bolt 2.6.0 → 2.11.0

data/lib/bolt/plugin/prompt.rb

@@ -19,7 +19,7 @@ module Bolt
 
       def resolve_reference(opts)
         STDERR.print("#{opts['message']}: ")
-        value = STDIN.noecho(&:gets).chomp
+        value = STDIN.noecho(&:gets).to_s.chomp
         STDERR.puts
 
         value

data/lib/bolt/plugin/puppetdb.rb

@@ -14,8 +14,11 @@ module Bolt
       TEMPLATE_OPTS = %w[alias config facts features name uri vars].freeze
       PLUGIN_OPTS = %w[_plugin query target_mapping].freeze
 
-      def initialize(pdb_client)
-        @puppetdb_client = pdb_client
+      attr_reader :puppetdb_client
+
+      def initialize(config:, context:)
+        pdb_config = Bolt::PuppetDB::Config.load_config(config, context.boltdir)
+        @puppetdb_client = Bolt::PuppetDB::Client.new(pdb_config)
         @logger = Logging.logger[self]
       end
 

data/lib/bolt/project.rb

@@ -0,0 +1,135 @@
+# frozen_string_literal: true
+
+require 'pathname'
+require 'bolt/pal'
+
+module Bolt
+  class Project
+    BOLTDIR_NAME = 'Boltdir'
+    PROJECT_SETTINGS = {
+      "name"  => "The name of the project",
+      "plans" => "An array of plan names to whitelist. Whitelisted plans are included in `bolt plan show` output",
+      "tasks" => "An array of task names to whitelist. Whitelisted plans are included in `bolt task show` output"
+    }.freeze
+
+    attr_reader :path, :config_file, :inventory_file, :modulepath, :hiera_config,
+                :puppetfile, :rerunfile, :type, :resource_types
+
+    def self.default_project
+      Project.new(File.join('~', '.puppetlabs', 'bolt'), 'user')
+    end
+
+    # Search recursively up the directory hierarchy for the Project. Look for a
+    # directory called Boltdir or a file called bolt.yaml (for a control repo
+    # type Project). Otherwise, repeat the check on each directory up the
+    # hierarchy, falling back to the default if we reach the root.
+    def self.find_boltdir(dir)
+      dir = Pathname.new(dir)
+      if (dir + BOLTDIR_NAME).directory?
+        new(dir + BOLTDIR_NAME, 'embedded')
+      elsif (dir + 'bolt.yaml').file? || (dir + 'bolt-project.yaml').file?
+        new(dir, 'local')
+      elsif dir.root?
+        default_project
+      else
+        find_boltdir(dir.parent)
+      end
+    end
+
+    def initialize(path, type = 'option')
+      @path = Pathname.new(path).expand_path
+      @config_file = @path + 'bolt.yaml'
+      @inventory_file = @path + 'inventory.yaml'
+      @modulepath = [(@path + 'modules').to_s, (@path + 'site-modules').to_s, (@path + 'site').to_s]
+      @hiera_config = @path + 'hiera.yaml'
+      @puppetfile = @path + 'Puppetfile'
+      @rerunfile = @path + '.rerun.json'
+      @resource_types = @path + '.resource_types'
+      @type = type
+
+      @project_file = @path + 'bolt-project.yaml'
+      @data = Bolt::Util.read_optional_yaml_hash(File.expand_path(@project_file), 'project') || {}
+      validate if load_as_module?
+    end
+
+    def to_s
+      @path.to_s
+    end
+
+    # This API is used to prepend the project as a module to Puppet's internal
+    # module_references list. CHANGE AT YOUR OWN RISK
+    def to_h
+      { path: @path, name: name }
+    end
+
+    def eql?(other)
+      path == other.path
+    end
+    alias == eql?
+
+    def load_as_module?
+      @project_file.file?
+    end
+
+    def name
+      # If the project is in mymod/Boltdir/bolt-project.yaml, use mymod as the project name
+      dirname = @path.basename.to_s == 'Boltdir' ? @path.parent.basename.to_s : @path.basename.to_s
+      pname = @data['name'] || dirname
+      pname.include?('-') ? pname.split('-', 2)[1] : pname
+    end
+
+    def tasks
+      @data['tasks']
+    end
+
+    def plans
+      @data['plans']
+    end
+
+    def project_directory_name?(name)
+      # it must match an installed project name according to forge validator
+      name =~ /^[a-z][a-z0-9_]*$/
+    end
+
+    def project_namespaced_name?(name)
+      # it must match the full project name according to forge validator
+      name =~ /^[a-zA-Z0-9]+[-][a-z][a-z0-9_]*$/
+    end
+
+    def validate
+      n = @data['name']
+      if n && !project_directory_name?(n) && !project_namespaced_name?(n)
+        raise Bolt::ValidationError, <<~ERROR_STRING
+        Invalid project name '#{n}' in bolt-project.yaml; project names must match either:
+        An installed project name (ex. projectname) matching the expression /^[a-z][a-z0-9_]*$/ -or-
+        A namespaced project name (ex. author-projectname) matching the expression /^[a-zA-Z0-9]+[-][a-z][a-z0-9_]*$/
+        ERROR_STRING
+      elsif !project_directory_name?(name) && !project_namespaced_name?(name)
+        raise Bolt::ValidationError, <<~ERROR_STRING
+        Invalid project name '#{name}'; project names must match either:
+        A project name (ex. projectname) matching the expression /^[a-z][a-z0-9_]*$/ -or-
+        A namespaced project name (ex. author-projectname) matching the expression /^[a-zA-Z0-9]+[-][a-z][a-z0-9_]*$/
+
+        Configure project name in <project_dir>/bolt-project.yaml
+        ERROR_STRING
+      # If the project name is the same as one of the built-in modules raise a warning
+      elsif Dir.children(Bolt::PAL::BOLTLIB_PATH).include?(name)
+        raise Bolt::ValidationError, "The project '#{name}' will not be loaded. The project name conflicts "\
+          "with a built-in Bolt module of the same name."
+      end
+
+      %w[tasks plans].each do |conf|
+        unless @data.fetch(conf, []).is_a?(Array)
+          raise Bolt::ValidationError, "'#{conf}' in bolt-project.yaml must be an array"
+        end
+      end
+    end
+
+    def check_deprecated_file
+      if (@path + 'project.yaml').file?
+        logger = Logging.logger[self]
+        logger.warn "Project configuration file 'project.yaml' is deprecated; use 'bolt-project.yaml' instead."
+      end
+    end
+  end
+end

