AUTH-2975 don't check /etc on windows

cmd/cloudflared/config/configuration.go

@@ -26,7 +26,8 @@ var (
 
 	// Launchd doesn't set root env variables, so there is default
 	// Windows default config dir was ~/cloudflare-warp in documentation; let's keep it compatible
-	DefaultConfigDirs = []string{"~/.cloudflared", "~/.cloudflare-warp", "~/cloudflare-warp", "/etc/cloudflared", DefaultUnixConfigLocation}
+	defaultUserConfigDirs = []string{"~/.cloudflared", "~/.cloudflare-warp", "~/cloudflare-warp"}
+	defaultNixConfigDirs  = []string{"/etc/cloudflared", DefaultUnixConfigLocation}
 )
 
 const DefaultCredentialFile = "cert.pem"
@@ -63,6 +64,16 @@ func DefaultConfigPath() string {
 	return filepath.Join(dir, DefaultConfigFiles[0])
 }
 
+// DefaultConfigSearchDirectories returns the default folder locations of the config
+func DefaultConfigSearchDirectories() []string {
+	dirs := make([]string, len(defaultUserConfigDirs))
+	copy(dirs, defaultUserConfigDirs)
+	if runtime.GOOS != "windows" {
+		dirs = append(dirs, defaultNixConfigDirs...)
+	}
+	return dirs
+}
+
 // FileExists checks to see if a file exist at the provided path.
 func FileExists(path string) (bool, error) {
 	f, err := os.Open(path)
@@ -86,10 +97,10 @@ func FindInputSourceContext(context *cli.Context) (altsrc.InputSourceContext, er
 }
 
 // FindDefaultConfigPath returns the first path that contains a config file.
-// If none of the combination of DefaultConfigDirs and DefaultConfigFiles
+// If none of the combination of DefaultConfigSearchDirectories() and DefaultConfigFiles
 // contains a config file, return empty string.
 func FindDefaultConfigPath() string {
-	for _, configDir := range DefaultConfigDirs {
+	for _, configDir := range DefaultConfigSearchDirectories() {
 		for _, configFile := range DefaultConfigFiles {
 			dirPath, err := homedir.Expand(configDir)
 			if err != nil {

cmd/cloudflared/path/path.go

@@ -13,7 +13,7 @@ import (
 
 // GenerateFilePathFromURL will return a filepath for given access application url
 func GenerateFilePathFromURL(url *url.URL, suffix string) (string, error) {
-	configPath, err := homedir.Expand(config.DefaultConfigDirs[0])
+	configPath, err := homedir.Expand(config.DefaultConfigSearchDirectories()[0])
 	if err != nil {
 		return "", err
 	}

cmd/cloudflared/tunnel/cmd.go

@@ -254,7 +254,7 @@ func StartServer(c *cli.Context, version string, shutdownC, graceShutdownC chan
 	dnsReadySignal := make(chan struct{})
 
 	if c.String("config") == "" {
-		logger.Infof("Cannot determine default configuration path. No file %v in %v", config.DefaultConfigFiles, config.DefaultConfigDirs)
+		logger.Infof("Cannot determine default configuration path. No file %v in %v", config.DefaultConfigFiles, config.DefaultConfigSearchDirectories())
 	}
 
 	if c.IsSet("trace-output") {
@@ -499,7 +499,7 @@ func Before(c *cli.Context) error {
 	}
 
 	if c.String("config") == "" {
-		logger.Debugf("Cannot determine default configuration path. No file %v in %v", config.DefaultConfigFiles, config.DefaultConfigDirs)
+		logger.Debugf("Cannot determine default configuration path. No file %v in %v", config.DefaultConfigFiles, config.DefaultConfigSearchDirectories())
 	}
 	inputSource, err := config.FindInputSourceContext(c)
 	if err != nil {

cmd/cloudflared/tunnel/configuration.go

@@ -34,10 +34,10 @@ var (
 	argumentsUrl    = developerPortal + "/reference/arguments/"
 )
 
-// returns the first path that contains a cert.pem file. If none of the DefaultConfigDirs
+// returns the first path that contains a cert.pem file. If none of the DefaultConfigSearchDirectories
 // contains a cert.pem file, return empty string
 func findDefaultOriginCertPath() string {
-	for _, defaultConfigDir := range config.DefaultConfigDirs {
+	for _, defaultConfigDir := range config.DefaultConfigSearchDirectories() {
 		originCertPath, _ := homedir.Expand(filepath.Join(defaultConfigDir, config.DefaultCredentialFile))
 		if ok, _ := config.FileExists(originCertPath); ok {
 			return originCertPath
@@ -95,7 +95,7 @@ func dnsProxyStandAlone(c *cli.Context) bool {
 func findOriginCert(c *cli.Context, logger logger.Service) (string, error) {
 	originCertPath := c.String("origincert")
 	if originCertPath == "" {
-		logger.Infof("Cannot determine default origin certificate path. No file %s in %v", config.DefaultCredentialFile, config.DefaultConfigDirs)
+		logger.Infof("Cannot determine default origin certificate path. No file %s in %v", config.DefaultCredentialFile, config.DefaultConfigSearchDirectories())
 		if isRunningFromTerminal() {
 			logger.Errorf("You need to specify the origin certificate path with --origincert option, or set TUNNEL_ORIGIN_CERT environment variable. See %s for more information.", argumentsUrl)
 			return "", fmt.Errorf("Client didn't specify origincert path when running from terminal")

cmd/cloudflared/tunnel/login.go

@@ -51,7 +51,7 @@ func login(c *cli.Context) error {
 }
 
 func checkForExistingCert() (string, bool, error) {
-	configPath, err := homedir.Expand(config.DefaultConfigDirs[0])
+	configPath, err := homedir.Expand(config.DefaultConfigSearchDirectories()[0])
 	if err != nil {
 		return "", false, err
 	}

cmd/cloudflared/tunnel/subcommand_context.go

@@ -125,7 +125,7 @@ func (sc *subcommandContext) tunnelCredentialsPath(tunnelID uuid.UUID) (string,
 	}
 
 	// Last resort look under default config directories
-	for _, configDir := range config.DefaultConfigDirs {
+	for _, configDir := range config.DefaultConfigSearchDirectories() {
 		if filePath, err := tunnelFilePath(tunnelID, configDir); err == nil {
 			if validFilePath(filePath) {
 				return filePath, nil