bolt 2.18.0 → 2.23.0

data/lib/bolt_server/pe/pal.rb

@@ -58,7 +58,7 @@ module BoltServer
           # Bolt::PAL::MODULES_PATH which would be more complex if we tried to use @modulepath since
           # we need to append our modulepaths and exclude modules shiped in bolt gem code
           modulepath_dirs = environment.modulepath
-          @original_modulepath = modulepath_dirs
+          @user_modulepath = modulepath_dirs
           @modulepath = [PE_BOLTLIB_PATH, Bolt::PAL::BOLTLIB_PATH, *modulepath_dirs]
         end
       end

data/lib/bolt_server/transport_app.rb

@@ -151,13 +151,14 @@ module BoltServer
         sha256 = file['sha256']
         kind = file['kind']
         path = File.join(cache_dir, relative_path)
-        if kind == 'file'
+        case kind
+        when 'file'
           # The parent should already be created by `directory` entries,
           # but this is to be on the safe side.
           parent = File.dirname(path)
           FileUtils.mkdir_p(parent)
           @file_cache.serial_execute { @file_cache.download_file(path, sha256, uri) }
-        elsif kind == 'directory'
+        when 'directory'
           # Create directory in cache so we can move files in.
           FileUtils.mkdir_p(path)
         else

data/lib/bolt_spec/bolt_context.rb

@@ -41,6 +41,7 @@ require 'bolt/plugin'
 # - allow_command(cmd), expect_command(cmd): expect the exact command
 # - allow_script(script), expect_script(script): expect the script as <module>/path/to/file
 # - allow_task(task), expect_task(task): expect the named task
+# - allow_download(file), expect_download(file): expect the identified source file
 # - allow_upload(file), expect_upload(file): expect the identified source file
 # - allow_out_message, expect_out_message: expect a message to be passed to out::message (only modifiers are
 #   be_called_times(n), with_params(params), and not_be_called)
@@ -52,19 +53,22 @@ require 'bolt/plugin'
 # - with_targets(targets): target or list of targets that you expect to be passed to the action
 # - with_params(params): list of params and metaparams (or options) that you expect to be passed to the action.
 #                        Corresponds to the action's last argument.
-# - with_destination(dest): for upload_file, the expected destination path
+# - with_destination(dest): for upload_file and download_file, the expected destination path
 # - always_return(value): return a Bolt::ResultSet of Bolt::Result objects with the specified value Hash
 #                         command and script: only accept 'stdout' and 'stderr' keys
 #                         upload: does not support this modifier
+#                         download: does not support this modifier
 # - return_for_targets(targets_to_values): return a Bolt::ResultSet of Bolt::Result objects from the Hash mapping
 #                                          targets to their value Hashes
 #                                          command and script: only accept 'stdout' and 'stderr' keys
 #                                          upload: does not support this modifier
+#                                          download: does not support this modifier
 # - return(&block): invoke the block to construct a Bolt::ResultSet. The blocks parameters differ based on action
 #                   command: `{ |targets:, command:, params:| ... }`
 #                   script: `{ |targets:, script:, params:| ... }`
 #                   task: `{ |targets:, task:, params:| ... }`
 #                   upload: `{ |targets:, source:, destination:, params:| ... }`
+#                   download: `{ |targets:, source:, destination:, params:| ... }`
 # - error_with(err): return a failing Bolt::ResultSet, with Bolt::Result objects with the identified err hash
 #
 # Example:
@@ -190,8 +194,9 @@ module BoltSpec
     # so it probably should be set separately
     # def allow_script(script_name)
     #
-    # file uploads have a single destination and no arguments
+    # file uploads and downloads have a single destination and no arguments
     # def allow_file_upload(source_name)
+    # def allow_file_download(source_name)
     #
     # Most of the information in commands is in the command string itself
     # we may need more flexible allows than just the name/command string

