bolt 2.7.0 → 2.11.1

data/lib/bolt/transport/winrm/connection.rb

@@ -108,8 +108,8 @@ module Bolt
           # it will fail if the shell attempts to provide stdin
           inp.close
 
-          out_rd, out_wr = IO.pipe
-          err_rd, err_wr = IO.pipe
+          out_rd, out_wr = IO.pipe('UTF-8')
+          err_rd, err_wr = IO.pipe('UTF-8')
           th = Thread.new do
             result = @session.run(command)
             out_wr << result.stdout
@@ -120,6 +120,10 @@ module Bolt
           end
 
           [inp, out_rd, err_rd, th]
+        rescue Errno::EMFILE => e
+          msg = "#{e.message}. This may be resolved by increasing your user limit "\
+            "with 'ulimit -n 1024'. See https://puppet.com/docs/bolt/latest/bolt_known_issues.html for details."
+          raise Bolt::Error.new(msg, 'bolt/too-many-files')
         rescue StandardError
           @logger.debug { "Command aborted" }
           raise

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '2.7.0'
+  VERSION = '2.11.1'
 end

data/lib/bolt_server/pe/pal.rb

@@ -51,50 +51,13 @@ module BoltServer
         basemodulepath = plan_executor_config['basemodulepath'] || "#{codedir}/modules:/opt/puppetlabs/puppet/modules"
 
         with_pe_pal_init_settings(codedir, environmentpath, basemodulepath) do
-          modulepath_dirs = []
-          modulepath_setting_from_bolt = nil
           environment = Puppet.lookup(:environments).get!(environment_name)
-          path_to_env = environment.configuration.path_to_env
-
-          # In the instance where the environment is "production" but no production dir
-          # exists, the lookup will succeed, but the configuration will be mostly empty.
-          # For other environments the lookup will fail, but for production we don't
-          # want cryptic messages sent to the user about combining `nil` with a string.
-          # Thus if we do get here and `path_to_env` is empty, just assume it's the
-          # default production environment and continue.
-          #
-          # This should hopefully match puppet's behavior for the default 'production'
-          # environment: _technically_ that environment always exists, but if the dir
-          # isn't there it won't find the module and fail with "plan not found" rather
-          # than "environment doesn't exist"
-          if path_to_env
-            bolt_yaml = File.join(environment.configuration.path_to_env, 'bolt.yaml')
-            modulepath_setting_from_bolt = Bolt::Util.read_optional_yaml_hash(bolt_yaml, 'config')['modulepath']
-          end
-
-          # If we loaded a bolt.yaml in the environment root and it contained a modulepath setting:
-          # we will use that modulepath rather than the one loaded through puppet. modulepath will
-          # be the _only_ setting that will work from bolt.yaml in plans in PE.
-          if modulepath_setting_from_bolt
-            modulepath_setting_from_bolt.split(File::PATH_SEPARATOR).each do |path|
-              if Pathname.new(path).absolute? && File.exist?(path)
-                modulepath_dirs << path
-              elsif File.exist?(File.join(path_to_env, path))
-                modulepath_dirs << File.join(path_to_env, path)
-              end
-            end
-
-            # Append the basemodulepath to include "built-in" modules.
-            modulepath_dirs.concat(basemodulepath.split(File::PATH_SEPARATOR))
-          else
-            modulepath_dirs = environment.modulepath
-          end
-
           # A new modulepath is created from scratch (rather than using super's @modulepath)
           # so that we can have full control over all the entries in modulepath. In the future
           # it's likely we will need to preceed _both_ Bolt::PAL::BOLTLIB_PATH _and_
           # Bolt::PAL::MODULES_PATH which would be more complex if we tried to use @modulepath since
           # we need to append our modulepaths and exclude modules shiped in bolt gem code
+          modulepath_dirs = environment.modulepath
           @original_modulepath = modulepath_dirs
           @modulepath = [PE_BOLTLIB_PATH, Bolt::PAL::BOLTLIB_PATH, *modulepath_dirs]
         end

data/lib/bolt_server/transport_app.rb

@@ -57,8 +57,8 @@ module BoltServer
     end
 
     def scrub_stack_trace(result)
-      if result.dig(:value, '_error', 'details', 'stack_trace')
-        result[:value]['_error']['details'].reject! { |k| k == 'stack_trace' }
+      if result.dig('value', '_error', 'details', 'stack_trace')
+        result['value']['_error']['details'].reject! { |k| k == 'stack_trace' }
       end
       result
     end
@@ -87,14 +87,14 @@ module BoltServer
     # If the `result_set` contains only one item, it will be returned
     # as a single result object. Set `aggregate` to treat it as a set
     # of results with length 1 instead.
-    def result_set_to_status_hash(result_set, aggregate: false)
+    def result_set_to_data(result_set, aggregate: false)
       scrubbed_results = result_set.map do |result|
-        scrub_stack_trace(result.status_hash)
+        scrub_stack_trace(result.to_data)
       end
 
       if aggregate || scrubbed_results.length > 1
         # For actions that act on multiple targets, construct a status hash for the aggregate result
-        all_succeeded = scrubbed_results.all? { |r| r[:status] == 'success' }
+        all_succeeded = scrubbed_results.all? { |r| r['status'] == 'success' }
         {
           status: all_succeeded ? 'success' : 'failure',
           result: scrubbed_results
@@ -297,7 +297,7 @@ module BoltServer
       return [400, error.to_json] unless error.nil?
 
