bolt 1.24.0 → 1.25.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc4db252a26ca2d1f05bddfa9b4affaece04baf3d2324e37b29e7f3579301640
-  data.tar.gz: 963c29e99b6389113a6ed9e8bc1bbe5209d5b7f9a1d0492f0d56af5a88d25f17
+  metadata.gz: 22679235d7475d2cc80d765770e6b81b0ed0852d4563a889c00043fe61f359f1
+  data.tar.gz: a04c075cb1551ab90f6e6e9f0e6e02670b6081475a9d8f0d49fd9e7f046d0992
 SHA512:
-  metadata.gz: 11d6586b4ee6b03471749c629fc1ac2c342025b707b5bf443044f7f01ee930d1ab1c678655e827452c800df149e998d0b256e4f11e5bae194cd88eba6eb5847b
-  data.tar.gz: 9775e66c5a65810e72e129787976f98d7725f64a293ccf80237372c90b8db149ca94d991afbc0779d26dab228e3c9a72ac884ad32b1d180c33a03582c57aeab0
+  metadata.gz: 4633d131919822b23981f8533b580e727817c95aa78a1afc05a4ca66bd14e08f3fd8f9c116f89e8726e171616c5cee1138d27260972dfc5e0718a9cb7a6096fb
+  data.tar.gz: 6a1f67bf10a65e26cd56cc9a82ad050a9023d5738b5d129cf43e203a50c1403c7cef4dd67085774dfba1d853f10174983b8e09716cc0a9d8441a24c69c62fe8b

data/bolt-modules/boltlib/lib/puppet/functions/catch_errors.rb

@@ -8,8 +8,8 @@
 Puppet::Functions.create_function(:catch_errors) do
   # @param error_types An array of error types to catch
   # @param block The block of steps to catch errors on
-  # @return Undef If an error is raised in the block then the error will be
-  # returned, otherwise the result will be returned
+  # @return If an error is raised in the block then the error will be returned,
+  #         otherwise the result will be returned
   # @example Catch errors for a block
   #   catch_errors() || {
   #     run_command("whoami", $nodes)
@@ -26,6 +26,7 @@ Puppet::Functions.create_function(:catch_errors) do
   dispatch :catch_errors do
     optional_param 'Array[String[1]]', :error_types
     block_param 'Callable[0, 0]', :block
+    return_type 'Any'
   end
 
   def catch_errors(error_types = nil)

data/lib/bolt/inventory/group2.rb

@@ -13,7 +13,7 @@ module Bolt
 
       DATA_KEYS = %w[name config facts vars features].freeze
       NODE_KEYS = DATA_KEYS + %w[alias uri]
-      GROUP_KEYS = DATA_KEYS + %w[groups targets target-lookups]
+      GROUP_KEYS = DATA_KEYS + %w[groups targets]
       CONFIG_KEYS = Bolt::TRANSPORTS.keys.map(&:to_s) + ['transport']
 
       def initialize(data, plugins)
@@ -31,6 +31,12 @@ module Bolt
         raise ValidationError.new("Group name must be a String, not #{@name.inspect}", nil) unless @name.is_a?(String)
         raise ValidationError.new("Invalid group name #{@name}", @name) unless @name =~ NAME_REGEX
 
+        # DEPRECATION : remove this before finalization
+        if data.key?('target-lookups')
+          msg = "'target-lookups' are no longer a separate key. Merge 'target-lookups' and 'targets' lists and replace 'plugin' with '_plugin'" # rubocop:disable Metrics/LineLength
+          raise ValidationError.new(msg, @name)
+        end
+
         unless (unexpected_keys = data.keys - GROUP_KEYS).empty?
           msg = "Found unexpected key(s) #{unexpected_keys.join(', ')} in group #{@name}"
           @logger.warn(msg)
@@ -42,8 +48,6 @@ module Bolt
 
         @config = config_only_plugin(fetch_value(data, 'config', Hash))
 
