bolt 1.15.0 → 1.16.0

data/lib/bolt/transport/ssh/connection.rb

@@ -4,71 +4,27 @@ require 'logging'
 require 'shellwords'
 require 'bolt/node/errors'
 require 'bolt/node/output'
+require 'bolt/transport/sudoable/connection'
 require 'bolt/util'
-require 'net/ssh/proxy/jump'
 
 module Bolt
   module Transport
-    class SSH < Base
-      class Connection
-        class RemoteTempdir
-          def initialize(node, path)
-            @node = node
-            @owner = node.user
-            @path = path
-            @logger = node.logger
-          end
-
-          def to_s
-            @path
-          end
-
-          def mkdirs(subdirs)
-            abs_subdirs = subdirs.map { |subdir| File.join(@path, subdir) }
-            result = @node.execute(['mkdir', '-p'] + abs_subdirs)
-            if result.exit_code != 0
-              message = "Could not create subdirectories in '#{@path}': #{result.stderr.string}"
-              raise Bolt::Node::FileError.new(message, 'MKDIR_ERROR')
-            end
-          end
-
-          def chown(owner)
-            return if owner.nil? || owner == @owner
-
-            result = @node.execute(['id', '-g', owner])
-            if result.exit_code != 0
-              message = "Could not identify group of user #{owner}: #{result.stderr.string}"
-              raise Bolt::Node::FileError.new(message, 'ID_ERROR')
-            end
-            group = result.stdout.string.chomp
-
-            # Chown can only be run by root.
-            result = @node.execute(['chown', '-R', "#{owner}:#{group}", @path], sudoable: true, run_as: 'root')
-            if result.exit_code != 0
-              message = "Could not change owner of '#{@path}' to #{owner}: #{result.stderr.string}"
-              raise Bolt::Node::FileError.new(message, 'CHOWN_ERROR')
-            end
-
-            # File ownership successfully changed, record the new owner.
-            @owner = owner
-          end
-
-          def delete
-            result = @node.execute(['rm', '-rf', @path], sudoable: true, run_as: @owner)
-            if result.exit_code != 0
-              @logger.warn("Failed to clean up tempdir '#{@path}': #{result.stderr.string}")
-            end
-          end
-        end
-
+    class SSH < Sudoable
+      class Connection < Sudoable::Connection
         attr_reader :logger, :user, :target
         attr_writer :run_as
 
-        def initialize(target, transport_logger, load_config = true)
+        def initialize(target, transport_logger)
+          # lazy-load expensive gem code
+          require 'net/ssh'
+          require 'net/ssh/proxy/jump'
+
+          raise Bolt::ValidationError, "Target #{target.name} does not have a host" unless target.host
+
           @target = target
-          @load_config = load_config
+          @load_config = target.options['load-config']
 
-          ssh_user = load_config ? Net::SSH::Config.for(target.host)[:user] : nil
+          ssh_user = @load_config ? Net::SSH::Config.for(target.host)[:user] : nil
           @user = @target.user || ssh_user || Etc.getlogin
           @run_as = nil
 
@@ -171,27 +127,8 @@ module Bolt
           end
         end
 
-        # This method allows the @run_as variable to be used as a per-operation
-        # override for the user to run as. When @run_as is unset, the user
-        # specified on the target will be used.
-        def run_as
-          @run_as || target.options['run-as']
-        end
-
-        # Run as the specified user for the duration of the block.
-        def running_as(user)
-          @run_as = user
-          yield
-        ensure
-          @run_as = nil
-        end
-
-        def sudo_prompt
-          '[sudo] Bolt needs to run as another user, password: '
-        end
-
         def handled_sudo(channel, data)
-          if data.lines.include?(sudo_prompt)
+          if data.lines.include?(Sudoable.sudo_prompt)
             if target.options['sudo-password']
               channel.send_data "#{target.options['sudo-password']}\n"
               channel.wait
@@ -233,7 +170,7 @@ module Bolt
           command_str = command.is_a?(String) ? command : Shellwords.shelljoin(command)
           if escalate
             if use_sudo
-              sudo_flags = ["sudo", "-S", "-u", run_as, "-p", sudo_prompt]
+              sudo_flags = ["sudo", "-S", "-u", run_as, "-p", Sudoable.sudo_prompt]
               sudo_flags += ["-E"] if options[:environment]
               sudo_str = Shellwords.shelljoin(sudo_flags)
               command_str = "#{sudo_str} #{command_str}"
@@ -303,56 +240,18 @@ module Bolt
           raise
         end
 
