RubyGems - bolt - Versions diffs - 0.23.0 → 0.24.0 - Mend

bolt 0.23.0 → 0.24.0

Potentially problematic release.

This version of bolt might be problematic. Click here for more details.

Files changed (192) hide show

@@ -61,12 +61,6 @@ module Bolt
     end
     private :parse
-    def select_impl(task, additional_features = [])
-      available_features = features + additional_features
-      suitable_impl = task.implementations.find { |impl| Set.new(impl['requirements']).subset?(available_features) }
-      return suitable_impl['path'] if suitable_impl
-    end
     def features
       if @inventory
         @inventory.features(self)

data/lib/bolt/task.rb CHANGED

@@ -1,23 +1,66 @@
 # frozen_string_literal: true
 module Bolt
+  # Represents a Task.
+  # @file and @files are mutually exclusive.
+  # @name [String] name of the task
+  # @file [Hash, nil] containing `filename` and `file_content`
+  # @files [Array<Hash>] where each entry includes `name` and `path`
+  # @metadata [Hash] task metadata
   Task = Struct.new(
     :name,
-    :implementations,
-    :input_method,
     :file,
+    :files,
     :metadata
   ) do
-    TASK_DEFAULTS = {
-      implementations: {},
-      input_method: 'both',
-      metadata: {}
-    }.freeze
     def initialize(task)
-      super()
-      TASK_DEFAULTS.merge(task).each { |k, v| self[k] = v }
+      super(nil, nil, [], {})
+      task.reject { |k, _| k == 'parameters' }.each { |k, v| self[k] = v }
+    end
+    def description
+      metadata['description']
+    end
+    def parameters
+      metadata['parameters']
+    end
+    def supports_noop
+      metadata['supports_noop']
+    end
+    def file_map
+      @file_map ||= files.each_with_object({}) { |file, hsh| hsh[file['name']] = file['path'] }
+    end
+    private :file_map
+    # Returns a hash of implementation name, path to executable, input method (if defined),
+    # and any additional files (name and path)
+    def select_implementation(target, additional_features = [])
+      raise 'select_implementation only supported with multiple files' if files.nil? || files.empty?
+      impl = if (impls = metadata['implementations'])
+               available_features = target.features + additional_features
+               impl = impls.find { |imp| Set.new(imp['requirements']).subset?(available_features) }
+               raise "No suitable implementation of #{name} for #{target.name}" unless impl
+               impl = impl.dup
+               impl['path'] = file_map[impl['name']]
+               impl.delete('requirements')
+               impl
+             else
+               files.first.dup
+             end
+      inmethod = impl['input_method'] || metadata['input_method']
+      impl['input_method'] = inmethod unless inmethod.nil?
+      mfiles = impl.fetch('files', []) + metadata.fetch('files', [])
+      impl['files'] = mfiles.map { |file| { 'name' => file, 'path' => file_map[file] } } unless mfiles.empty?
+      impl
     end
   end
 end

data/lib/bolt/transport/base.rb CHANGED

@@ -162,12 +162,7 @@ module Bolt
       end
       def from_api?(task)
-        if task.respond_to? :file
-          unless task.file.nil?
-            return true
-          end
-        end
-        false
+        !task.file.nil?
       end
       # Transports should override this method with their own implementation of running a command.