-        @target_lookups = fetch_value(data, 'target-lookups', Array)
-
         unless (unexpected_keys = @config.keys - CONFIG_KEYS).empty?
           msg = "Found unexpected key(s) #{unexpected_keys.join(', ')} in config for group #{@name}"
           @logger.warn(msg)
@@ -61,8 +65,15 @@ module Bolt
           # resolved, and requires a depth-first traversal to categorize them.
           if target.is_a?(String)
             @name_or_alias << target
+          # Handle plugins at this level so that lookups cannot trigger recursive lookups
+          elsif target.is_a?(Hash)
+            if target.include?('_plugin')
+              lookup_targets(target)
+            else
+              add_target(target)
+            end
           else
-            add_target(target)
+            raise ValidationError.new("Node entry must be a String or Hash, not #{target.class}", @name)
           end
         end
 
@@ -77,12 +88,9 @@ module Bolt
             raise ValidationError.new("Cannot set group #{key.inspect} with plugin", nil)
           end
         end
-        if data.is_a? Hash
-          data.each do |_k, v|
-            validate_config_plugin(v, key, group_name)
-          end
-        elsif data.is_a? Array
-          data.map { |v| validate_config_plugin(v, key, group_name) }
+
+        Bolt::Util.walk_vals(data, true) do |v|
+          validate_config_plugin(v, key, group_name)
         end
       end
       private :validate_config_plugin
@@ -91,11 +99,14 @@ module Bolt
         Bolt::Util.walk_vals(data) do |value|
           if value.is_a?(Hash) && value.include?('_plugin')
             unless (plugin = @plugins.by_name(value['_plugin']))
-              raise ValidationError.new("unkown plugin: #{value['_plugin'].inspect}", nil)
+              raise ValidationError.new("Config lookup specifies an unknown plugin: #{value['_plugin'].inspect}", @name)
             end
-            plugin.validate_inventory_config_lookup(value) if plugin.respond_to?(:validate_inventory_config_lookup)
+            unless plugin.hooks.include?('inventory_config')
+              raise ValidationError.new("#{plugin.name} does not support inventory_config.", @name)
+            end
+            plugin.validate_inventory_config(value) if plugin.respond_to?(:validate_inventory_config)
             Concurrent::Delay.new do
-              plugin.inventory_config_lookup(value)
+              plugin.inventory_config(value)
             end
           else
             value
@@ -119,11 +130,13 @@ module Bolt
       end
 
       def add_target(target)
-        # TODO: Do we want to accept strings from lookup_targets plugins? How should
-        # they be handled?
+        # This check ensures target lookup plugins do not returns bare strings.
+        # Remove it if we decide to allows task plugins to return string node
+        # names.
         unless target.is_a?(Hash)
-          raise ValidationError.new("Node entry must be a String or Hash, not #{target.class}", @name)
+          raise ValidationError.new("Node entry must be a Hash, not #{target.class}", @name)
         end
+        # This check prevents plugins from returning plugins
         raise ValidationError.new("Cannot set target with plugin", @name) if target.key?('_plugin')
         target.each do |k, v|
           next if k == 'config'
@@ -160,6 +173,7 @@ module Bolt
         end
 
         target['config'] = config_only_plugin(target['config'])
+
         unless target.include?('alias')
           return
         end
@@ -181,24 +195,16 @@ module Bolt
         end
       end
 
-      def lookup_targets(plugins)
-        @target_lookups.each do |lookup|
-          unless lookup.is_a?(Hash)
-            raise ValidationError.new("target-lookup is not a hash: #{lookup}", @name)
-          end
-          unless lookup['plugin']
-            raise ValidationError.new("target-lookup does not specify a plugin: #{lookup}", @name)
-          end
-
-          unless (plugin = plugins.by_name(lookup['plugin']))
-            raise ValidationError.new("target-lookup specifies an unkown plugin: '#{lookup['plugin']}'", @name)
-          end
-
-          targets = plugin.lookup_targets(lookup)
-          targets.each { |target| add_target(target) }
+      def lookup_targets(lookup)
+        unless (plugin = @plugins.by_name(lookup['_plugin']))
+          raise ValidationError.new("Target lookup specifies an unknown plugin: '#{lookup['plugin']}'", @name)
+        end
+        unless plugin.hooks.include?('inventory_targets')
+          raise ValidationError.new("#{plugin.name} does not support inventory_targets.", @name)
         end
 
