agentless-catalog-executor 0.9.1 → 0.10.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: d791e5e1528ffc2b85e6040851de75ef8618d918
4
- data.tar.gz: 552781fb8ab839d69ac6c51a0d1e6d602cb317e4
2
+ SHA256:
3
+ metadata.gz: 92395f0079ad1725aee845a780da2c613c02b6709053288e60ff374bf9f1260c
4
+ data.tar.gz: a8e35c7eaca53dc0e294779122a50f85b325b312c51bcdca192bcfd4b00d3b18
5
5
  SHA512:
6
- metadata.gz: 4fef3a93cdb37b5ab0d6604f2e90af25413957f5323913b11fa9d19629e1e4b9f43c7fd4a55b453100cf127d295c4b611dac99b04781cb8be8aafef1a3b88e75
7
- data.tar.gz: abd5923765bf1bc755312655fc181b00ac7e61c7029d74ac1d48bf96b7bd3a45cb89b0a6cac9a75b62866e190e00ec090e433a600cb74eafffd72211ef1177e1
6
+ metadata.gz: 4eeeacc1233b2541287c3965409f9b8e155de490e430ee0eb927af210484fa42d81f4bc475bc88f5475464639489d41bac550943751f38a3e493af64e8caa8a5
7
+ data.tar.gz: a8e6988f55d193eb286e1139aa5b7f8dbc37849ff77d8664a27140878de2ad1715d0ca3438f787ceaf842107d01890bb287d53c1e3a2e782ea1f5a11b8ea6d09
data/.rubocop.yml CHANGED
@@ -13,6 +13,9 @@ AllCops:
13
13
  Style/IfUnlessModifier:
14
14
  Enabled: false
15
15
 
16
+ Style/WordArray:
17
+ Enabled: false
18
+
16
19
  Style/AccessModifierDeclarations:
17
20
  Enabled: false
18
21
 
data/.travis.yml CHANGED
@@ -1,7 +1,16 @@
1
- sudo: false
1
+ dist: xenial
2
2
  language: ruby
3
3
  rvm:
4
4
  - 2.5.1
5
5
  env:
6
6
  - COVERAGE=yes
7
- before_install: gem install bundler -v 1.16.1
7
+ services:
8
+ - docker
9
+ # Workaround for https://tickets.puppetlabs.com/browse/FM-8106
10
+ install: bundle install --path=.bundle
11
+ before_install:
12
+ - docker network create spec_default
13
+ - docker-compose -f ./spec/docker-compose.yml up -d --build
14
+ - docker ps -a
15
+ - while true; do echo Checking...; echo $(docker logs spec_puppet_1 --tail 10) | grep -q 'Puppet Server has successfully started' && break; sleep 1; done ;
16
+ - docker exec spec_puppet_1 puppetserver ca generate --certname aceserver --subject-alt-names 'puppet,localhost,aceserver,ace_aceserver_1,spec_puppetserver_1,ace_server,puppet_server,spec_aceserver_1,puppetdb,spec_puppetdb_1,0.0.0.0'
data/CHANGELOG.md CHANGED
@@ -3,6 +3,21 @@
3
3
  All significant changes to this repo will be summarized in this file.
4
4
 
