bolt 2.23.0 → 2.27.0

data/lib/bolt/puppetdb/client.rb

@@ -13,7 +13,7 @@ module Bolt
         @config = config
         @bad_urls = []
         @current_url = nil
-        @logger = Logging.logger[self]
+        @logger = Bolt::Logger.logger(self)
       end
 
       def query_certnames(query)

data/lib/bolt/puppetdb/config.rb

@@ -35,7 +35,7 @@ module Bolt
         begin
           config = JSON.parse(File.read(filepath)) if filepath
         rescue StandardError => e
-          Logging.logger[self].error("Could not load puppetdb.conf from #{filepath}: #{e.message}")
+          Bolt::Logger.logger(self).error("Could not load puppetdb.conf from #{filepath}: #{e.message}")
         end
 
         config = config.fetch('puppetdb', {})

data/lib/bolt/puppetfile.rb

@@ -0,0 +1,160 @@
+# frozen_string_literal: true
+
+require 'bolt/error'
+require 'bolt/puppetfile/module'
+
+# This class manages the logical contents of a Puppetfile. It includes methods
+# for parsing a Puppetfile and its modules, resolving module dependencies,
+# and writing a Puppetfile.
+#
+module Bolt
+  class Puppetfile
+    attr_reader :modules
+
+    def initialize(modules = [])
+      @modules = Set.new
+      add_modules(modules)
+    end
+
+    # Loads a Puppetfile and parses its module specifications, returning a
+    # Bolt::Puppetfile object with the modules set.
+    #
+    def self.parse(path)
+      require 'puppetfile-resolver'
+      require 'puppetfile-resolver/puppetfile/parser/r10k_eval'
+
+      begin
+        parsed = ::PuppetfileResolver::Puppetfile::Parser::R10KEval.parse(File.read(path))
+      rescue StandardError => e
+        raise Bolt::Error.new(
+          "Unable to parse Puppetfile #{path}: #{e.message}",
+          'bolt/puppetfile-parsing'
+        )
+      end
+
+      unless parsed.valid?
+        raise Bolt::ValidationError,
+              "Unable to parse Puppetfile #{path}"
+      end
+
+      modules = parsed.modules.map do |mod|
+        Bolt::Puppetfile::Module.new(mod.owner, mod.name, mod.version)
+      end
+
+      new(modules)
+    end
+
+    # Writes a Puppetfile that includes specifications for each of the
+    # modules.
+    #
+    def write(path, force: false)
+      if File.exist?(path) && !force
+        raise Bolt::FileError.new(
+          "Cannot overwrite existing Puppetfile at #{path}. To forcibly overwrite, "\
+          "run with the '--force' option.",
+          path
+        )
+      end
+
+      File.open(path, 'w') do |file|
+        file.puts '# This Puppetfile is managed by Bolt. Do not edit.'
+        modules.each { |mod| file.puts mod.to_spec }
+        file.puts
+      end
+    rescue SystemCallError => e
+      raise Bolt::FileError.new(
+        "#{e.message}: unable to write Puppetfile.",
+        path
+      )
+    end
+
+    # Resolves module dependencies using the puppetfile-resolver library. The
+    # resolver will return a document model including all module dependencies
+    # and the latest version that can be installed for each. The document model
+    # is parsed and turned into a Set of Bolt::Puppetfile::Module objects.
+    #
+    def resolve
+      require 'puppetfile-resolver'
+
+      # Build the document model from the modules.
+      model = PuppetfileResolver::Puppetfile::Document.new('')
+
+      @modules.each do |mod|
+        model.add_module(
+          PuppetfileResolver::Puppetfile::ForgeModule.new(mod.title).tap do |tap|
+            tap.version = :latest
+          end
+        )
+      end
+
+      # Make sure the Puppetfile model is valid.
+      unless model.valid?
+        raise Bolt::ValidationError,
+              "Unable to resolve dependencies for modules: #{@modules.map(&:title).join(', ')}"
+      end
+
+      # Create the resolver using the Puppetfile model. nil disables Puppet
+      # version restrictions.
+      resolver = PuppetfileResolver::Resolver.new(model, nil)
+
+      # Configure and resolve the dependency graph, catching any errors
+      # raised by puppetfile-resolver and re-raising them as Bolt errors.
+      begin
+        result = resolver.resolve(
+          cache:                 nil,
+          ui:                    nil,
+          module_paths:          [],
+          allow_missing_modules: true
+        )
+      rescue StandardError => e
+        raise Bolt::Error.new(e.message, 'bolt/puppetfile-resolver-error')
+      end
+
+      # Validate that the modules exist.
+      missing_graph = result.specifications.select do |_name, spec|
+        spec.instance_of? PuppetfileResolver::Models::MissingModuleSpecification
+      end
+
+      if missing_graph.any?
+        titles = model.modules.each_with_object({}) do |mod, acc|
+          acc[mod.name] = mod.title
+        end
+
+        names = titles.values_at(*missing_graph.keys)
+        plural = names.count == 1 ? '' : 's'
+
+        raise Bolt::Error.new(
+          "Unknown module name#{plural} #{names.join(', ')}",
+          'bolt/unknown-modules'
+        )
+      end
+
+      # Filter the dependency graph to only include module specifications. This
+      # will only remove the Puppet version specification, which is not needed.
+      specs = result.specifications.select do |_name, spec|
+        spec.instance_of? PuppetfileResolver::Models::ModuleSpecification
+      end
+
+      @modules = specs.map do |_name, spec|
+        Bolt::Puppetfile::Module.new(spec.owner, spec.name, spec.version.to_s)
+      end.to_set
+    end
+
+    # Adds to the set of modules.
+    #
+    def add_modules(modules)
+      modules.each do |mod|
+        case mod
+        when Bolt::Puppetfile::Module
+          @modules << mod
+        when Hash
+          @modules << Bolt::Puppetfile::Module.from_hash(mod)
+        else
+          raise Bolt::ValidationError, "Module must be a Bolt::Puppetfile::Module or Hash."
+        end
+      end
+
+      @modules
+    end
+  end
+end