-        @groups.each { |g| g.lookup_targets(plugins) }
+        targets = plugin.inventory_targets(lookup)
+        targets.each { |target| add_target(target) }
       end
 
       def data_merge(data1, data2)

data/lib/bolt/inventory/inventory2.rb

@@ -22,7 +22,6 @@ module Bolt
         @target_vars = target_vars
         @target_facts = target_facts
         @target_features = target_features
-        @groups.lookup_targets(plugins)
         @groups.resolve_aliases(@groups.target_aliases, @groups.target_names)
         collect_groups
       end

data/lib/bolt/outputter/human.rb

@@ -37,21 +37,7 @@ module Bolt
       end
 
       def handle_event(event)
-        return unless enabled? || event[:type] == :enable_default_output
-
         case event[:type]
-        when :node_start
-          print_start(event[:target]) if @verbose
-        when :node_result
-          print_result(event[:result]) if @verbose
-        when :step_start
-          print_step_start(event) if plan_logging?
-        when :step_finish
-          print_step_finish(event) if plan_logging?
-        when :plan_start
-          print_plan_start(event)
-        when :plan_finish
-          print_plan_finish(event)
         when :enable_default_output
           @disable_depth -= 1
         when :disable_default_output
@@ -59,6 +45,23 @@ module Bolt
         when :message
           print_message_event(event)
         end
+
+        if enabled?
+          case event[:type]
+          when :node_start
+            print_start(event[:target]) if @verbose
+          when :node_result
+            print_result(event[:result]) if @verbose
+          when :step_start
+            print_step_start(event) if plan_logging?
+          when :step_finish
+            print_step_finish(event) if plan_logging?
+          when :plan_start
+            print_plan_start(event)
+          when :plan_finish
+            print_plan_finish(event)
+          end
+        end
       end
 
       def enabled?

data/lib/bolt/plugin/pkcs7.rb

@@ -7,7 +7,7 @@ module Bolt
   class Plugin
     class Pkcs7 < Bolt::Secret::Base
       def self.validate_config(config)
-        known_keys = ['private-key', 'public-key', 'keysize']
+        known_keys = %w[private-key public-key keysize]
         known_keys.each do |key|
           unless key.is_a? String
             raise Bolt::ValidationError, "Invalid config for pkcs7 plugin: '#{key}' is not a String"

data/lib/bolt/plugin/prompt.rb

@@ -14,14 +14,14 @@ module Bolt
       end
 
       def hooks
-        ['inventory_config_lookup']
+        ['inventory_config']
       end
 
-      def validate_inventory_config_lookup(opts)
+      def validate_inventory_config(opts)
         raise Bolt::ValidationError, "Prompt requires a 'message'" unless opts['message']
       end
 
-      def inventory_config_lookup(opts)
+      def inventory_config(opts)
         STDOUT.print "#{opts['message']}:"
         value = STDIN.noecho(&:gets).chomp
         STDOUT.puts

data/lib/bolt/plugin/puppetdb.rb

@@ -23,7 +23,7 @@ module Bolt
       end
 
       def hooks
-        ['lookup_targets']
+        ['inventory_targets']
       end
 
       def warn_missing_fact(certname, fact)
@@ -41,7 +41,7 @@ module Bolt
         end
       end
 
-      def lookup_targets(opts)
+      def inventory_targets(opts)
         targets = @puppetdb_client.query_certnames(opts['query'])
         facts = []
 

data/lib/bolt/plugin/terraform.rb

@@ -14,14 +14,14 @@ module Bolt
       end
 
       def hooks
-        ['lookup_targets']
+        ['inventory_targets']
       end
 
       def warn_missing_property(name, property)
         @logger.warn("Could not find property #{property} of terraform resource #{name}")
       end
 
-      def lookup_targets(opts)
+      def inventory_targets(opts)
         state = load_statefile(opts)
 
         resources = extract_resources(state)

data/lib/bolt/secret/base.rb

@@ -4,7 +4,7 @@ module Bolt
   class Secret
     class Base
       def hooks
-        %w[inventory_config_lookup encrypt decrypt create_keys]
+        %w[inventory_config secret_encrypt secret_decrypt secret_createkeys]
       end
 
       def encode(raw)
@@ -31,9 +31,9 @@ module Bolt
         raw, _plugin = decode(opts['encrypted-value'])
         decrypt_value(raw)
       end
-      alias inventory_config_lookup secret_decrypt
+      alias inventory_config secret_decrypt
 
