bolt 1.1.0 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of bolt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/bolt/applicator.rb +6 -0
- data/lib/bolt/bolt_option_parser.rb +17 -0
- data/lib/bolt/catalog.rb +2 -2
- data/lib/bolt/cli.rb +65 -22
- data/lib/bolt/error.rb +2 -2
- data/lib/bolt/inventory/group.rb +10 -10
- data/lib/bolt/outputter/human.rb +6 -0
- data/lib/bolt/outputter/json.rb +4 -0
- data/lib/bolt/pal.rb +10 -0
- data/lib/bolt/target.rb +4 -1
- data/lib/bolt/task/puppet_server.rb +27 -0
- data/lib/bolt/task.rb +22 -8
- data/lib/bolt/transport/base.rb +0 -4
- data/lib/bolt/transport/local.rb +15 -7
- data/lib/bolt/transport/ssh.rb +13 -22
- data/lib/bolt/transport/winrm.rb +13 -22
- data/lib/bolt/version.rb +1 -1
- data/lib/bolt_server/acl.rb +39 -0
- data/lib/bolt_server/config.rb +105 -0
- data/lib/bolt_server/file_cache.rb +177 -0
- data/lib/{bolt_ext → bolt_server}/schemas/ssh-run_task.json +0 -0
- data/lib/{bolt_ext → bolt_server}/schemas/task.json +24 -14
- data/lib/{bolt_ext → bolt_server}/schemas/winrm-run_task.json +0 -0
- data/lib/bolt_server/transport_app.rb +105 -0
- data/lib/bolt_spec/run.rb +15 -1
- data/libexec/bolt_catalog +1 -1
- metadata +24 -8
- data/lib/bolt_ext/server.rb +0 -101
- data/lib/bolt_ext/server_acl.rb +0 -37
- data/lib/bolt_ext/server_config.rb +0 -88
|
@@ -1,88 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require 'hocon'
|
|
4
|
-
require 'bolt/error'
|
|
5
|
-
|
|
6
|
-
class TransportConfig
|
|
7
|
-
attr_accessor :host, :port, :ssl_cert, :ssl_key, :ssl_ca_cert, :ssl_cipher_suites,
|
|
8
|
-
:loglevel, :logfile, :whitelist, :concurrency
|
|
9
|
-
|
|
10
|
-
def initialize(global = nil, local = nil)
|
|
11
|
-
@host = '127.0.0.1'
|
|
12
|
-
@port = 62658
|
|
13
|
-
@ssl_cert = nil
|
|
14
|
-
@ssl_key = nil
|
|
15
|
-
@ssl_ca_cert = nil
|
|
16
|
-
@ssl_cipher_suites = ['ECDHE-ECDSA-AES256-GCM-SHA384',
|
|
17
|
-
'ECDHE-RSA-AES256-GCM-SHA384',
|
|
18
|
-
'ECDHE-ECDSA-CHACHA20-POLY1305',
|
|
19
|
-
'ECDHE-RSA-CHACHA20-POLY1305',
|
|
20
|
-
'ECDHE-ECDSA-AES128-GCM-SHA256',
|
|
21
|
-
'ECDHE-RSA-AES128-GCM-SHA256',
|
|
22
|
-
'ECDHE-ECDSA-AES256-SHA384',
|
|
23
|
-
'ECDHE-RSA-AES256-SHA384',
|
|
24
|
-
'ECDHE-ECDSA-AES128-SHA256',
|
|
25
|
-
'ECDHE-RSA-AES128-SHA256']
|
|
26
|
-
|
|
27
|
-
@loglevel = 'notice'
|
|
28
|
-
@logfile = nil
|
|
29
|
-
@whitelist = nil
|
|
30
|
-
@concurrency = 100
|
|
31
|
-
|
|
32
|
-
global_path = global || '/etc/puppetlabs/bolt-server/conf.d/bolt-server.conf'
|
|
33
|
-
local_path = local || File.join(ENV['HOME'].to_s, ".puppetlabs", "bolt-server.conf")
|
|
34
|
-
|
|
35
|
-
load_config(global_path)
|
|
36
|
-
load_config(local_path)
|
|
37
|
-
validate
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
def load_config(path)
|
|
41
|
-
begin
|
|
42
|
-
parsed_hocon = Hocon.load(path)['bolt-server']
|
|
43
|
-
rescue Hocon::ConfigError => e
|
|
44
|
-
raise "Hocon data in '#{path}' failed to load.\n Error: '#{e.message}'"
|
|
45
|
-
rescue Errno::EACCES
|
|
46
|
-
raise "Your user doesn't have permission to read #{path}"
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
unless parsed_hocon.nil?
|
|
50
|
-
%w[host port ssl-cert ssl-key ssl-ca-cert ssl-cipher-suites loglevel logfile whitelist concurrency].each do |key|
|
|
51
|
-
varname = '@' + key.tr('-', '_')
|
|
52
|
-
instance_variable_set(varname, parsed_hocon[key]) if parsed_hocon.key?(key)
|
|
53
|
-
end
|
|
54
|
-
end
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
def validate
|
|
58
|
-
required_keys = %w[ssl_cert ssl_key ssl_ca_cert]
|
|
59
|
-
ssl_keys = %w[ssl_cert ssl_key ssl_ca_cert]
|
|
60
|
-
required_keys.each do |k|
|
|
61
|
-
next unless send(k).nil?
|
|
62
|
-
raise Bolt::ValidationError, <<-MSG
|
|
63
|
-
You must configure #{k} in either /etc/puppetlabs/bolt-server/conf.d/bolt-server.conf or ~/.puppetlabs/bolt-server.conf
|
|
64
|
-
MSG
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
unless @port.is_a?(Integer) && @port > 0
|
|
68
|
-
raise Bolt::ValidationError, "Configured 'port' must be a valid integer greater than 0"
|
|
69
|
-
end
|
|
70
|
-
ssl_keys.each do |sk|
|
|
71
|
-
unless File.file?(send(sk)) && File.readable?(send(sk))
|
|
72
|
-
raise Bolt::ValidationError, "Configured #{sk} must be a valid filepath"
|
|
73
|
-
end
|
|
74
|
-
end
|
|
75
|
-
|
|
76
|
-
unless @ssl_cipher_suites.is_a?(Array)
|
|
77
|
-
raise Bolt::ValidationError, "Configured 'ssl-cipher-suites' must be an array of cipher suite names"
|
|
78
|
-
end
|
|
79
|
-
|
|
80
|
-
unless @whitelist.nil? || @whitelist.is_a?(Array)
|
|
81
|
-
raise Bolt::ValidationError, "Configured 'whitelist' must be an array of names"
|
|
82
|
-
end
|
|
83
|
-
|
|
84
|
-
unless @concurrency.is_a?(Integer) && @concurrency.positive?
|
|
85
|
-
raise Bolt::ValidationError, "Configured 'concurrency' must be a positive integer"
|
|
86
|
-
end
|
|
87
|
-
end
|
|
88
|
-
end
|