bolt 2.7.0 → 2.8.0

data/lib/bolt/shell/bash.rb

@@ -150,8 +150,14 @@ module Bolt
           end
         elsif err =~ /^#{@sudo_id}/
           if sudo_stdin
-            stdin.write("#{sudo_stdin}\n")
-            stdin.close
+            begin
+              stdin.write("#{sudo_stdin}\n")
+              stdin.close
+            # If a task has stdin as an input_method but doesn't actually read
+            # from stdin, the task may return and close the input stream before
+            # we finish writing
+            rescue Errno::EPIPE
+            end
           end
           ''
         else
@@ -399,8 +405,9 @@ module Bolt
                 write_stream = []
               end
             end
-          # If a task has stdin as an input_method but doesn't actually
-          # read from stdin, the task may return and close the input stream
+          # If a task has stdin as an input_method but doesn't actually read
+          # from stdin, the task may return and close the input stream before
+          # we finish writing
           rescue Errno::EPIPE
             write_stream = []
           end

data/lib/bolt/target.rb

@@ -155,5 +155,9 @@ module Bolt
       self.class.equal?(other.class) && @name == other.name
     end
     alias == eql?
+
+    def hash
+      @name.hash
+    end
   end
 end

data/lib/bolt/transport/base.rb

@@ -32,7 +32,7 @@ module Bolt
     # Transports that need their own batching, like the Orch transport, can
     # instead override the batches() method to split Targets into sets that can
     # be executed together, and override the batch_task() and related methods
-    # to execute a batch of nodes. In that case, those Transports should accept
+    # to execute a batch of targets. In that case, those Transports should accept
     # a block argument and call it with a :node_start event for each Target
     # before executing, and a :node_result event for each Target after
     # execution.
@@ -90,12 +90,12 @@ module Bolt
       # case and raises an error if it's not.
       def assert_batch_size_one(method, targets)
         if targets.length > 1
-          message = "#{self.class.name} must implement #{method} to support batches (got #{targets.length} nodes)"
+          message = "#{self.class.name} must implement #{method} to support batches (got #{targets.length} targets)"
           raise NotImplementedError, message
         end
       end
 
-      # Runs the given task on a batch of nodes.
+      # Runs the given task on a batch of targets.
       #
       # The default implementation only supports batches of size 1 and will fail otherwise.
       #
@@ -104,12 +104,28 @@ module Bolt
         assert_batch_size_one("batch_task()", targets)
         target = targets.first
         with_events(target, callback, 'task') do
-          @logger.debug { "Running task run '#{task}' on #{target.safe_name}" }
+          @logger.debug { "Running task '#{task.name}' on #{target.safe_name}" }
           run_task(target, task, arguments, options)
         end
       end
 
-      # Runs the given command on a batch of nodes.
+      # Runs the given task on a batch of targets with variable parameters.
+      #
+      # The default implementation only supports batches of size 1 and will fail otherwise.
+      #
+      # Transports may override this method to implment their own batch processing.
+      def batch_task_with(targets, task, target_mapping, options = {}, &callback)
+        assert_batch_size_one("batch_task_with()", targets)
+        target = targets.first
+        arguments = target_mapping[target]
+
+        with_events(target, callback, 'task') do
+          @logger.debug { "Running task '#{task.name}' on #{target.safe_name} with '#{arguments.to_json}'" }
+          run_task(target, task, arguments, options)
+        end
+      end
+
+      # Runs the given command on a batch of targets.
       #
       # The default implementation only supports batches of size 1 and will fail otherwise.
       #
@@ -123,7 +139,7 @@ module Bolt
         end
       end
 
-      # Runs the given script on a batch of nodes.
+      # Runs the given script on a batch of targets.
       #
       # The default implementation only supports batches of size 1 and will fail otherwise.
       #
@@ -137,7 +153,7 @@ module Bolt
         end
       end
 
-      # Uploads the given source file to the destination location on a batch of nodes.
+      # Uploads the given source file to the destination location on a batch of targets.
       #
       # The default implementation only supports batches of size 1 and will fail otherwise.
       #
@@ -157,7 +173,7 @@ module Bolt
       end
 
       # Split the given list of targets into a list of batches. The default
-      # implementation returns single-node batches.
+      # implementation returns single-target batches.
       #
       # Transports may override this method, and the corresponding batch_*
       # methods, to implement their own batch processing.

data/lib/bolt/transport/orch.rb

@@ -210,6 +210,10 @@ module Bolt
         end
       end
 
+      def batch_task_with(_targets, _task, _target_mapping, _options = {})
+        raise NotImplementedError, "pcp transport does not support run_task_with()"
+      end
+
       def batch_connected?(targets)
         resp = get_connection(targets.first.options).query_inventory(targets)
         resp['items'].all? { |node| node['connected'] }