       aggregate = body['target'].nil?
-      [200, result_set_to_status_hash(result_set, aggregate: aggregate).to_json]
+      [200, result_set_to_data(result_set, aggregate: aggregate).to_json]
     end
 
     def make_winrm_target(target_hash)
@@ -337,7 +337,7 @@ module BoltServer
       return [400, error.to_json] if error
 
       aggregate = body['target'].nil?
-      [200, result_set_to_status_hash(result_set, aggregate: aggregate).to_json]
+      [200, result_set_to_data(result_set, aggregate: aggregate).to_json]
     end
 
     # Fetches the metadata for a single plan

data/lib/bolt_spec/bolt_context.rb

@@ -138,21 +138,18 @@ module BoltSpec
     # Override in your tests
     def config
       @config ||= begin
-                    conf = Bolt::Config.new(Bolt::Boltdir.new('.'), {})
+                    conf = Bolt::Config.new(Bolt::Project.new('.'), {})
                     conf.modulepath = [modulepath].flatten
                     conf
                   end
     end
 
     def plugins
-      @plugins ||= Bolt::Plugin.setup(config,
-                                      pal,
-                                      nil,
-                                      Bolt::Analytics::NoopClient.new)
+      @plugins ||= Bolt::Plugin.setup(config, pal)
     end
 
     def pal
-      @pal ||= Bolt::PAL.new(config.modulepath, config.hiera_config, config.boltdir.resource_types)
+      @pal ||= Bolt::PAL.new(config.modulepath, config.hiera_config, config.project.resource_types)
     end
 
     BoltSpec::Plans::MOCKED_ACTIONS.each do |action|

data/lib/bolt_spec/plans.rb

@@ -219,7 +219,7 @@ module BoltSpec
     end
 
     def run_plan(name, params)
-      pal = Bolt::PAL.new(config.modulepath, config.hiera_config, config.boltdir.resource_types)
+      pal = Bolt::PAL.new(config.modulepath, config.hiera_config, config.project.resource_types)
       result = executor.with_plan_allowed_exec(name, params) do
         pal.run_plan(name, params, executor, inventory, puppetdb_client)
       end

data/lib/bolt_spec/plans/mock_executor.rb

@@ -230,6 +230,7 @@ module BoltSpec
       def transport(_protocol)
         Class.new do
           attr_reader :provided_features
+
           def initialize(features)
             @provided_features = features
           end

data/lib/bolt_spec/run.rb

@@ -126,25 +126,25 @@ module BoltSpec
     end
 
     class BoltRunner
-      # Creates a temporary boltdir so no settings are picked up
-      # WARNING: puppetdb config and orch config which do not use the boltdir may
+      # Creates a temporary project so no settings are picked up
+      # WARNING: puppetdb config and orch config which do not use the project may
       # still be loaded
       def self.with_runner(config_data, inventory_data)
-        Dir.mktmpdir do |boltdir_path|
-          runner = new(Bolt::Util.deep_clone(config_data), Bolt::Util.deep_clone(inventory_data), boltdir_path)
+        Dir.mktmpdir do |project_path|
+          runner = new(Bolt::Util.deep_clone(config_data), Bolt::Util.deep_clone(inventory_data), project_path)
           yield runner
         end
       end
 
-      def initialize(config_data, inventory_data, boltdir_path)
+      def initialize(config_data, inventory_data, project_path)
         @config_data = config_data || {}
         @inventory_data = inventory_data || {}
-        @boltdir_path = boltdir_path
+        @project_path = project_path
         @analytics = Bolt::Analytics::NoopClient.new
       end
 
       def config
-        @config ||= Bolt::Config.new(Bolt::Boltdir.new(@boltdir_path), @config_data)
+        @config ||= Bolt::Config.new(Bolt::Project.new(@project_path), @config_data)
       end
 
       def inventory
@@ -152,20 +152,17 @@ module BoltSpec
       end
 
       def plugins
-        @plugins ||= Bolt::Plugin.setup(config, pal, puppetdb_client, @analytics)
+        @plugins ||= Bolt::Plugin.setup(config, pal)
       end
 