-        def write_remote_file(source, destination)
+        def copy_file(source, destination)
           @session.scp.upload!(source, destination, recursive: true)
         rescue StandardError => e
           raise Bolt::Node::FileError.new(e.message, 'WRITE_ERROR')
         end
 
-        def make_tempdir
-          tmpdir = target.options.fetch('tmpdir', '/tmp')
-          tmppath = "#{tmpdir}/#{SecureRandom.uuid}"
-          command = ['mkdir', '-m', 700, tmppath]
-
-          result = execute(command)
-          if result.exit_code != 0
-            raise Bolt::Node::FileError.new("Could not make tempdir: #{result.stderr.string}", 'TEMPDIR_ERROR')
-          end
-          path = tmppath || result.stdout.string.chomp
-          RemoteTempdir.new(self, path)
-        end
-
-        # A helper to create and delete a tempdir on the remote system. Yields the
-        # directory name.
-        def with_remote_tempdir
-          dir = make_tempdir
-          yield dir
-        ensure
-          dir&.delete
-        end
-
-        def write_remote_executable(dir, file, filename = nil)
-          filename ||= File.basename(file)
-          remote_path = File.join(dir.to_s, filename)
-          write_remote_file(file, remote_path)
-          make_executable(remote_path)
-          remote_path
-        end
-
         def write_executable_from_content(dest, content, filename)
           remote_path = File.join(dest.to_s, filename)
           @session.scp.upload!(StringIO.new(content), remote_path)
           make_executable(remote_path)
           remote_path
         end
-
-        def make_executable(path)
-          result = execute(['chmod', 'u+x', path])
-          if result.exit_code != 0
-            message = "Could not make file '#{path}' executable: #{result.stderr.string}"
-            raise Bolt::Node::FileError.new(message, 'CHMOD_ERROR')
-          end
-        end
       end
     end
   end