data/lib/bolt/transport/local.rb CHANGED

@@ -31,9 +31,7 @@ module Bolt
       def in_tmpdir(base)
         args = base ? [nil, base] : []
         Dir.mktmpdir(*args) do |dir|
-          Dir.chdir(dir) do
-            yield dir
-          end
+          yield dir
         end
       end
       private :in_tmpdir
@@ -49,7 +47,7 @@ module Bolt
           dest = File.join(dir, File.basename(script))
           copy_file(script, dest)
           File.chmod(0o750, dest)
-          yield dest
+          yield dest, dir
         end
       end
       private :with_tmpscript
@@ -60,14 +58,14 @@ module Bolt
       end
       def run_command(target, command, _options = {})
-        in_tmpdir(target.options['tmpdir']) do |_|
-          output = @conn.execute(command, {})
+        in_tmpdir(target.options['tmpdir']) do |dir|
+          output = @conn.execute(command, dir: dir)
           Bolt::Result.for_command(target, output.stdout.string, output.stderr.string, output.exit_code)
         end
       end
       def run_script(target, script, arguments, _options = {})
-        with_tmpscript(File.absolute_path(script), target.options['tmpdir']) do |file|
+        with_tmpscript(File.absolute_path(script), target.options['tmpdir']) do |file, dir|
           logger.debug "Running '#{file}' with #{arguments}"
           # unpack any Sensitive data AFTER we log
@@ -77,27 +75,27 @@ module Bolt
             # argument as the entire command string for script paths containing spaces.
             arguments = ['']
           end
-          output = @conn.execute(file, *arguments, {})
+          output = @conn.execute(file, *arguments, dir: dir)
           Bolt::Result.for_command(target, output.stdout.string, output.stderr.string, output.exit_code)
         end
       end
       def run_task(target, task, arguments, _options = {})
-        executable = target.select_impl(task, PROVIDED_FEATURES)
-        raise "No suitable implementation of #{task.name} for #{target.name}" unless executable
+        implementation = task.select_implementation(target, PROVIDED_FEATURES)
+        executable = implementation['path']
+        input_method = implementation['input_method'] || 'both'
         # unpack any Sensitive data, write it to a separate variable because
         # we log 'arguments' below
         unwrapped_arguments = unwrap_sensitive_args(arguments)
-        input_method = task.input_method || "both"
         stdin = STDIN_METHODS.include?(input_method) ? JSON.dump(unwrapped_arguments) : nil
         env = ENVIRONMENT_METHODS.include?(input_method) ? envify_params(unwrapped_arguments) : nil
-        with_tmpscript(executable, target.options['tmpdir']) do |script|
+        with_tmpscript(executable, target.options['tmpdir']) do |script, dir|
           # log the arguments with sensitive data redacted, do NOT log unwrapped_arguments
           logger.debug("Running '#{script}' with #{arguments}")
-          output = @conn.execute(script, stdin: stdin, env: env)
+          output = @conn.execute(script, stdin: stdin, env: env, dir: dir)
           Bolt::Result.for_task(target, output.stdout.string, output.stderr.string, output.exit_code)
         end
       end

data/lib/bolt/transport/local/shell.rb CHANGED

@@ -11,9 +11,9 @@ module Bolt
           command = [options[:env]] + command if options[:env]
           if options[:stdin]
-            stdout, stderr, rc = Open3.capture3(*command, stdin_data: options[:stdin])
+            stdout, stderr, rc = Open3.capture3(*command, stdin_data: options[:stdin], chdir: options[:dir])
           else
-            stdout, stderr, rc = Open3.capture3(*command)
+            stdout, stderr, rc = Open3.capture3(*command, chdir: options[:dir])
           end
           result_output = Bolt::Node::Output.new

data/lib/bolt/transport/ssh.rb CHANGED

@@ -121,9 +121,19 @@ module Bolt
       end
       def run_task(target, task, arguments, options = {})
+        if from_api?(task)
+          executable = task.file['filename']
+          file_content = Base64.decode64(task.file['file_content'])
+          input_method = task.metadata['input_method']
+        else
+          implementation = task.select_implementation(target, PROVIDED_FEATURES)
+          executable = implementation['path']
+          input_method = implementation['input_method']
+        end
+        input_method ||= 'both'
         # unpack any Sensitive data
         arguments = unwrap_sensitive_args(arguments)
-        input_method = task.input_method || "both"
         with_connection(target, options.fetch('_load_config', true)) do |conn|
           conn.running_as(options['_run_as']) do
             stdin, output = nil
@@ -140,17 +150,12 @@ module Bolt
             end
             conn.with_remote_tempdir do |dir|
-              if from_api?(task)
-                filename = task.file['filename']
-                remote_task_path = conn.write_executable_from_content(dir,
-                                                                      Base64.decode64(task.file['file_content']),
-                                                                      filename)
-              else
-                executable = target.select_impl(task, PROVIDED_FEATURES)
-                raise "No suitable implementation of #{task.name} for #{target.name}" unless executable
+              remote_task_path = if from_api?(task)
+                                   conn.write_executable_from_content(dir, file_content, executable)
+                                 else
+                                   conn.write_remote_executable(dir, executable)
+                                 end
-                remote_task_path = conn.write_remote_executable(dir, executable)
-              end
               if conn.run_as && stdin
                 wrapper = make_wrapper_stringio(remote_task_path, stdin)
                 remote_wrapper_path = conn.write_remote_executable(dir, wrapper, 'wrapper.sh')