       def puppetdb_client
-        @puppetdb_client ||= begin
-                               puppetdb_config = Bolt::PuppetDB::Config.load_config(nil, config.puppetdb)
-                               Bolt::PuppetDB::Client.new(puppetdb_config)
-                             end
+        plugins.puppetdb_client
       end
 
       def pal
         @pal ||= Bolt::PAL.new(config.modulepath,
                                config.hiera_config,
-                               config.boltdir.resource_types,
+                               config.project.resource_types,
                                config.compile_concurrency)
       end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 2.7.0
+  version: 2.11.1
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-04-27 00:00:00.000000000 Z
+date: 2020-05-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -184,7 +184,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.11.0
+        version: 6.15.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '7'
@@ -194,7 +194,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.11.0
+        version: 6.15.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '7'
@@ -390,6 +390,7 @@ extra_rdoc_files: []
 files:
 - Puppetfile
 - bolt-modules/boltlib/lib/puppet/datatypes/applyresult.rb
+- bolt-modules/boltlib/lib/puppet/datatypes/resourceinstance.rb
 - bolt-modules/boltlib/lib/puppet/datatypes/result.rb
 - bolt-modules/boltlib/lib/puppet/datatypes/resultset.rb
 - bolt-modules/boltlib/lib/puppet/datatypes/target.rb
@@ -410,8 +411,10 @@ files:
 - bolt-modules/boltlib/lib/puppet/functions/run_plan.rb
 - bolt-modules/boltlib/lib/puppet/functions/run_script.rb
 - bolt-modules/boltlib/lib/puppet/functions/run_task.rb
+- bolt-modules/boltlib/lib/puppet/functions/run_task_with.rb
 - bolt-modules/boltlib/lib/puppet/functions/set_config.rb
 - bolt-modules/boltlib/lib/puppet/functions/set_feature.rb
+- bolt-modules/boltlib/lib/puppet/functions/set_resources.rb
 - bolt-modules/boltlib/lib/puppet/functions/set_var.rb
 - bolt-modules/boltlib/lib/puppet/functions/upload_file.rb
 - bolt-modules/boltlib/lib/puppet/functions/vars.rb
@@ -438,7 +441,6 @@ files:
 - lib/bolt/apply_result.rb
 - lib/bolt/apply_target.rb
 - lib/bolt/bolt_option_parser.rb
-- lib/bolt/boltdir.rb
 - lib/bolt/catalog.rb
 - lib/bolt/catalog/logging.rb
 - lib/bolt/cli.rb
@@ -484,19 +486,19 @@ files:
 - lib/bolt/plugin.rb
 - lib/bolt/plugin/env_var.rb
 - lib/bolt/plugin/module.rb
-- lib/bolt/plugin/pkcs7.rb
 - lib/bolt/plugin/prompt.rb
 - lib/bolt/plugin/puppetdb.rb
 - lib/bolt/plugin/task.rb
+- lib/bolt/project.rb
 - lib/bolt/puppetdb.rb
 - lib/bolt/puppetdb/client.rb
 - lib/bolt/puppetdb/config.rb
 - lib/bolt/r10k_log_proxy.rb
 - lib/bolt/rerun.rb
+- lib/bolt/resource_instance.rb
 - lib/bolt/result.rb
 - lib/bolt/result_set.rb
 - lib/bolt/secret.rb
-- lib/bolt/secret/base.rb
 - lib/bolt/shell.rb
 - lib/bolt/shell/bash.rb
 - lib/bolt/shell/bash/tmpdir.rb
@@ -517,6 +519,7 @@ files:
 - lib/bolt/transport/simple.rb
 - lib/bolt/transport/ssh.rb
 - lib/bolt/transport/ssh/connection.rb
+- lib/bolt/transport/ssh/exec_connection.rb
 - lib/bolt/transport/winrm.rb
 - lib/bolt/transport/winrm/connection.rb
 - lib/bolt/util.rb