data/lib/bolt/puppetfile/installer.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'r10k/cli'
+require 'bolt/r10k_log_proxy'
+require 'bolt/error'
+
+# This class is used to install modules from a Puppetfile to a module directory.
+#
+module Bolt
+  class Puppetfile
+    class Installer
+      def initialize(config = {})
+        @config = config
+      end
+
+      def install(path, moduledir)
+        unless File.exist?(path)
+          raise Bolt::FileError.new(
+            "Could not find a Puppetfile at #{path}",
+            path
+          )
+        end
+
+        r10k_opts = {
+          root:       File.dirname(path),
+          puppetfile: path.to_s,
+          moduledir:  moduledir.to_s
+        }
+
+        settings = R10K::Settings.global_settings.evaluate(@config)
+        R10K::Initializers::GlobalInitializer.new(settings).call
+        install_action = R10K::Action::Puppetfile::Install.new(r10k_opts, nil)
+
+        # Override the r10k logger with a proxy to our own logger
+        R10K::Logging.instance_variable_set(:@outputter, Bolt::R10KLogProxy.new)
+
+        install_action.call
+      rescue R10K::Error => e
+        raise PuppetfileError, e
+      end
+    end
+  end
+end

data/lib/bolt/puppetfile/module.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require 'bolt/error'
+
+# This class represents a module specification. It used by the Bolt::Puppetfile
+# class to have a consistent API for accessing a module's attributes.
+#
+module Bolt
+  class Puppetfile
+    class Module
+      attr_reader :owner, :name, :version
+
+      def initialize(owner, name, version = nil)
+        @owner   = owner
+        @name    = name
+        @version = version
+      end
+
+      # Creates a new module from a hash.
+      #
+      def self.from_hash(mod)
+        unless mod['name'].is_a?(String)
+          raise Bolt::ValidationError,
+                "Module name must be a String, not #{mod['name'].inspect}"
+        end
+
+        owner, name = mod['name'].tr('/', '-').split('-', 2)
+
+        unless owner && name
+          raise Bolt::ValidationError, "Module name #{mod['name']} must include both the owner and module name."
+        end
+
+        new(owner, name)
+      end
+
+      # Returns the module's title.
+      #
+      def title
+        "#{@owner}-#{@name}"
+      end
+
+      # Checks two modules for equality.
+      #
+      def eql?(other)
+        self.class == other.class && @owner == other.owner && @name == other.name
+      end
+      alias == eql?
+
+      # Hashes the module.
+      #
+      def hash
+        [@owner, @name].hash
+      end
+
+      # Returns the Puppetfile specification for the module.
+      #
+      def to_spec
+        if @version
+          "mod #{title.inspect}, #{@version.inspect}"
+        else
+          "mod #{title.inspect}"
+        end
+      end
+    end
+  end
+end

data/lib/bolt/r10k_log_proxy.rb

@@ -7,7 +7,7 @@ module Bolt
     def initialize
       super('bolt')
 