data/lib/bolt/transport/winrm.rb CHANGED

@@ -108,19 +108,18 @@ catch
       def run_task(target, task, arguments, _options = {})
         if from_api?(task)
-          task.input_method = powershell_file?(task["file"]["filename"]) ? 'powershell' : 'both'
-          executable = { filename: task["file"]["filename"],
-                         file_content: StringIO.new(Base64.decode64(task.file['file_content'])) }
+          executable = task.file['filename']
+          file_content = StringIO.new(Base64.decode64(task.file['file_content']))
+          input_method = task.metadata['input_method']
         else
-          executable = target.select_impl(task, PROVIDED_FEATURES)
-          raise "No suitable implementation of #{task.name} for #{target.name}" unless executable
+          implementation = task.select_implementation(target, PROVIDED_FEATURES)
+          executable = implementation['path']
+          input_method = implementation['input_method']
         end
+        input_method ||= powershell_file?(executable) ? 'powershell' : 'both'
         # unpack any Sensitive data
         arguments = unwrap_sensitive_args(arguments)
-        input_method = task.input_method
-        input_method ||= powershell_file?(executable) ? 'powershell' : 'both'
         with_connection(target) do |conn|
           if STDIN_METHODS.include?(input_method)
             stdin = JSON.dump(arguments)
@@ -138,9 +137,7 @@ catch
           conn.with_remote_tempdir do |dir|
             remote_task_path = if from_api?(task)
-                                 conn.write_executable_from_content(dir,
-                                                                    executable[:file_content],
-                                                                    executable[:filename])
+                                 conn.write_executable_from_content(dir, file_content, executable)
                                else
                                  conn.write_remote_executable(dir, executable)
                                end

data/lib/bolt/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Bolt
-  VERSION = '0.23.0'
+  VERSION = '0.24.0'
 end

data/lib/bolt_ext/schemas/task.json CHANGED

@@ -4,11 +4,10 @@
   "title": "Task",
   "description": "Task schema for bolt-server",
   "type": "object",
-  "description": "The task is a JSON object which includes the following keys",
   "properties": {
     "name": {
       "type": "string",
-       "description": "Task name"
+      "description": "Task name"
     },
     "metadata": {
       "type": "object",
@@ -29,11 +28,19 @@
             "type": {
               "type": "string",
               "description": "The type the parameter should accept"
+            },
+            "sensitive": {
+              "description": "Whether the task runner should treat the parameter value as sensitive",
+              "type": "boolean"
             }
           }
+        },
+        "input_method": {
+          "type": "string",
+          "enum": ["stdin", "environment", "powershell"],
+          "description": "What input method should be used to pass params to the task"
         }
-      },
-      "additionalProperties": false
+      }
     },
     "file": {
       "type": "object",
@@ -54,4 +61,4 @@
   },
   "required": ["name", "file"],
   "additionalProperties": false
-}
+}

data/libexec/apply_catalog.rb CHANGED

@@ -66,7 +66,9 @@ begin
              Puppet::Transaction::Report.new('apply')
            end
-  Puppet.override(current_environment: env, loaders: Puppet::Pops::Loaders.new(env)) do
+  Puppet.override(current_environment: env,
+                  environments: Puppet::Environments::Static.new(env),
+                  loaders: Puppet::Pops::Loaders.new(env)) do
     catalog = Puppet::Resource::Catalog.from_data_hash(args['catalog']).to_ral
     catalog.environment = env.name.to_s
     catalog.environment_instance = env

data/libexec/bolt_catalog CHANGED

@@ -42,6 +42,10 @@ elsif command == "compile"
               JSON.parse(STDIN.read)
             end
   catalog = Bolt::Catalog.new.compile_catalog(request)
+  # This seems to be a string in ruby 2.3
+  if catalog.is_a?(String)
+    catalog = JSON.parse(catalog)
+  end
   puts JSON.pretty_generate(catalog)
 else
   puts "USAGE: run 'bolt_catalog compile' with a request on STDIN " \

