bolt 0.8.0 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4d17e85d4ead68354a59253671eaa9246fcd9c25
-  data.tar.gz: e00bb08318f54e3d03cd1e144a646e9c4e7eb3fc
+  metadata.gz: 80377af090a1f1d5fd9515eac97623064459ce9f
+  data.tar.gz: 1b73aeaa5dce3a2c3b37581905212e00c0ed2afa
 SHA512:
-  metadata.gz: 0c8d07c175cda227ca2138956167fec92b403deeb967cdb1d83116f9012c13e9b6ba5d4a4bd2178a40cc04ee7153ebb59734263e2056d3054da5e89ede11bc4e
-  data.tar.gz: e750e86b36f107295719ae0f6b8340c0e216208ebf7c15bbf17f99ac5785895a1b556a3ce8aead3b267f90abd3256eb2afa0d8f8df7b365334af5caaf7a6379f
+  metadata.gz: 445a3d714f38f2e8ab548df6c8b7b7ec777f407ec44625533c7fe1b1983210f5d82c648d149f9c1ba3de295b53422af27e89d1f1267ac2980d08bd12fabd4d66
+  data.tar.gz: d0ce607c758b9431c48e978d5ca1e67470a2afd3be1ce35e5694e5a3bed5f82487c5c082daaf19cf1880c2fac16ec9297efaf8105c4b9fc7ab8970dc69eab5ca

data/lib/bolt/cli.rb

@@ -5,25 +5,20 @@ require 'logger'
 require 'json'
 require 'bolt/node'
 require 'bolt/version'
+require 'bolt/error'
 require 'bolt/executor'
 require 'bolt/outputter'
 require 'bolt/config'
 require 'io/console'
 
 module Bolt
-  class CLIError < RuntimeError
+  class CLIError < Bolt::Error
     attr_reader :error_code
 
     def initialize(msg, error_code: 1)
-      super(msg)
+      super(msg, "bolt/cli-error")
       @error_code = error_code
     end
-
-    def to_json
-      { kind: "bolt/cli-error",
-        msg: message,
-        details: { error_code: @error_code } }.to_json
-    end
   end
 
   class CLIExit < StandardError; end
@@ -94,6 +89,7 @@ HELP
     MODES = %w[command script task plan file].freeze
     ACTIONS = %w[run upload download].freeze
     TRANSPORTS = %w[ssh winrm pcp].freeze
+    BOLTLIB_PATH = File.join(__FILE__, '../../../modules')
 
     attr_reader :parser, :config
     attr_accessor :options
@@ -142,6 +138,10 @@ HELP
           end
         end
         results[:concurrency] = 100
+        opts.on('--private-key KEY',
+                "Private ssh key to authenticate with (Optional)") do |key|
+          results[:key] = key
+        end
         opts.on('-c', '--concurrency CONCURRENCY', Integer,
                 "Maximum number of simultaneous connections " \
                 "(Optional, defaults to 100)") do |concurrency|
@@ -159,11 +159,11 @@ HELP
 
         results[:format] = 'human'
         opts.on('--format FORMAT',
-                "Output format to use") do |format|
+                "Output format to use: human or json") do |format|
           if %w[human json].include? format
             results[:format] = format
           else
-            raise ArgumentError "Unsupported format: #{format}"
+            raise Bolt::CLIError, "Unsupported format: #{format}"
           end
         end
         results[:insecure] = false
@@ -190,7 +190,13 @@ HELP
         end
         opts.on('--sudo-password [PASSWORD]',
                 'Password for privilege escalation') do |password|
-          options[:sudo_password] = password
+          if password.nil?
+            STDOUT.print "Please enter your privilege escalation password: "
+            results[:sudo_password] = STDIN.noecho(&:gets).chomp
+            STDOUT.puts
+          else
+            results[:sudo_password] = password
+          end
         end
         opts.on_tail('--[no-]tty',
                      "Request a pseudo TTY on nodes that support it") do |tty|
@@ -237,6 +243,8 @@ HELP
         @config[:log_level] = Logger::INFO
       end
 