-      def validate_inventory_config_lookup(opts)
+      def validate_inventory_config(opts)
         decode(opts['encrypted-value'])
       end
     end

data/lib/bolt/util.rb

@@ -134,8 +134,8 @@ module Bolt
       # Accepts a Data object and returns a copy with all hash and array values
       # Arrays and hashes including the initial object are modified before
       # their descendants are.
-      def walk_vals(data, &block)
-        data = yield(data)
+      def walk_vals(data, skip_top = false, &block)
+        data = yield(data) unless skip_top
         if data.is_a? Hash
           map_vals(data) { |v| walk_vals(v, &block) }
         elsif data.is_a? Array

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '1.24.0'
+  VERSION = '1.25.0'
 end

data/lib/bolt_server/base_config.rb

@@ -6,31 +6,31 @@ require 'bolt/error'
 module BoltServer
   class BaseConfig
     def config_keys
-      ['host', 'port', 'ssl-cert', 'ssl-key', 'ssl-ca-cert',
-       'ssl-cipher-suites', 'loglevel', 'logfile', 'whitelist']
+      %w[host port ssl-cert ssl-key ssl-ca-cert
+         ssl-cipher-suites loglevel logfile whitelist]
     end
 
     def env_keys
-      ['ssl-cert', 'ssl-key', 'ssl-ca-cert', 'loglevel']
+      %w[ssl-cert ssl-key ssl-ca-cert loglevel]
     end
 
     def defaults
       { 'host' => '127.0.0.1',
         'loglevel' => 'notice',
-        'ssl-cipher-suites' => ['ECDHE-ECDSA-AES256-GCM-SHA384',
-                                'ECDHE-RSA-AES256-GCM-SHA384',
-                                'ECDHE-ECDSA-CHACHA20-POLY1305',
-                                'ECDHE-RSA-CHACHA20-POLY1305',
-                                'ECDHE-ECDSA-AES128-GCM-SHA256',
-                                'ECDHE-RSA-AES128-GCM-SHA256',
-                                'ECDHE-ECDSA-AES256-SHA384',
-                                'ECDHE-RSA-AES256-SHA384',
-                                'ECDHE-ECDSA-AES128-SHA256',
-                                'ECDHE-RSA-AES128-SHA256'] }
+        'ssl-cipher-suites' => %w[ECDHE-ECDSA-AES256-GCM-SHA384
+                                  ECDHE-RSA-AES256-GCM-SHA384
+                                  ECDHE-ECDSA-CHACHA20-POLY1305
+                                  ECDHE-RSA-CHACHA20-POLY1305
+                                  ECDHE-ECDSA-AES128-GCM-SHA256
+                                  ECDHE-RSA-AES128-GCM-SHA256
+                                  ECDHE-ECDSA-AES256-SHA384
+                                  ECDHE-RSA-AES256-SHA384
+                                  ECDHE-ECDSA-AES128-SHA256
+                                  ECDHE-RSA-AES128-SHA256] }
     end
 
     def ssl_keys
-      ['ssl-cert', 'ssl-key', 'ssl-ca-cert']
+      %w[ssl-cert ssl-key ssl-ca-cert]
     end
 
     def required_keys

data/lib/bolt_server/schemas/action-run_task.json

@@ -0,0 +1,16 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema#",
+  "title": "run_task request",
+  "description": "POST <transport>/run_task request schema",
+  "type": "object",
+  "properties": {
+    "task": { "$ref": "partial:task" },
+    "parameters": {
+      "type": "object",
+      "description": "JSON formatted parameters to be provided to task"
+    },
+    "target": { "$ref": "partial:target-any" }
+  },
+  "required": ["target", "task"],
+  "additionalProperties": false
+}