data/lib/bolt/puppetdb/config.rb

@@ -22,37 +22,29 @@ module Bolt
         File.expand_path(File.join(Dir::COMMON_APPDATA, 'PuppetLabs/client-tools/puppetdb.conf'))
       end
 
-      def self.load_config(filename, options, boltdir_path = nil)
+      def self.load_config(options, project_path = nil)
         config = {}
         global_path = Bolt::Util.windows? ? default_windows_config : DEFAULT_CONFIG[:global]
-        if filename
-          if File.exist?(filename)
-            config = JSON.parse(File.read(filename))
-          else
-            raise Bolt::PuppetDBError, "config file #{filename} does not exist"
-          end
-        else
-          if File.exist?(DEFAULT_CONFIG[:user])
-            filepath = DEFAULT_CONFIG[:user]
-          elsif File.exist?(global_path)
-            filepath = global_path
-          end
 
-          begin
-            config = JSON.parse(File.read(filepath)) if filepath
-          rescue StandardError => e
-            Logging.logger[self].error("Could not load puppetdb.conf from #{filepath}: #{e.message}")
-          end
+        if File.exist?(DEFAULT_CONFIG[:user])
+          filepath = DEFAULT_CONFIG[:user]
+        elsif File.exist?(global_path)
+          filepath = global_path
+        end
+
+        begin
+          config = JSON.parse(File.read(filepath)) if filepath
+        rescue StandardError => e
+          Logging.logger[self].error("Could not load puppetdb.conf from #{filepath}: #{e.message}")
         end
 
         config = config.fetch('puppetdb', {})
-        new(config.merge(options), boltdir_path)
+        new(config.merge(options), project_path)
       end
 
