bolt 2.25.0 → 2.30.0

data/lib/bolt/transport/ssh/exec_connection.rb

@@ -14,7 +14,7 @@ module Bolt
           @target = target
           ssh_config = Net::SSH::Config.for(target.host)
           @user = @target.user || ssh_config[:user] || Etc.getlogin
-          @logger = Logging.logger[self]
+          @logger = Bolt::Logger.logger(self)
         end
 
         # This is used to verify we can connect to targets with `connected?`

data/lib/bolt/transport/winrm.rb

@@ -11,7 +11,7 @@ module Bolt
         require 'winrm'
         require 'winrm-fs'
 
-        @transport_logger = Logging.logger[::WinRM]
+        @transport_logger = Bolt::Logger.logger(::WinRM)
         @transport_logger.level = :warn
       end
 

data/lib/bolt/transport/winrm/connection.rb

@@ -18,7 +18,7 @@ module Bolt
           @user = @target.user
           # Build set of extensions from extensions config as well as interpreters
 
-          @logger = Logging.logger[@target.safe_name]
+          @logger = Bolt::Logger.logger(@target.safe_name)
           logger.trace("Initializing winrm connection to #{@target.safe_name}")
           @transport_logger = transport_logger
         end

data/lib/bolt/util.rb

@@ -3,10 +3,29 @@
 module Bolt
   module Util
     class << self
+      # Gets input for an argument.
+      def get_arg_input(value)
+        if value.start_with?('@')
+          file = value.sub(/^@/, '')
+          read_arg_file(file)
+        elsif value == '-'
+          $stdin.read
+        else
+          value
+        end
+      end
+
+      # Reads a file passed as an argument to a command.
+      def read_arg_file(file)
+        File.read(File.expand_path(file))
+      rescue StandardError => e
+        raise Bolt::FileError.new("Error attempting to read #{file}: #{e}", file)
+      end
+
       def read_yaml_hash(path, file_name)
         require 'yaml'
 
-        logger = Logging.logger[self]
+        logger = Bolt::Logger.logger(self)
         path = File.expand_path(path)
         content = File.open(path, "r:UTF-8") { |f| YAML.safe_load(f.read) } || {}
         unless content.is_a?(Hash)
@@ -179,16 +198,16 @@ module Bolt
           # object was frozen
           frozen = obj.frozen?
           cl = begin
-                 obj.clone(freeze: false)
-                 # Some datatypes, such as FalseClass, can't be unfrozen. These
-                 # aren't the types we recurse on, so we can leave them frozen
-               rescue ArgumentError => e
-                 if e.message =~ /can't unfreeze/
-                   obj.clone
-                 else
-                   raise e
-                 end
-               end
+            obj.clone(freeze: false)
+          # Some datatypes, such as FalseClass, can't be unfrozen. These
+          # aren't the types we recurse on, so we can leave them frozen
+          rescue ArgumentError => e
+            if e.message =~ /can't unfreeze/
+              obj.clone
+            else
+              raise e
+            end
+          end
         rescue *error_types
           cloned[obj.object_id] = obj
           obj
@@ -280,6 +299,28 @@ module Bolt
         raise Bolt::ValidationError, "path must be a String, received #{path.class} #{path}" unless path.is_a?(String)
         path.split(%r{[/\\]}).last
       end
+
+      # Prompts yes or no, returning true for yes and false for no.
+      #
+      def prompt_yes_no(prompt, outputter)
+        choices = {
+          'y'   => true,
+          'yes' => true,
+          'n'   => false,
+          'no'  => false
+        }
+
+        loop do
+          outputter.print_prompt("#{prompt} ([y]es/[n]o) ")
+          response = $stdin.gets.to_s.downcase.chomp
+
+          if choices.key?(response)
+            return choices[response]
+          else
+            outputter.print_prompt_error("Invalid response, must pick [y]es or [n]o")
+          end
+        end
+      end
     end
   end
 end