data/lib/bolt/transport/sudoable.rb

@@ -0,0 +1,163 @@
+# frozen_string_literal: true
+
+require 'shellwords'
+require 'bolt/transport/base'
+
+module Bolt
+  module Transport
+    class Sudoable < Base
+      def self.validate_sudo_options(options, logger)
+        if options['sudo-password'] && options['run-as'].nil?
+          logger.warn("--sudo-password will not be used without specifying a " \
+                      "user to escalate to with --run-as")
+        end
+
+        run_as_cmd = options['run-as-command']
+        if run_as_cmd && (!run_as_cmd.is_a?(Array) || run_as_cmd.any? { |n| !n.is_a?(String) })
+          raise Bolt::ValidationError, "run-as-command must be an Array of Strings, received #{run_as_cmd}"
+        end
+      end
+
+      def self.sudo_prompt
+        '[sudo] Bolt needs to run as another user, password: '
+      end
+
+      def run_command(target, command, options = {})
+        with_connection(target) do |conn|
+          conn.running_as(options['_run_as']) do
+            output = conn.execute(command, sudoable: true)
+            Bolt::Result.for_command(target,
+                                     output.stdout.string,
+                                     output.stderr.string,
+                                     output.exit_code,
+                                     'command', command)
+          end
+        end
+      end
+
+      def upload(target, source, destination, options = {})
+        with_connection(target) do |conn|
+          conn.running_as(options['_run_as']) do
+            conn.with_tempdir do |dir|
+              basename = File.basename(destination)
+              tmpfile = File.join(dir.to_s, basename)
+              conn.copy_file(source, tmpfile)
+              # pass over file ownership if we're using run-as to be a different user
+              dir.chown(conn.run_as)
+              result = conn.execute(['mv', tmpfile, destination], sudoable: true)
+              if result.exit_code != 0
+                message = "Could not move temporary file '#{tmpfile}' to #{destination}: #{result.stderr.string}"
+                raise Bolt::Node::FileError.new(message, 'MV_ERROR')
+              end
+            end
+            Bolt::Result.for_upload(target, source, destination)
+          end
+        end
+      end
+
+      def run_script(target, script, arguments, options = {})
+        # unpack any Sensitive data
+        arguments = unwrap_sensitive_args(arguments)
+
+        with_connection(target) do |conn|
+          conn.running_as(options['_run_as']) do
+            conn.with_tempdir do |dir|
+              path = conn.write_executable(dir.to_s, script)
+              dir.chown(conn.run_as)
+              output = conn.execute([path, *arguments], sudoable: true)
+              Bolt::Result.for_command(target,
+                                       output.stdout.string,
+                                       output.stderr.string,
+                                       output.exit_code,
+                                       'script', script)
+            end
+          end
+        end
+      end
+
+      def run_task(target, task, arguments, options = {})
+        implementation = select_implementation(target, task)
+        executable = implementation['path']
+        input_method = implementation['input_method']
+        extra_files = implementation['files']
+
+        with_connection(target) do |conn|
+          conn.running_as(options['_run_as']) do
+            stdin, output = nil
+            command = []
+            execute_options = {}
+            execute_options[:interpreter] = select_interpreter(executable, target.options['interpreters'])
+            interpreter_debug = if execute_options[:interpreter]
+                                  " using '#{execute_options[:interpreter]}' interpreter"
+                                end
+            # log the arguments with sensitive data redacted, do NOT log unwrapped_arguments
+            logger.debug("Running '#{executable}' with #{arguments}#{interpreter_debug}")
+            # unpack any Sensitive data
+            arguments = unwrap_sensitive_args(arguments)
+
+            conn.with_tempdir do |dir|
+              if extra_files.empty?
+                task_dir = dir
+              else
+                # TODO: optimize upload of directories
+                arguments['_installdir'] = dir.to_s
+                task_dir = File.join(dir.to_s, task.tasks_dir)
+                dir.mkdirs([task.tasks_dir] + extra_files.map { |file| File.dirname(file['name']) })
+                extra_files.each do |file|
+                  conn.copy_file(file['path'], File.join(dir.to_s, file['name']))
+                end
+              end
+
+              remote_task_path = conn.write_executable(task_dir, executable)
+
+              if STDIN_METHODS.include?(input_method)
+                stdin = JSON.dump(arguments)
+              end
+
+              if ENVIRONMENT_METHODS.include?(input_method)
+                execute_options[:environment] = envify_params(arguments)
+              end
+
+              if conn.run_as && stdin
+                # Inject interpreter in to wrapper script and remove from execute options
+                wrapper = make_wrapper_stringio(remote_task_path, stdin, execute_options[:interpreter])
+                execute_options.delete(:interpreter)
+                remote_wrapper_path = conn.write_executable(dir, wrapper, 'wrapper.sh')
+                command << remote_wrapper_path
+              else
+                command << remote_task_path
+                execute_options[:stdin] = stdin
+              end
+              dir.chown(conn.run_as)
+
+              execute_options[:sudoable] = true if conn.run_as
+              output = conn.execute(command, execute_options)
+            end
+            Bolt::Result.for_task(target, output.stdout.string,
+                                  output.stderr.string,
+                                  output.exit_code,
+                                  task.name)
+          end
+        end
+      end
+
+      def make_wrapper_stringio(task_path, stdin, interpreter = nil)
+        if interpreter
+          StringIO.new(<<~SCRIPT)
+            #!/bin/sh
+            '#{interpreter}' '#{task_path}' <<'EOF'
+            #{stdin}
+            EOF
+            SCRIPT
+        else
+          StringIO.new(<<~SCRIPT)
+            #!/bin/sh
+            '#{task_path}' <<'EOF'
+            #{stdin}
+            EOF
+            SCRIPT
+        end
+      end
+    end
+  end
+end