5
5
 
6
+ ## [v0.10.0](https://github.com/puppetlabs/ace/tree/v0.10.0) (2019-07-25)
7
+ [Full Changelog](https://github.com/puppetlabs/ace/compare/v0.9.1...v0.10.0)
8
+
9
+ **Merged pull requests:**
10
+
11
+ - fixed rubocop offenses [\#46](https://github.com/puppetlabs/ace/pull/46) ([Lavinia-Dan](https://github.com/Lavinia-Dan))
12
+ - \(FM-8106\) Workaround license\_finder issue [\#45](https://github.com/puppetlabs/ace/pull/45) ([DavidS](https://github.com/DavidS))
13
+ - \(FM-7953\) Add acceptance tests to travis [\#43](https://github.com/puppetlabs/ace/pull/43) ([da-ar](https://github.com/da-ar))
14
+ - \(maint\) making it clear on order of running the containers [\#42](https://github.com/puppetlabs/ace/pull/42) ([Thomas-Franklin](https://github.com/Thomas-Franklin))
15
+ - \(FM-7954\) plugin cache purge for stale environments [\#41](https://github.com/puppetlabs/ace/pull/41) ([Thomas-Franklin](https://github.com/Thomas-Franklin))
16
+ - \(maint\) fixing up the docker setup for executing catalogs [\#40](https://github.com/puppetlabs/ace/pull/40) ([Thomas-Franklin](https://github.com/Thomas-Franklin))
17
+ - \(maint\) Docker doc update [\#39](https://github.com/puppetlabs/ace/pull/39) ([willmeek](https://github.com/willmeek))
18
+ - \(FM-7927\) Update developer docs [\#38](https://github.com/puppetlabs/ace/pull/38) ([DavidS](https://github.com/DavidS))
19
+ - \(FM-7975\) Remove mock responses from /execute\_catalog endpoint [\#37](https://github.com/puppetlabs/ace/pull/37) ([da-ar](https://github.com/da-ar))
20
+
6
21
  ## [v0.9.1](https://github.com/puppetlabs/ace/tree/v0.9.1) (2019-04-16)
7
22
  [Full Changelog](https://github.com/puppetlabs/ace/compare/v0.9.0...v0.9.1)
8
23
 
@@ -12,6 +27,7 @@ All significant changes to this repo will be summarized in this file.
12
27
 
13
28
  **Merged pull requests:**
14
29
 
30
+ - \(maint\) Release prep for v0.9.1 [\#36](https://github.com/puppetlabs/ace/pull/36) ([willmeek](https://github.com/willmeek))
15
31
  - \(FM-7927\) Docs review [\#35](https://github.com/puppetlabs/ace/pull/35) ([clairecadman](https://github.com/clairecadman))
16
32
 
17
33
  ## [v0.9.0](https://github.com/puppetlabs/ace/tree/v0.9.0) (2019-04-16)
data/Dockerfile CHANGED
@@ -1,5 +1,5 @@
1
1
  # Install gems
2
- FROM alpine:3.8 as build
2
+ FROM puppet/puppet-agent-alpine:6.4.2 as build
3
3
 
4
4
  RUN \
5
5
  apk --no-cache add build-base ruby-dev ruby-bundler ruby-json ruby-bigdecimal git openssl-dev && \
@@ -10,14 +10,9 @@ RUN mkdir /ace
10
10
  # Gemfile requires gemspec which requires ace/version which requires ace
11
11
  ADD . /ace
12
12
  WORKDIR /ace
13
- RUN rm Gemfile.lock
13
+ RUN rm -f Gemfile.lock
14
14
  RUN bundle install --no-cache --path vendor/bundle
15
15
 
16
- # symlink the usr local ruby to the one expected
17
- # in a task
18
- RUN mkdir -p /opt/puppetlabs/puppet/bin/ && \
19
- ln -s /usr/bin/ruby /opt/puppetlabs/puppet/bin/ruby
20
-
21
16
  # Final image
22
17
  FROM build
23
18
  ARG ace_version=no-version
data/Gemfile CHANGED
@@ -8,6 +8,7 @@ group :tests do
8
8
  gem 'codecov'
9
9
  gem 'license_finder' if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('2.4.0')
10
10
  gem 'simplecov-console'
11
+ gem 'webmock'
11
12
  end
12
13
 
13
14
  group :development do
@@ -15,7 +16,6 @@ group :development do
15
16
  gem 'github_changelog_generator', '~> 1.14'
16
17
  gem 'pry-byebug'
17
18
  gem 'rubocop-rspec'
18
- gem 'webmock'
19
19
  end
20
20
 
21
21
  # Specify your gem's dependencies in agentless-catalog-executor.gemspec
data/README.md CHANGED
@@ -1,22 +1,26 @@
1
1
  # Agentless::Catalog::Executor
2
2
 
