bolt 0.16.3 → 0.16.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6a4e9a05003d30c06467737a20e98334060a3954
-  data.tar.gz: ed19ba7afaab8ea3ff68b2dd5f53bc2830e7b6db
+  metadata.gz: dabc4d0d53c4dc91e19ca332cc074c70026d9934
+  data.tar.gz: e4bd3c566ddb2cb37724de78063c62eafc4e2fef
 SHA512:
-  metadata.gz: 6836a6e4a272e4a95e3152b011cfc49af3fd1cc290eaf5660b241b5e2a96784d8b80e0b7c6dcd1ac3bca0452e9b53e10ffe1b1db2b7c9398f34f762f1a50585f
-  data.tar.gz: deb82053d48301c05eb9c51eda38232e8baf9f211c720d45c657b91cedf0cce3fdd8fab0cfd3e957ee667e7b18461a4033925b3e3f7fe3a0ba92f6bf460d833d
+  metadata.gz: 579ed3e93ab4dc82d5ded1dedac8f42793217a6832360c13b8594cab22e5b2a6f6222ecb2a280bb7d6024f93374e3caca9037350c6dc05e80856202be813f84c
+  data.tar.gz: 25bff2cb74e014d109f3de109a1bf330a169367a528ffa40b29246020ca905578e90d0c4db08334455cb0d1b2a7ad98e1b8039fce5393546feb0de6947c85528

data/exe/bolt-inventory-pdb

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+
+require 'bolt_ext/puppetdb_inventory'
+
+exitcode = Bolt::PuppetDBInventory::CLI.new(ARGV).run
+exit exitcode

data/lib/bolt/executor.rb

@@ -84,7 +84,7 @@ module Bolt
                 next if promise.fulfilled?
                 error = $ERROR_INFO || Bolt::Error.new("No result was returned for #{target.uri}",
                                                        "puppetlabs.bolt/missing-result-error")
-                promise.set(Bolt::Result.from_exception(error))
+                promise.set(Bolt::Result.from_exception(target, error))
               end
             end
           end

data/lib/bolt/inventory.rb

@@ -91,9 +91,9 @@ module Bolt
     # Pass a target to get_targets for a public version of this
     # Should this reconfigure configured targets?
     def update_target(target)
-      inv_conf = config_for(target.host)
+      inv_conf = config_for(target.name)
       unless inv_conf
-        @logger.debug("Did not find #{target.host} in inventory")
+        @logger.debug("Did not find #{target.name} in inventory")
         inv_conf = {}
       end
 

data/lib/bolt/inventory/group.rb

@@ -6,19 +6,21 @@ module Bolt
       attr_accessor :name, :nodes, :groups, :config, :rest
 
       def initialize(data)
+        @logger = Logging.logger[self]
         @name = data['name']
 
-        @nodes = if data['nodes']
-                   data['nodes'].map do |n|
-                     if n.is_a? String
-                       { 'name' => n }
-                     else
-                       n
-                     end
-                   end
-                 else
-                   []
-                 end
+        @nodes = {}
+        if data['nodes']
+          data['nodes'].each do |n|
+            n = { 'name' => n } if n.is_a? String
+            if @nodes.include? n['name']
+              @logger.warn("Ignoring duplicate node in #{@name}: #{n}")
+            else
+              @nodes[n['name']] = n
+            end
+          end
+        end
+
         @config = data['config'] || {}
         @groups = if data['groups']
                     data['groups'].map { |g| Group.new(g) }
@@ -44,11 +46,12 @@ module Bolt
 
         used_names << @name
 
-        @nodes.each do |n|
-          # Require nodes to be referenced only by their host name
-          host = Addressable::URI.parse('//' + n['name']).host
-          ipv6host = Addressable::URI.parse('//[' + n['name'] + ']').host
-          if n['name'] != host && n['name'] != ipv6host
+        @nodes.each_value do |n|
+          # Require nodes to be parseable as a Target.
+          begin
+            Target.new(n['name'])
+          rescue Addressable::URI::InvalidURIError => e
+            @logger.debug(e)
             raise ValidationError.new("Invalid node name #{n['name']}", n['name'])
           end
 
@@ -80,7 +83,7 @@ module Bolt
       end
 
       def node_data(node_name)
-        if (data = @nodes.find { |n| n['name'] == node_name })
+        if (data = @nodes[node_name])
           { 'config' => data['config'] || {},
             # groups come from group_data
             'groups' => [] }
@@ -123,7 +126,7 @@ module Bolt
       end
 
       def local_node_names
-        @_node_names ||= Set.new(nodes.map { |n| n['name'] })
+        Set.new(@nodes.keys)
       end
       private :local_node_names
 
@@ -149,7 +152,7 @@ module Bolt
 
         if data
           data_merge(group_data, data)
-        elsif local_node_names.include?(node_name)
+        elsif @nodes.include?(node_name)
           group_data
         end
       end

data/lib/bolt/transport/orch.rb

@@ -11,15 +11,18 @@ module Bolt
       CONF_FILE = File.expand_path('~/.puppetlabs/client-tools/orchestrator.conf')
       BOLT_MOCK_TASK = Struct.new(:name, :executable).new('bolt', 'bolt/tasks/init').freeze
 
