bolt 2.28.0 → 2.33.1

data/lib/bolt/project_migrate.rb

@@ -1,138 +0,0 @@
-# frozen_string_literal: true
-
-module Bolt
-  class ProjectMigrate
-    attr_reader :path, :project_file, :backup_dir, :outputter, :inventory_file, :config_file
-
-    # This init mostly makes testing easier
-    def initialize(path, outputter, configured_inventory = nil)
-      @path = Pathname.new(path).expand_path
-      @project_file = @path + 'bolt-project.yaml'
-      @config_file = @path + 'bolt.yaml'
-      @backup_dir = @path + '.bolt-bak'
-      @inventory_file = configured_inventory || @path + 'inventory.yaml'
-      @outputter = outputter
-    end
-
-    def migrate_project
-      inv_ok = inventory_1_to_2(inventory_file, outputter) if inventory_file.file?
-      config_ok = bolt_yaml_to_bolt_project(inventory_file, outputter)
-      inv_ok && config_ok ? 0 : 1
-    end
-
-    # This could be made public and used elsewhere if the need arises
-    private def backup_file(origin_path)
-      unless File.exist?(origin_path)
-        outputter.print_message "Could not find file #{origin_path}, skipping backup."
-        return
-      end
-
-      date = Time.new.strftime("%Y%m%d_%H%M%S%L")
-      FileUtils.mkdir_p(backup_dir)
-
-      filename = File.basename(origin_path)
-      backup_path = File.join(backup_dir, "#{filename}.#{date}.bak")
-
-      outputter.print_message "Backing up #{filename} from #{origin_path} to #{backup_path}"
-
-      begin
-        FileUtils.cp(origin_path, backup_path)
-      rescue StandardError => e
-        raise Bolt::FileError.new("#{e.message}; unable to create backup of #{filename}.", origin_path)
-      end
-    end
-
-    private def bolt_yaml_to_bolt_project(inventory_file, outputter)
-      # If bolt-project.yaml already exists
-      if project_file.file?
-        outputter.print_message "bolt-project.yaml already exists in Bolt "\
-          "project at #{path}. Skipping project file update."
-
-      # If bolt.yaml doesn't exist
-      elsif !config_file.file?
-        outputter.print_message "Could not find bolt.yaml in project at "\
-          "#{path}. Skipping project file update."
-
-      else
-        config_data = Bolt::Util.read_optional_yaml_hash(config_file, 'config')
-        transport_data, project_data = config_data.partition do |k, _|
-          Bolt::Config::INVENTORY_OPTIONS.keys.include?(k)
-        end.map(&:to_h)
-
-        if transport_data.any?
-          if File.exist?(inventory_file)
-            inventory_data = Bolt::Util.read_yaml_hash(inventory_file, 'inventory')
-            merged = Bolt::Util.deep_merge(transport_data, inventory_data['config'] || {})
-            inventory_data['config'] = merged
-            backup_file(inventory_file)
-          else
-            FileUtils.touch(inventory_file)
-            inventory_data = { 'config' => transport_data }
-          end
-
-          backup_file(config_file)
-
-          begin
-            outputter.print_message "Moving transportation configuration options "\
-              "'#{transport_data.keys.join(', ')}' from bolt.yaml to inventory.yaml"
-            File.write(inventory_file, inventory_data.to_yaml)
-            File.write(config_file, project_data.to_yaml)
-          rescue StandardError => e
-            raise Bolt::FileError.new("#{e.message}; unable to write inventory.", inventory_file)
-          end
-        end
-
-        outputter.print_message "Renaming bolt.yaml to bolt-project.yaml"
-        FileUtils.mv(config_file, project_file)
-        outputter.print_message "Successfully updated project. Please add a "\
-          "'name' key to bolt-project.yaml to use project-level tasks and plans. "\
-          "Learn more about projects by running 'bolt guide project'."
-        # If nothing errored, this succeeded
-        true
-      end
-    end
-
-    private def inventory_1_to_2(inventory_file, outputter)
-      data = Bolt::Util.read_yaml_hash(inventory_file, 'inventory')
-      data.delete('version') if data['version'] != 2
-      migrated = migrate_group(data)
-
-      ok = if migrated
-             backup_file(inventory_file)
-             File.write(inventory_file, data.to_yaml)
-           end
-
-      result = if migrated && ok
-                 "Successfully migrated Bolt inventory to the latest version."
-               elsif !migrated
-                 "Bolt inventory is already on the latest version. Skipping inventory update."
-               else
-                 "Could not migrate Bolt inventory to the latest version. See "\
-                 "https://puppet.com/docs/bolt/latest/inventory_file_v2.html to manually update."
-               end
-      outputter.print_message(result)
-      ok
-    end
-
-    # Walks an inventory hash and replaces all 'nodes' keys with 'targets' keys
-    # and all 'name' keys nested in a 'targets' hash with 'uri' keys. Data is
-    # modified in place.
-    private def migrate_group(group)
-      migrated = false
-      if group.key?('nodes')
-        migrated = true
-        targets = group['nodes'].map do |target|
-          target['uri'] = target.delete('name') if target.is_a?(Hash)
-          target
-        end
-        group.delete('nodes')
-        group['targets'] = targets
-      end
-      (group['groups'] || []).each do |subgroup|
-        migrated_group = migrate_group(subgroup)
-        migrated ||= migrated_group
-      end
-      migrated
-    end
-  end
-end