data/lib/bolt_spec/plans.rb

@@ -80,6 +80,7 @@ require 'bolt/pal'
 # - allow_plan(plan), expect_plan(plan): expect the named plan
 # - allow_script(script), expect_script(script): expect the script as <module>/path/to/file
 # - allow_task(task), expect_task(task): expect the named task
+# - allow_download(file), expect_download(file): expect the identified source file
 # - allow_upload(file), expect_upload(file): expect the identified source file
 # - allow_apply_prep: allows `apply_prep` to be invoked in the plan but does not allow modifiers
 # - allow_apply: allows `apply` to be invoked in the plan but does not allow modifiers
@@ -94,15 +95,17 @@ require 'bolt/pal'
 #                          plan: does not support this modifier
 # - with_params(params): list of params and metaparams (or options) that you expect to be passed to the action.
 #                        Corresponds to the action's last argument.
-# - with_destination(dest): for upload_file, the expected destination path
+# - with_destination(dest): for upload_file and download_file, the expected destination path
 # - always_return(value): return a Bolt::ResultSet of Bolt::Result objects with the specified value Hash
 #                         plan: returns a Bolt::PlanResult with the specified value with a status of 'success'
 #                         command and script: only accept 'stdout' and 'stderr' keys
 #                         upload: does not support this modifier
+#                         download: does not support this modifier
 # - return_for_targets(targets_to_values): return a Bolt::ResultSet of Bolt::Result objects from the Hash mapping
 #                                          targets to their value Hashes
 #                                          command and script: only accept 'stdout' and 'stderr' keys
 #                                          upload: does not support this modifier
+#                                          download: does not support this modifier
 #                                          plan: does not support this modifier
 # - return(&block): invoke the block to construct a Bolt::ResultSet. The blocks parameters differ based on action
 #                   command: `{ |targets:, command:, params:| ... }`
@@ -110,6 +113,7 @@ require 'bolt/pal'
 #                   script: `{ |targets:, script:, params:| ... }`
 #                   task: `{ |targets:, task:, params:| ... }`
 #                   upload: `{ |targets:, source:, destination:, params:| ... }`
+#                   download: `{ |targets:, source:, destination:, params:| ... }`
 # - error_with(err): return a failing Bolt::ResultSet, with Bolt::Result objects with the identified err hash
 #                    plans will throw a Bolt::PlanFailure that will be returned as the value of
 #                    the Bolt::PlanResult object with a status of 'failure'.
@@ -219,7 +223,16 @@ module BoltSpec
     end
 
     def run_plan(name, params)
-      pal = Bolt::PAL.new(config.modulepath, config.hiera_config, config.project.resource_types)
+      pal = Bolt::PAL.new(
+        config.modulepath,
+        config.hiera_config,
+        config.project.resource_types,
+        config.compile_concurrency,
+        config.trusted_external,
+        config.apply_settings,
+        config.project
+      )
+
       result = executor.with_plan_allowed_exec(name, params) do
         pal.run_plan(name, params, executor, inventory, puppetdb_client)
       end

data/lib/bolt_spec/plans/action_stubs.rb

@@ -118,7 +118,7 @@ module BoltSpec
       # Restricts the stub to only match invocations with
       # the correct targets
       def with_targets(targets)
-        targets = [targets] unless targets.is_a? Array
+        targets = Array(targets)
         @invocation[:targets] = targets.map do |target|
           if target.is_a? String
             target
@@ -177,7 +177,7 @@ module BoltSpec
         if data['msg'] && data['kind'] && (data.keys - %w[msg kind details issue_code]).empty?
           @data[:default] = clazz.new(data['msg'], data['kind'], data['details'], data['issue_code'])
         else
-          STDERR.puts "In the future 'error_with()' may require msg and kind, and " \
+          $stderr.puts "In the future 'error_with()' may require msg and kind, and " \
                       "optionally accept only details and issue_code."
           @data[:default] = data
         end
@@ -193,3 +193,4 @@ require_relative 'action_stubs/plan_stub'
 require_relative 'action_stubs/script_stub'
 require_relative 'action_stubs/task_stub'
 require_relative 'action_stubs/upload_stub'
+require_relative 'action_stubs/download_stub'

data/lib/bolt_spec/plans/action_stubs/download_stub.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+module BoltSpec
+  module Plans
+    class DownloadStub < ActionStub
+      def matches(targets, _source, destination, options)
+        if @invocation[:targets] && Set.new(@invocation[:targets]) != Set.new(targets.map(&:name))
+          return false
+        end
+
+        if @invocation[:destination] && destination != @invocation[:destination]
+          return false
+        end
+
+        if @invocation[:options] && options != @invocation[:options]
+          return false
+        end
+
+        true
+      end
+
+      def call(targets, source, destination, options)
+        @calls += 1
+        if @return_block
+          results = @return_block.call(targets: targets, source: source, destination: destination, params: options)
+          check_resultset(results, source)
+        else
+          results = targets.map do |target|
+            if @data[:default].is_a?(Bolt::Error)
+              default_for(target)
+            else
+              download = File.join(destination, Bolt::Util.windows_basename(source))
+              Bolt::Result.for_download(target, source, destination, download)
+            end
+          end
+          Bolt::ResultSet.new(results)
+        end
+      end
+
+      def parameters
+        @invocation[:options]
+      end
+
+      def result_for(_target, _data)
+        raise 'Download result cannot be changed'
+      end
+
+      # Public methods
+
+      def always_return(_data)
+        raise 'Download result cannot be changed'
+      end
+
+      def with_destination(destination)
+        @invocation[:destination] = destination
+        self
+      end
+
+      def with_params(params)
+        @invocation[:options] = params.select { |k, _v| k.start_with?('_') }
+                                      .transform_keys { |k| k.sub(/^_/, '').to_sym }
+        self
+      end
+    end
+  end
+end