data/vendored/puppet/lib/puppet.rb CHANGED

@@ -208,7 +208,8 @@ module Puppet
         Puppet::Network::HTTP::NoCachePool.new
       },
       :ssl_host => proc { Puppet::SSL::Host.localhost },
-      :plugins => proc { Puppet::Plugins::Configuration.load_plugins }
+      :plugins => proc { Puppet::Plugins::Configuration.load_plugins },
+      :rich_data => false
     }
   end

data/vendored/puppet/lib/puppet/application/agent.rb CHANGED

@@ -426,12 +426,8 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
       Puppet::Resource::Catalog.indirection.cache_class = Puppet[:catalog_cache_terminus]
     end
-    if options[:fingerprint]
-      # in fingerprint mode we just need
-      # access to the local files and we don't need a ca
-      Puppet::SSL::Host.ca_location = :none
-    else
-      Puppet::SSL::Host.ca_location = :remote
+    # In fingerprint mode we don't need to set up the whole agent
+    unless options[:fingerprint]
       setup_agent
     end
   end

data/vendored/puppet/lib/puppet/application/apply.rb CHANGED

@@ -173,6 +173,11 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
     else
       main
     end
+  ensure
+    if @profiler
+      Puppet::Util::Profiler.remove_profiler(@profiler)
+      @profiler.shutdown
+    end
   end
   def apply
@@ -189,53 +194,15 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
   end
   def main
-    # Set our code or file to use.
-    if options[:code] or command_line.args.length == 0
-      Puppet[:code] = options[:code] || STDIN.read
-    else
-      manifest = command_line.args.shift
-      raise _("Could not find file %{manifest}") % { manifest: manifest } unless Puppet::FileSystem.exist?(manifest)
-      Puppet.warning(_("Only one file can be applied per run.  Skipping %{files}") % { files: command_line.args.join(', ') }) if command_line.args.size > 0
-    end
-    # splay if needed
-    splay
+    manifest          = get_manifest() # Get either a manifest or nil if apply should use content of Puppet[:code]
+    splay                              # splay if needed
+    facts             = get_facts()    # facts or nil
+    node              = get_node()     # node or error
+    apply_environment = get_configured_environment(node, manifest)
-    unless Puppet[:node_name_fact].empty?
-      # Collect our facts.
-      unless facts = Puppet::Node::Facts.indirection.find(Puppet[:node_name_value])
-        raise _("Could not find facts for %{node}") % { node: Puppet[:node_name_value] }
-      end
-      Puppet[:node_name_value] = facts.values[Puppet[:node_name_fact]]
-      facts.name = Puppet[:node_name_value]
-    end
-    # Find our Node
-    unless node = Puppet::Node.indirection.find(Puppet[:node_name_value])
-      raise _("Could not find node %{node}") % { node: Puppet[:node_name_value] }
-    end
-    configured_environment = node.environment || Puppet.lookup(:current_environment)
-    apply_environment = manifest ?
-      configured_environment.override_with(:manifest => manifest) :
-      configured_environment
-    # Modify the node descriptor to use the special apply_environment.
-    # It is based on the actual environment from the node, or the locally
-    # configured environment if the node does not specify one.
-    # If a manifest file is passed on the command line, it overrides
-    # the :manifest setting of the apply_environment.
-    node.environment = apply_environment
-    #TRANSLATORS "puppet apply" is a program command and should not be translated
+    # TRANSLATORS "puppet apply" is a program command and should not be translated
     Puppet.override({:current_environment => apply_environment}, _("For puppet apply")) do
-      # Merge in the facts.
-      node.merge(facts.values) if facts
-      # Add server facts so $server_facts[environment] exists when doing a puppet apply
-      node.add_server_facts({})
+      configure_node_facts(node, facts)
       # Allow users to load the classes that puppet agent creates.
       if options[:loadclasses]
@@ -273,7 +240,7 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
         exit_status = Puppet.override(:loaders => Puppet::Pops::Loaders.new(apply_environment)) do
           # Resolve all deferred values and replace them / mutate the catalog
-          Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node, node.facts, catalog)
+          Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog)
           # Translate it to a RAL catalog
           catalog = catalog.to_ral
@@ -287,7 +254,6 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
             catalog.write_resource_file
           end
-          #exit_status = Puppet.override(:loaders => Puppet::Pops::Loaders.new(apply_environment)) { apply_catalog(catalog) }