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '2.25.0'
+  VERSION = '2.30.0'
 end

data/lib/bolt_server/acl.rb

@@ -16,9 +16,9 @@ module BoltServer
       end
     end
 
-    def initialize(app, whitelist)
+    def initialize(app, allowlist)
       acls = []
-      whitelist.each do |entry|
+      allowlist.each do |entry|
         acls << {
           'resources' => [
             {

data/lib/bolt_server/base_config.rb

@@ -7,7 +7,7 @@ module BoltServer
   class BaseConfig
     def config_keys
       %w[host port ssl-cert ssl-key ssl-ca-cert
-         ssl-cipher-suites loglevel logfile whitelist]
+         ssl-cipher-suites loglevel logfile allowlist projects-dir]
     end
 
     def env_keys
@@ -98,8 +98,8 @@ module BoltServer
         raise Bolt::ValidationError, "Configured 'ssl-cipher-suites' must be an array of cipher suite names"
       end
 
-      unless @data['whitelist'].nil? || @data['whitelist'].is_a?(Array)
-        raise Bolt::ValidationError, "Configured 'whitelist' must be an array of names"
+      unless @data['allowlist'].nil? || @data['allowlist'].is_a?(Array)
+        raise Bolt::ValidationError, "Configured 'allowlist' must be an array of names"
       end
     end
 

data/lib/bolt_server/config.rb

@@ -7,7 +7,7 @@ require 'bolt/error'
 module BoltServer
   class Config < BoltServer::BaseConfig
     def config_keys
-      super + %w[concurrency cache-dir file-server-conn-timeout file-server-uri]
+      super + %w[concurrency cache-dir file-server-conn-timeout file-server-uri projects-dir]
     end
 
     def env_keys

data/lib/bolt_server/file_cache.rb

@@ -33,7 +33,7 @@ module BoltServer
       @executor = executor
       @cache_dir = config['cache-dir']
       @config = config
-      @logger = Logging.logger[self]
+      @logger = Bolt::Logger.logger(self)
       @cache_dir_mutex = cache_dir_mutex
 
       if do_purge
@@ -64,17 +64,17 @@ module BoltServer
 
     def client
       @client ||= begin
-                    uri = URI(@config['file-server-uri'])
-                    https = Net::HTTP.new(uri.host, uri.port)
-                    https.use_ssl = true
-                    https.ssl_version = :TLSv1_2
-                    https.ca_file = @config['ssl-ca-cert']
-                    https.cert = OpenSSL::X509::Certificate.new(ssl_cert)
-                    https.key = OpenSSL::PKey::RSA.new(ssl_key)
-                    https.verify_mode = OpenSSL::SSL::VERIFY_PEER
-                    https.open_timeout = @config['file-server-conn-timeout']
-                    https
-                  end
+        uri = URI(@config['file-server-uri'])
+        https = Net::HTTP.new(uri.host, uri.port)
+        https.use_ssl = true
+        https.ssl_version = :TLSv1_2
+        https.ca_file = @config['ssl-ca-cert']
+        https.cert = OpenSSL::X509::Certificate.new(ssl_cert)
+        https.key = OpenSSL::PKey::RSA.new(ssl_key)
+        https.verify_mode = OpenSSL::SSL::VERIFY_PEER
+        https.open_timeout = @config['file-server-conn-timeout']
+        https
+      end
     end
 
     def request_file(path, params, file)

data/lib/bolt_server/transport_app.rb

@@ -5,6 +5,7 @@ require 'addressable/uri'
 require 'bolt'
 require 'bolt/error'
 require 'bolt/inventory'
+require 'bolt/project'
 require 'bolt/target'
 require 'bolt_server/file_cache'
 require 'bolt/task/puppet_server'
@@ -191,20 +192,44 @@ module BoltServer
     end
 