+      @config[:key] = options[:key]
+
       @config[:format] = options[:format]
 
       if options[:help]
@@ -398,16 +406,16 @@ HELP
           results =
             case options[:mode]
             when 'command'
-              executor.run_command(nodes, options[:object]) do |node, result|
-                outputter.print_result(node, result)
+              executor.run_command(nodes, options[:object]) do |node, event|
+                outputter.print_event(node, event)
               end
             when 'script'
               script = options[:object]
               validate_file('script', script)
               executor.run_script(
                 nodes, script, options[:leftovers]
-              ) do |node, result|
-                outputter.print_result(node, result)
+              ) do |node, event|
+                outputter.print_event(node, event)
               end
             when 'task'
               task_name = options[:object]
@@ -418,8 +426,8 @@ HELP
               input_method ||= 'both'
               executor.run_task(
                 nodes, path, input_method, options[:task_options]
-              ) do |node, result|
-                outputter.print_result(node, result)
+              ) do |node, event|
+                outputter.print_event(node, event)
               end
             when 'file'
               src = options[:object]
@@ -429,8 +437,8 @@ HELP
                 raise Bolt::CLIError, "A destination path must be specified"
               end
               validate_file('source file', src)
-              executor.file_upload(nodes, src, dest) do |node, result|
-                outputter.print_result(node, result)
+              executor.file_upload(nodes, src, dest) do |node, event|
+                outputter.print_event(node, event)
               end
             end
         end
@@ -519,8 +527,10 @@ HELP
           cli << "--#{setting}" << dir
         end
         Puppet.initialize_settings(cli)
-        Puppet::Pal.in_tmp_environment('bolt', modulepath: modulepath) do |pal|
-          puts pal.run_plan(plan, plan_args: args)
+        Puppet::Pal.in_tmp_environment('bolt', modulepath: [BOLTLIB_PATH] + modulepath) do |pal|
+          pal.with_script_compiler do |compiler|
+            compiler.call_function('run_plan', plan, args)
+          end
         end
       end
     end

data/lib/bolt/config.rb

@@ -12,6 +12,7 @@ module Bolt
     :sudo,
     :sudo_password,
     :transport,
+    :key,
     :tty,
     :user
   ) do

data/lib/bolt/error.rb

@@ -0,0 +1,28 @@
+module Bolt
+  class Error < RuntimeError
+    attr_reader :kind, :details, :issue_code
+
+    def initialize(msg, kind, details = nil, issue_code = nil)
+      super(msg)
+      @kind = kind
+      @issue_code = issue_code
+      @details = details || {}
+    end
+
+    def msg
+      message
+    end
+
+    def to_h
+      h = { 'kind' =>  kind,
+            'msg' => message,
+            'details' => details }
+      h['issue_code'] = issue_code if issue_code
+      h
+    end
+
+    def to_json
+      to_h.to_json
+    end
+  end
+end

data/lib/bolt/executor.rb

@@ -37,18 +37,22 @@ module Bolt
         pool.post do
           result =
             begin
+              @notifier.notify(callback, node, type: :node_start) if callback
               node.connect
               yield node
-            rescue Bolt::Node::BaseError => ex
-              Bolt::ErrorResult.new(ex.message, ex.issue_code, ex.kind)
             rescue StandardError => ex
-              node.logger.error(ex)
-              Bolt::ExceptionResult.new(ex)
+              Bolt::Result.from_exception(ex)
             ensure
-              node.disconnect
+              begin
+                node.disconnect
+              rescue StandardError => ex
+                @logger.info("Failed to close connection to #{node.uri} : #{ex.message}")
+              end
             end
           results[node] = result
-          @notifier.notify(callback, node, result) if callback
+          if callback
+            @notifier.notify(callback, node, type: :node_result, result: result)
+          end
           result
         end
       }

data/lib/bolt/node.rb

@@ -37,6 +37,7 @@ module Bolt
       @port = port
       @user = user || config[:user]
       @password = password || config[:password]
+      @key = config[:key]
       @tty = config[:tty]
       @insecure = config[:insecure]
       @uri = uri
@@ -60,23 +61,24 @@ module Bolt
       @logger.debug { "Uploading #{source} to #{destination}" }
       result = _upload(source, destination)
       if result.success?
-        Bolt::Result.new("Uploaded '#{source}' to '#{host}:#{destination}'")
+        Bolt::Result.new(nil, "Uploaded '#{source}' to '#{host}:#{destination}'")
       else
-        result.to_result
+        result
       end
     end
 
