bolt 0.23.0 → 0.24.0

data/vendored/puppet/lib/puppet/indirector/node/exec.rb

@@ -38,11 +38,9 @@ class Puppet::Node::Exec < Puppet::Indirector::Exec
   # Turn our outputted objects into a Puppet::Node instance.
   def create_node(name, result, facts = nil)
     node = Puppet::Node.new(name)
-    set = false
     [:parameters, :classes, :environment].each do |param|
       if value = result[param]
         node.send(param.to_s + "=", value)
-        set = true
       end
     end
 
@@ -52,7 +50,7 @@ class Puppet::Node::Exec < Puppet::Indirector::Exec
 
   # Translate the yaml string into Ruby objects.
   def translate(name, output)
-    YAML.load(output).inject({}) do |hash, data|
+    Puppet::Util::Yaml.safe_load(output, [Symbol]).inject({}) do |hash, data|
       case data[0]
       when String
         hash[data[0].intern] = data[1]

data/vendored/puppet/lib/puppet/indirector/node/yaml.rb

@@ -4,10 +4,4 @@ require 'puppet/indirector/yaml'
 class Puppet::Node::Yaml < Puppet::Indirector::Yaml
   desc "Store node information as flat files, serialized using YAML,
     or deserialize stored YAML nodes."
-
-  protected
-
-  def fix(object)
-    object
-  end
 end

data/vendored/puppet/lib/puppet/indirector/request.rb

@@ -201,7 +201,7 @@ class Puppet::Indirector::Request
     end
 
     # ... Fall back onto the default server.
-     bound_server = Puppet.lookup(:server) do
+    bound_server = Puppet.lookup(:server) do
       if primary_server = Puppet.settings[:server_list][0]
         primary_server[0]
       else

data/vendored/puppet/lib/puppet/indirector/ssl_file.rb

@@ -12,13 +12,8 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
     @file_setting = setting
   end
 
-  # Specify where a specific ca file should be stored.
-  def self.store_ca_at(setting)
-    @ca_setting = setting
-  end
-
   class << self
-    attr_reader :directory_setting, :file_setting, :ca_setting
+    attr_reader :directory_setting, :file_setting
   end
 
   # The full path to where we should store our files.
@@ -33,19 +28,6 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
     Puppet.settings[file_setting]
   end
 
-  # The full path to a ca file we would be managing.
-  def self.ca_location
-    return nil unless ca_setting
-    Puppet.settings[ca_setting]
-  end
-
-  # We assume that all files named 'ca' are pointing to individual ca files,
-  # rather than normal host files.  It's a bit hackish, but all the other
-  # solutions seemed even more hackish.
-  def ca?(name)
-    name == Puppet::SSL::Host.ca_name
-  end
-
   def initialize
     Puppet.settings.use(:main, :ssl)
 
@@ -58,9 +40,7 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
       raise ArgumentError, _("invalid key")
     end
 
-    if ca?(name) and ca_location
-      ca_location
-    elsif collection_directory
+    if collection_directory
       File.join(collection_directory, name.to_s + ".pem")
     else
       file_location
@@ -127,10 +107,6 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
     self.class.file_location
   end
 
-  def ca_location
-    self.class.ca_location
-  end
-
   # A hack method to deal with files that exist with a different case.
   # Just renames it; doesn't read it in or anything.
   # LAK:NOTE This is a copy of the method in sslcertificates/support.rb,
@@ -164,25 +140,8 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
     # * SSL::Key may be a .export(OpenSSL::Cipher::DES.new(:EDE3, :CBC), pass) or .to_pem
     # * All other classes are translated to strings by calling .to_pem
 
-    # Serialization of:
-    # Puppet::SSL::Certificate by Puppet::SSL::Certificate::Ca, Puppet::SSL::Certificate::File
-    # -----BEGIN CERTIFICATE-----
-    # Puppet::SSL::Key by Puppet::SSL::Key::Ca, Puppet::SSL::Key::File
-    # -----BEGIN RSA PRIVATE KEY-----
-    if ca?(name) and ca_location
-      Puppet.settings.setting(self.class.ca_setting).open('w:ASCII') { |f| yield f }
-    # Serialization of:
-    # Puppet::SSL::CertificateRevocationList by Puppet::SSL::CertificateRevocationList::Ca, Puppet::SSL::CertificateRevocationList::File
-    # -----BEGIN X509 CRL-----
-    elsif file_location
+    if file_location
       Puppet.settings.setting(self.class.file_setting).open('w:ASCII') { |f| yield f }
-    # Serialization of:
-    # Puppet::SSL::Certificate by Puppet::SSL::Certificate::Ca, Puppet::SSL::Certificate::File
-    # -----BEGIN CERTIFICATE-----
-    # Puppet::SSL::CertificateRequest by Puppet::SSL::CertificateRequest::Ca, Puppet::SSL::CertificateRequest::File
-    # -----BEGIN CERTIFICATE REQUEST-----
-    # Puppet::SSL::Key by Puppet::SSL::Key::Ca, Puppet::SSL::Key::File
-    # -----BEGIN RSA PRIVATE KEY-----
     elsif setting = self.class.directory_setting
       begin
         Puppet.settings.setting(setting).open_file(path, 'w:ASCII') { |f| yield f }

