bolt 2.26.0 → 2.31.0

data/lib/bolt/puppetfile.rb

@@ -0,0 +1,149 @@
+# frozen_string_literal: true
+
+require 'bolt/error'
+require 'bolt/puppetfile/module'
+
+# This class manages the logical contents of a Puppetfile. It includes methods
+# for parsing a Puppetfile and its modules, resolving module dependencies,
+# and writing a Puppetfile.
+#
+module Bolt
+  class Puppetfile
+    attr_reader :modules
+
+    def initialize(modules = [])
+      @modules = Set.new
+      add_modules(modules)
+    end
+
+    # Loads a Puppetfile and parses its module specifications, returning a
+    # Bolt::Puppetfile object with the modules set.
+    #
+    def self.parse(path, skip_unsupported_modules: false)
+      require 'puppetfile-resolver'
+      require 'puppetfile-resolver/puppetfile/parser/r10k_eval'
+
+      begin
+        parsed = ::PuppetfileResolver::Puppetfile::Parser::R10KEval.parse(File.read(path))
+      rescue StandardError => e
+        raise Bolt::Error.new(
+          "Unable to parse Puppetfile #{path}: #{e.message}",
+          'bolt/puppetfile-parsing'
+        )
+      end
+
+      unless parsed.valid?
+        # valid? Just checks if validation_errors is empty, so if we get here we know it's not.
+        raise Bolt::ValidationError, <<~MSG
+        Unable to parse Puppetfile #{path}:
+        #{parsed.validation_errors.join("\n\n")}.
+        This may not be a Puppetfile managed by Bolt.
+        MSG
+      end
+
+      modules = parsed.modules.each_with_object([]) do |mod, acc|
+        unless mod.instance_of? PuppetfileResolver::Puppetfile::ForgeModule
+          next if skip_unsupported_modules
+
+          raise Bolt::ValidationError,
+                "Module '#{mod.title}' is not a Puppet Forge module. Unable to "\
+                "parse Puppetfile #{path}."
+        end
+
+        acc << Bolt::Puppetfile::Module.new(mod.owner, mod.name, mod.version)
+      end
+
+      new(modules)
+    end
+
+    # Writes a Puppetfile that includes specifications for each of the
+    # modules.
+    #
+    def write(path, moduledir = nil)
+      File.open(path, 'w') do |file|
+        if moduledir
+          file.puts "# This Puppetfile is managed by Bolt. Do not edit."
+          file.puts "# For more information, see https://pup.pt/bolt-modules"
+          file.puts
+          file.puts "# The following directive installs modules to the managed moduledir."
+          file.puts "moduledir '#{moduledir.basename}'"
+          file.puts
+        end
+
+        modules.each { |mod| file.puts mod.to_spec }
+      end
+    rescue SystemCallError => e
+      raise Bolt::FileError.new(
+        "#{e.message}: unable to write Puppetfile.",
+        path
+      )
+    end
+
+    # Resolves module dependencies using the puppetfile-resolver library. The
+    # resolver will return a document model including all module dependencies
+    # and the latest version that can be installed for each. The document model
+    # is parsed and turned into a Set of Bolt::Puppetfile::Module objects.
+    #
+    def resolve
+      require 'puppetfile-resolver'
+
+      # Build the document model from the modules.
+      model = PuppetfileResolver::Puppetfile::Document.new('')
+
+      @modules.each do |mod|
+        model.add_module(
+          PuppetfileResolver::Puppetfile::ForgeModule.new(mod.title).tap do |tap|
+            tap.version = mod.version || :latest
+          end
+        )
+      end
+
+      # Make sure the Puppetfile model is valid.
+      unless model.valid?
+        raise Bolt::ValidationError,
+              "Unable to resolve dependencies for modules: #{@modules.map(&:title).join(', ')}"
+      end
+
+      # Create the resolver using the Puppetfile model. nil disables Puppet
+      # version restrictions.
+      resolver = PuppetfileResolver::Resolver.new(model, nil)
+
+      # Configure and resolve the dependency graph, catching any errors
+      # raised by puppetfile-resolver and re-raising them as Bolt errors.
+      begin
+        result = resolver.resolve(
+          cache:                 nil,
+          ui:                    nil,
+          module_paths:          [],
+          allow_missing_modules: false
+        )
+      rescue StandardError => e
+        raise Bolt::Error.new(e.message, 'bolt/puppetfile-resolver-error')
+      end
+
+      # Turn specifications into module objects. This will skip over anything that is not
+      # a module specification (i.e. a Puppet version specification).
+      @modules = result.specifications.each_with_object(Set.new) do |(_name, spec), acc|
+        next unless spec.instance_of? PuppetfileResolver::Models::ModuleSpecification
+        acc << Bolt::Puppetfile::Module.new(spec.owner, spec.name, spec.version.to_s)
+      end
+    end
+
+    # Adds to the set of modules.
+    #
+    def add_modules(modules)
+      Array(modules).each do |mod|
+        case mod
+        when Bolt::Puppetfile::Module
+          @modules << mod
+        when Hash
+          @modules << Bolt::Puppetfile::Module.from_hash(mod)
+        else
+          raise Bolt::ValidationError, "Module must be a Bolt::Puppetfile::Module or Hash."
+        end
+      end
+
+      @modules
+    end
+  end
+end