data/lib/bolt_spec/plans/mock_executor.rb

@@ -11,7 +11,7 @@ require 'set'
 
 module BoltSpec
   module Plans
-    MOCKED_ACTIONS = %i[command plan script task upload].freeze
+    MOCKED_ACTIONS = %i[command download plan script task upload].freeze
 
     class UnexpectedInvocation < ArgumentError; end
 
@@ -90,6 +90,19 @@ module BoltSpec
         result
       end
 
+      def download_file(targets, source, destination, options = {})
+        result = nil
+        if (doub = @download_doubles[source] || @download_doubles[:default])
+          result = doub.process(targets, source, destination, options)
+        end
+        unless result
+          targets = targets.map(&:name)
+          @error_message = "Unexpected call to 'download_file(#{source}, #{destination}, #{targets}, #{options})'"
+          raise UnexpectedInvocation, @error_message
+        end
+        result
+      end
+
       def upload_file(targets, source_path, destination, options = {})
         source = module_file_id(source_path)
         result = nil

data/lib/bolt_spec/run.rb

@@ -80,6 +80,22 @@ module BoltSpec
       Bolt::Util.walk_keys(result, &:to_s)
     end
 
+    def download_file(source, dest, targets, options: {}, config: nil, inventory: nil)
+      if config.nil? && defined?(bolt_config)
+        config = bolt_config
+      end
+
+      if inventory.nil? && defined?(bolt_inventory)
+        inventory = bolt_inventory
+      end
+
+      result = BoltRunner.with_runner(config, inventory) do |runner|
+        runner.download_file(source, dest, targets, options)
+      end
+      result = result.to_a
+      Bolt::Util.walk_keys(result, &:to_s)
+    end
+
     def upload_file(source, dest, targets, options: {}, config: nil, inventory: nil)
       if config.nil? && defined?(bolt_config)
         config = bolt_config
@@ -194,6 +210,12 @@ module BoltSpec
         executor.run_script(targets, script, arguments, options)
       end
 
+      def download_file(source, dest, targets, options = {})
+        executor = Bolt::Executor.new(config.concurrency, @analytics)
+        targets = inventory.get_targets(targets)
+        executor.download_file(targets, source, dest, options)
+      end
+
       def upload_file(source, dest, targets, options = {})
         executor = Bolt::Executor.new(config.concurrency, @analytics)
         targets = inventory.get_targets(targets)

data/libexec/apply_catalog.rb

@@ -9,7 +9,7 @@ require 'puppet/module_tool/tar'
 require 'securerandom'
 require 'tempfile'
 
-args = JSON.parse(ARGV[0] ? File.read(ARGV[0]) : STDIN.read)
+args = JSON.parse(ARGV[0] ? File.read(ARGV[0]) : $stdin.read)
 
 # Create temporary directories for all core Puppet settings so we don't clobber
 # existing state or read from puppet.conf. Also create a temporary modulepath.
@@ -110,7 +110,7 @@ ensure
   begin
     FileUtils.remove_dir(puppet_root)
   rescue Errno::ENOTEMPTY => e
-    STDERR.puts("Could not cleanup temporary directory: #{e}")
+    $stderr.puts("Could not cleanup temporary directory: #{e}")
   end
 end
 

data/libexec/bolt_catalog

@@ -32,14 +32,15 @@ require 'json'
 # }
 
 command = ARGV[0]
-if command == "parse"
+case command
+when "parse"
   code = File.open(ARGV[1], &:read)
   puts JSON.pretty_generate(Bolt::Catalog.new.generate_ast(code, ARGV[1]))
-elsif command == "compile"
+when "compile"
   request = if ARGV[1]
               File.open(ARGV[1]) { |fh| JSON.parse(fh.read) }
             else
-              JSON.parse(STDIN.read)
+              JSON.parse($stdin.read)
             end
   begin
     catalog = Bolt::Catalog.new.compile_catalog(request)

data/libexec/custom_facts.rb

@@ -6,7 +6,7 @@ require 'puppet'
 require 'puppet/module_tool/tar'
 require 'tempfile'
 