data/lib/bolt_server/schemas/partials/target-any.json

@@ -0,0 +1,10 @@
+{
+  "id": "partial:target-any",
+  "$schema": "http://json-schema.org/draft-04/schema",
+  "title": "Target information about where to run a bolt action, either over SSH or WinRM",
+  "type": "object",
+  "anyOf": [
+    { "$ref": "partial:target-ssh" },
+    { "$ref": "partial:target-winrm" }
+  ]
+}

data/lib/bolt_server/schemas/partials/target-ssh.json

@@ -0,0 +1,80 @@
+{
+  "id": "partial:target-ssh",
+  "$schema": "http://json-schema.org/draft-04/schema",
+  "title": "Target information about where to run a bolt action over SSH",
+  "type": "object",
+  "properties": {
+    "hostname": {
+      "type": "string",
+      "description": "Target identifier"
+    },
+    "user": {
+      "type": "string",
+      "description": "Login user"
+    },
+    "password": {
+      "type": "string",
+      "description": "Password for SSH transport authentication"
+    },
+    "private-key-content": {
+      "type": "string",
+      "description": "Contents of private key for SSH"
+    },
+    "port": {
+      "type": "integer",
+      "description": "Connection port"
+    },
+    "connect-timeout": {
+      "type": "integer",
+      "description": "How long Bolt should wait when establishing connections"
+    },
+    "run-as-command": {
+      "type": "array",
+      "description": "Command elevate permissions",
+      "items": {
+        "type": "string"
+      }
+    },
+    "run-as": {
+      "type": "string",
+      "description": "A different user to run commands as after login"
+    },
+    "tmpdir": {
+      "type": "string",
+      "description": "The directory to upload and execute temporary files on the target"
+    },
+    "tty": {
+      "type": "boolean",
+      "description": "Should bolt use pseudo tty to meet sudoer restrictions"
+    },
+    "host-key-check": {
+      "type": "boolean",
+      "description": "Whether to perform host key validation when connecting over SSH"
+    },
+    "sudo-password": {
+      "type": "string",
+      "description": "Password to use when changing users via run-as"
+    },
+    "interpreters": {
+      "type": "object",
+      "description": "Map of file extensions to remote executable"
+    }
+  },
+  "oneOf": [
+    {
+      "required": [
+        "password"
+      ]
+    },
+    {
+      "required": [
+        "private-key-content"
+      ]
+    }
+  ],
+  "required": [
+    "hostname",
+    "user"
+  ],
+  "additionalProperties": false
+}

data/lib/bolt_server/schemas/partials/target-winrm.json

@@ -0,0 +1,63 @@
+{
+  "id": "partial:target-winrm",
+  "$schema": "http://json-schema.org/draft-04/schema",
+  "title": "Target information about where to run a bolt action over WinRM",
+  "type": "object",
+  "properties": {
+    "hostname": {
+      "type": "string",
+      "description": "Target identifier"
+    },
+    "user": {
+      "type": "string",
+      "description": "Login user"
+    },
+    "password": {
+      "type": "string",
+      "description": "Password for WinRM transport authentication"
+    },
+    "port": {
+      "type": "integer",
+      "description": "Connection port"
+    },
+    "connect-timeout": {
+      "type": "integer",
+      "description": "How long Bolt should wait when establishing connections"
+    },
+    "tmpdir": {
+      "type": "string",
+      "description": "The directory to upload and execute temporary files on the target"
+    },
+    "ssl": {
+      "type": "boolean",
+      "description": "When true, Bolt will use https connections for WinRM"
+    },
+    "ssl-verify": {
+      "type": "boolean",
+      "description": "When true, verifies the targets certificate matches the cacert"
+    },
+    "cacert": {
+      "type": "string",
+      "description": "The path to the CA certificate"
+    },
+    "extensions": {
+      "type": "array",
+      "description": "List of file extensions that are accepted for scripts or tasks"
+    },
+    "interpreters": {
+      "type": "object",
+      "description": "Map of file extensions to remote executable"
+    },
+    "file-protocol": {
+      "type": "string",
+      "enum": ["winrm", "smb"],
+      "description": "Protocol for file transfer, WinRM or SMB"
+    },
+    "smb-port": {
+      "type": "integer",
+      "description": "Port for SMB protocol"
+    }
+  },
+  "required": ["hostname", "user", "password"],
+  "additionalProperties": false
+}