data/lib/bolt/boltdir.rb

@@ -1,54 +0,0 @@
-# frozen_string_literal: true
-
-require 'pathname'
-
-module Bolt
-  class Boltdir
-    BOLTDIR_NAME = 'Boltdir'
-
-    attr_reader :path, :config_file, :inventory_file, :modulepath, :hiera_config,
-                :puppetfile, :rerunfile, :type, :resource_types
-
-    def self.default_boltdir
-      Boltdir.new(File.join('~', '.puppetlabs', 'bolt'), 'user')
-    end
-
-    # Search recursively up the directory hierarchy for the Boltdir. Look for a
-    # directory called Boltdir or a file called bolt.yaml (for a control repo
-    # type Boltdir). Otherwise, repeat the check on each directory up the
-    # hierarchy, falling back to the default if we reach the root.
-    def self.find_boltdir(dir)
-      dir = Pathname.new(dir)
-      if (dir + BOLTDIR_NAME).directory?
-        new(dir + BOLTDIR_NAME, 'embedded')
-      elsif (dir + 'bolt.yaml').file?
-        new(dir, 'local')
-      elsif dir.root?
-        default_boltdir
-      else
-        find_boltdir(dir.parent)
-      end
-    end
-
-    def initialize(path, type = 'option')
-      @path = Pathname.new(path).expand_path
-      @config_file = @path + 'bolt.yaml'
-      @inventory_file = @path + 'inventory.yaml'
-      @modulepath = [(@path + 'modules').to_s, (@path + 'site-modules').to_s, (@path + 'site').to_s]
-      @hiera_config = @path + 'hiera.yaml'
-      @puppetfile = @path + 'Puppetfile'
-      @rerunfile = @path + '.rerun.json'
-      @resource_types = @path + '.resource_types'
-      @type = type
-    end
-
-    def to_s
-      @path.to_s
-    end
-
-    def eql?(other)
-      path == other.path
-    end
-    alias == eql?
-  end
-end

data/lib/bolt/plugin/pkcs7.rb

@@ -1,104 +0,0 @@
-# frozen_string_literal: true
-
-require 'bolt/secret/base'
-require 'fileutils'
-
-module Bolt
-  class Plugin
-    class Pkcs7 < Bolt::Secret::Base
-      def self.validate_config(config = {})
-        known_keys = %w[private-key public-key keysize]
-        known_keys.each do |key|
-          unless key.is_a? String
-            raise Bolt::ValidationError, "Invalid config for pkcs7 plugin: '#{key}' is not a String"
-          end
-        end
-
-        config.each_key do |key|
-          unless known_keys.include?(key)
-            raise Bolt::ValidationError, "Unpexpected key in pkcs7 plugin config: #{key}"
-          end
-        end
-      end
-
-      def name
-        'pkcs7'
-      end
-
-      def initialize(config:, context:, **_opts)
-        self.class.validate_config(config)
-        require 'openssl'
-        @context = context
-        @options = config || {}
-        @logger = Logging.logger[self]
-      end
-
-      def boltdir
-        @context.boltdir
-      end
-
-      def private_key_path
-        path = @options['private-key'] || 'keys/private_key.pkcs7.pem'
-        path = File.expand_path(path, boltdir)
-        @logger.debug("Using private-key: #{path}")
-        path
-      end
-
-      def private_key
-        @private_key ||= OpenSSL::PKey::RSA.new(File.read(private_key_path))
-      end
-
-      def public_key_path
-        path = @options['public-key'] || 'keys/public_key.pkcs7.pem'
-        path = File.expand_path(path, boltdir)
-        @logger.debug("Using public-key: #{path}")
-        path
-      end
-
-      def public_key
-        @public_key ||= OpenSSL::X509::Certificate.new(File.read(public_key_path))
-      end
-
-      def keysize
-        @options['keysize'] || 2048
-      end
-
-      # The following implementations are intended to be compatible with hiera-eyaml
-      def encrypt_value(plaintext)
-        cipher = OpenSSL::Cipher::AES.new(256, :CBC)
-        OpenSSL::PKCS7.encrypt([public_key], plaintext, cipher, OpenSSL::PKCS7::BINARY).to_der
-      end
-
-      def decrypt_value(ciphertext)
-        pkcs7 = OpenSSL::PKCS7.new(ciphertext)
-        pkcs7.decrypt(private_key, public_key)
-      end
-
-      def secret_createkeys
-        key = OpenSSL::PKey::RSA.new(keysize)
-
-        cert = OpenSSL::X509::Certificate.new
-        cert.subject = OpenSSL::X509::Name.parse('/')
-        cert.serial = 1
-        cert.version = 2
-        cert.not_before = Time.now
-        cert.not_after = Time.now + 50 * 365 * 24 * 60 * 60
-        cert.public_key = key.public_key
-        cert.sign(key, OpenSSL::Digest.new('SHA512'))
-
-        @logger.warn("Overwriting private-key '#{private_key_path}'") if File.exist?(private_key_path)
-        @logger.warn("Overwriting public-key '#{public_key_path}'") if File.exist?(public_key_path)
-
-        private_keydir = File.dirname(private_key_path)
-        FileUtils.mkdir_p(private_keydir) unless File.exist?(private_keydir)
-        FileUtils.touch(private_key_path)
-        File.chmod(0o600, private_key_path)
-        File.write(private_key_path, key.to_pem)
-
-        public_keydir = File.dirname(public_key_path)
-        FileUtils.mkdir_p(public_keydir) unless File.exist?(public_keydir)
-        File.write(public_key_path, cert.to_pem)
-      end
-    end
-  end
-end