data/lib/bolt/puppetfile.rb

@@ -1,160 +0,0 @@
-# frozen_string_literal: true
-
-require 'bolt/error'
-require 'bolt/puppetfile/module'
-
-# This class manages the logical contents of a Puppetfile. It includes methods
-# for parsing a Puppetfile and its modules, resolving module dependencies,
-# and writing a Puppetfile.
-#
-module Bolt
-  class Puppetfile
-    attr_reader :modules
-
-    def initialize(modules = [])
-      @modules = Set.new
-      add_modules(modules)
-    end
-
-    # Loads a Puppetfile and parses its module specifications, returning a
-    # Bolt::Puppetfile object with the modules set.
-    #
-    def self.parse(path)
-      require 'puppetfile-resolver'
-      require 'puppetfile-resolver/puppetfile/parser/r10k_eval'
-
-      begin
-        parsed = ::PuppetfileResolver::Puppetfile::Parser::R10KEval.parse(File.read(path))
-      rescue StandardError => e
-        raise Bolt::Error.new(
-          "Unable to parse Puppetfile #{path}: #{e.message}",
-          'bolt/puppetfile-parsing'
-        )
-      end
-
-      unless parsed.valid?
-        raise Bolt::ValidationError,
-              "Unable to parse Puppetfile #{path}"
-      end
-
-      modules = parsed.modules.map do |mod|
-        Bolt::Puppetfile::Module.new(mod.owner, mod.name, mod.version)
-      end
-
-      new(modules)
-    end
-
-    # Writes a Puppetfile that includes specifications for each of the
-    # modules.
-    #
-    def write(path, force: false)
-      if File.exist?(path) && !force
-        raise Bolt::FileError.new(
-          "Cannot overwrite existing Puppetfile at #{path}. To forcibly overwrite, "\
-          "run with the '--force' option.",
-          path
-        )
-      end
-
-      File.open(path, 'w') do |file|
-        file.puts '# This Puppetfile is managed by Bolt. Do not edit.'
-        modules.each { |mod| file.puts mod.to_spec }
-        file.puts
-      end
-    rescue SystemCallError => e
-      raise Bolt::FileError.new(
-        "#{e.message}: unable to write Puppetfile.",
-        path
-      )
-    end
-
-    # Resolves module dependencies using the puppetfile-resolver library. The
-    # resolver will return a document model including all module dependencies
-    # and the latest version that can be installed for each. The document model
-    # is parsed and turned into a Set of Bolt::Puppetfile::Module objects.
-    #
-    def resolve
-      require 'puppetfile-resolver'
-
-      # Build the document model from the modules.
-      model = PuppetfileResolver::Puppetfile::Document.new('')
-
-      @modules.each do |mod|
-        model.add_module(
-          PuppetfileResolver::Puppetfile::ForgeModule.new(mod.title).tap do |tap|
-            tap.version = :latest
-          end
-        )
-      end
-
-      # Make sure the Puppetfile model is valid.
-      unless model.valid?
-        raise Bolt::ValidationError,
-              "Unable to resolve dependencies for modules: #{@modules.map(&:title).join(', ')}"
-      end
-
-      # Create the resolver using the Puppetfile model. nil disables Puppet
-      # version restrictions.
-      resolver = PuppetfileResolver::Resolver.new(model, nil)
-
-      # Configure and resolve the dependency graph, catching any errors
-      # raised by puppetfile-resolver and re-raising them as Bolt errors.
-      begin
-        result = resolver.resolve(
-          cache:                 nil,
-          ui:                    nil,
-          module_paths:          [],
-          allow_missing_modules: true
-        )
-      rescue StandardError => e
-        raise Bolt::Error.new(e.message, 'bolt/puppetfile-resolver-error')
-      end
-
-      # Validate that the modules exist.
-      missing_graph = result.specifications.select do |_name, spec|
-        spec.instance_of? PuppetfileResolver::Models::MissingModuleSpecification
-      end
-
-      if missing_graph.any?
-        titles = model.modules.each_with_object({}) do |mod, acc|
-          acc[mod.name] = mod.title
-        end
-
-        names = titles.values_at(*missing_graph.keys)
-        plural = names.count == 1 ? '' : 's'
-
-        raise Bolt::Error.new(
-          "Unknown module name#{plural} #{names.join(', ')}",
-          'bolt/unknown-modules'
-        )
-      end
-
-      # Filter the dependency graph to only include module specifications. This
-      # will only remove the Puppet version specification, which is not needed.
-      specs = result.specifications.select do |_name, spec|
-        spec.instance_of? PuppetfileResolver::Models::ModuleSpecification
-      end
-
-      @modules = specs.map do |_name, spec|
-        Bolt::Puppetfile::Module.new(spec.owner, spec.name, spec.version.to_s)
-      end.to_set
-    end
-
-    # Adds to the set of modules.
-    #
-    def add_modules(modules)
-      modules.each do |mod|
-        case mod
-        when Bolt::Puppetfile::Module
-          @modules << mod
-        when Hash
-          @modules << Bolt::Puppetfile::Module.from_hash(mod)
-        else
-          raise Bolt::ValidationError, "Module must be a Bolt::Puppetfile::Module or Hash."
-        end
-      end
-
-      @modules
-    end
-  end
-end

