config.rb in chef_fixie-0.4.0

- old
+ new

@@ -1,7 +1,7 @@
 #
-# Copyright (c) 2014-2015 Chef Software Inc. 
+# Copyright (c) 2014-2015 Chef Software Inc.
 # License :: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -19,23 +19,24 @@
 # Much of this code was orginally derived from the orgmapper tool, which had many varied authors.
 
 require 'singleton'
 require 'ffi_yajl'
 require 'pathname'
+require 'veil'
 
 module ChefFixie
   def self.configure
     yield Config.instance
   end
 
   def self.load_config(config_file = nil)
     if config_file
-      puts "loading config: #{config_file}..."
+      puts "loading config: #{config_file}..." if ChefFixie::Console.started_from_command_line?
       Kernel.load(config_file)
     else
       path = "/etc/opscode"
-      puts "loading config from #{path}"
+      puts "loading config from #{path}" if ChefFixie::Console.started_from_command_line?
       ChefFixie::Config.instance.load_from_pc(path)
     end
   end
 
   def self.setup
@@ -102,27 +103,29 @@
       configdir = Pathname.new(dir)
 
       config_files = %w(chef-server-running.json)
       config = load_json_from_path([configdir], config_files)
 
+      secrets = load_secrets_from_path([configdir], %w(private-chef-secrets.json) )
+
       authz_config = config['private_chef']['oc_bifrost']
       authz_vip = authz_config['vip']
       authz_port = authz_config['port']
       @authz_uri = "http://#{authz_vip}:#{authz_port}"
-      
-      @superuser_id = authz_config['superuser_id']
 
+      @superuser_id = dig(secrets,['oc_bifrost','superuser_id']) || authz_config['superuser_id']
+
       sql_config = config['private_chef']['postgresql']
       erchef_config = config['private_chef']['opscode-erchef']
-      
+
       sql_user = sql_config['sql_user'] || erchef_config['sql_user']
-      sql_pw = sql_config['sql_password'] || erchef_config['sql_password']
+      sql_pw = dig(secrets, ['opscode_erchef', 'sql_password']) || sql_config['sql_password'] || erchef_config['sql_password']
       sql_vip = sql_config['vip']
       sql_port = sql_config['port']
-      
+
       @sql_database = "postgres://#{sql_user}:#{sql_pw}@#{sql_vip}/opscode_chef"
-      
+
       @pivotal_key = configdir + "pivotal.pem"
     end
 
     def load_json_from_path(pathlist, filelist)
       parser = FFI_Yajl::Parser.new
@@ -134,7 +137,37 @@
             return parser.parse(data)
           end
         end
       end
     end
+    def load_secrets_from_path(pathlist, filelist)
+      pathlist.each do |path|
+        filelist.each do |file|
+          configfile = path + file
+          if configfile.file?
+            data = Veil::CredentialCollection::ChefSecretsFile.from_file(configfile)
+            return data
+          end
+        end
+      end
+      nil
+    end
+
+    def dig(hash, list)
+      if hash.respond_to?(:get)
+        hash.get(*list)
+      elsif hash.nil?
+        nil?
+      elsif list.empty?
+        hash
+      else
+        element = list.shift
+        if hash.has_key?(element)
+          dig(hash[element], list)
+        else
+          nil
+        end
+      end
+    end
+
   end
 end