data/lib/bolt/puppetfile/installer.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'r10k/cli'
+require 'bolt/r10k_log_proxy'
+require 'bolt/error'
+
+# This class is used to install modules from a Puppetfile to a module directory.
+#
+module Bolt
+  class Puppetfile
+    class Installer
+      def initialize(config = {})
+        @config = config
+      end
+
+      def install(path, moduledir)
+        unless File.exist?(path)
+          raise Bolt::FileError.new(
+            "Could not find a Puppetfile at #{path}",
+            path
+          )
+        end
+
+        r10k_opts = {
+          root:       File.dirname(path),
+          puppetfile: path.to_s,
+          moduledir:  moduledir.to_s
+        }
+
+        settings = R10K::Settings.global_settings.evaluate(@config)
+        R10K::Initializers::GlobalInitializer.new(settings).call
+        install_action = R10K::Action::Puppetfile::Install.new(r10k_opts, nil)
+
+        # Override the r10k logger with a proxy to our own logger
+        R10K::Logging.instance_variable_set(:@outputter, Bolt::R10KLogProxy.new)
+
+        install_action.call
+      rescue R10K::Error => e
+        raise PuppetfileError, e
+      end
+    end
+  end
+end

data/lib/bolt/puppetfile/module.rb

@@ -0,0 +1,93 @@
+# frozen_string_literal: true
+
+require 'bolt/error'
+
+# This class represents a module specification. It used by the Bolt::Puppetfile
+# class to have a consistent API for accessing a module's attributes.
+#
+module Bolt
+  class Puppetfile
+    class Module
+      attr_reader :owner, :name, :version
+
+      def initialize(owner, name, version = nil)
+        @owner   = owner
+        @name    = name
+
+        if version.is_a?(String)
+          @version = version[0] == '=' ? version[1..-1] : version
+        end
+      end
+
+      # Creates a new module from a hash.
+      #
+      def self.from_hash(mod)
+        unless mod['name'].is_a?(String)
+          raise Bolt::ValidationError,
+                "Module name must be a String, not #{mod['name'].inspect}"
+        end
+
+        owner, name = mod['name'].tr('/', '-').split('-', 2)
+
+        unless owner && name
+          raise Bolt::ValidationError, "Module name #{mod['name']} must include both the owner and module name."
+        end
+
+        new(owner, name, mod['version_requirement'])
+      end
+
+      # Returns the module's title.
+      #
+      def title
+        "#{@owner}-#{@name}"
+      end
+      alias to_s title
+
+      # Checks two modules for equality.
+      #
+      def eql?(other)
+        self.class == other.class &&
+          @owner == other.owner &&
+          @name == other.name &&
+          versions_intersect?(other)
+      end
+      alias == eql?
+
+      # Returns true if the versions of two modules intersect. Used to determine
+      # if an installed module satisfies the version requirement of another.
+      #
+      def versions_intersect?(other)
+        range       = ::SemanticPuppet::VersionRange.parse(@version || '')
+        other_range = ::SemanticPuppet::VersionRange.parse(other.version || '')
+
+        range.intersection(other_range) != ::SemanticPuppet::VersionRange::EMPTY_RANGE
+      end
+
+      # Hashes the module.
+      #
+      def hash
+        [@owner, @name].hash
+      end
+
+      # Returns a hash representation similar to the module
+      # declaration.
+      #
+      def to_hash
+        {
+          'name'                => title,
+          'version_requirement' => version
+        }.compact
+      end
+
+      # Returns the Puppetfile specification for the module.
+      #
+      def to_spec
+        if @version
+          "mod #{title.inspect}, #{@version.inspect}"
+        else
+          "mod #{title.inspect}"
+        end
+      end
+    end
+  end
+end

data/lib/bolt/rerun.rb

@@ -53,7 +53,7 @@ module Bolt
         end
       end
     rescue StandardError => e
-      @logger.warn("Failed to save result to #{@path}: #{e.message}")
+      Bolt::Logger.warn_once('unwriteable_file', "Failed to save result to #{@path}: #{e.message}")
     end
   end
 end

data/lib/bolt/result.rb

@@ -66,9 +66,24 @@ module Bolt
                             'details' => { 'exit_code' => exit_code } }
       end
 