data/lib/bolt_server/schemas/{task.json → partials/task.json}

@@ -1,5 +1,5 @@
 {
-  "id": "file:task",
+  "id": "partial:task",
   "$schema": "http://json-schema.org/draft-04/schema#",
   "title": "Task",
   "description": "Task schema for bolt-server",

data/lib/bolt_server/schemas/transport-ssh.json

@@ -0,0 +1,10 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema",
+  "title": "Action request with SSH transport",
+  "description": "POST /ssh/<action> request schema",
+  "type": "object",
+  "properties": {
+    "target": { "$ref": "partial:target-ssh" }
+  },
+  "required": ["target"]
+}

data/lib/bolt_server/schemas/transport-winrm.json

@@ -0,0 +1,10 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema",
+  "title": "Action request with WinRM transport",
+  "description": "POST /winrm/<action> request schema",
+  "type": "object",
+  "properties": {
+    "target": { "$ref": "partial:target-winrm" }
+  },
+  "required": ["target"]
+}

data/lib/bolt_server/transport_app.rb

@@ -15,15 +15,23 @@ module BoltServer
     # This disables Sinatra's error page generation
     set :show_exceptions, false
 
+    # These partial schemas are reused to build multiple request schemas
+    PARTIAL_SCHEMAS = %w[target-any target-ssh target-winrm task].freeze
+
+    # These schemas combine shared schemas to describe client requests
+    REQUEST_SCHEMAS = %w[action-run_task transport-ssh transport-winrm].freeze
+
     def initialize(config)
       @config = config
-      @schemas = {
-        "ssh-run_task" => JSON.parse(File.read(File.join(__dir__, 'schemas', 'ssh-run_task.json'))),
-        "winrm-run_task" => JSON.parse(File.read(File.join(__dir__, 'schemas', 'winrm-run_task.json')))
-      }
-      shared_schema = JSON::Schema.new(JSON.parse(File.read(File.join(__dir__, 'schemas', 'task.json'))),
-                                       Addressable::URI.parse("file:task"))
-      JSON::Validator.add_schema(shared_schema)
+      @schemas = Hash[REQUEST_SCHEMAS.map do |basename|
+        [basename, JSON.parse(File.read(File.join(__dir__, ['schemas', "#{basename}.json"])))]
+      end]
+
+      PARTIAL_SCHEMAS.each do |basename|
+        schema_content = JSON.parse(File.read(File.join(__dir__, ['schemas', 'partials', "#{basename}.json"])))
+        shared_schema = JSON::Schema.new(schema_content, Addressable::URI.parse("partial:#{basename}"))
+        JSON::Validator.add_schema(shared_schema)
+      end
 
       @executor = Bolt::Executor.new(0)
 
@@ -48,6 +56,19 @@ module BoltServer
       end
     end
 
+    def run_task(target, body)
+      error = validate_schema(@schemas["action-run_task"], body)
+      return [400, error.to_json] unless error.nil?
+
+      task = Bolt::Task::PuppetServer.new(body['task'], @file_cache)
+      parameters = body['parameters'] || {}
+      results = @executor.run_task(target, task, parameters)
+
+      # Since this will only be on one node we can just return the first result
+      result = scrub_stack_trace(results.first.status_hash)
+      [200, result.to_json]
+    end
+
     get '/' do
       200
     end
@@ -67,14 +88,18 @@ module BoltServer
       raise 'Unexpected error'
     end
 
-    post '/ssh/run_task' do
-      content_type :json
+    ACTIONS = %w[run_task].freeze
 
+    post '/ssh/:action' do
+      not_found unless ACTIONS.include?(params[:action])
+
+      content_type :json
       body = JSON.parse(request.body.read)
-      error = validate_schema(@schemas["ssh-run_task"], body)
+
+      error = validate_schema(@schemas["transport-ssh"], body)
       return [400, error.to_json] unless error.nil?
 
