServerAPI.new(Chef::Config[:chef_server_url], options)
       end
 
       # Whether or not to generate keys locally and post the public key to the
diff --git a/lib/chef/application.rb b/lib/chef/application.rb
index 322c10460d..286d8fb368 100644
--- a/lib/chef/application.rb
+++ b/lib/chef/application.rb
@@ -19,6 +19,7 @@
 require "pp" unless defined?(PP)
 require "socket" unless defined?(Socket)
 require_relative "config"
+require "chef-config/mixin/chef_cloud"
 require_relative "exceptions"
 require_relative "local_mode"
 require_relative "log"
@@ -136,6 +137,10 @@ class Chef
 
       if config[:config_file].nil?
         logger.warn("No config file found or specified on command line. Using command line options instead.")
+      elsif ChefConfig::Mixin::ChefCloud.cloud_config?
+        logger.warn("*****************************************")
+        logger.warn("Found Chef Cloud configuration. Overriding local values from cloud.")
+        logger.warn("*****************************************")
       elsif config_fetcher.config_missing?
         logger.warn("*****************************************")
         logger.warn("Did not find config file: #{config[:config_file]}. Using command line options instead.")
diff --git a/lib/chef/application/base.rb b/lib/chef/application/base.rb
index 1749284ea2..16d333d158 100644
--- a/lib/chef/application/base.rb
+++ b/lib/chef/application/base.rb
@@ -22,6 +22,7 @@ require_relative "../mixin/shell_out"
 require_relative "../config_fetcher"
 require_relative "../dist"
 require_relative "../daemon"
+require "chef-config/mixin/chef_cloud"
 require "chef-config/mixin/dot_d"
 require "license_acceptance/cli_flags/mixlib_cli"
 require "mixlib/archive" unless defined?(Mixlib::Archive)
@@ -39,6 +40,7 @@ require "mixlib/archive" unless defined?(Mixlib::Archive)
 #
 class Chef::Application::Base < Chef::Application
   include Chef::Mixin::ShellOut
+  include ChefConfig::Mixin::ChefCloud
   include ChefConfig::Mixin::DotD
   include LicenseAcceptance::CLIFlags::MixlibCLI
 
diff --git a/lib/chef/application/client.rb b/lib/chef/application/client.rb
index af942c0254..e5b13948a7 100644
--- a/lib/chef/application/client.rb
+++ b/lib/chef/application/client.rb
@@ -156,6 +156,9 @@ class Chef::Application::Client < Chef::Application::Base
 
     # Load all config files in client.d
     load_dot_d(Chef::Config[:client_d_dir]) if Chef::Config[:client_d_dir]
+
+    # Load cloud config if present
+    load_cloud_config
   end
 
   def configure_logging
diff --git a/omnibus/package-scripts/chef/postinst b/omnibus/package-scripts/chef/postinst
index 1500feac0c..60c612b624 100755
--- a/omnibus/package-scripts/chef/postinst
+++ b/omnibus/package-scripts/chef/postinst
@@ -101,4 +101,10 @@ chown -Rh 0:0 $INSTALLER_DIR
 
 echo "Thank you for installing Chef Infra Client! For help getting started visit https://learn.chef.io"
 
+cloud_config_file="/Library/Managed Preferences/io.chef.chef_client.plist"
+if is_darwin && test -f "$cloud_config_file"; then
+  echo "Cloud config found, running chef client"
+  /opt/chef/bin/chef-client --chef-license accept-silent
+fi
+
 exit 0
-- 
cgit v1.2.1