           apply_catalog(catalog)
         end
         if not exit_status
@@ -302,12 +268,6 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
         exit(1)
       end
     end
-  ensure
-    if @profiler
-      Puppet::Util::Profiler.remove_profiler(@profiler)
-      @profiler.shutdown
-    end
   end
   # Enable all of the most common test options.
@@ -350,18 +310,98 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
   private
   def read_catalog(text)
-    format = Puppet::Resource::Catalog.default_format
-    begin
-      catalog = Puppet::Resource::Catalog.convert_from(format, text)
-    rescue => detail
-      raise Puppet::Error, _("Could not deserialize catalog from %{format}: %{detail}") % { format: format, detail: detail }, detail.backtrace
-    end
+    facts = get_facts()
+    node = get_node()
+    configured_environment = get_configured_environment(node)
+    # TRANSLATORS "puppet apply" is a program command and should not be translated
+    Puppet.override({:current_environment => configured_environment}, _("For puppet apply")) do
+      configure_node_facts(node, facts)
+      # NOTE: Does not set rich_data = true automatically (which would ensure always reading catalog with rich data
+      # on (seemingly the right thing to do)), but that would remove the ability to test what happens when a
+      # rich catalog is processed without rich_data being turned on.
+      format = Puppet::Resource::Catalog.default_format
+      begin
+        catalog = Puppet::Resource::Catalog.convert_from(format, text)
+      rescue => detail
+        raise Puppet::Error, _("Could not deserialize catalog from %{format}: %{detail}") % { format: format, detail: detail }, detail.backtrace
+      end
+      # Resolve all deferred values and replace them / mutate the catalog
+      Puppet::Pops::Evaluator::DeferredResolver.resolve_and_replace(node.facts, catalog)
-    catalog.to_ral
+      catalog.to_ral
+    end
   end
   def apply_catalog(catalog)
     configurer = Puppet::Configurer.new
     configurer.run(:catalog => catalog, :pluginsync => false)
   end
+  # Returns facts or nil
+  #
+  def get_facts()
+    facts = nil
+    unless Puppet[:node_name_fact].empty?
+      # Collect our facts.
+      unless facts = Puppet::Node::Facts.indirection.find(Puppet[:node_name_value])
+        raise _("Could not find facts for %{node}") % { node: Puppet[:node_name_value] }
+      end
+      Puppet[:node_name_value] = facts.values[Puppet[:node_name_fact]]
+      facts.name = Puppet[:node_name_value]
+    end
+    facts
+  end
+  # Returns the node or raises and error if node not found.
+  #
+  def get_node()
+    node = Puppet::Node.indirection.find(Puppet[:node_name_value])
+    raise _("Could not find node %{node}") % { node: Puppet[:node_name_value] } unless node
+    node
+  end
+  # Returns either a manifest (filename) or nil if apply should use content of Puppet[:code]
+  #
+  def get_manifest()
+    manifest = nil
+    # Set our code or file to use.
+    if options[:code] or command_line.args.length == 0
+      Puppet[:code] = options[:code] || STDIN.read
+    else
+      manifest = command_line.args.shift
+      raise _("Could not find file %{manifest}") % { manifest: manifest } unless Puppet::FileSystem.exist?(manifest)
+      Puppet.warning(_("Only one file can be applied per run.  Skipping %{files}") % { files: command_line.args.join(', ') }) if command_line.args.size > 0
+    end
+    manifest
+  end
+  # Returns a configured environment, if a manifest is given it overrides what is configured for the environment
+  # specified by the node (or the current_environment found in the Puppet context).
+  # The node's resolved environment is modified  if needed.
+  #
+  def get_configured_environment(node, manifest = nil)
+    configured_environment = node.environment || Puppet.lookup(:current_environment)
+    apply_environment = manifest ?
+      configured_environment.override_with(:manifest => manifest) :
+      configured_environment
+    # Modify the node descriptor to use the special apply_environment.
+    # It is based on the actual environment from the node, or the locally
+    # configured environment if the node does not specify one.
+    # If a manifest file is passed on the command line, it overrides
+    # the :manifest setting of the apply_environment.
+    node.environment = apply_environment
+    apply_environment
+  end
+  # Mixes the facts into the node, and mixes in server facts
+  def configure_node_facts(node, facts)
+    node.merge(facts.values) if facts
+    # Add server facts so $server_facts[environment] exists when doing a puppet apply
+    node.add_server_facts({})
+  end
 end