-      def initialize(settings, boltdir_path = nil)
+      def initialize(settings, project_path = nil)
         @settings = settings
-        @boltdir_path = boltdir_path
-        expand_paths
+        expand_paths(project_path)
       end
 
       def token
@@ -68,14 +60,10 @@ module Bolt
         @token = @token.strip if @token
       end
 
-      def expand_paths
+      def expand_paths(project_path)
         %w[cacert cert key token].each do |file|
           next unless @settings[file]
-          @settings[file] = if @boltdir_path
-                              File.expand_path(@settings[file], @boltdir_path)
-                            else
-                              File.expand_path(@settings[file])
-                            end
+          @settings[file] = File.expand_path(@settings[file], project_path)
         end
       end
 

data/lib/bolt/rerun.rb

@@ -45,7 +45,7 @@ module Bolt
         end
 
         if result_set.is_a?(Bolt::ResultSet)
-          data = result_set.map { |res| res.status_hash.select { |k, _| %i[target status].include? k } }
+          data = result_set.map { |res| { target: res.target.name, status: res.status } }
           FileUtils.mkdir_p(File.dirname(@path))
           File.write(@path, data.to_json)
         elsif File.exist?(@path)

data/lib/bolt/resource_instance.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Bolt
+  class ResourceInstance
+    attr_reader :target, :type, :title, :state, :desired_state
+    attr_accessor :events
+
+    # Needed by Puppet to recognize Bolt::ResourceInstance as a Puppet object when deserializing
+    def self._pcore_type
+      ResourceInstance
+    end
+
+    # Needed by Puppet to serialize with _pcore_init_hash instead of the object's attributes
+    def self._pcore_init_from_hash(_init_hash)
+      raise "ResourceInstance shouldn't be instantiated from a pcore_init class method. "\
+            "How did this get called?"
+    end
+
+    def _pcore_init_from_hash(init_hash)
+      initialize(init_hash)
+    end
+
+    # Parameters will already be validated when calling ResourceInstance.new or
+    # set_resources() from a plan. We don't perform any validation in the class
+    # itself since Puppet will pass an empty hash to the initializer as part of
+    # the deserialization process before passing the _pcore_init_hash.
+    def initialize(resource_hash)
+      @target        = resource_hash['target']
+      @type          = resource_hash['type'].to_s.capitalize
+      @title         = resource_hash['title']
+      # get_resources() returns observed state under the 'parameters' key
+      @state         = resource_hash['state'] || resource_hash['parameters'] || {}
+      @desired_state = resource_hash['desired_state'] || {}
+      @events        = resource_hash['events'] || []
+    end
+
+    # Creates a ResourceInstance from a data hash in a plan when calling
+    # ResourceInstance.new($resource_hash) or $target.set_resources($resource_hash)
+    def self.from_asserted_hash(resource_hash)
+      new(resource_hash)
+    end
+
+    # Creates a ResourceInstance from positional arguments in a plan when
+    # calling ResourceInstance.new(target, type, title, ...)
+    def self.from_asserted_args(target,
+                                type,
+                                title,
+                                state         = nil,
+                                desired_state = nil,
+                                events        = nil)
+      new(
+        'target'        => target,
+        'type'          => type,
+        'title'         => title,
+        'state'         => state,
+        'desired_state' => desired_state,
+        'events'        => events
+      )
+    end
+
+    def eql?(other)
+      self.class.equal?(other.class) &&
+        target == other.target &&
+        type   == other.type &&
+        title  == other.title
+    end
+    alias == eql?
+
+    def to_hash
+      {
+        'target'        => target,
+        'type'          => type,
+        'title'         => title,
+        'state'         => state,
+        'desired_state' => desired_state,
+        'events'        => events
+      }
+    end
+    alias _pcore_init_hash to_hash
+
+    def to_json(opts = nil)
+      to_hash.to_json(opts)
+    end
+
+    def reference
+      "#{type}[#{title}]"
+    end
+    alias to_s reference
+
+    def add_event(event)
+      @events << event
+    end
+
+    # rubocop:disable Naming/AccessorMethodName
+    def set_state(state)
+      assert_hash('state', state)
+      @state.merge!(state)
+    end
+    # rubocop:enable Naming/AccessorMethodName
+
+    def overwrite_state(state)
+      assert_hash('state', state)
+      @state = state
+    end
+
+    # rubocop:disable Naming/AccessorMethodName
+    def set_desired_state(desired_state)
+      assert_hash('desired_state', desired_state)
+      @desired_state.merge!(desired_state)
+    end
+    # rubocop:enable Naming/AccessorMethodName
+
+    def overwrite_desired_state(desired_state)
+      assert_hash('desired_state', desired_state)
+      @desired_state = desired_state
+    end
+
+    def assert_hash(loc, value)
+      unless value.is_a?(Hash)
+        raise Bolt::ValidationError, "#{loc} must be of type Hash; got #{value.class}"
+      end
+    end
+  end
+end

data/lib/bolt/result.rb

@@ -40,18 +40,23 @@ module Bolt
     end
 
     def self.for_task(target, stdout, stderr, exit_code, task)
-      begin
-        value = JSON.parse(stdout)
-        unless value.is_a? Hash
-          value = nil
-        end
-      rescue JSON::ParserError
-        value = nil
-      end
-      value ||= { '_output' => stdout }
+      stdout.force_encoding('utf-8') unless stdout.encoding == Encoding::UTF_8
+      value = if stdout.valid_encoding?
+                parse_hash(stdout) || { '_output' => stdout }
+              else
+                { '_error' => { 'kind' => 'puppetlabs.tasks/task-error',
+                                'issue_code' => 'TASK_ERROR',
+                                'msg' => 'The task result contained invalid UTF-8 on stdout',
+                                'details' => {} } }
+              end
+
       if exit_code != 0 && value['_error'].nil?
         msg = if stdout.empty?
-                "The task failed with exit code #{exit_code}:\n#{stderr}"
+                if stderr.empty?
+                  "The task failed with exit code #{exit_code} and no output"
+                else
+                  "The task failed with exit code #{exit_code} and no stdout, but stderr contained:\n#{stderr}"
+                end
               else
                 "The task failed with exit code #{exit_code}"
               end
@@ -63,6 +68,13 @@ module Bolt
       new(target, value: value, action: 'task', object: task)
     end
 
+    def self.parse_hash(string)
+      value = JSON.parse(string)
+      value if value.is_a? Hash
+    rescue JSON::ParserError
+      nil
+    end
+
     def self.for_upload(target, source, destination)
       new(target, message: "Uploaded '#{source}' to '#{target.host}:#{destination}'", action: 'upload', object: source)
     end
@@ -110,18 +122,8 @@ module Bolt
       message && !message.strip.empty?
     end
 
-    def status_hash
-      {
-        target: @target.name,
-        action: action,
-        object: object,
-        status: status,
-        value: @value
-      }
-    end
-
     def generic_value
-      value.reject { |k, _| %w[_error _output].include? k }
+      safe_value.reject { |k, _| %w[_error _output].include? k }
     end
 
     def eql?(other)
@@ -139,15 +141,36 @@ module Bolt
     end
 
     def to_json(opts = nil)
-      status_hash.to_json(opts)
+      to_data.to_json(opts)
     end
 
     def to_s
       to_json
     end
 
+    # This is the value with all non-UTF-8 characters removed, suitable for
+    # printing or converting to JSON. It *should* only be possible to have
+    # non-UTF-8 characters in stdout/stderr keys as they are not allowed from
+    # tasks but we scrub the whole thing just in case.
+    def safe_value
+      Bolt::Util.walk_vals(value) do |val|
+        if val.is_a?(String)
+          # Replace invalid bytes with hex codes, ie. \xDE\xAD\xBE\xEF
+          val.scrub { |c| c.bytes.map { |b| "\\x" + b.to_s(16).upcase }.join }
+        else
+          val
+        end
+      end
+    end
+
     def to_data
-      Bolt::Util.walk_keys(status_hash, &:to_s)
+      {
+        "target" => @target.name,
+        "action" => action,
+        "object" => object,
+        "status" => status,
+        "value" => safe_value
+      }
     end
 
     def status