     def run_command(command)
       @logger.info { "Running command: #{command}" }
-      _run_command(command).to_command_result
+      _run_command(command)
     end
 
     def run_script(script, arguments)
-      _run_script(script, arguments).to_command_result
+      @logger.info { "Running script: #{command}" }
+      _run_script(script, arguments)
     end
 
     def run_task(task, input_method, arguments)
-      _run_task(task, input_method, arguments).to_task_result
+      _run_task(task, input_method, arguments)
     end
   end
 end

data/lib/bolt/node/errors.rb

@@ -1,11 +1,10 @@
 module Bolt
   class Node
-    class BaseError < StandardError
+    class BaseError < Bolt::Error
       attr_reader :issue_code
 
       def initialize(message, issue_code)
-        super(message)
-        @issue_code = issue_code
+        super(message, kind, nil, issue_code)
       end
 
       def kind
@@ -18,5 +17,28 @@ module Bolt
         'puppetlabs.tasks/connect-error'
       end
     end
+
+    class EscalateError < BaseError
+      def kind
+        'puppetlabs.tasks/escalate-error'
+      end
+    end
+
+    class FileError < BaseError
+      def kind
+        'puppetlabs.tasks/task_file_error'
+      end
+    end
+
+    class EnvironmentVarError < BaseError
+      def initialize(var, val)
+        message = "Could not set environment variable '#{var}' to '#{val}'"
+        super(message, 'ENVVAR_ERROR')
+      end
+
+      def kind
+        'puppetlabs.tasks/environment-var-error'
+      end
+    end
   end
 end

data/lib/bolt/node/orch.rb

@@ -47,10 +47,8 @@ module Bolt
       state = node_result['state']
       result = node_result['result']
 
-      result_output = Bolt::Node::ResultOutput.new
-      result_output.stdout << result.to_json
       if state == 'finished'
-        Bolt::Node::Success.new(result.to_json, result_output)
+        exit_code = 0
       else
         # Try to extract the exit_code from _error
         begin
@@ -58,29 +56,20 @@ module Bolt
         rescue NoMethodError
           exit_code = 'unknown'
         end
-        Bolt::Node::Failure.new(exit_code, result_output)
       end
+      Bolt::TaskResult.new(result.to_json, "", exit_code)
     end
 
     # run_task generates a result that makes sense for a generic task which
     # needs to be unwrapped to extract stdout/stderr/exitcode.
     #
     def unwrap_bolt_result(result)
-      task_result = JSON.parse(result.output.stdout.string)
-      if task_result['exit_code'].nil?
+      if result.error
         # something went wrong return the failure
         return result
       end
 
-      # Otherwise create a new result with the captured output
-      result_output = Bolt::Node::ResultOutput.new
-      result_output.stdout << task_result['stdout']
-      result_output.stderr << task_result['stderr']
-      if (task_result['exit_code']).zero?
-        Bolt::Node::Success.new(task_result['stdout'], result_output)
-      else
-        Bolt::Node::Failure.new(task_result['exit_code'], result_output)
-      end
+      Bolt::CommandResult.new(result.value['stdout'], result.value['stderr'], result.value['exit_code'])
     end
 
     def _run_command(command, options = {})
@@ -102,7 +91,9 @@ module Bolt
         content: content,
         mode: mode
       }
-      _run_task(BOLT_MOCK_FILE, 'stdin', params)
+      result = _run_task(BOLT_MOCK_FILE, 'stdin', params)
+      result = Bolt::Result.new unless result.error
+      result
     end
 
     def _run_script(script, arguments)

data/lib/bolt/node/output.rb

@@ -0,0 +1,17 @@
+require 'json'
+require 'bolt/result'
+
+module Bolt
+  class Node
+    class Output
+      attr_reader :stdout, :stderr
+      attr_accessor :exit_code
+
+      def initialize
+        @stdout = StringIO.new
+        @stderr = StringIO.new
+        @exit_code = 'unkown'
+      end
+    end
+  end
+end