-args = JSON.parse(STDIN.read)
+args = JSON.parse($stdin.read)
 
 Dir.mktmpdir do |puppet_root|
   # Create temporary directories for all core Puppet settings so we don't clobber

data/libexec/query_resources.rb

@@ -6,7 +6,7 @@ require 'puppet'
 require 'puppet/module_tool/tar'
 require 'tempfile'
 
-args = JSON.parse(STDIN.read)
+args = JSON.parse($stdin.read)
 
 RESOURCE_INSTANCE = /^([^\[]+)\[([^\]]+)\]$/.freeze
 

data/modules/secure_env_vars/plans/init.pp

@@ -0,0 +1,20 @@
+plan secure_env_vars(
+  TargetSpec $targets,
+  Optional[String] $command = undef,
+  Optional[String] $script = undef
+) {
+  $env_vars = parsejson(system::env('BOLT_ENV_VARS'))
+  unless type($command) == Undef or type($script) == Undef {
+      fail_plan('Cannot specify both script and command for secure_env_vars')
+  }
+
+  return if $command {
+           run_command($command, $targets, '_env_vars' => $env_vars)
+         }
+         elsif $script {
+           run_script($script, $targets, '_env_vars' => $env_vars)
+         }
+         else {
+           fail_plan('Must specify either script or command for secure_env_vars')
+         }
+}

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 2.18.0
+  version: 2.23.0
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-07-13 00:00:00.000000000 Z
+date: 2020-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -398,6 +398,7 @@ files:
 - bolt-modules/boltlib/lib/puppet/functions/add_to_group.rb
 - bolt-modules/boltlib/lib/puppet/functions/apply_prep.rb
 - bolt-modules/boltlib/lib/puppet/functions/catch_errors.rb
+- bolt-modules/boltlib/lib/puppet/functions/download_file.rb
 - bolt-modules/boltlib/lib/puppet/functions/facts.rb
 - bolt-modules/boltlib/lib/puppet/functions/fail_plan.rb
 - bolt-modules/boltlib/lib/puppet/functions/get_resources.rb
@@ -426,6 +427,7 @@ files:
 - bolt-modules/boltlib/types/targetspec.pp
 - bolt-modules/ctrl/lib/puppet/functions/ctrl/do_until.rb
 - bolt-modules/ctrl/lib/puppet/functions/ctrl/sleep.rb
+- bolt-modules/dir/lib/puppet/functions/dir/children.rb
 - bolt-modules/file/lib/puppet/functions/file/exists.rb
 - bolt-modules/file/lib/puppet/functions/file/join.rb
 - bolt-modules/file/lib/puppet/functions/file/read.rb
@@ -479,7 +481,9 @@ files:
 - lib/bolt/pal/yaml_plan/parameter.rb
 - lib/bolt/pal/yaml_plan/step.rb
 - lib/bolt/pal/yaml_plan/step/command.rb
+- lib/bolt/pal/yaml_plan/step/download.rb
 - lib/bolt/pal/yaml_plan/step/eval.rb
+- lib/bolt/pal/yaml_plan/step/message.rb
 - lib/bolt/pal/yaml_plan/step/plan.rb
 - lib/bolt/pal/yaml_plan/step/resources.rb
 - lib/bolt/pal/yaml_plan/step/script.rb
@@ -550,6 +554,7 @@ files:
 - lib/bolt_spec/plans.rb
 - lib/bolt_spec/plans/action_stubs.rb
 - lib/bolt_spec/plans/action_stubs/command_stub.rb
+- lib/bolt_spec/plans/action_stubs/download_stub.rb
 - lib/bolt_spec/plans/action_stubs/plan_stub.rb
 - lib/bolt_spec/plans/action_stubs/script_stub.rb
 - lib/bolt_spec/plans/action_stubs/task_stub.rb
@@ -573,6 +578,7 @@ files:
 - modules/canary/lib/puppet/functions/canary/skip.rb
 - modules/canary/plans/init.pp
 - modules/puppetdb_fact/plans/init.pp
+- modules/secure_env_vars/plans/init.pp
 homepage: https://github.com/puppetlabs/bolt
 licenses:
 - Apache-2.0