data/vendored/puppet/lib/puppet/indirector/yaml.rb

@@ -9,7 +9,7 @@ class Puppet::Indirector::Yaml < Puppet::Indirector::Terminus
     return nil unless Puppet::FileSystem.exist?(file)
 
     begin
-      return fix(Puppet::Util::Yaml.load_file(file))
+      return load_file(file)
     rescue Puppet::Util::Yaml::YamlLoadError => detail
       raise Puppet::Error, _("Could not parse YAML data for %{indirection} %{request}: %{detail}") % { indirection: indirection.name, request: request.key, detail: detail }, detail.backtrace
     end
@@ -51,13 +51,13 @@ class Puppet::Indirector::Yaml < Puppet::Indirector::Terminus
 
   def search(request)
     Dir.glob(path(request.key,'')).collect do |file|
-      fix(Puppet::Util::Yaml.load_file(file))
+      load_file(file)
     end
   end
 
   protected
 
-  def fix(object)
-    object
+  def load_file(file)
+    Puppet::Util::Yaml.safe_load_file(file, [model, Symbol])
   end
 end

data/vendored/puppet/lib/puppet/info_service/task_information_service.rb

@@ -23,10 +23,14 @@ class Puppet::InfoService::TaskInformationService
 
     task = pup_module.tasks.find { |t| t.name == task_name }
     if task.nil?
-      raise Puppet::Module::Task::TaskNotFound, _("Task %{task_name} not found in module %{module_name}.") %
-                                                 {task_name: task_name, module_name: module_name}
+      raise Puppet::Module::Task::TaskNotFound.new(task_name, module_name)
     end
 
-    {:metadata_file => task.metadata_file, :files => task.files}
+    begin
+      task.validate
+      {:metadata => task.metadata, :files => task.files}
+    rescue Puppet::Module::Task::Error => err
+      { :metadata => nil, :files => [], :error => err.to_h }
+    end
   end
 end

data/vendored/puppet/lib/puppet/loaders.rb

@@ -13,6 +13,7 @@ module Puppet
       require 'puppet/pops/loader/static_loader'
       require 'puppet/pops/loader/runtime3_type_loader'
       require 'puppet/pops/loader/ruby_function_instantiator'
+      require 'puppet/pops/loader/ruby_legacy_function_instantiator'
       require 'puppet/pops/loader/ruby_data_type_instantiator'
       require 'puppet/pops/loader/puppet_function_instantiator'
       require 'puppet/pops/loader/type_definition_instantiator'

data/vendored/puppet/lib/puppet/module/task.rb

@@ -2,12 +2,50 @@ require 'puppet/util/logging'
 
 class Puppet::Module
   class Task
-    class Error < Puppet::Error; end
-    class InvalidName < Error; end
-    class InvalidFile < Error; end
-    class TaskNotFound < Error; end
+    class Error < Puppet::Error
+      attr_accessor :kind, :details
+      def initialize(message, kind, details = nil)
+        super(message)
+        @details = details || {}
+        @kind = kind
+      end
+
+      def to_h
+        {
+          msg: message,
+          kind: kind,
+          details: details
+        }
+      end
+    end
+
+    class InvalidName < Error
+      def initialize(name)
+        msg = _("Task names must start with a lowercase letter and be composed of only lowercase letters, numbers, and underscores")
+        super(msg, 'puppet.tasks/invalid-name')
+      end
+    end
+
+    class InvalidFile < Error
+      def initialize(msg)
+        super(msg, 'puppet.tasks/invalid-file')
+      end
+    end
+
+    class InvalidTask < Error
+    end
+    class InvalidMetadata < Error
+    end
+    class TaskNotFound < Error
+      def initialize(task_name, module_name)
+        msg = _("Task %{task_name} not found in module %{module_name}.") %
+          {task_name: task_name, module_name: module_name}
+        super(msg, 'puppet.tasks/task-not-found', { 'name' => task_name })
+      end
+    end
 
     FORBIDDEN_EXTENSIONS = %w{.conf .md}
+    MOUNTS = %w[lib files tasks]
 
     def self.is_task_name?(name)
       return true if name =~ /^[a-z][a-z0-9_]*$/
@@ -24,6 +62,118 @@ class Puppet::Module
       return true
     end
 