3
- ## Installation
3
+ ## App Overview
4
+
5
+ The Agentless Catalog Executor (ACE) provides agentless executions services for tasks and catalogs to Puppet Enterprise (PE). See [developer-docs/api](developer-docs/api.md) for an API spec. See below for development info.
6
+
7
+ ## Code Overview
4
8
 
5
- The Agentless Catalog Executor (ACE) is built-in to Puppet Enterprise (PE) as pe-ace-server.
9
+ API entrypoints are in `lib/ace/transport_app.rb`.
6
10
 
7
- ## Usage
11
+ Fork isolation is implemented in `lib/ace/fork_utils.rb`
8
12
 
9
- To spin up an instance for development, run the puma server:
13
+ Catalog compilations use the certless [v4 catalog](https://github.com/puppetlabs/puppetserver/blob/master/documentation/puppet-api/v4/catalog.markdown) puppetserver endpoint and expose it through the indirector in `lib/puppet/indirector/catalog/certless.rb`.
14
+
15
+ ## Installation
10
16
 
11
- ```
12
- ACE_CONF=config/local.conf bundle exec puma -C config/transport_tasks_config.rb
13
- ```
17
+ ACE is built-in to PE as pe-ace-server.
14
18
 
15
19
  ## Development
16
20
 
17
- As ACE is dependent on Puppet Server, there is a docker-compose file in the `spec/` directory which we advise you run before the ACE service to ensure that the certs and keys are valid. For more information, see the [docker documentation](developer-docs/docker).
21
+ As ACE is dependent on Puppet Server, there is a docker-compose file in the `spec/` directory which we advise you run before the ACE service to ensure that the certs and keys are valid. For more information, see the [docker documentation](developer-docs/docker.md).
18
22
 
19
- To release a new version, update the version number in `version.rb` and run `bundle exec rake release`, which creates a git tag for the version, pushes git commits and tags, and pushes the `.gem` file to [rubygems.org](https://rubygems.org). Released gems are eventually consumed by [ace-vanagon](https://github.com/puppetlabs/ace-vanagon) and promoted into PE.
23
+ To release a new version, update the version number in `version.rb`, generate a new changelog with `bundle exec rake changelog`, commit the results and run `bundle exec rake release`, which creates a git tag for the version, pushes git commits and tags, and pushes the `.gem` file to [rubygems.org](https://rubygems.org). Released gems are eventually consumed by [ace-vanagon](https://github.com/puppetlabs/ace-vanagon) and promoted into PE.
20
24
 
21
25
  ## Contributing
22
26
 
data/Rakefile CHANGED
@@ -12,9 +12,7 @@ task default: %i[rubocop spec license_finder]
12
12
  #### RSPEC ####
13
13
  require 'rspec/core/rake_task'
14
14
 
15
- RSpec::Core::RakeTask.new(:spec) do |t|
16
- t.exclude_pattern = 'spec/acceptance/**/*_spec.rb'
17
- end
15
+ RSpec::Core::RakeTask.new(:spec)
18
16
 
19
17
  namespace :spec do
20
18
  desc 'Run RSpec code examples with coverage collection'
@@ -30,7 +30,8 @@ Gem::Specification.new do |spec|
30
30
  spec.add_dependency "rails-auth", ">= 2.1.4"
31
31
  spec.add_dependency "sinatra", ">= 2.0.4"
32
32
 
