Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Honor chef_server_url for sandbox uploads #7721

Closed

Conversation

sbbowers
Copy link

@sbbowers sbbowers commented Oct 4, 2018

Description

Chef uploads cookbooks transactionally by generating a unique sandbox
URL to upload all the associated files to using a "POST
/organizations//sandboxes" operation.

This POST operation returns the URL of the sandbox that should then be
used to PUT the cookbook's files to. This URL is pre-resolved, based on
the configuration of the chef server, which can be different from what
is configured in the client.

In special cases of network configuration, this discrepancy forces the
client to use a URL with a non-resolvable or unreachable host for
uploading cookbooks, rather than the scheme/host/port configured with
chef_server_url.

This change parses the sandbox URL returned by the server "POST
/organizations//sandboxes" operation, and rewrites
it honor the chef_server_url configuration for subsequent cookbook PUT operations.

Issues Resolved

Check List

Chef uploads cookbooks transactionally by generating a unique sandbox
URL to upload all the associated files to using a "POST
/organizations/<organization>/sandboxes" operation.

This POST operation returns the URL of the sandbox that should then be
used to PUT the cookbook's files to. This URL is pre-resolved, based on
the configuration of the chef server, which can be different from what
is configured in the client.

In special cases of network configuration, this discrepancy forces the
client to use a URL with a non-resolvable or unreachable host for
uploading cookbooks, rather than the scheme/host/port configured with
chef_server_url.

This change parses the sandbox URL returned by the server, and rewrites
it honor the chef_server_url configuration.

Semi-Related to: chef/chef-server#50

Signed-off-by: Scott Bowers <[email protected]>
@sbbowers sbbowers requested a review from a team October 4, 2018 14:59
Copy link
Contributor

@stevendanna stevendanna left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the detailed description of the problem you are trying to solve. Unfortunately, this change would break cookbook uploads for anyone using Hosted Chef or anyone using their own Chef Server with cookbook storage configured to point at their own S3 bucket.

I realize this is easier to fix here, but I think we need to dig into why chef/chef-server#50 regressed and/or wasn't ever fixed.

@sbbowers sbbowers closed this Oct 4, 2018
@sbbowers sbbowers deleted the cookbook-uploader-sandbox-url-fix branch October 4, 2018 18:24
@sbbowers
Copy link
Author

sbbowers commented Oct 8, 2018

Ah. I understand the use case with the cookbook storage back-end; thank you for pointing that out.

Would a pull request for a new setting be acceptable? It could be something like "cookbook_upload_proxy", that we could configure in our client.rb/knife.rb to allow us to over-ride the host/port of the sandbox URLs provided from the server. This would also ensure continuing compatibility for the various storage back-ends by default.

I agree that this problem is ultimately a deficiency in the server code, however, the server can't (and probably shouldn't) know about every potential client configuration used to connect to it. A cookbook proxy setting on the client side could also be used to create compatibility with various chef server configurations, as the API itself would have to change in order to fix chef/chef-server#50.

@lock
Copy link

lock bot commented Dec 7, 2018

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Dec 7, 2018
@sbbowers sbbowers restored the cookbook-uploader-sandbox-url-fix branch January 9, 2019 22:18
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants