bolt 2.35.0 → 2.40.2

data/lib/bolt/config/transport/base.rb

@@ -2,6 +2,7 @@
 
 require 'bolt/error'
 require 'bolt/util'
+require 'bolt/validator'
 require 'bolt/config/transport/options'
 
 module Bolt
@@ -90,6 +91,14 @@ module Bolt
           self::OPTIONS
         end
 
+        def self.schema
+          {
+            type:       Hash,
+            properties: self::TRANSPORT_OPTIONS.slice(*self::OPTIONS),
+            _plugin:    true
+          }
+        end
+
         private def defaults
           unless defined? self.class::DEFAULTS
             raise NotImplementedError,
@@ -116,25 +125,7 @@ module Bolt
 
         # Validation defaults to just asserting the option types
         private def validate
-          assert_type
-        end
-
-        # Validates that each option is the correct type. Types are loaded from the TRANSPORT_OPTIONS hash.
-        private def assert_type
-          @config.each_pair do |opt, val|
-            types = Array(TRANSPORT_OPTIONS.dig(opt, :type)).compact
-
-            next if val.nil? || types.empty? || types.include?(val.class)
-
-            # Ruby doesn't have a Boolean class, so add it to the types list if TrueClass or FalseClass
-            # are present.
-            if types.include?(TrueClass) || types.include?(FalseClass)
-              types = types - [TrueClass, FalseClass] + ['Boolean']
-            end
-
-            raise Bolt::ValidationError,
-                  "#{opt} must be of type #{types.join(', ')}; received #{val.class} #{val.inspect} "
-          end
+          Bolt::Validator.new.validate(@config.compact, self.class.schema)
         end
       end
     end

data/lib/bolt/config/transport/local.rb

@@ -8,6 +8,7 @@ module Bolt
     module Transport
       class Local < Base
         WINDOWS_OPTIONS = %w[
+          bundled-ruby
           cleanup
           interpreters
           tmpdir
@@ -29,13 +30,6 @@ module Bolt
           if @config['interpreters']
             @config['interpreters'] = normalize_interpreters(@config['interpreters'])
           end
-
-          if (run_as_cmd = @config['run-as-command'])
-            unless run_as_cmd.all? { |n| n.is_a?(String) }
-              raise Bolt::ValidationError,
-                    "run-as-command must be an Array of Strings, received #{run_as_cmd.class} #{run_as_cmd.inspect}"
-            end
-          end
         end
       end
     end

data/lib/bolt/config/transport/options.rb

@@ -6,73 +6,8 @@ module Bolt
       module Options
         LOGIN_SHELLS = %w[sh bash zsh dash ksh powershell].freeze
 
-        # The following constants define the various configuration options available to Bolt's
-        # transports. Each constant is a hash where keys are the configuration option and values
-        # are the option's definition. These options are used in multiple locations:
-        #
-        #   - Automatic type validation when loading and setting configuration
-        #   - Generating reference documentation for configuration files
-        #   - Generating JSON schemas for configuration files
-        #
-        # Data includes keys defined by JSON Schema Draft 07 as well as some metadata used
-        # by Bolt to generate documentation. The following keys are used:
-        #
-        #   :description    String      A detailed description of the option and what it does. This
-        #                               field is used in both documentation and the JSON schemas,
-        #                               and should provide as much detail as possible, including
-        #                               links to relevant documentation.
-        #
-        #   :type           Class       The expected type of a value. These should be Ruby classes,
-        #                               as this field is used to perform automatic type validation.
-        #                               If an option can accept more than one type, this should be
-        #                               an array of types. Boolean values should set :type to
-        #                               [TrueClass, FalseClass], as Ruby does not have a single
-        #                               Boolean class.
-        #
-        #   :items          Hash        A definition hash for items in an array. Similar to values
-        #                               for top-level options, items can have a :description, :type,
-        #                               or any other key in this list.
-        #
-        #   :uniqueItems    Boolean     Whether or not an array should contain only unique items.
-        #
-        #   :properties     Hash        A hash where keys are sub-options and values are definitions
-        #                               for the sub-option. Similar to values for top-level options,
-        #                               properties can have a :description, :type, or any other key
-        #                               in this list.
-        #
-        #   :additionalProperties       A variation of the :properties key, where the hash is a
-        #                   Hash        definition for any properties not specified in :properties.
-        #                               This can be used to permit arbitrary sub-options, such as
-        #                               logs for the 'log' option.
-        #
-        #   :propertyNames  Hash        A hash that defines the properties that an option's property
-        #                               names must adhere to.
-        #
-        #   :required       Array       An array of properties that are required for options that
-        #                               accept Hash values.
-        #
-        #   :minimum        Integer     The minimum integer value for an option.
-        #
-        #   :enum           Array       An array of values that the option recognizes.
-        #
-        #   :pattern        String      A JSON regex pattern that the option's vaue should match.
-        #
-        #   :format         String      Requires that a string value matches a format defined by the
-        #                               JSON Schema draft.
-        #
-        #   :_plugin        Boolean     Whether the option accepts a plugin reference. This is used
-        #                               when generating the JSON schemas to determine whether or not
-        #                               to include a reference to the _plugin definition. If :_plugin
-        #                               is set to true, the script that generates JSON schemas will
-        #                               automatically recurse through the :items and :properties keys
-        #                               and add plugin references if applicable.
-        #
-        #   :_example       Any         An example value for the option. This is used to generate
-        #                               reference documentation for configuration files.
-        #
-        #   :_default       Any         The documented default value for the option. This is only
-        #                               used to generate reference documentation for configuration
-        #                               files and is not used by Bolt to actually set default values.
+        # Definitions used to validate config options.
+        # https://github.com/puppetlabs/bolt/blob/main/schemas/README.md
         TRANSPORT_OPTIONS = {
           "basic-auth-only" => {
             type: [TrueClass, FalseClass],
@@ -81,6 +16,13 @@ module Bolt
             _default: false,
             _example: true
           },
+          "bundled-ruby" => {
+            description: "Whether to use the Ruby bundled with Bolt packages for local targets.",
+            type: [TrueClass, FalseClass],
+            _plugin: false,
+            _example: true,
+            _default: false
+          },
           "cacert" => {
             type: String,
             description: "The path to the CA certificate.",
@@ -201,7 +143,8 @@ module Bolt
                          "`task.py`) and the extension is case sensitive. When a target's name is `localhost`, "\
                          "Ruby tasks run with the Bolt Ruby interpreter by default.",
             additionalProperties: {
-              type: String
+              type: String,
+              _plugin: false
             },
             propertyNames: {
               pattern: "^.?[a-zA-Z0-9]+$"

data/lib/bolt/config/transport/ssh.rb

@@ -73,6 +73,14 @@ module Bolt
           %w[ssh-command native-ssh].concat(OPTIONS)
         end
 
+        def self.schema
+          {
+            type:       Hash,
+            properties: self::TRANSPORT_OPTIONS.slice(*(self::OPTIONS + self::NATIVE_OPTIONS)),
+            _plugin:    true
+          }
+        end
+
         private def filter(unfiltered)
           # Because we filter before merging config together it's impossible to
           # know whether both ssh-command *and* native-ssh will be specified
@@ -87,12 +95,6 @@ module Bolt
           super
 
           if (key_opt = @config['private-key'])
-            unless key_opt.instance_of?(String) || (key_opt.instance_of?(Hash) && key_opt.include?('key-data'))
-              raise Bolt::ValidationError,
-                    "private-key option must be a path to a private key file or a Hash containing the 'key-data', "\
-                    "received #{key_opt.class} #{key_opt}"
-            end
-
             if key_opt.instance_of?(String)
               @config['private-key'] = File.expand_path(key_opt, @project)
 
@@ -109,19 +111,6 @@ module Bolt
             @config['interpreters'] = normalize_interpreters(@config['interpreters'])
           end
 
-          if @config['login-shell'] && !LOGIN_SHELLS.include?(@config['login-shell'])
-            raise Bolt::ValidationError,
-                  "Unsupported login-shell #{@config['login-shell']}. Supported shells are #{LOGIN_SHELLS.join(', ')}"
-          end
-
-          %w[encryption-algorithms host-key-algorithms kex-algorithms mac-algorithms run-as-command].each do |opt|
-            next unless @config.key?(opt)
-            unless @config[opt].all? { |n| n.is_a?(String) }
-              raise Bolt::ValidationError,
-                    "#{opt} must be an Array of Strings, received #{@config[opt].inspect}"
-            end
-          end
-
           if @config['login-shell'] == 'powershell'
             %w[tty run-as].each do |key|
               if @config[key]

data/lib/bolt/executor.rb

@@ -256,10 +256,10 @@ module Bolt
       @logger.trace { "Failed to submit analytics event: #{e.message}" }
     end
 