+    def self.get_file_details(path, mod)
+      # This gets the path from the starting point onward
+      # For files this should be the file subpath from the metadata
+      # For directories it should be the directory subpath plus whatever we globbed
+      # Partition matches on the first instance it finds of the parameter
+      name = "#{mod.name}#{path.partition(mod.path).last}"
+
+      { "name" => name, "path" =>  path }
+    end
+    private_class_method :get_file_details
+
+    # Find task's required lib files and retrieve paths for both 'files' and 'implementation:files' metadata keys
+    def self.find_extra_files(metadata, envname = nil)
+      return [] if metadata.nil?
+
+      files = metadata.fetch('files', []) +
+        metadata.fetch('implementations', []).flat_map { |impl| impl.fetch('files', []) }
+
+      files.uniq.flat_map do |file|
+        module_name, mount, endpath = file.split("/", 3)
+        # If there's a mount directory with no trailing slash this will be nil
+        # We want it to be empty to construct a path
+        endpath ||= ''
+
+        pup_module = Puppet::Module.find(module_name, envname)
+        if pup_module.nil?
+          msg = _("Could not find module %{module_name} containing task file %{filename}" %
+                  {module_name: module_name, filename: endpath})
+          raise InvalidMetadata.new(msg, 'puppet.tasks/invalid-metadata')
+        end
+
+        unless MOUNTS.include? mount
+          msg = _("Files must be saved in module directories that Puppet makes available via mount points: %{mounts}" %
+                  {mounts: MOUNTS.join(', ')})
+          raise InvalidMetadata.new(msg, 'puppet.tasks/invalid-metadata')
+        end
+
+        path = File.join(pup_module.path, mount, endpath)
+        unless File.absolute_path(path) == File.path(path).chomp('/')
+          msg = _("File pathnames cannot include relative paths")
+          raise InvalidMetadata.new(msg, 'puppet.tasks/invalid-metadata')
+        end
+
+        unless File.exist?(path)
+          msg = _("Could not find %{path} on disk" % { path: path })
+          raise InvalidFile.new(msg)
+        end
+
+        last_char = file[-1] == '/'
+        if File.directory?(path)
+          unless last_char
+            msg = _("Directories specified in task metadata must include a trailing slash: %{dir}" % { dir: file } )
+            raise InvalidMetadata.new(msg, 'puppet.tasks/invalid-metadata')
+          end
+          dir_files = Dir.glob("#{path}**/*").select { |f| File.file?(f) }
+          dir_files.map { |f| get_file_details(f, pup_module) }
+        else
+          if last_char
+            msg = _("Files specified in task metadata cannot include a trailing slash: %{file}" % { file: file } )
+            raise InvalidMetadata.new(msg, 'puppet.task/invalid-metadata')
+          end
+          get_file_details(path, pup_module)
+        end
+      end
+    end
+    private_class_method :find_extra_files
+
+    # Executables list should contain the full path of all possible implementation files
+    def self.find_implementations(name, directory, metadata, executables)
+      basename = name.split('::')[1] || 'init'
+      # If 'implementations' is defined, it needs to mention at least one
+      # implementation, and everything it mentions must exist.
+      metadata ||= {}
+      if metadata.key?('implementations')
+        unless metadata['implementations'].is_a?(Array)
+          msg = _("Task metadata for task %{name} does not specify implementations as an array" % { name: name })
+          raise InvalidMetadata.new(msg, 'puppet.tasks/invalid-metadata')
+        end
+
+        implementations = metadata['implementations'].map do |impl|
+          path = executables.find { |real_impl| File.basename(real_impl) == impl['name'] }
+          unless path
+            msg = _("Task metadata for task %{name} specifies missing implementation %{implementation}" % { name: name, implementation: impl['name'] })
+            raise InvalidTask.new(msg, 'puppet.tasks/missing-implementation', { missing: [impl['name']] } )
+          end
+          { "name" => impl['name'], "path" => path }
+        end
+        return implementations
+      end
+
+      # If implementations isn't defined, then we use executables matching the
+      # task name, and only one may exist.
+      implementations = executables.select { |impl| File.basename(impl, '.*') == basename }
+      if implementations.empty?
+        msg = _('No source besides task metadata was found in directory %{directory} for task %{name}') %
+          { name: name, directory: directory }
+        raise InvalidTask.new(msg, 'puppet.tasks/no-implementation')
+      elsif implementations.length > 1
+        msg =_("Multiple executables were found in directory %{directory} for task %{name}; define 'implementations' in metadata to differentiate between them") %
+          { name: name, directory: implementations[0] }
+        raise InvalidTask.new(msg, 'puppet.tasks/multiple-implementations')
+      end
+
+      [{ "name" => File.basename(implementations.first), "path" => implementations.first }]
+    end
+    private_class_method :find_implementations
+
+    def self.find_files(name, directory, metadata, executables, envname = nil)
+      # PXP agent relies on 'impls' (which is the task file) being first if there is no metadata
+      find_implementations(name, directory, metadata, executables) + find_extra_files(metadata, envname)
+    end
+
     def self.is_tasks_metadata_filename?(name)
       is_tasks_filename?(name) && name.end_with?('.json')
     end
@@ -33,37 +183,54 @@ class Puppet::Module
     end
 