data/lib/bolt/puppetfile/module.rb

@@ -1,66 +0,0 @@
-# frozen_string_literal: true
-
-require 'bolt/error'
-
-# This class represents a module specification. It used by the Bolt::Puppetfile
-# class to have a consistent API for accessing a module's attributes.
-#
-module Bolt
-  class Puppetfile
-    class Module
-      attr_reader :owner, :name, :version
-
-      def initialize(owner, name, version = nil)
-        @owner   = owner
-        @name    = name
-        @version = version
-      end
-
-      # Creates a new module from a hash.
-      #
-      def self.from_hash(mod)
-        unless mod['name'].is_a?(String)
-          raise Bolt::ValidationError,
-                "Module name must be a String, not #{mod['name'].inspect}"
-        end
-
-        owner, name = mod['name'].tr('/', '-').split('-', 2)
-
-        unless owner && name
-          raise Bolt::ValidationError, "Module name #{mod['name']} must include both the owner and module name."
-        end
-
-        new(owner, name)
-      end
-
-      # Returns the module's title.
-      #
-      def title
-        "#{@owner}-#{@name}"
-      end
-
-      # Checks two modules for equality.
-      #
-      def eql?(other)
-        self.class == other.class && @owner == other.owner && @name == other.name
-      end
-      alias == eql?
-
-      # Hashes the module.
-      #
-      def hash
-        [@owner, @name].hash
-      end
-
-      # Returns the Puppetfile specification for the module.
-      #
-      def to_spec
-        if @version
-          "mod #{title.inspect}, #{@version.inspect}"
-        else
-          "mod #{title.inspect}"
-        end
-      end
-    end
-  end
-end