-      def initialize(config)
-        super
-
+      def create_client(opts)
         client_keys = %i[service-url token-file cacert]
-        @client_opts = config.select { |k, _v| client_keys.include?(k) }
-      end
+        client_opts = opts.reduce({}) do |acc, (k, v)|
+          if client_keys.include?(k)
+            acc.merge(k.to_s => v)
+          else
+            acc
+          end
+        end
+        @logger.debug("Creating orchestrator client for #{client_opts}")
 
-      def create_client
-        OrchestratorClient.new(@client_opts, true)
+        OrchestratorClient.new(client_opts, true)
       end
 
       def build_request(targets, task, arguments)
@@ -113,7 +116,11 @@ module Bolt
       end
 
       def batches(targets)
-        targets.group_by { |target| target.options[:orch_task_environment] }.values
+        targets.group_by do |target|
+          [target.options[:orch_task_environment],
+           target.options[:"service-url"],
+           target.options[:"token-file"]]
+        end.values
       end
 
       def run_task_job(targets, task, arguments)
@@ -124,9 +131,13 @@ module Bolt
         end
 
         begin
-          results = create_client.run_task(body)
+          results = create_client(targets.first.options).run_task(body)
 
           process_run_results(targets, results)
+        rescue OrchestratorClient::ApiError => e
+          targets.map do |target|
+            Bolt::Result.new(target, error: e.data)
+          end
         rescue StandardError => e
           targets.map do |target|
             Bolt::Result.from_exception(target, e)

data/lib/bolt/version.rb

@@ -1,3 +1,3 @@
 module Bolt
-  VERSION = '0.16.3'.freeze
+  VERSION = '0.16.4'.freeze
 end