33
- spec.add_development_dependency "bundler", "~> 1.16"
33
+ spec.add_development_dependency "bundler", ">= 1.16", "< 3.0.0"
34
+ spec.add_development_dependency "faraday"
34
35
  spec.add_development_dependency "rack-test", "~> 1.0"
35
36
  spec.add_development_dependency "rake", "~> 10.0"
36
37
  spec.add_development_dependency "rspec", "~> 3.0"
data/config/docker.conf CHANGED
@@ -1,9 +1,18 @@
1
1
  ace-server: {
2
- ssl-cert: "spec/volumes/puppet/ssl/certs/aceserver.pem"
3
- ssl-key: "spec/volumes/puppet/ssl/private_keys/aceserver.pem"
4
- ssl-ca-cert: "spec/volumes/puppet/ssl/certs/ca.pem"
5
- ssl-ca-crls: "spec/volumes/puppet/ssl/certs/crl.pem"
6
- puppet-server-uri: "https://spec_puppet_1:8140"
2
+ # being explicit about the pathing within the container
3
+ # although it is ran from within the /ace directory
4
+ # we feel it is best to distinguish that this is a
5
+ # docker configuration file and not a `local`
6
+ ssl-cert: "/ace/spec/volumes/puppet/ssl/certs/aceserver.pem"
7
+ ssl-key: "/ace/spec/volumes/puppet/ssl/private_keys/aceserver.pem"
8
+ ssl-ca-cert: "/ace/spec/volumes/puppet/ssl/certs/ca.pem"
9
+ ssl-ca-crls: "/ace/spec/volumes/puppet/ssl/ca/ca_crl.pem"
10
+ # the dns of puppet within the docker network
11
+ # is the same as spec_puppet_1 locally as the
12
+ # hostname is `puppet` within the docker network
13
+ puppet-server-uri: "https://puppet:8140"
7
14
  loglevel: debug
15
+ # host to run the ACE service on, i.e.
16
+ # 0.0.0.0 within the container
8
17
  host: "0.0.0.0"
9
18
  }
@@ -110,30 +110,6 @@ The `compiler` is a JSON object which contains parameters regarding the compilat
110
110
  This is a copy of [bolt's task object](https://github.com/puppetlabs/bolt/blob/master/developer-docs/bolt-api-servers.md#task-object)
111
111
 
112
112
 
113
- ## Running ACE in a container
114
- *Recommended*
113
+ ## Running ACE
115
114
 
116
- From your checkout of ACE start the docker-compose to run ACE
117
-
118
- ```
119
- docker-compose up -d --build
120
- ```
121
-
122
- You can now make a curl request to ACE, which should respond with 'OK':
123
-
124
- ```
125
- curl -X POST http://0.0.0.0:44633/check
126
- ```
127
-
128
- ## Running from source
129
-
130
- From your checkout of ACE run
131
-
132
- ```
133
- bundle exec puma -p 44633 -C puma_config.rb
134
- ```
135
-
136
- You can now make a curl request to ACE, which should respond with 'OK':
137
- ```
138
- curl -X POST http://0.0.0.0:44633/check
139
- ```
115
+ See the [docker](docker.md) docs on how to run ACE for development.
@@ -4,27 +4,16 @@
4
4
 
5
5
  [Docker-compose installation](https://docs.docker.com/compose/install/) would need to be followed and setup in order to use the ACE containers for development.
6
6
 
7
-
8
- The ACE compose file is dependent on a Docker network created when launching the Puppetserver and PuppetDB containers within the `spec/` directory, the network will default to `spec_default`, since the containers are built from the `spec/` directory they will be assigned the `<folder>_default` network.
9
-
10
- As the ACE container is build outside of the `spec/` directory it would not be able to create the `spec_default` network. This can be created manually through:
11
-
12
- ```
13
- docker network create spec_default
14
- ```
15
-
16
- Once this is done the ACE container can be launched by executing the following within the root folder:
7
+ The ACE service is dependent on having access to a Puppetserver and a PuppetDB, these are included as Docker containers. Navigate to the `spec/` folder and build the Puppetserver and PuppetDB containers using the following command.
17
8
 
18
9
  ```
19
10
  docker-compose up -d --build
20
11
  ```
21
12
 
22
- This will take some time as it needs to perform the initial build of fetching the images and running through the build.
23
-
24
- Navigate to the `spec/` folder and build the Puppetserver and PuppetDB containers using the same command. The Puppetserver will take some time to start and typically using the following command to verify that it is ready:
13
+ The Puppetserver will take some time to start and typically using the following command to verify that it is ready:
25
14
 