-    def with_node_logging(description, batch)
-      @logger.info("#{description} on #{batch.map(&:safe_name)}")
+    def with_node_logging(description, batch, log_level = :info)
+      @logger.send(log_level, "#{description} on #{batch.map(&:safe_name)}")
       result = yield
-      @logger.info(result.to_json)
+      @logger.send(log_level, result.to_json)
       result
     end
 
@@ -289,32 +289,20 @@ module Bolt
       end
     end
 
-    def run_task(targets, task, arguments, options = {}, position = [])
+    def run_task(targets, task, arguments, options = {}, position = [], log_level = :info)
       description = options.fetch(:description, "task #{task.name}")
       log_action(description, targets) do
         options[:run_as] = run_as if run_as && !options.key?(:run_as)
         arguments['_task'] = task.name
 
         batch_execute(targets) do |transport, batch|
-          with_node_logging("Running task #{task.name} with '#{arguments.to_json}'", batch) do
+          with_node_logging("Running task #{task.name} with '#{arguments.to_json}'", batch, log_level) do
             transport.batch_task(batch, task, arguments, options, position, &method(:publish_event))
           end
         end
       end
     end
 
-    def run_task_with_minimal_logging(targets, task, arguments, options = {})
-      description = options.fetch(:description, "task #{task.name}")
-      log_action(description, targets) do
-        options[:run_as] = run_as if run_as && !options.key?(:run_as)
-        arguments['_task'] = task.name
-
-        batch_execute(targets) do |transport, batch|
-          transport.batch_task(batch, task, arguments, options, [], &method(:publish_event))
-        end
-      end
-    end
-
     def run_task_with(target_mapping, task, options = {}, position = [])
       targets = target_mapping.keys
       description = options.fetch(:description, "task #{task.name}")

data/lib/bolt/inventory.rb

@@ -4,13 +4,17 @@ require 'set'
 require 'bolt/config'
 require 'bolt/inventory/group'
 require 'bolt/inventory/inventory'
+require 'bolt/inventory/options'
 require 'bolt/target'
 require 'bolt/util'
 require 'bolt/plugin'
+require 'bolt/validator'
 require 'yaml'
 
 module Bolt
   class Inventory
+    include Bolt::Inventory::Options
+
     ENVIRONMENT_VAR = 'BOLT_INVENTORY'
 
     class ValidationError < Bolt::Error
@@ -45,11 +49,25 @@ module Bolt
       end
     end
 
+    # Builds the schema used by the validator.
+    #
+    def self.schema
+      schema = {
+        type:        Hash,
+        properties:  OPTIONS.map { |opt| [opt, _ref: opt] }.to_h,
+        definitions: DEFINITIONS
+      }
+
+      schema[:definitions]['config'][:properties] = Bolt::Config.transport_definitions
+      schema
+    end
+
     def self.from_config(config, plugins)
       logger = Bolt::Logger.logger(self)
 
       if ENV.include?(ENVIRONMENT_VAR)
         begin
+          source = ENVIRONMENT_VAR
           data = YAML.safe_load(ENV[ENVIRONMENT_VAR])
           raise Bolt::ParseError, "Could not parse inventory from $#{ENVIRONMENT_VAR}" unless data.is_a?(Hash)
           logger.debug("Loaded inventory from environment variable #{ENVIRONMENT_VAR}")
@@ -57,9 +75,11 @@ module Bolt
           raise Bolt::ParseError, "Could not parse inventory from $#{ENVIRONMENT_VAR}"
         end
       elsif config.inventoryfile
+        source = config.inventoryfile
         data = Bolt::Util.read_yaml_hash(config.inventoryfile, 'inventory')
         logger.debug("Loaded inventory from #{config.inventoryfile}")
       else
+        source = config.default_inventoryfile
         data = Bolt::Util.read_optional_yaml_hash(config.default_inventoryfile, 'inventory')
 
         if config.default_inventoryfile.exist?
@@ -74,6 +94,11 @@ module Bolt
         t.resolve(plugins) unless t.resolved?
       end
 