-      opts = body['target']
+      opts = body['target'].clone
       if opts['private-key-content']
         opts['private-key'] = { 'key-data' => opts['private-key-content'] }
         opts.delete('private-key-content')
@@ -83,35 +108,23 @@ module BoltServer
 
       target = [Bolt::Target.new(body['target']['hostname'], opts)]
 
-      task = Bolt::Task::PuppetServer.new(body['task'], @file_cache)
-
-      parameters = body['parameters'] || {}
-
-      # Since this will only be on one node we can just return the first result
-      results = @executor.run_task(target, task, parameters)
-      result = scrub_stack_trace(results.first.status_hash)
-      [200, result.to_json]
+      method(params[:action]).call(target, body)
     end
 
-    post '/winrm/run_task' do
-      content_type :json
+    post '/winrm/:action' do
+      not_found unless ACTIONS.include?(params[:action])
 
+      content_type :json
       body = JSON.parse(request.body.read)
-      error = validate_schema(@schemas["winrm-run_task"], body)
+
+      error = validate_schema(@schemas["transport-winrm"], body)
       return [400, error.to_json] unless error.nil?
 
-      opts = body['target'].merge('protocol' => 'winrm')
+      opts = body['target'].clone.merge('protocol' => 'winrm')
 
       target = [Bolt::Target.new(body['target']['hostname'], opts)]
 
-      task = Bolt::Task::PuppetServer.new(body['task'], @file_cache)
-
-      parameters = body['parameters'] || {}
-
-      # Since this will only be on one node we can just return the first result
-      results = @executor.run_task(target, task, parameters)
-      result = scrub_stack_trace(results.first.status_hash)
-      [200, result.to_json]
+      method(params[:action]).call(target, body)
     end
 
     error 404 do

data/lib/bolt_spec/plans/action_stubs/script_stub.rb

@@ -31,7 +31,7 @@ module BoltSpec
       end
 
       def parameters
-        @invocation[:arguments] + @invocation[:options] if @invocation.include[:arguments]
+        @invocation[:params]
       end
 
       def result_for(target, stdout: '', stderr: '')
@@ -41,6 +41,7 @@ module BoltSpec
       # Public methods
 
       def with_params(params)
+        @invocation[:params] = params
         @invocation[:arguments] = params['arguments']
         @invocation[:options] = params.select { |k, _v| k.start_with?('_') }
         self

data/lib/bolt_spec/plans/action_stubs/task_stub.rb

@@ -30,7 +30,7 @@ module BoltSpec
       end
 
       def parameters
-        @invocation[:arguments] + @invocation[:options] if @invocation.include?(:arguments)
+        @invocation[:params]
       end
 
       # Allow any data.
@@ -43,6 +43,7 @@ module BoltSpec
       # Restricts the stub to only match invocations with certain parameters.
       # All parameters must match exactly.
       def with_params(params)
+        @invocation[:params] = params
         @invocation[:arguments] = params.reject { |k, _v| k.start_with?('_') }
         @invocation[:options] = params.select { |k, _v| k.start_with?('_') }
         self

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 1.24.0
+  version: 1.25.0
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-06-21 00:00:00.000000000 Z
+date: 2019-06-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -430,9 +430,13 @@ files:
 - lib/bolt_server/base_config.rb
 - lib/bolt_server/config.rb
 - lib/bolt_server/file_cache.rb
-- lib/bolt_server/schemas/ssh-run_task.json
-- lib/bolt_server/schemas/task.json
-- lib/bolt_server/schemas/winrm-run_task.json
+- lib/bolt_server/schemas/action-run_task.json
+- lib/bolt_server/schemas/partials/target-any.json
+- lib/bolt_server/schemas/partials/target-ssh.json
+- lib/bolt_server/schemas/partials/target-winrm.json
+- lib/bolt_server/schemas/partials/task.json
+- lib/bolt_server/schemas/transport-ssh.json
+- lib/bolt_server/schemas/transport-winrm.json
 - lib/bolt_server/transport_app.rb
 - lib/bolt_spec/plans.rb
 - lib/bolt_spec/plans/action_stubs.rb