data/lib/bolt_server/pe/pal.rb

@@ -1,67 +0,0 @@
-# frozen_string_literal: true
-
-require 'bolt/pal'
-require 'bolt/util'
-
-module BoltServer
-  module PE
-    class PAL < Bolt::PAL
-      # PE_BOLTLIB_PATH is intended to function exactly like the BOLTLIB_PATH used
-      # in Bolt::PAL. Paths and variable names are similar to what exists in
-      # Bolt::PAL, but with a 'PE' prefix.
-      PE_BOLTLIB_PATH = '/opt/puppetlabs/server/apps/bolt-server/pe-bolt-modules'
-
-      # For now at least, we maintain an entirely separate codedir from
-      # puppetserver by default, so that filesync can work properly. If filesync
-      # is not used, this can instead match the usual puppetserver codedir.
-      # See the `orchestrator.bolt.codedir` tk config setting.
-      DEFAULT_BOLT_CODEDIR = '/opt/puppetlabs/server/data/orchestration-services/code'
-
-      # This function is nearly identical to Bolt::Pal's `with_puppet_settings` with the
-      # one difference that we set the codedir to point to actual code, rather than the
-      # tmpdir. We only use this funtion inside the PEBolt::PAL initializer so that Puppet
-      # is correctly configured to pull environment configuration correctly. If we don't
-      # set codedir in this way: when we try to load and interpolate the modulepath it
-      # won't correctly load.
-      def with_pe_pal_init_settings(codedir, environmentpath, basemodulepath)
-        Dir.mktmpdir('pe-bolt') do |dir|
-          cli = []
-          Puppet::Settings::REQUIRED_APP_SETTINGS.each do |setting|
-            dir = setting == :codedir ? codedir : dir
-            cli << "--#{setting}" << dir
-          end
-          cli << "--environmentpath" << environmentpath
-          cli << "--basemodulepath" << basemodulepath
-          Puppet.settings.send(:clear_everything_for_tests)
-          Puppet.initialize_settings(cli)
-          yield
-          # Ensure the puppet settings go back to what bolt expects after
-          # we finish with the settings we need for PEBolt::PAL init.
-          with_puppet_settings { |_| nil }
-        end
-      end
-
-      def initialize(plan_executor_config, environment_name, hiera_config = nil, max_compiles = nil)
-        # Bolt::PAL#initialize takes the modulepath as its first argument, but we
-        # want to customize it later, so we pass an empty value:
-        super([], hiera_config, max_compiles)
-
-        codedir = plan_executor_config['codedir'] || DEFAULT_BOLT_CODEDIR
-        environmentpath = plan_executor_config['environmentpath'] || "#{codedir}/environments"
-        basemodulepath = plan_executor_config['basemodulepath'] || "#{codedir}/modules:/opt/puppetlabs/puppet/modules"
-
-        with_pe_pal_init_settings(codedir, environmentpath, basemodulepath) do
-          environment = Puppet.lookup(:environments).get!(environment_name)
-          # A new modulepath is created from scratch (rather than using super's @modulepath)
-          # so that we can have full control over all the entries in modulepath. In the future
-          # it's likely we will need to preceed _both_ Bolt::PAL::BOLTLIB_PATH _and_
-          # Bolt::PAL::MODULES_PATH which would be more complex if we tried to use @modulepath since
-          # we need to append our modulepaths and exclude modules shiped in bolt gem code
-          modulepath_dirs = environment.modulepath
-          @user_modulepath = modulepath_dirs
-          @modulepath = [PE_BOLTLIB_PATH, Bolt::PAL::BOLTLIB_PATH, *modulepath_dirs]
-        end
-      end
-    end
-  end
-end

data/modules/secure_env_vars/plans/init.pp

@@ -1,20 +0,0 @@
-plan secure_env_vars(
-  TargetSpec $targets,
-  Optional[String] $command = undef,
-  Optional[String] $script = undef
-) {
-  $env_vars = parsejson(system::env('BOLT_ENV_VARS'))
-  unless type($command) == Undef or type($script) == Undef {
-      fail_plan('Cannot specify both script and command for secure_env_vars')
-  }
-
-  return if $command {
-           run_command($command, $targets, '_env_vars' => $env_vars)
-         }
-         elsif $script {
-           run_script($script, $targets, '_env_vars' => $env_vars)
-         }
-         else {
-           fail_plan('Must specify either script or command for secure_env_vars')
-         }
-}