-      @logger = Logging.logger[self]
+      @logger = Bolt::Logger.logger(self)
     end
 
     def canonical_log(event)

data/lib/bolt/rerun.rb

@@ -8,7 +8,7 @@ module Bolt
     def initialize(path, save_failures)
       @path = path
       @save_failures = save_failures
-      @logger = Logging.logger[self]
+      @logger = Bolt::Logger.logger(self)
     end
 
     def data
@@ -53,7 +53,7 @@ module Bolt
         end
       end
     rescue StandardError => e
-      @logger.warn("Failed to save result to #{@path}: #{e.message}")
+      Bolt::Logger.warn_once('unwriteable_file', "Failed to save result to #{@path}: #{e.message}")
     end
   end
 end

data/lib/bolt/result.rb

@@ -65,6 +65,25 @@ module Bolt
                             'msg' => msg,
                             'details' => { 'exit_code' => exit_code } }
       end
+
+      if value.key?('_error')
+        unless value['_error'].is_a?(Hash) && value['_error'].key?('msg')
+          value['_error'] = {
+            'msg'     => "Invalid error returned from task #{task}: #{value['_error'].inspect}. Error "\
+                         "must be an object with a msg key.",
+            'kind'    => 'bolt/invalid-task-error',
+            'details' => { 'original_error' => value['_error'] }
+          }
+        end
+
+        value['_error']['kind']    ||= 'bolt/error'
+        value['_error']['details'] ||= {}
+      end
+
+      if value.key?('_sensitive')
+        value['_sensitive'] = Puppet::Pops::Types::PSensitiveType::Sensitive.new(value['_sensitive'])
+      end
+
       new(target, value: value, action: 'task', object: task)
     end
 
@@ -205,5 +224,9 @@ module Bolt
 
       end
     end
+
+    def sensitive
+      value['_sensitive']
+    end
   end
 end

data/lib/bolt/shell.rb

@@ -7,7 +7,7 @@ module Bolt
     def initialize(target, conn)
       @target = target
       @conn = conn
-      @logger = Logging.logger[@target.safe_name]
+      @logger = Bolt::Logger.logger(@target.safe_name)
     end
 
     def run_command(*_args)

data/lib/bolt/shell/bash.rb

@@ -103,7 +103,7 @@ module Bolt
                                 " using '#{execute_options[:interpreter]}' interpreter"
                               end
           # log the arguments with sensitive data redacted, do NOT log unwrapped_arguments
-          logger.debug("Running '#{executable}' with #{arguments.to_json}#{interpreter_debug}")
+          logger.trace("Running '#{executable}' with #{arguments.to_json}#{interpreter_debug}")
           # unpack any Sensitive data
           arguments = unwrap_sensitive_args(arguments)
 
@@ -203,13 +203,13 @@ module Bolt
 
       def handle_sudo_errors(err)
         if err =~ /^#{conn.user} is not in the sudoers file\./
-          @logger.debug { err }
+          @logger.trace { err }
           raise Bolt::Node::EscalateError.new(
             "User #{conn.user} does not have sudo permission on #{target}",
             'SUDO_DENIED'
           )
         elsif err =~ /^Sorry, try again\./
-          @logger.debug { err }
+          @logger.trace { err }
           raise Bolt::Node::EscalateError.new(
             "Sudo password for user #{conn.user} not recognized on #{target}",
             'BAD_PASSWORD'
@@ -351,7 +351,7 @@ module Bolt
 
         command_str = [sudo_str, env_decl, command_str].compact.join(' ')
 