+      Bolt::Validator.new.tap do |validator|
+        validator.validate(data, schema, source)
+        validator.warnings.each { |warning| logger.warn(warning) }
+      end
+
       inventory = create_version(data, config.transport, config.transports, plugins)
       inventory.validate
       inventory

data/lib/bolt/inventory/group.rb

@@ -254,14 +254,6 @@ module Bolt
           msg = "Found unexpected key(s) #{unexpected_keys.join(', ')} in group #{@name}"
           @logger.warn(msg)
         end
-
-        Bolt::Util.walk_keys(input) do |key|
-          if @plugins.reference?(key)
-            raise ValidationError.new("Group keys cannot be specified as _plugin references", @name)
-          else
-            key
-          end
-        end
       end
 
       def validate(used_group_names = Set.new, used_target_names = Set.new, used_aliases = {})

data/lib/bolt/inventory/options.rb

@@ -0,0 +1,130 @@
+# frozen_string_literal: true
+
+require 'bolt/config/options'
+
+module Bolt
+  class Inventory
+    module Options
+      # Top-level options available in the inventory.
+      OPTIONS = %w[
+        config
+        facts
+        features
+        groups
+        targets
+        vars
+      ].freeze
+
+      # Definitions used to validate the data.
+      # https://github.com/puppetlabs/bolt/blob/main/schemas/README.md
+      DEFINITIONS = {
+        "alias" => {
+          description: "A unique alias to refer to the target. Aliases cannot conflict "\
+                       "with the name of a group, the name of a target, or another alias.",
+          type: [String, Array],
+          uniqueItems: true,
+          items: {
+            type: String,
+            _plugin: true
+          },
+          _plugin: true
+        },
+        "config" => {
+          description: "A map of configuration options.",
+          type: Hash,
+          # These properties are populated as part of Bolt::Inventory.schema
+          properties: {},
+          _plugin: true
+        },
+        "facts" => {
+          description: "A map of system information, also known as facts, for the target.",
+          type: Hash,
+          _plugin: true
+        },
+        "features" => {
+          description: "A list of available features for the target.",
+          type: Array,
+          uniqueItems: true,
+          items: {
+            type: String,
+            _plugin: true
+          },
+          _plugin: true
+        },
+        "groups" => {
+          description: "A list of groups and their associated configuration.",
+          type: Array,
+          items: {
+            type: Hash,
+            required: ["name"],
+            properties: {
+              "config"       => { _ref: "config" },
+              "facts"        => { _ref: "facts" },
+              "features"     => { _ref: "features" },
+              "groups"       => { _ref: "groups" },
+              "name"         => { _ref: "name" },
+              "plugin_hooks" => { _ref: "plugin_hooks" },
+              "targets"      => { _ref: "targets" },
+              "vars"         => { _ref: "vars" }
+            },
+            _plugin: true
+          },
+          _plugin: true
+        },
+        "name" => {
+          description: "A human-readable name to refer to the group or target. Names "\
+                       "cannot conflict with the name of a group, the name of a target, "\
+                       "or the alias of a target. A name is required for a group and is "\
+                       "required for a target unless the uri option is set.",
+          type: String,
+          _plugin: true
+        },
+        "plugin_hooks" => {
+          description: "Configuration for the Puppet library plugin used to install the "\
+                       "Puppet agent on the target. For more information, see "\
+                       "https://pup.pt/bolt-plugin-hooks",
+          type: Hash,
+          properties: {
+            "puppet_library" => {
+              description: "Configuration for the Puppet library plugin.",
+              type: Hash,
+              _plugin: true
+            }
+          },
+          _plugin: true
+        },
+        "targets" => {
+          description: "A list of targets and their associated configuration.",
+          type: Array,
+          items: {
+            type: [String, Hash],
+            properties: {
+              "alias"        => { _ref: "alias" },
+              "config"       => { _ref: "config" },
+              "facts"        => { _ref: "facts" },
+              "features"     => { _ref: "features" },
+              "name"         => { _ref: "name" },
+              "plugin_hooks" => { _ref: "plugin_hooks" },
+              "uri"          => { _ref: "uri" },
+              "vars"         => { _ref: "vars" }
+            },
+            _plugin: true
+          },
+          _plugin: true
+        },
+        "uri" => {
+          description: "The URI of the target. This option is required unless the name "\
+                       "option is set.",
+          type: String,
+          format: "uri",
+          _plugin: true
+        },
+        "vars" => {
+          description: "A map of variables for the group or target.",
+          type: Hash,
+          _plugin: true
+        }
+      }.freeze
+    end
+  end
+end