+      if value.key?('_error')
+        unless value['_error'].is_a?(Hash) && value['_error'].key?('msg')
+          value['_error'] = {
+            'msg'     => "Invalid error returned from task #{task}: #{value['_error'].inspect}. Error "\
+                         "must be an object with a msg key.",
+            'kind'    => 'bolt/invalid-task-error',
+            'details' => { 'original_error' => value['_error'] }
+          }
+        end
+
+        value['_error']['kind']    ||= 'bolt/error'
+        value['_error']['details'] ||= {}
+      end
+
       if value.key?('_sensitive')
         value['_sensitive'] = Puppet::Pops::Types::PSensitiveType::Sensitive.new(value['_sensitive'])
       end
+
       new(target, value: value, action: 'task', object: task)
     end
 

data/lib/bolt/shell/bash.rb

@@ -143,7 +143,7 @@ module Bolt
 
             execute_options[:stdin] = stdin
             execute_options[:sudoable] = true if run_as
-            output = execute(remote_task_path, execute_options)
+            output = execute(remote_task_path, **execute_options)
           end
           Bolt::Result.for_task(target, output.stdout.string,
                                 output.stderr.string,
@@ -202,13 +202,14 @@ module Bolt
       end
 
       def handle_sudo_errors(err)
-        if err =~ /^#{conn.user} is not in the sudoers file\./
+        case err
+        when /^#{conn.user} is not in the sudoers file\./
           @logger.trace { err }
           raise Bolt::Node::EscalateError.new(
             "User #{conn.user} does not have sudo permission on #{target}",
             'SUDO_DENIED'
           )
-        elsif err =~ /^Sorry, try again\./
+        when /^Sorry, try again\./
           @logger.trace { err }
           raise Bolt::Node::EscalateError.new(
             "Sudo password for user #{conn.user} not recognized on #{target}",

data/lib/bolt/transport/base.rb

@@ -47,10 +47,10 @@ module Bolt
         callback&.call(type: :node_start, target: target)
 
         result = begin
-                   yield
-                 rescue StandardError, NotImplementedError => e
-                   Bolt::Result.from_exception(target, e, action: action)
-                 end
+          yield
+        rescue StandardError, NotImplementedError => e
+          Bolt::Result.from_exception(target, e, action: action)
+        end
 
         callback&.call(type: :node_result, result: result)
         result

data/lib/bolt/transport/ssh/connection.rb

@@ -30,7 +30,7 @@ module Bolt
           @transport_logger = transport_logger
           @logger.trace("Initializing ssh connection to #{@target.safe_name}")
 
-          if target.options['private-key']&.instance_of?(String)
+          if target.options['private-key'].instance_of?(String)
             begin
               Bolt::Util.validate_file('ssh key', target.options['private-key'])
             rescue Bolt::FileError => e

data/lib/bolt/util.rb

@@ -3,6 +3,25 @@
 module Bolt
   module Util
     class << self
+      # Gets input for an argument.
+      def get_arg_input(value)
+        if value.start_with?('@')
+          file = value.sub(/^@/, '')
+          read_arg_file(file)
+        elsif value == '-'
+          $stdin.read
+        else
+          value
+        end
+      end
+
+      # Reads a file passed as an argument to a command.
+      def read_arg_file(file)
+        File.read(File.expand_path(file))
+      rescue StandardError => e
+        raise Bolt::FileError.new("Error attempting to read #{file}: #{e}", file)
+      end
+
       def read_yaml_hash(path, file_name)
         require 'yaml'
 
@@ -179,16 +198,16 @@ module Bolt
           # object was frozen
           frozen = obj.frozen?
           cl = begin
-                 obj.clone(freeze: false)
-                 # Some datatypes, such as FalseClass, can't be unfrozen. These
-                 # aren't the types we recurse on, so we can leave them frozen
-               rescue ArgumentError => e
-                 if e.message =~ /can't unfreeze/
-                   obj.clone
-                 else
-                   raise e
-                 end
-               end
+            obj.clone(freeze: false)
+          # Some datatypes, such as FalseClass, can't be unfrozen. These
+          # aren't the types we recurse on, so we can leave them frozen
+          rescue ArgumentError => e
+            if e.message =~ /can't unfreeze/
+              obj.clone
+            else
+              raise e
+            end
+          end
         rescue *error_types
           cloned[obj.object_id] = obj
           obj
@@ -280,6 +299,28 @@ module Bolt
         raise Bolt::ValidationError, "path must be a String, received #{path.class} #{path}" unless path.is_a?(String)
         path.split(%r{[/\\]}).last
       end
+
+      # Prompts yes or no, returning true for yes and false for no.
+      #
+      def prompt_yes_no(prompt, outputter)
+        choices = {
+          'y'   => true,
+          'yes' => true,
+          'n'   => false,
+          'no'  => false
+        }
+
+        loop do
+          outputter.print_prompt("#{prompt} ([y]es/[n]o) ")
+          response = $stdin.gets.to_s.downcase.chomp
+
+          if choices.key?(response)
+            return choices[response]
+          else
+            outputter.print_prompt_error("Invalid response, must pick [y]es or [n]o")
+          end
+        end
+      end
     end
   end
 end