data/lib/bolt/transport/sudoable/connection.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+require 'bolt/transport/sudoable/tmpdir'
+
+module Bolt
+  module Transport
+    class Sudoable < Base
+      class Connection
+        attr_accessor :target
+        def initialize(target)
+          @target = target
+          @run_as = nil
+          @logger = Logging.logger[@target.host]
+        end
+
+        # This method allows the @run_as variable to be used as a per-operation
+        # override for the user to run as. When @run_as is unset, the user
+        # specified on the target will be used.
+        def run_as
+          @run_as || target.options['run-as']
+        end
+
+        # Run as the specified user for the duration of the block.
+        def running_as(user)
+          @run_as = user
+          yield
+        ensure
+          @run_as = nil
+        end
+
+        def make_executable(path)
+          result = execute(['chmod', 'u+x', path])
+          if result.exit_code != 0
+            message = "Could not make file '#{path}' executable: #{result.stderr.string}"
+            raise Bolt::Node::FileError.new(message, 'CHMOD_ERROR')
+          end
+        end
+
+        def make_tempdir
+          tmpdir = @target.options.fetch('tmpdir', '/tmp')
+          tmppath = "#{tmpdir}/#{SecureRandom.uuid}"
+          command = ['mkdir', '-m', 700, tmppath]
+
+          result = execute(command)
+          if result.exit_code != 0
+            raise Bolt::Node::FileError.new("Could not make tempdir: #{result.stderr.string}", 'TEMPDIR_ERROR')
+          end
+          path = tmppath || result.stdout.string.chomp
+          Sudoable::Tmpdir.new(self, path)
+        end
+
+        def write_executable(dir, file, filename = nil)
+          filename ||= File.basename(file)
+          remote_path = File.join(dir.to_s, filename)
+          copy_file(file, remote_path)
+          make_executable(remote_path)
+          remote_path
+        end
+
+        # A helper to create and delete a tempdir on the remote system. Yields the
+        # directory name.
+        def with_tempdir
+          dir = make_tempdir
+          yield dir
+        ensure
+          dir&.delete
+        end
+
+        def execute(*_args)
+          message = "#{self.class.name} must implement #{method} to execute commands"
+          raise NotImplementedError, message
+        end
+      end
+    end
+  end
+end

data/lib/bolt/transport/sudoable/tmpdir.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+module Bolt
+  module Transport
+    class Sudoable < Base
+      class Tmpdir
+        def initialize(node, path)
+          @conn = node
+          @owner = node.user
+          @path = path
+          @logger = node.logger
+        end
+
+        def to_s
+          @path
+        end
+
+        def mkdirs(subdirs)
+          abs_subdirs = subdirs.map { |subdir| File.join(@path, subdir) }
+          result = @conn.execute(['mkdir', '-p'] + abs_subdirs)
+          if result.exit_code != 0
+            message = "Could not create subdirectories in '#{@path}': #{result.stderr.string}"
+            raise Bolt::Node::FileError.new(message, 'MKDIR_ERROR')
+          end
+        end
+
+        def chown(owner)
+          return if owner.nil? || owner == @owner
+
+          result = @conn.execute(['id', '-g', owner])
+          if result.exit_code != 0
+            message = "Could not identify group of user #{owner}: #{result.stderr.string}"
+            raise Bolt::Node::FileError.new(message, 'ID_ERROR')
+          end
+          group = result.stdout.string.chomp
+
+          # Chown can only be run by root.
+          result = @conn.execute(['chown', '-R', "#{owner}:#{group}", @path], sudoable: true, run_as: 'root')
+          if result.exit_code != 0
+            message = "Could not change owner of '#{@path}' to #{owner}: #{result.stderr.string}"
+            raise Bolt::Node::FileError.new(message, 'CHOWN_ERROR')
+          end
+
+          # File ownership successfully changed, record the new owner.
+          @owner = owner
+        end
+
+        def delete
+          result = @conn.execute(['rm', '-rf', @path], sudoable: true, run_as: @owner)
+          if result.exit_code != 0
+            @logger.warn("Failed to clean up tempdir '#{@path}': #{result.stderr.string}")
+          end
+          # For testing
+          result.stderr.string
+        end
+      end
+    end
+  end
+end