     def self.tasks_in_module(pup_module)
-      Dir.glob(File.join(pup_module.tasks_directory, '*'))
+      task_files = Dir.glob(File.join(pup_module.tasks_directory, '*'))
         .keep_if { |f| is_tasks_filename?(f) }
-        .group_by { |f| task_name_from_path(f) }
-        .map { |task, files| new_with_files(pup_module, task, files) }
-    end
 
-    attr_reader :name, :module, :metadata_file, :files
+      module_executables = task_files.reject(&method(:is_tasks_metadata_filename?)).map.to_a
 
-    def initialize(pup_module, task_name, files, metadata_file = nil)
-      if !Puppet::Module::Task.is_task_name?(task_name)
-        raise InvalidName, _("Task names must start with a lowercase letter and be composed of only lowercase letters, numbers, and underscores")
+      tasks = task_files.group_by { |f| task_name_from_path(f) }
+
+      tasks.map do |task, executables|
+        new_with_files(pup_module, task, executables, module_executables)
       end
+    end
 
-      all_files = metadata_file.nil? ? files : files + [metadata_file]
-      all_files.each do |f|
-        if !f.start_with?(pup_module.tasks_directory)
-          msg = _("The file '%{path}' is not located in the %{module_name} module's tasks directory") %
-                       {path: f.to_s, module_name: pup_module.name}
+    attr_reader :name, :module, :metadata_file, :metadata
 
-          # we can include some extra context for the log message:
-          Puppet.err(msg + " (#{pup_module.tasks_directory})")
-          raise InvalidFile, msg
-        end
+    # file paths must be relative to the modules task directory
+    def initialize(pup_module, task_name,  module_executables, metadata_file = nil)
+      if !Puppet::Module::Task.is_task_name?(task_name)
+        raise InvalidName, _("Task names must start with a lowercase letter and be composed of only lowercase letters, numbers, and underscores")
       end
 
       name = task_name == "init" ? pup_module.name : "#{pup_module.name}::#{task_name}"
 
       @module = pup_module
       @name = name
-      @metadata_file = metadata_file if metadata_file
-      @files = files
+      @metadata_file = metadata_file
+      @module_executables = module_executables || []
+    end
+
+    def self.read_metadata(file)
+      Puppet::Util::Json.load(Puppet::FileSystem.read(file, :encoding => 'utf-8')) if file
+    rescue SystemCallError, IOError => err
+      msg = _("Error reading metadata: %{message}" % {message: err.message})
+      raise InvalidMetadata.new(msg, 'puppet.tasks/unreadable-metadata')
+    rescue Puppet::Util::Json::ParseError => err
+      raise InvalidMetadata.new(err.message, 'puppet.tasks/unparseable-metadata')
+    end
+
+    def metadata
+      @metadata ||= self.class.read_metadata(@metadata_file)
+    end
+
+    def files
+      @files ||= self.class.find_files(@name, @module.tasks_directory, metadata, @module_executables, environment_name)
+    end
+
+    def validate
+      files
+      true
     end
 
     def ==(other)
@@ -71,16 +238,18 @@ class Puppet::Module
       self.module == other.module
     end
 
-    def self.new_with_files(pup_module, name, tasks_files)
-      files = tasks_files.map do |filename|
-        File.join(pup_module.tasks_directory, File.basename(filename))
-      end
+    def environment_name
+      @module.environment.respond_to?(:name) ? @module.environment.name : 'production'
+    end
+    private :environment_name
 
-      metadata_files, exe_files = files.partition { |f| is_tasks_metadata_filename?(f) }
-      Puppet::Module::Task.new(pup_module, name, exe_files, metadata_files.first)
+    def self.new_with_files(pup_module, name, task_files, module_executables)
+      metadata_file = task_files.find { |f| is_tasks_metadata_filename?(f) }
+      Puppet::Module::Task.new(pup_module, name, module_executables, metadata_file)
     end
     private_class_method :new_with_files
 
+    # Abstracted here so we can add support for subdirectories later
     def self.task_name_from_path(path)
       return File.basename(path, '.*')
     end