bolt 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of bolt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/bolt/applicator.rb +6 -0
- data/lib/bolt/bolt_option_parser.rb +17 -0
- data/lib/bolt/catalog.rb +2 -2
- data/lib/bolt/cli.rb +65 -22
- data/lib/bolt/error.rb +2 -2
- data/lib/bolt/inventory/group.rb +10 -10
- data/lib/bolt/outputter/human.rb +6 -0
- data/lib/bolt/outputter/json.rb +4 -0
- data/lib/bolt/pal.rb +10 -0
- data/lib/bolt/target.rb +4 -1
- data/lib/bolt/task/puppet_server.rb +27 -0
- data/lib/bolt/task.rb +22 -8
- data/lib/bolt/transport/base.rb +0 -4
- data/lib/bolt/transport/local.rb +15 -7
- data/lib/bolt/transport/ssh.rb +13 -22
- data/lib/bolt/transport/winrm.rb +13 -22
- data/lib/bolt/version.rb +1 -1
- data/lib/bolt_server/acl.rb +39 -0
- data/lib/bolt_server/config.rb +105 -0
- data/lib/bolt_server/file_cache.rb +177 -0
- data/lib/{bolt_ext → bolt_server}/schemas/ssh-run_task.json +0 -0
- data/lib/{bolt_ext → bolt_server}/schemas/task.json +24 -14
- data/lib/{bolt_ext → bolt_server}/schemas/winrm-run_task.json +0 -0
- data/lib/bolt_server/transport_app.rb +105 -0
- data/lib/bolt_spec/run.rb +15 -1
- data/libexec/bolt_catalog +1 -1
- metadata +24 -8
- data/lib/bolt_ext/server.rb +0 -101
- data/lib/bolt_ext/server_acl.rb +0 -37
- data/lib/bolt_ext/server_config.rb +0 -88
|
@@ -1,88 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require 'hocon'
|
|
4
|
-
require 'bolt/error'
|
|
5
|
-
|
|
6
|
-
class TransportConfig
|
|
7
|
-
attr_accessor :host, :port, :ssl_cert, :ssl_key, :ssl_ca_cert, :ssl_cipher_suites,
|
|
8
|
-
:loglevel, :logfile, :whitelist, :concurrency
|
|
9
|
-
|
|
10
|
-
def initialize(global = nil, local = nil)
|
|
11
|
-
@host = '127.0.0.1'
|
|
12
|
-
@port = 62658
|
|
13
|
-
@ssl_cert = nil
|
|
14
|
-
@ssl_key = nil
|
|
15
|
-
@ssl_ca_cert = nil
|
|
16
|
-
@ssl_cipher_suites = ['ECDHE-ECDSA-AES256-GCM-SHA384',
|
|
17
|
-
'ECDHE-RSA-AES256-GCM-SHA384',
|
|
18
|
-
'ECDHE-ECDSA-CHACHA20-POLY1305',
|
|
19
|
-
'ECDHE-RSA-CHACHA20-POLY1305',
|
|
20
|
-
'ECDHE-ECDSA-AES128-GCM-SHA256',
|
|
21
|
-
'ECDHE-RSA-AES128-GCM-SHA256',
|
|
22
|
-
'ECDHE-ECDSA-AES256-SHA384',
|
|
23
|
-
'ECDHE-RSA-AES256-SHA384',
|
|
24
|
-
'ECDHE-ECDSA-AES128-SHA256',
|
|
25
|
-
'ECDHE-RSA-AES128-SHA256']
|
|
26
|
-
|
|
27
|
-
@loglevel = 'notice'
|
|
28
|
-
@logfile = nil
|
|
29
|
-
@whitelist = nil
|
|
30
|
-
@concurrency = 100
|
|
31
|
-
|
|
32
|
-
global_path = global || '/etc/puppetlabs/bolt-server/conf.d/bolt-server.conf'
|
|
33
|
-
local_path = local || File.join(ENV['HOME'].to_s, ".puppetlabs", "bolt-server.conf")
|
|
34
|
-
|
|
35
|
-
load_config(global_path)
|
|
36
|
-
load_config(local_path)
|
|
37
|
-
validate
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
def load_config(path)
|
|
41
|
-
begin
|
|
42
|
-
parsed_hocon = Hocon.load(path)['bolt-server']
|
|
43
|
-
rescue Hocon::ConfigError => e
|
|
44
|
-
raise "Hocon data in '#{path}' failed to load.\n Error: '#{e.message}'"
|
|
45
|
-
rescue Errno::EACCES
|
|
46
|
-
raise "Your user doesn't have permission to read #{path}"
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
unless parsed_hocon.nil?
|
|
50
|
-
%w[host port ssl-cert ssl-key ssl-ca-cert ssl-cipher-suites loglevel logfile whitelist concurrency].each do |key|
|
|
51
|
-
varname = '@' + key.tr('-', '_')
|
|
52
|
-
instance_variable_set(varname, parsed_hocon[key]) if parsed_hocon.key?(key)
|
|
53
|
-
end
|
|
54
|
-
end
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
def validate
|
|
58
|
-
required_keys = %w[ssl_cert ssl_key ssl_ca_cert]
|
|
59
|
-
ssl_keys = %w[ssl_cert ssl_key ssl_ca_cert]
|
|
60
|
-
required_keys.each do |k|
|
|
61
|
-
next unless send(k).nil?
|
|
62
|
-
raise Bolt::ValidationError, <<-MSG
|
|
63
|
-
You must configure #{k} in either /etc/puppetlabs/bolt-server/conf.d/bolt-server.conf or ~/.puppetlabs/bolt-server.conf
|
|
64
|
-
MSG
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
unless @port.is_a?(Integer) && @port > 0
|
|
68
|
-
raise Bolt::ValidationError, "Configured 'port' must be a valid integer greater than 0"
|
|
69
|
-
end
|
|
70
|
-
ssl_keys.each do |sk|
|
|
71
|
-
unless File.file?(send(sk)) && File.readable?(send(sk))
|
|
72
|
-
raise Bolt::ValidationError, "Configured #{sk} must be a valid filepath"
|
|
73
|
-
end
|
|
74
|
-
end
|
|
75
|
-
|
|
76
|
-
unless @ssl_cipher_suites.is_a?(Array)
|
|
77
|
-
raise Bolt::ValidationError, "Configured 'ssl-cipher-suites' must be an array of cipher suite names"
|
|
78
|
-
end
|
|
79
|
-
|
|
80
|
-
unless @whitelist.nil? || @whitelist.is_a?(Array)
|
|
81
|
-
raise Bolt::ValidationError, "Configured 'whitelist' must be an array of names"
|
|
82
|
-
end
|
|
83
|
-
|
|
84
|
-
unless @concurrency.is_a?(Integer) && @concurrency.positive?
|
|
85
|
-
raise Bolt::ValidationError, "Configured 'concurrency' must be a positive integer"
|
|
86
|
-
end
|
|
87
|
-
end
|
|
88
|
-
end
|