26
15
  ```
27
- docker logs --follow spec_puppetserver_1
16
+ docker logs --follow spec_puppet_1
28
17
  ```
29
18
 
30
19
  Once the Puppetserver is ready, the following message is reported:
@@ -42,7 +31,7 @@ sudo chmod a+rx -R volumes/
42
31
 
43
32
  At this point it is required to generate certs for the `aceserver`, this can be achieved though:
44
33
 
45
- `docker exec spec_puppet_1 puppetserver ca generate --certname aceserver --subject-alt-names localhost,aceserver,ace_aceserver_1,spec_puppetserver_1,ace_server,puppet_server,spec_aceserver_1,puppetdb,spec_puppetdb_1,0.0.0.0,puppet`
34
+ `docker exec spec_puppet_1 puppetserver ca generate --certname aceserver --subject-alt-names localhost,aceserver,ace_aceserver_1,spec_puppetserver_1,ace_server,puppet_server,spec_aceserver_1,puppetdb,spec_puppetdb_1,0.0.0.0,puppet,spec_puppet_1,ace_aceserver_1`
46
35
 
47
36
  On Linux, ensure that you have access to the newly created files:
48
37
 
@@ -52,11 +41,26 @@ sudo chmod a+rx -R volumes/
52
41
 
53
42
  Reasoning for this is that it makes it easier to ensure that the cert names are consistent across environments.
54
43
 
44
+ Once the containers in the `spec/` directory are running, the ACE container can be launched by executing the following command within the root of the project:
45
+
46
+ ```
47
+ docker-compose up -d --build
48
+ ```
49
+
50
+ _Note_: If the `aceserver` certificate needs regenerated the following steps can be performed:
51
+
52
+ ```
53
+ docker exec spec_puppet_1 puppetserver ca revoke --certname aceserver
54
+ docker exec spec_puppet_1 rm /etc/puppetlabs/puppet/ssl/certs/aceserver.pem /etc/puppetlabs/puppet/ssl/private_keys/aceserver.pem /etc/puppetlabs/puppet/ssl/public_keys/aceserver.pem /etc/puppetlabs/puppet/ssl/ca/signed/aceserver.pem
55
+ ```
56
+
57
+ And then generate the certificate again using the `ca generate` command from above.
58
+
55
59
  ## Verifying the services
56
60
 
57
61
  [Postman](https://www.getpostman.com/) is advisable to verify that the endpoints are configured. In order to set up Postman, navigate to Settings > Certificates and add client certificates for hosts `0.0.0.0:8140` and `0.0.0.0:44633` where the CRT file points to `spec/volumes/puppet/ssl/certs/aceserver.pem` and Key file points to `spec/volumes/puppet/ssl/private_keys/aceserver.pem`
58
62
 
59
- *Note*: These cert and key files will only be created when the PuppetServer container has finished initalising.
63
+ *Note*: These cert and key files will only be created when the PuppetServer container has finished initalising and the `ca generate` command has been used.
60
64
 
61
65
  ### PuppetServer /tasks/:module/:task
62
66
 
data/lib/ace/error.rb CHANGED
@@ -17,15 +17,19 @@ module ACE
17
17
  end
18
18
 
19
19
  def to_h
20
+ Error.to_h(msg, kind, details, issue_code)
21
+ end
22
+
23
+ def to_json(opts = nil)
24
+ to_h.to_json(opts)
25
+ end
26
+
27
+ def self.to_h(message, kind, details = nil, issue_code = nil)
20
28
  h = { 'kind' => kind,
21
29
  'msg' => message,
22
30
  'details' => details }
23
31
  h['issue_code'] = issue_code if issue_code
24
32
  h
25
33
  end
26
-
27
- def to_json(opts = nil)
28
- to_h.to_json(opts)
29
- end
30
34
  end
31
35
  end
data/lib/ace/fork_util.rb CHANGED
@@ -2,6 +2,8 @@
2
2
 