-        @logger.debug { "Executing: #{command_str}" }
+        @logger.trace { "Executing `#{command_str}`" }
 
         in_buffer = if !use_sudo && options[:stdin]
                       String.new(options[:stdin], encoding: 'binary')
@@ -431,16 +431,16 @@ module Bolt
         result_output.exit_code = t.value.respond_to?(:exitstatus) ? t.value.exitstatus : t.value
 
         if result_output.exit_code == 0
-          @logger.debug { "Command returned successfully" }
+          @logger.trace { "Command `#{command_str}` returned successfully" }
         else
-          @logger.info { "Command failed with exit code #{result_output.exit_code}" }
+          @logger.trace { "Command #{command_str} failed with exit code #{result_output.exit_code}" }
         end
         result_output
       rescue StandardError
         # Ensure we close stdin and kill the child process
         inp&.close
         t&.terminate if t&.alive?
-        @logger.debug { "Command aborted" }
+        @logger.trace { "Command aborted" }
         raise
       end
 

data/lib/bolt/task.rb

@@ -26,7 +26,7 @@ module Bolt
       @metadata = metadata
       @files = files
       @remote = remote
-      @logger = Logging.logger[self]
+      @logger = Bolt::Logger.logger(self)
 
       validate_metadata
     end

data/lib/bolt/transport/base.rb

@@ -40,7 +40,7 @@ module Bolt
       attr_reader :logger
 
       def initialize
-        @logger = Logging.logger[self]
+        @logger = Bolt::Logger.logger(self)
       end
 
       def with_events(target, callback, action)

data/lib/bolt/transport/docker/connection.rb

@@ -10,9 +10,9 @@ module Bolt
         def initialize(target)
           raise Bolt::ValidationError, "Target #{target.safe_name} does not have a host" unless target.host
           @target = target
-          @logger = Logging.logger[target.safe_name]
+          @logger = Bolt::Logger.logger(target.safe_name)
           @docker_host = @target.options['service-url']
-          @logger.debug("Initializing docker connection to #{@target.safe_name}")
+          @logger.trace("Initializing docker connection to #{@target.safe_name}")
         end
 
         def connect
@@ -25,7 +25,7 @@ module Bolt
           output = execute_local_docker_json_command('inspect', [output[index]["ID"]])
           # Store the container information for later
           @container_info = output[0]
-          @logger.debug { "Opened session" }
+          @logger.trace { "Opened session" }
           true
         rescue StandardError => e
           raise Bolt::Node::ConnectError.new(
@@ -57,16 +57,16 @@ module Bolt
           command_options << container_id
           command_options.concat(command)
 
-          @logger.debug { "Executing: exec #{command_options}" }
+          @logger.trace { "Executing: exec #{command_options}" }
 
           stdout_str, stderr_str, status = execute_local_docker_command('exec', command_options, options[:stdin])
 
           # The actual result is the exitstatus not the process object
           status = status.nil? ? -32768 : status.exitstatus
           if status == 0
-            @logger.debug { "Command returned successfully" }
+            @logger.trace { "Command returned successfully" }
           else
-            @logger.info { "Command failed with exit code #{status}" }
+            @logger.trace { "Command failed with exit code #{status}" }
           end
           stdout_str.force_encoding(Encoding::UTF_8)
           stderr_str.force_encoding(Encoding::UTF_8)
@@ -75,12 +75,12 @@ module Bolt
           stderr_str.gsub!("\r\n", "\n")
           [stdout_str, stderr_str, status]
         rescue StandardError
-          @logger.debug { "Command aborted" }
+          @logger.trace { "Command aborted" }
           raise
         end
 
         def write_remote_file(source, destination)
-          @logger.debug { "Uploading #{source}, to #{destination}" }
+          @logger.trace { "Uploading #{source} to #{destination}" }
           _, stdout_str, status = execute_local_docker_command('cp', [source, "#{container_id}:#{destination}"])
           unless status.exitstatus.zero?
             raise "Error writing file to container #{@container_id}: #{stdout_str}"
@@ -90,7 +90,7 @@ module Bolt
         end
 
         def write_remote_directory(source, destination)
-          @logger.debug { "Uploading #{source}, to #{destination}" }
+          @logger.trace { "Uploading #{source} to #{destination}" }
           _, stdout_str, status = execute_local_docker_command('cp', [source, "#{container_id}:#{destination}"])
           unless status.exitstatus.zero?
             raise "Error writing directory to container #{@container_id}: #{stdout_str}"
@@ -100,7 +100,7 @@ module Bolt
         end
 
         def download_remote_content(source, destination)
-          @logger.debug { "Downloading #{source} to #{destination}" }
+          @logger.trace { "Downloading #{source} to #{destination}" }
           # Create the destination directory, otherwise copying a source directory with Docker will
           # copy the *contents* of the directory.
           # https://docs.docker.com/engine/reference/commandline/cp/