data/lib/bolt_server/schemas/ssh-run_task.json

@@ -1,79 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-04/schema#",
-  "title": "SSH run_task request",
-  "description": "POST ssh/run_task request schema",
-  "type": "object",
-  "properties": {
-    "target": {
-      "type": "object",
-      "description": "Target information to run task on",
-      "properties": {
-        "hostname": {
-          "type": "string",
-          "description": "Target identifier"
-        },
-        "user": {
-          "type": "string",
-          "description": "Login user"
-        },
-        "password": {
-          "type": "string",
-          "description": "Password for SSH transport authentication"
-        },
-        "private-key-content": {
-          "type": "string",
-          "description": "Contents of private key for SSH"
-        },
-        "port": {
-          "type": "integer",
-          "description": "Connection port"
-        },
-        "connect-timeout": {
-          "type": "integer",
-          "description": "How long Bolt should wait when establishing connections"
-        },
-        "run-as-command": {
-          "type": "array",
-          "description": "Command elevate permissions",
-          "items": { "type": "string" }
-        },
-        "run-as": {
-          "type": "string",
-          "description": "A different user to run commands as after login"
-        },
-        "tmpdir": {
-          "type": "string",
-          "description": "The directory to upload and execute temporary files on the target"
-        },
-        "tty": {
-          "type": "boolean",
-          "description": "Should bolt use pseudo tty to meet sudoer restrictions"
-        },
-        "host-key-check": {
-          "type": "boolean",
-          "description": "Whether to perform host key validation when connecting over SSH"
-        },
-        "sudo-password": {
-          "type": "string",
-          "description": "Password to use when changing users via run-as"
-        },
-        "interpreters": {
-          "type": "object",
-          "description": "Map of file extensions to remote executable"
-        }
-      },
-      "oneOf": [
-        { "required": ["password"] },
-        { "required": ["private-key-content"] }
-      ],
-      "required": ["hostname", "user"],
-      "additionalProperties": false
-    },
-    "task": { "$ref": "file:task"},
-    "parameters": {
-      "type": "object",
-      "description": "JSON formatted parameters to be provided to task"
-    }
-  },
-  "required": ["target", "task"]
-}

data/lib/bolt_server/schemas/winrm-run_task.json

@@ -1,76 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-04/schema#",
-  "title": "WinRm run_task request",
-  "description": "POST winrm/run_task request schema",
-  "type": "object",
-  "properties": {
-    "target": {
-      "type": "object",
-      "description": "Target information to run task on",
-      "properties": {
-        "hostname": {
-          "type": "string",
-          "description": "Target identifier"
-        },
-        "user": {
-          "type": "string",
-          "description": "Login user"
-        },
-        "password": {
-          "type": "string",
-          "description": "Password for SSH transport authentication"
-        },
-        "port": {
-          "type": "integer",
-          "description": "Connection port"
-        },
-        "connect-timeout": {
-          "type": "integer",
-          "description": "How long Bolt should wait when establishing connections"
-        },
-        "tmpdir": {
-          "type": "string",
-          "description": "The directory to upload and execute temporary files on the target"
-        },
-        "ssl": {
-          "type": "boolean",
-          "description": "When true, Bolt will use https connections for WinRM"
-        },
-        "ssl-verify": {
-          "type": "boolean",
-          "description": "When true, verifies the targets certificate matches the cacert"
-        },
-        "cacert": {
-          "type": "string",
-          "description": "The path to the CA certificate"
-        },
-        "extensions": {
-          "type": "array",
-          "description": "List of file extensions that are accepted for scripts or tasks"
-        },
-        "interpreters": {
-          "type": "object",
-          "description": "Map of file extensions to remote executable"
-        },
-        "file-protocol": {
-          "type": "string",
-          "enum": ["winrm", "smb"],
-          "description": "Protocol for file transfer, WinRM or SMB"
-        },
-        "smb-port": {
-          "type": "integer",
-          "description": "Port for SMB protocol"
-        }
-      },
-
-      "required": ["hostname", "user", "password"],
-      "additionalProperties": false
-    },
-    "task": { "$ref": "file:task"},
-    "parameters": {
-      "type": "object",
-      "description": "JSON formatted parameters to be provided to task"
-    }  
-  },
-  "required": ["target", "task"]
-}