3
3
  # English module required for $CHILD_STATUS rather than $?
4
4
  require 'English'
5
+ require 'json'
6
+ require 'ace/error'
5
7
 
6
8
  module ACE
7
9
  class ForkUtil
@@ -11,26 +13,46 @@ module ACE
11
13
  def self.isolate
12
14
  reader, writer = IO.pipe
13
15
  pid = fork {
16
+ # :nocov:
14
17
  success = true
15
18
  begin
16
19
  response = yield
17
20
  writer.puts JSON.generate(response)
21
+ rescue ACE::Error => e
22
+ writer.puts({
23
+ msg: e.message,
24
+ kind: e.kind,
25
+ details: {
26
+ class: e.class,
27
+ backtrace: e.backtrace
28
+ }
29
+ }.to_json)
30
+ success = false
18
31
  rescue StandardError => e
19
- writer.puts(e)
32
+ writer.puts({
33
+ msg: e.message,
34
+ kind: e.class,
35
+ details: {
36
+ class: e.class,
37
+ backtrace: e.backtrace
38
+ }
39
+ }.to_json)
20
40
  success = false
21
41
  ensure
22
42
  Process.exit! success
23
43
  end
44
+ # :nocov:
24
45
  }
25
46
  unless pid
26
- log "Could not fork"
47
+ warn "Could not fork"
27
48
  exit 1
28
49
  end
29
50
  writer.close
30
51
  output = reader.read
31
52
  Process.wait(pid)
32
53
  if $CHILD_STATUS != 0
33
- raise output
54
+ error = JSON.parse(output)
55
+ raise ACE::Error.new(error['msg'], error['kind'], error['details'])
34
56
  else
35
57
  JSON.parse(output)
36
58
  end
@@ -9,9 +9,19 @@ require 'ace/fork_util'
9
9
  module ACE
10
10
  class PluginCache
11
11
  attr_reader :cache_dir_mutex, :cache_dir
12
+
13
+ PURGE_TIMEOUT = 60 * 60
14
+ PURGE_INTERVAL = 24 * PURGE_TIMEOUT
15
+ PURGE_TTL = 7 * PURGE_INTERVAL
16
+
12
17
  def initialize(environments_cache_dir)
13
18
  @cache_dir = environments_cache_dir
14
19
  @cache_dir_mutex = Concurrent::ReadWriteLock.new
20
+
21
+ @purge = Concurrent::TimerTask.new(execution_interval: PURGE_INTERVAL,
22
+ timeout_interval: PURGE_TIMEOUT,
23
+ run_now: true) { expire(PURGE_TTL) }
24
+ @purge.execute
15
25
  end
16
26
 
17
27
  def setup
@@ -75,5 +85,23 @@ module ACE
75
85
  Puppet::Configurer::PluginHandler.new.download_plugins(env)
76
86
  libdir(File.join(environments_dir, 'plugins'))
77
87
  end
88
+
89
+ # the cache_dir will be the `cache-dir` from
90
+ # the ace config, with the appended environments, i.e.
91
+ # /opt/puppetlabs/server/data/ace-server/cache/environments
92
+ # then the directories within this path, which will be
93
+ # the puppet environments will be removed if they have
94
+ # not been modified in the last 7 days
95
+ # when the purge runs (every 24 hours)
96
+ def expire(purge_ttl)
97
+ expired_time = Time.now - purge_ttl
98
+ cache_dir_mutex.with_write_lock do
99
+ Dir.glob(File.join(cache_dir, '*')).select { |f| File.directory?(f) }.each do |dir|
100
+ if File.mtime(dir) < expired_time
101
+ FileUtils.remove_dir(dir)
102
+ end
103
+ end
104
+ end
105
+ end
78
106
  end
79
107
  end
@@ -104,9 +104,9 @@ module ACE
104
104
  def validate_schema(schema, body)
105
105
  schema_error = JSON::Validator.fully_validate(schema, body)
106
106
  if schema_error.any?
107
- ACE::Error.new("There was an error validating the request body.",
108
- 'puppetlabs/ace/schema-error',
109
- schema_error)
107
+ raise ACE::Error.new("There was an error validating the request body.",
108
+ 'puppetlabs/ace/schema-error',
109
+ schema_error: schema_error.first)
110
110
  end
111
111
  end
112
112
 