     def in_pe_pal_env(environment)
-      if environment.nil?
-        [400, '`environment` is a required argument']
-      else
-        @pal_mutex.synchronize do
-          pal = BoltServer::PE::PAL.new({}, environment)
-          yield pal
-        rescue Puppet::Environments::EnvironmentNotFound
-          [400, {
-            "class" => 'bolt/unknown-environment',
-            "message" => "Environment #{environment} not found"
-          }.to_json]
-        rescue Bolt::Error => e
-          [400, e.to_json]
-        end
+      return [400, '`environment` is a required argument'] if environment.nil?
+      @pal_mutex.synchronize do
+        pal = BoltServer::PE::PAL.new({}, environment)
+        yield pal
+      rescue Puppet::Environments::EnvironmentNotFound
+        [400, {
+          "class" => 'bolt/unknown-environment',
+          "message" => "Environment #{environment} not found"
+        }.to_json]
+      rescue Bolt::Error => e
+        [400, e.to_json]
+      end
+    end
+
+    def in_bolt_project(bolt_project)
+      return [400, '`project_ref` is a required argument'] if bolt_project.nil?
+      project_dir = File.join(@config['projects-dir'], bolt_project)
+      return [400, "`project_ref`: #{project_dir} does not exist"] unless Dir.exist?(project_dir)
+      @pal_mutex.synchronize do
+        project = Bolt::Project.create_project(project_dir)
+        bolt_config = Bolt::Config.from_project(project, { log: { 'bolt-debug.log' => 'disable' } })
+        pal = Bolt::PAL.new(bolt_config.modulepath, nil, nil, nil, nil, nil, bolt_config.project)
+        module_path = [
+          BoltServer::PE::PAL::PE_BOLTLIB_PATH,
+          Bolt::PAL::BOLTLIB_PATH,
+          *bolt_config.modulepath,
+          Bolt::PAL::MODULES_PATH
+        ]
+        # CODEREVIEW: I *think* this is the only thing we need to make different between bolt's PAL. Is it acceptable
+        # to hack this? Modulepath is currently a readable attribute, could we make it writeable?
+        pal.instance_variable_set(:@modulepath, module_path)
+        context = {
+          pal: pal,
+          config: bolt_config
+        }
+        yield context
+      rescue Bolt::Error => e
+        [400, e.to_json]
       end
     end
 
@@ -221,14 +246,12 @@ module BoltServer
       plan_info
     end
 
-    def build_puppetserver_uri(file_identifier, module_name, environment)
+    def build_puppetserver_uri(file_identifier, module_name, parameters)
       segments = file_identifier.split('/', 3)
       if segments.size == 1
         {
           'path' => "/puppet/v3/file_content/tasks/#{module_name}/#{file_identifier}",
-          'params' => {
-            'environment' => environment
-          }
+          'params' => parameters
         }
       else
         module_segment, mount_segment, name_segment = *segments
@@ -241,14 +264,12 @@ module BoltServer
                     when 'lib'
                       "/puppet/v3/file_content/plugins/#{name_segment}"
                     end,
-          'params' => {
-            'environment' => environment
-          }
+          'params' => parameters
         }
       end
     end
 
-    def pe_task_info(pal, module_name, task_name, environment)
+    def pe_task_info(pal, module_name, task_name, parameters)
       # Handle case where task name is simply module name with special `init` task
       task_name = if task_name == 'init' || task_name.nil?
                     module_name
@@ -261,7 +282,7 @@ module BoltServer
           'filename' => file_hash['name'],
           'sha256' => Digest::SHA256.hexdigest(File.read(file_hash['path'])),
           'size_bytes' => File.size(file_hash['path']),
-          'uri' => build_puppetserver_uri(file_hash['name'], module_name, environment)
+          'uri' => build_puppetserver_uri(file_hash['name'], module_name, parameters)
         }
       end
       {
@@ -271,6 +292,21 @@ module BoltServer
       }
     end
 
+    def allowed_helper(metadata, allowlist)
+      allowed = allowlist.nil? || allowlist.include?(metadata['name']) ? true : false
+      metadata.merge({ 'allowed' => allowed })
+    end
+
+    def task_list(pal)
+      tasks = pal.list_tasks
+      tasks.map { |task_name, _description| { 'name' => task_name } }
+    end
+
+    def plan_list(pal)
+      plans = pal.list_plans.flatten
+      plans.map { |plan_name| { 'name' => plan_name } }
+    end
+
     get '/' do
       200
     end
@@ -401,12 +437,40 @@ module BoltServer
       end
     end
 
