Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Git/Svn proxy through system config. #40

Closed
wants to merge 2 commits into from
Closed

Add support for Git/Svn proxy through system config. #40

wants to merge 2 commits into from

Conversation

johnbellone
Copy link
Contributor

This adds support for overriding the HTTP proxy for Git/Svn by setting the
system configuration. It uses the git command itself to write to the
config file.

@johnbellone
Copy link
Contributor Author

The main reason for this instead of simply using the existing environment variables is that I often run into cases where I may need to use a separate proxy to get at some git repositories that are inside a different network.

@tmatilai
Copy link
Owner

Hi John,

thanks for the issue and work!

In general sounds like a valid use case for me. Some first thoughts and comments:

  • git is normally not installed on baseboxes, so ideally this could hook after each provisioner run. Example config in Support hooking around provisioners runs hashicorp/vagrant#2405. But even that works only in Vagrant 1.4.
  • The configuration should be idempotent and stay in sync with Vagrantfile (changes, removals).
  • Do you install git and access the remote repos using a provisioner (Chef)? If the cookbooks are homegrown for you infra, would it be easier to add proxy configuration there via node attributes?

OK, I'll find some popcorn and keep watching where this is going. 😎

@johnbellone
Copy link
Contributor Author

@tmatilai Cool, that makes sense. I'll take a look into using that.

What's the best pattern here since the current builder calls all of the proxies. Should I make another Action to just handle post provisioning configurations?

@tmatilai
Copy link
Owner

I think I would add another middleware stack builder method into ProxyConf::Action class. It should have the same IsEnabled check and so far only the ConfigureGitProxy action. No need for OnlyOnce handling here.

And obviously the capability should verify that git is found in PATH, maybe with something like machine.communicate.test('git --version').

@johnbellone
Copy link
Contributor Author

@tmatilai What do you think about this approach?

Will add appropriate tests.

tmatilai
tmatilai reviewed Jan 10, 2014
View reviewed changes
lib/vagrant-proxyconf/action/configure_git_proxy.rb
private

def configure_machine(machine, config)
write_config(machine, sudo_config(config), path: '/etc/gitconfig', mode: '0444', append: true)
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • No need to set the mode here. The default 0644 is fine.
  • The path could come from capability as for other components.
  • s/sudo/git/ ;)

Have you tested that appending always works? Now every vagrant provision adds a new [http] section and proxy key. I assume git is fine with that? And if the value is empty, does it reset the setting for git? Sorry, I'm lazy to check myself before asking. :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have tested it locally and it works but I'm not thrilled with it. Really the only way I think to reliably get around this is to use the git configuration command itself.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can start with this, but disable it by default and label it a bit experimental. I.e. add config.git_proxy.enabled which is false by default. What do you think?

Then later we can change this to use git config when the infra is ready for hooking to provision actions. I'll need that for e.g. maven support anyway. And we can anyway enable this by default later. Other way around it might be a breaking change for somebody.

@tmatilai
Copy link
Owner

@johnbellone looks promising! Probably a good idea to just write the config without waiting for git being installed. Still thinking if this should be enabled by default or by opt-in...

@johnbellone
Copy link
Contributor Author

That's up to you. :)—
Sent from Mailbox for iPhone
JB

On Thu, Jan 9, 2014 at 9:22 PM, Teemu Matilainen [email protected]
wrote:

@johnbellone looks promising! Probably a good idea to just write the config without waiting for git being installed. Still thinking if this should be enabled by default or by opt-in...

Reply to this email directly or view it on GitHub:
#40 (comment)

@johnbellone
Copy link
Contributor Author

@tmatilai What do you think?

@tmatilai
Copy link
Owner

Looking mostly really good! I'll get back to it when I have resolved the provisioner hooking in #34 and merged it.

@johnbellone
Copy link
Contributor Author

@tmatilai Sounds good! Let me know if I can help at all.

@johnbellone johnbellone mentioned this pull request Jan 15, 2014
Open
@okonomiyaki3000
Copy link

👍

@johnbellone
Copy link
Contributor Author

@tmatilai Rebased against master. 🚢 ?

@tmatilai
Copy link
Owner

John, sorry I forgot to mention that I´ll be on vacation this week. I
basically forgot it myself, too ;)
I´m travelling without my computer, and mostly offline, so I`ll get
back to this in a week or so.

tmatilai
tmatilai reviewed Jan 25, 2014
View reviewed changes
lib/vagrant-proxyconf/action/base.rb
comm.sudo("mv #{tmp} #{path}")

if opts[:append]
comm.sudo("cat #{tmp} | tee -a #{path}")
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

First, "cat #{tmp} >> #{path}" would be simpler. But this ignores :mode and :owner options as those are set only for the tmp file.

@tmatilai
Copy link
Owner

tmatilai commented Feb 3, 2014

Sorry for this taking so long from my part. I rebased and will test and make some changes locally.

John Bellone added 2 commits February 8, 2014 17:22
@johnbellone
Add support for Git proxy through system config.
de10eb6 
This adds support for overriding the HTTP proxy for Git by setting the
system configuration. It uses the git command itself to write to the
config file.
@johnbellone
Add support for Subversion HTTP proxies.
628fee7 
I ran into this while attempting to build MRI 1.8.7 which seems to
checkout from the old Subversion repository. At any rate unfortunately
ti seems that Subversion itself doesn't have a `config` command so we're
left with simply writing it directly to /etc/subversion/servers.
@johnbellone
Copy link
Contributor Author

@tmatilai Rebased again. Let me know if there's anything else :).

@tmatilai
Copy link
Owner

tmatilai commented Feb 9, 2014

@johnbellone thanks again! As I said I already have a rebased and modified branch in (slow) progress. But too little hacking time lately. :/
But hopefully tonight.

I'm also still not sure about all the functionality here. It would help if you could share some kind of example Vagrantfile how you use this. And bonus bullets:

  • Do you install git/svn at the same provisioner run when you try to use them? Would it be enough to configure them after each provisioner run?
  • As git respects HTTP_PROXY env var, I'm planning disabling git configuration by default, and only do it if config.git_proxy settings are found. What do you think?
  • Do we really need the /etc/gitconfig writing, as git config should anyway work?
  • The svn configuration now unconditionally overrides the config. Not sure if that is a good thing...

@johnbellone
Copy link
Contributor Author

@tmatilai No worries! I can cook up a quick Vagrantfile, but really we're using it in combination with dotenv to set the host environment variables. I think disabling it by default is a good decision. I need them to be separate because of pulling Git repositories from a separate proxy than (certain) HTTP traffic.

I'd prefer just using git config only and not setting the variables. The issue that we can run into through is if we're installing git on a current provision (e.g. not already installed) we would have an issue if it needed a separate proxy than the HTTP_PROXY environment variables.

I'm not sure about Subversion either. There are only a few groups using it here and it seems to work alright for them. I ran across it because we had an immediate need and it seemed like a quick win :).

I think its safe to assume Git/Svn can be configured in subsequent provisions.

@tmatilai
Copy link
Owner

@johnbellone thanks for the explanation, helps a lot! Finally I ended up running behind some yaks yesterday, but promise to prioritize this high. I think we could start with a bit conservative setup, and see if it's enough. I'll try to get something out soon for you to review.

@tmatilai tmatilai mentioned this pull request Feb 11, 2014
Merged
@tmatilai
Copy link
Owner

Merged as part of #49.

@tmatilai tmatilai closed this Feb 16, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@johnbellone @tmatilai @okonomiyaki3000