data/lib/bolt/node/ssh.rb

@@ -1,8 +1,8 @@
 require 'json'
 require 'shellwords'
 require 'net/ssh'
-require 'net/sftp'
-require 'bolt/node/result'
+require 'net/scp'
+require 'bolt/node/output'
 
 module Bolt
   class SSH < Node
@@ -22,6 +22,7 @@ module Bolt
 
       options[:port] = @port if @port
       options[:password] = @password if @password
+      options[:keys] = @key if @key
       options[:verify_host_key] = if @insecure
                                     Net::SSH::Verifiers::Lenient.new
                                   else
@@ -54,11 +55,41 @@ module Bolt
       end
     end
 
+    def sudo_prompt
+      '[sudo] Bolt needs to run as another user, password: '
+    end
+
+    def handled_sudo(channel, data)
+      if data == sudo_prompt
+        if @sudo_password
+          channel.send_data "#{@sudo_password}\n"
+          channel.wait
+          return true
+        else
+          raise Bolt::Node::EscalateError.new(
+            "Sudo password for user #{@user} was not provided for #{@uri}",
+            'NO_PASSWORD'
+          )
+        end
+      elsif data =~ /^#{@user} is not in the sudoers file\./
+        @logger.info { data }
+        raise Bolt::Node::EscalateError.new(
+          "User #{@user} does not have sudo permission on #{@uri}",
+          'SUDO_DENIED'
+        )
+      elsif data =~ /^Sorry, try again\./
+        @logger.info { data }
+        raise Bolt::Node::EscalateError.new(
+          "Sudo password for user #{@user} not recognized on #{@uri}",
+          'BAD_PASSWORD'
+        )
+      end
+      false
+    end
+
     def execute(command, sudoable: false, **options)
-      result_output = Bolt::Node::ResultOutput.new
-      status = {}
+      result_output = Bolt::Node::Output.new
       use_sudo = sudoable && (@sudo || @run_as)
-      sudo_prompt = '[sudo] Bolt needs to run as another user, password: '
       if use_sudo
         user_clause = if @run_as
                         "-u #{@run_as}"
@@ -75,30 +106,29 @@ module Bolt
         channel.request_pty if @tty
 
         channel.exec(command) do |_, success|
-          raise "could not execute command: #{command.inspect}" unless success
+          unless success
+            raise Bolt::Node::ConnectError.new(
+              "Could not execute command: #{command.inspect}",
+              'EXEC_ERROR'
+            )
+          end
 
           channel.on_data do |_, data|
-            if use_sudo && data == sudo_prompt
-              channel.send_data "#{@sudo_password}\n"
-              channel.wait
-            else
+            unless use_sudo && handled_sudo(channel, data)
               result_output.stdout << data
             end
             @logger.debug { "stdout: #{data}" }
           end
 
           channel.on_extended_data do |_, _, data|
-            if use_sudo && data == sudo_prompt
-              channel.send_data "#{@sudo_password}\n"
-              channel.wait
-            else
+            unless use_sudo && handled_sudo(channel, data)
               result_output.stderr << data
             end
             @logger.debug { "stderr: #{data}" }
           end
 
           channel.on_request("exit-status") do |_, data|
-            status[:exit_code] = data.read_long
+            result_output.exit_code = data.read_long
           end
 
           if options[:stdin]
@@ -109,45 +139,52 @@ module Bolt
       end
       session_channel.wait
 
-      if status[:exit_code].zero?
+      if result_output.exit_code == 0
         @logger.debug { "Command returned successfully" }
-        Bolt::Node::Success.new(result_output.stdout.string, result_output)
       else
-        @logger.info { "Command failed with exit code #{status[:exit_code]}" }
-        Bolt::Node::Failure.new(status[:exit_code], result_output)
+        @logger.info { "Command failed with exit code #{result_output.exit_code}" }
       end
+      result_output
     end
 
     def _upload(source, destination)
-      Net::SFTP::Session.new(@session).connect! do |sftp|
-        sftp.upload!(source, destination)
-      end
-      Bolt::Node::Success.new
+      write_remote_file(source, destination)
+      Bolt::Result.new
     rescue StandardError => e
-      Bolt::Node::ExceptionFailure.new(e)
+      Bolt::Result.from_exception(e)
     end
 