@@ -155,18 +155,19 @@ module ACE
155
155
 
156
156
  begin
157
157
  body = JSON.parse(request.body.read)
158
+ validate_schema(@schemas["run_task"], body)
159
+ rescue ACE::Error => e
160
+ request_error = { _error: e.to_h }
161
+ return [400, request_error.to_json]
158
162
  rescue StandardError => e
159
163
  request_error = {
160
- _error: ACE::Error.new(e.message,
161
- 'puppetlabs/ace/request_exception',
162
- class: e.class, backtrace: e.backtrace)
164
+ _error: ACE::Error.to_h(e.message,
165
+ 'puppetlabs/ace/request_exception',
166
+ class: e.class, backtrace: e.backtrace)
163
167
  }
164
168
  return [400, request_error.to_json]
165
169
  end
166
170
 
167
- error = validate_schema(@schemas["run_task"], body)
168
- return [400, error.to_json] unless error.nil?
169
-
170
171
  opts = body['target'].merge('protocol' => 'remote')
171
172
 
172
173
  # This is a workaround for Bolt due to the way it expects to receive the target info
@@ -195,57 +196,72 @@ module ACE
195
196
 
196
197
  begin
197
198
  body = JSON.parse(request.body.read)
199
+ validate_schema(@schemas["execute_catalog"], body)
200
+
201
+ environment = body['compiler']['environment']
202
+ certname = body['compiler']['certname']
203
+ trans_id = body['compiler']['transaction_uuid']
204
+ job_id = body['compiler']['job_id']
205
+ rescue ACE::Error => e
206
+ request_error = {
207
+ status: 'failure',
208
+ result: {
209
+ _error: e.to_h
210
+ }
211
+ }
212
+ return [400, request_error.to_json]
198
213
  rescue StandardError => e
199
214
  request_error = {
200
- _error: ACE::Error.new(e.message,
201
- 'puppetlabs/ace/request_exception',
202
- class: e.class, backtrace: e.backtrace)
215
+ status: 'failure',
216
+ result: {
217
+ _error: ACE::Error.to_h(e.message,
218
+ 'puppetlabs/ace/request_exception',
219
+ class: e.class, backtrace: e.backtrace)
220
+ }
203
221
  }
204
222
  return [400, request_error.to_json]
205
223
  end
206
224
 