data/lib/bolt_ext/puppetdb_inventory.rb

@@ -0,0 +1,243 @@
+#!/usr/bin/env ruby
+
+require 'json'
+require 'httpclient'
+require 'optparse'
+require 'yaml'
+
+module Bolt
+  class PuppetDBInventory
+    class Client
+      def self.from_config(config)
+        uri = URI.parse(config['server_urls'].first)
+        uri.port ||= 8081
+
+        cacert = File.expand_path(config['cacert'])
+        token = config.token
+
+        cert = config['cert']
+        key = config['key']
+
+        new(uri, cacert, token: token, cert: cert, key: key)
+      end
+
+      def initialize(uri, cacert, token: nil, cert: nil, key: nil)
+        @uri = uri
+        @cacert = cacert
+        @token = token
+        @cert = cert
+        @key = key
+      end
+
+      def query_certnames(query)
+        return [] unless query
+
+        body = JSON.generate(query: query)
+
+        response = http_client.post("#{@uri}/pdb/query/v4", body: body, header: headers)
+        if response.code != 200
+          raise "Failed to query PuppetDB: #{response.body}"
+        else
+          results = JSON.parse(response.body)
+          if results.first && !results.first.key?('certname')
+            raise "Query results did not contain a 'certname' field: got #{results.first.keys.join(', ')}"
+          end
+          results.map { |result| result['certname'] }.uniq
+        end
+      end
+
+      def http_client
+        return @http if @http
+        @http = HTTPClient.new
+        @http.ssl_config.set_client_cert_file(@cert, @key)
+        @http.ssl_config.add_trust_ca(@cacert)
+
+        @http
+      end
+
+      def headers
+        headers = { 'Content-Type' => 'application/json' }
+        headers['X-Authentication'] = @token if @token
+        headers
+      end
+    end
+
+    class Config
+      DEFAULT_TOKEN = File.expand_path('~/.puppetlabs/token')
+      DEFAULT_CONFIG = File.expand_path('~/.puppetlabs/client-tools/puppetdb.conf')
+
+      def initialize(config_file, options)
+        @settings = load_config(config_file)
+        @settings.merge!(options)
+
+        expand_paths
+        validate
+      end
+
+      def load_config(filename)
+        if filename
+          if File.exist?(filename)
+            config = JSON.parse(File.read(filename))
+          else
+            raise "config file #{filename} does not exist"
+          end
+        elsif File.exist?(DEFAULT_CONFIG)
+          config = JSON.parse(File.read(DEFAULT_CONFIG))
+        end
+        config.fetch('puppetdb', {})
+      end
+
+      def token
+        return @token if @token
+        if @settings['token']
+          File.read(@settings['token'])
+        elsif File.exist?(DEFAULT_TOKEN)
+          File.read(DEFAULT_TOKEN)
+        end
+      end
+
+      def [](key)
+        @settings[key]
+      end
+
+      def expand_paths
+        %w[cacert cert key token].each do |file|
+          @settings[file] = File.expand_path(@settings[file]) if @settings[file]
+        end
+      end
+
+      def validate_file_exists(file)
+        if @settings[file] && !File.exist?(@settings[file])
+          raise "#{file} file #{@settings[file]} does not exist"
+        end
+      end
+
+      def validate
+        unless @settings['server_urls']
+          raise "server_urls must be specified in the config file or with --url"
+        end
+        unless @settings['cacert']
+          raise "cacert must be specified in the config file or with --cacert"
+        end
+
+        if (@settings['cert'] && !@settings['key']) ||
+           (!@settings['cert'] && @settings['key'])
+          raise "cert and key must be specified together"
+        end
+
+        validate_file_exists('cacert')
+        validate_file_exists('cert')
+        validate_file_exists('key')
+      end
+    end
+
+    class CLI
+      def initialize(args)
+        @args = args
+        @cli_opts = {}
+        @parser = build_parser
+      end
+
+      def build_parser
+        parser = OptionParser.new('') do |opts|
+          opts.on('--cacert CACERT', "Path to the CA certificate") do |cacert|
+            @cli_opts['cacert'] = cacert
+          end
+          opts.on('--cert CERT', "Path to the certificate") do |cert|
+            @cli_opts['cert'] = cert
+          end
+          opts.on('--key KEY', "Path to the private key") do |key|
+            @cli_opts['key'] = key
+          end
+          opts.on('--token-file TOKEN',
+                  "Path to the token file",
+                  "Default: #{Config::DEFAULT_TOKEN} if present") do |token|
+            @cli_opts['token'] = token
+          end
+          opts.on('--url URL', "The URL of the PuppetDB server to connect to") do |url|
+            @cli_opts['server_urls'] = [url]
+          end
+          opts.on('--config CONFIG',
+                  "The puppetdb.conf file to read configuration from",
+                  "Default: #{Config::DEFAULT_CONFIG} if present") do |file|
+            @config_file = File.expand_path(file)
+          end
+          opts.on('--output FILE', '-o FILE',
+                  "Where to write the generated inventory file, defaults to stdout") do |file|
+            @output_file = file
+          end
+          opts.on('--trace', "Show stacktraces for exceptions") do |trace|
+            @trace = trace
+          end
+          opts.on('-h', '--help', "Display help") do |_|
+            @show_help = true
+          end
+        end
+        parser.banner = <<-BANNER
+Usage: bolt-inventory-pdb <input-file> [--output <output-file>] [--url <url>] [auth-options]
+
+Populate the nodes in an inventory file based on PuppetDB queries.
+
+The input file should be a Bolt inventory file, where each 'nodes' entry is
+replaced with a 'query' entry to be executed against PuppetDB. The output will
+be the input file, with the 'nodes' entry for each group populated with the
+query results.
+
+        BANNER
+        parser
+      end
+
+      def run
+        positional_args = @parser.permute(@args)
+
+        if @show_help
+          puts @parser.help
+          return 0
+        end
+
+        inventory_file = positional_args.shift
+        unless inventory_file
+          raise "--inventory is a required option"
+        end
+
+        if positional_args.any?
+          raise "Unknown argument(s) #{positional_args.join(', ')}"
+        end
+
+        config = Config.new(@config_file, @cli_opts)
+        @puppetdb_client = Client.from_config(config)
+
+        unless File.readable?(inventory_file)
+          raise "Can't read the inventory file #{inventory_file}"
+        end
+
+        inventory = YAML.load_file(inventory_file)
+        resolve_group(inventory)
+
+        result = inventory.to_yaml
+
+        if @output_file
+          File.write(@output_file, result)
+        else
+          puts result
+        end
+
+        return 0
+      rescue StandardError => e
+        puts "Error: #{e}"
+        puts e.backtrace if @trace
+        return 1
+      end
+
+      def resolve_group(group)
+        group['nodes'] = @puppetdb_client.query_certnames(group['query'])
+
+        group.fetch('groups', []).each do |child|
+          resolve_group(child)
+        end
+
+        group
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 0.16.3
+  version: 0.16.4
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-02-21 00:00:00.000000000 Z
+date: 2018-02-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -72,14 +72,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.2.1
+        version: 0.2.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.2.1
+        version: 0.2.3
 - !ruby/object:Gem::Dependency
   name: terminal-table
   requirement: !ruby/object:Gem::Requirement
@@ -329,6 +329,7 @@ email:
 - puppet@puppet.com
 executables:
 - bolt
+- bolt-inventory-pdb
 extensions: []
 extra_rdoc_files: []
 files:
@@ -344,6 +345,7 @@ files:
 - bolt-modules/boltlib/lib/puppet/functions/run_task.rb
 - bolt-modules/boltlib/types/targetspec.pp
 - exe/bolt
+- exe/bolt-inventory-pdb
 - lib/bolt.rb
 - lib/bolt/cli.rb
 - lib/bolt/config.rb
@@ -370,6 +372,7 @@ files:
 - lib/bolt/transport/winrm/connection.rb
 - lib/bolt/util.rb
 - lib/bolt/version.rb
+- lib/bolt_ext/puppetdb_inventory.rb
 - vendored/facter/lib/facter.rb
 - vendored/facter/lib/facter/Cfkey.rb
 - vendored/facter/lib/facter/application.rb