-    def make_tempdir
-      Bolt::Node::Success.new(@session.exec!('mktemp -d').chomp)
+    def write_remote_file(source, destination)
+      @session.scp.upload!(source, destination)
     rescue StandardError => e
-      Bolt::Node::ExceptionFailure.new(e)
+      raise FileError.new(e.message, 'WRITE_ERROR')
+    end
+
+    def make_tempdir
+      result = execute('mktemp -d')
+      if result.exit_code != 0
+        raise FileError.new("Could not make tempdir: #{result.stderr.string}", 'TEMPDIR_ERROR')
+      end
+      result.stdout.string.chomp
     end
 
     def with_remote_tempdir
-      make_tempdir.then do |dir|
-        (yield dir).ensure do
-          execute("rm -rf '#{dir}'")
+      dir = make_tempdir
+      begin
+        yield dir
+      ensure
+        output =  execute("rm -rf '#{dir}'")
+        if output.exit_code != 0
+          logger.warn("Failed to clean up tempdir '#{dir}': #{output.stderr.string}")
         end
       end
     end
 
     def with_remote_script(dir, file)
       remote_path = "#{dir}/#{File.basename(file)}"
-      _upload(file, remote_path).then do
-        execute("chmod u+x '#{remote_path}'")
-      end.then do
-        yield remote_path
-      end
+      write_remote_file(file, remote_path)
+      make_executable(remote_path)
+      yield remote_path
     end
 
     def with_remote_file(file)
@@ -167,14 +204,19 @@ EOF
 SCRIPT
     end
 
+    def make_executable(path)
+      result = execute("chmod u+x '#{path}'")
+      if result.exit_code != 0
+        raise FileError.new("Could not make file '#{path}' executable: #{result.stderr.string}", 'CHMOD_ERROR')
+      end
+    end
+
     def with_task_wrapper(remote_task, dir, stdin)
       wrapper = make_wrapper_stringio(remote_task, stdin)
       command = "#{dir}/wrapper.sh"
-      _upload(wrapper, command).then do
-        execute("chmod u+x '#{command}'")
-      end.then do
-        yield command
-      end
+      write_remote_file(wrapper, command)
+      make_executable(command)
+      yield command
     end
 
     def with_remote_task(task_file, stdin)
@@ -192,7 +234,12 @@ SCRIPT
     end
 
     def _run_command(command)
-      execute(command, sudoable: true)
+      output = execute(command, sudoable: true)
+      Bolt::CommandResult.from_output(output)
+    # TODO: We should be able to rely on the excutor for this but it will mean
+    # a test refactor
+    rescue StandardError => e
+      Bolt::Result.from_exception(e)
     end
 
     def _run_script(script, arguments)
@@ -200,9 +247,14 @@ SCRIPT
       @logger.debug { "arguments: #{arguments}" }
 
       with_remote_file(script) do |remote_path|
-        execute("'#{remote_path}' #{Shellwords.join(arguments)}",
-                sudoable: true)
+        output = execute("'#{remote_path}' #{Shellwords.join(arguments)}",
+                         sudoable: true)
+        Bolt::CommandResult.from_output(output)
       end
+    # TODO: We should be able to rely on the excutor for this but it will mean
+    # a test refactor
+    rescue StandardError => e
+      Bolt::Result.from_exception(e)
     end
 
     def _run_task(task, input_method, arguments)
@@ -228,8 +280,13 @@ SCRIPT
                   else
                     "#{export_args} '#{remote_path}'"
                   end
-        execute(command, sudoable: true)
+        output = execute(command, sudoable: true)
+        Bolt::TaskResult.from_output(output)
       end
+    # TODO: We should be able to rely on the excutor for this but it will mean
+    # a test refactor
+    rescue StandardError => e
+      Bolt::Result.from_exception(e)
     end
   end
 end