207
- error = validate_schema(@schemas["execute_catalog"], body)
208
- return [400, error.to_json] unless error.nil?
209
-
210
- environment = body['compiler']['environment']
211
- certname = body['compiler']['certname']
212
-
213
- # TODO: (needs groomed) - proper error handling, errors within the block can be rescued
214
- # and handled correctly, ACE::Errors we can handle similar to the task
215
- # workflow, errors within the Configuer and not as pleasant - can have
216
- # _some_ control over them, especially around status codes from
217
- # the /v4/catalog endpoint
218
- @plugins.with_synced_libdir(environment, certname) do
219
- ACE::TransportApp.init_puppet_target(certname, body['target']['remote-transport'], body['target'])
220
- configurer = ACE::Configurer.new(body['compiler']['transaction_uuid'], body['compiler']['job_id'])
221
- configurer.run(transport_name: certname,
222
- environment: environment,
223
- network_device: true,
224
- pluginsync: false,
225
- trusted_facts: ACE::TransportApp.trusted_facts(certname))
226
- end
227
-
228
- # simulate expected error cases
229
- if body['compiler']['certname'] == 'fail.example.net'
230
- [200, { _error: {
231
- msg: 'catalog compile failed',
232
- kind: 'puppetlabs/ace/compile_failed',
233
- details: 'upstream api errors go here'
234
- } }.to_json]
235
- elsif body['compiler']['certname'] == 'credentials.example.net'
236
- [200, { _error: {
237
- msg: 'target specification invalid',
238
- kind: 'puppetlabs/ace/target_spec',
239
- details: 'upstream api errors go here'
240
- } }.to_json]
241
- elsif body['compiler']['certname'] == 'reports.example.net'
242
- [200, { _error: {
243
- msg: 'report submission failed',
244
- kind: 'puppetlabs/ace/reporting_failed',
245
- details: 'upstream api errors go here'
246
- } }.to_json]
225
+ begin
226
+ @plugins.with_synced_libdir(environment, certname) do
227
+ ACE::TransportApp.init_puppet_target(certname, body['target']['remote-transport'], body['target'])
228
+ configurer = ACE::Configurer.new(body['compiler']['transaction_uuid'], body['compiler']['job_id'])
229
+ configurer.run(transport_name: certname,
230
+ environment: environment,
231
+ network_device: true,
232
+ pluginsync: false,
233
+ trusted_facts: ACE::TransportApp.trusted_facts(certname))
234
+ end
235
+ rescue ACE::Error => e
236
+ process_error = {
237
+ certname: certname,
238
+ status: 'failure',
239
+ result: {
240
+ _error: e.to_h
241
+ }
242
+ }
243
+ return [400, process_error.to_json]
244
+ rescue StandardError => e
245
+ process_error = {
246
+ certname: certname,
247
+ status: 'failure',
248
+ result: {
249
+ _error: ACE::Error.to_h(e.message,
250
+ 'puppetlabs/ace/processing_exception',
251
+ class: e.class, backtrace: e.backtrace).to_h
252
+ }
253
+ }
254
+ return [500, process_error.to_json]
247
255
  else
248
- [200, '{}']
256
+ result = {
257
+ certname: certname,
258
+ status: 'report_generated',
259
+ result: {
260
+ transaction_uuid: trans_id,
261
+ job_id: job_id
262
+ }
263
+ }
264
+ [200, result.to_json]
249
265
  end
250
266
  end
251
267
  end
data/lib/ace/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module ACE
4
- VERSION = "0.9.1"
4
+ VERSION = "0.10.0"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: agentless-catalog-executor
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.1
4
+ version: 0.10.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Schmitt
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-04-16 00:00:00.000000000 Z
11
+ date: 2019-07-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bolt
@@ -112,16 +112,36 @@ dependencies:
112
112
  name: bundler
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
- - - "~>"
115
+ - - ">="
116
116
  - !ruby/object:Gem::Version
117
117
  version: '1.16'
118
+ - - "<"
119
+ - !ruby/object:Gem::Version
120
+ version: 3.0.0
118
121
  type: :development
119
122
  prerelease: false
120
123
  version_requirements: !ruby/object:Gem::Requirement
121
124
  requirements:
122
- - - "~>"
125
+ - - ">="
123
126
  - !ruby/object:Gem::Version
124
127
  version: '1.16'
128
+ - - "<"
129
+ - !ruby/object:Gem::Version
130
+ version: 3.0.0
131
+ - !ruby/object:Gem::Dependency
132
+ name: faraday
133
+ requirement: !ruby/object:Gem::Requirement
134
+ requirements:
135
+ - - ">="
136
+ - !ruby/object:Gem::Version
137
+ version: '0'
138
+ type: :development
139
+ prerelease: false
140
+ version_requirements: !ruby/object:Gem::Requirement
141
+ requirements:
142
+ - - ">="
143
+ - !ruby/object:Gem::Version
144
+ version: '0'
125
145
  - !ruby/object:Gem::Dependency
126
146
  name: rack-test
127
147
  requirement: !ruby/object:Gem::Requirement
@@ -247,7 +267,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
247
267
  version: '0'
248
268
  requirements: []
249
269
  rubyforge_project:
250
- rubygems_version: 2.6.12
270
+ rubygems_version: 2.7.6
251
271
  signing_key:
252
272
  specification_version: 4
253
273
  summary: ACE lets you run remote tasks and catalogs using puppet and bolt.