+    # Fetches the metadata for a single plan
+    #
+    # @param project_ref [String] the project to fetch the plan from
+    get '/project_plans/:module_name/:plan_name' do
+      in_bolt_project(params['project_ref']) do |context|
+        plan_info = pe_plan_info(context[:pal], params[:module_name], params[:plan_name])
+        plan_info = allowed_helper(plan_info, context[:config].project.plans)
+        [200, plan_info.to_json]
+      end
+    end
+
     # Fetches the metadata for a single task
     #
     # @param environment [String] the environment to fetch the task from
     get '/tasks/:module_name/:task_name' do
       in_pe_pal_env(params['environment']) do |pal|
-        task_info = pe_task_info(pal, params[:module_name], params[:task_name], params['environment'])
+        ps_parameters = {
+          'environment' => params['environment']
+        }
+        task_info = pe_task_info(pal, params[:module_name], params[:task_name], ps_parameters)
+        [200, task_info.to_json]
+      end
+    end
+
+    # Fetches the metadata for a single task
+    #
+    # @param bolt_project_ref [String] the reference to the bolt-project directory to load task metadata from
+    get '/project_tasks/:module_name/:task_name' do
+      in_bolt_project(params['project_ref']) do |context|
+        ps_parameters = {
+          'project' => params['project_ref']
+        }
+        task_info = pe_task_info(context[:pal], params[:module_name], params[:task_name], ps_parameters)
+        task_info = allowed_helper(task_info, context[:config].project.tasks)
         [200, task_info.to_json]
       end
     end
@@ -435,13 +499,30 @@ module BoltServer
       end
     end
 
+    # Fetches the list of plans for a project
+    #
+    # @param project_ref [String] the project to fetch the list of plans from
+    get '/project_plans' do
+      in_bolt_project(params['project_ref']) do |context|
+        plans_response = plan_list(context[:pal])
+
+        # Dig in context for the allowlist of plans from project object
+        plans_response.map! { |metadata| allowed_helper(metadata, context[:config].project.plans) }
+
+        # We structure this array of plans to be an array of hashes so that it matches the structure
+        # returned by the puppetserver API that serves data like this. Structuring the output this way
+        # makes switching between puppetserver and bolt-server easier, which makes changes to switch
+        # to bolt-server smaller/simpler.
+        [200, plans_response.to_json]
+      end
+    end
+
     # Fetches the list of tasks for an environment
     #
     # @param environment [String] the environment to fetch the list of tasks from
     get '/tasks' do
       in_pe_pal_env(params['environment']) do |pal|
-        tasks = pal.list_tasks
-        tasks_response = tasks.map { |task_name, _description| { 'name' => task_name } }.to_json
+        tasks_response = task_list(pal).to_json
 
         # We structure this array of tasks to be an array of hashes so that it matches the structure
         # returned by the puppetserver API that serves data like this. Structuring the output this way
@@ -451,6 +532,24 @@ module BoltServer
       end
     end
 
+    # Fetches the list of tasks for a bolt-project
+    #
+    # @param project_ref [String] the project to fetch the list of tasks from
+    get '/project_tasks' do
+      in_bolt_project(params['project_ref']) do |context|
+        tasks_response = task_list(context[:pal])
+
+        # Dig in context for the allowlist of tasks from project object
+        tasks_response.map! { |metadata| allowed_helper(metadata, context[:config].project.tasks) }
+
+        # We structure this array of tasks to be an array of hashes so that it matches the structure
+        # returned by the puppetserver API that serves data like this. Structuring the output this way
+        # makes switching between puppetserver and bolt-server easier, which makes changes to switch
+        # to bolt-server smaller/simpler.
+        [200, tasks_response.to_json]
+      end
+    end
+
     error 404 do
       err = Bolt::Error.new("Could not find route #{request.path}",
                             'boltserver/not-found')

data/lib/bolt_spec/bolt_context.rb

@@ -142,10 +142,10 @@ module BoltSpec
     # Override in your tests
     def config
       @config ||= begin
-                    conf = Bolt::Config.default
-                    conf.modulepath = [modulepath].flatten
-                    conf
-                  end
+        conf = Bolt::Config.default
+        conf.modulepath = [modulepath].flatten
+        conf
+      end
     end
 
     def plugins

data/lib/bolt_spec/plans/mock_executor.rb

@@ -40,7 +40,7 @@ module BoltSpec
 
       def module_file_id(file)
         modpath = @modulepath.select { |path| file =~ /^#{path}/ }
-        raise "Could not identify module path containing #{file}: #{modpath}" unless modpath.size == 1
+        raise "Could not identify modulepath containing #{file}: #{modpath}" unless modpath.size == 1
 
         path = Pathname.new(file)
         relative = path.relative_path_from(Pathname.new(modpath.first))