blob: e1a725bd4edb349378b63747e92426e757c2b99a [file] [log] [blame]
// Copyright 2017 The LUCI Authors.
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// See the License for the specific language governing permissions and
// limitations under the License.
// Package chromeinfra contains hardcoded values related to Chrome Infra.
// It is supposed to be imported only by leaf 'main' packages of various
// binaries. All non-main packages must not hardcode any environment related
// values and must accept them as parameters passed from 'main'.
package chromeinfra
import (
homedir ""
// TODO(vadimsh): Move the rest of hardcoded stuff here:
// * tsmon config file: "/etc/chrome-infra/ts-mon.json"
// * tsmon secrets dir: same as SecretsDir below.
// * tsmon network detection regexp: `^([\w-]*?-[acm]|master)(\d+)a?$`
const (
// BuildbucketHost is the hostname of the Buildbucket service to connect to
// by default.
BuildbucketHost = ""
// CIPDServiceURL is URL of a CIPD backend to connect to by default.
CIPDServiceURL = ""
// LogDogHost is the default host of the production LogDog service in Chrome
// Operations.
LogDogHost = ""
// LogDogHostAppSpot is the "" host equivalent of LogDogHost.
LogDogHostAppSpot = ""
// LogDogDevHost is the default host of the development LogDog service in
// Chrome Operations.
LogDogDevHost = ""
// MachineDatabaseHost is the URL of the Machine Database.
MachineDatabaseHost = ""
// MachineDatabaseDevHost is the URL of the Machine Database dev instance.
MachineDatabaseDevHost = ""
// ConfigServiceHost is the default host of LUCI config service.
ConfigServiceHost = ""
// ResultDBHost is the hostname of the production ResultDB service.
ResultDBHost = ""
// TestSpannerInstance is the name of the Spanner instance used for testing.
TestSpannerInstance = "projects/chops-spanner-testing/instances/testing"
// DefaultAuthOptions returns auth.Options struct prefilled with chrome-infra
// defaults.
func DefaultAuthOptions() auth.Options {
// Note that ClientSecret is not really a secret since it's hardcoded into
// the source code (and binaries). It's totally fine, as long as it's callback
// URI is configured to be 'localhost'. If someone decides to reuse such
// ClientSecret they have to run something on user's local machine anyway
// to get the refresh_token.
return auth.Options{
ClientID: "",
ClientSecret: "uBfbay2KCy9t4QveJ-dOqHtp",
SecretsDir: SecretsDir(),
// SetDefaultAuthOptions sets the chromeinfra defaults on `opts`, returning the
// updated Options.
func SetDefaultAuthOptions(opts auth.Options) auth.Options {
dflts := DefaultAuthOptions()
ret := opts
ret.ClientID = dflts.ClientID
ret.ClientSecret = dflts.ClientSecret
ret.SecretsDir = dflts.SecretsDir
return ret
var secrets struct {
once sync.Once
val string
// SecretsDir returns an absolute path to a directory (in $HOME) to keep secret
// files in (e.g. OAuth refresh tokens) or an empty string if $HOME can't be
// determined (happens in some degenerate cases, it just disables auth token
// cache).
func SecretsDir() string {
secrets.once.Do(func() {
home, err := homedir.Dir()
if err != nil {
fmt.Fprintf(os.Stderr, "Can't resolve $HOME: %s", err)
} else {
secrets.val = filepath.Join(home, ".config", "chrome_infra", "auth")
return secrets.val