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '2.7.0'
+  VERSION = '2.8.0'
 end

data/lib/bolt_spec/bolt_context.rb

@@ -138,7 +138,7 @@ module BoltSpec
     # Override in your tests
     def config
       @config ||= begin
-                    conf = Bolt::Config.new(Bolt::Boltdir.new('.'), {})
+                    conf = Bolt::Config.new(Bolt::Project.new('.'), {})
                     conf.modulepath = [modulepath].flatten
                     conf
                   end
@@ -152,7 +152,7 @@ module BoltSpec
     end
 
     def pal
-      @pal ||= Bolt::PAL.new(config.modulepath, config.hiera_config, config.boltdir.resource_types)
+      @pal ||= Bolt::PAL.new(config.modulepath, config.hiera_config, config.project.resource_types)
     end
 
     BoltSpec::Plans::MOCKED_ACTIONS.each do |action|

data/lib/bolt_spec/plans.rb

@@ -219,7 +219,7 @@ module BoltSpec
     end
 
     def run_plan(name, params)
-      pal = Bolt::PAL.new(config.modulepath, config.hiera_config, config.boltdir.resource_types)
+      pal = Bolt::PAL.new(config.modulepath, config.hiera_config, config.project.resource_types)
       result = executor.with_plan_allowed_exec(name, params) do
         pal.run_plan(name, params, executor, inventory, puppetdb_client)
       end

data/lib/bolt_spec/run.rb

@@ -126,25 +126,25 @@ module BoltSpec
     end
 
     class BoltRunner
-      # Creates a temporary boltdir so no settings are picked up
-      # WARNING: puppetdb config and orch config which do not use the boltdir may
+      # Creates a temporary project so no settings are picked up
+      # WARNING: puppetdb config and orch config which do not use the project may
       # still be loaded
       def self.with_runner(config_data, inventory_data)
-        Dir.mktmpdir do |boltdir_path|
-          runner = new(Bolt::Util.deep_clone(config_data), Bolt::Util.deep_clone(inventory_data), boltdir_path)
+        Dir.mktmpdir do |project_path|
+          runner = new(Bolt::Util.deep_clone(config_data), Bolt::Util.deep_clone(inventory_data), project_path)
           yield runner
         end
       end
 
-      def initialize(config_data, inventory_data, boltdir_path)
+      def initialize(config_data, inventory_data, project_path)
         @config_data = config_data || {}
         @inventory_data = inventory_data || {}
-        @boltdir_path = boltdir_path
+        @project_path = project_path
         @analytics = Bolt::Analytics::NoopClient.new
       end
 
       def config
-        @config ||= Bolt::Config.new(Bolt::Boltdir.new(@boltdir_path), @config_data)
+        @config ||= Bolt::Config.new(Bolt::Project.new(@project_path), @config_data)
       end
 
       def inventory
@@ -165,7 +165,7 @@ module BoltSpec
       def pal
         @pal ||= Bolt::PAL.new(config.modulepath,
                                config.hiera_config,
-                               config.boltdir.resource_types,
+                               config.project.resource_types,
                                config.compile_concurrency)
       end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 2.7.0
+  version: 2.8.0
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-04-27 00:00:00.000000000 Z
+date: 2020-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -184,7 +184,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.11.0
+        version: 6.15.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '7'
@@ -194,7 +194,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.11.0
+        version: 6.15.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '7'
@@ -410,6 +410,7 @@ files:
 - bolt-modules/boltlib/lib/puppet/functions/run_plan.rb
 - bolt-modules/boltlib/lib/puppet/functions/run_script.rb
 - bolt-modules/boltlib/lib/puppet/functions/run_task.rb
+- bolt-modules/boltlib/lib/puppet/functions/run_task_with.rb
 - bolt-modules/boltlib/lib/puppet/functions/set_config.rb
 - bolt-modules/boltlib/lib/puppet/functions/set_feature.rb
 - bolt-modules/boltlib/lib/puppet/functions/set_var.rb
@@ -438,7 +439,6 @@ files:
 - lib/bolt/apply_result.rb
 - lib/bolt/apply_target.rb
 - lib/bolt/bolt_option_parser.rb
-- lib/bolt/boltdir.rb
 - lib/bolt/catalog.rb
 - lib/bolt/catalog/logging.rb
 - lib/bolt/cli.rb
@@ -484,10 +484,10 @@ files:
 - lib/bolt/plugin.rb
 - lib/bolt/plugin/env_var.rb
 - lib/bolt/plugin/module.rb
-- lib/bolt/plugin/pkcs7.rb
 - lib/bolt/plugin/prompt.rb
 - lib/bolt/plugin/puppetdb.rb
 - lib/bolt/plugin/task.rb
+- lib/bolt/project.rb
 - lib/bolt/puppetdb.rb
 - lib/bolt/puppetdb/client.rb
 - lib/bolt/puppetdb/config.rb
@@ -496,7 +496,6 @@ files:
 - lib/bolt/result.rb
 - lib/bolt/result_set.rb
 - lib/bolt/secret.rb
-- lib/bolt/secret/base.rb
 - lib/bolt/shell.rb
 - lib/bolt/shell/bash.rb
 - lib/bolt/shell/bash/tmpdir.rb

data/lib/bolt/boltdir.rb

@@ -1,54 +0,0 @@
-# frozen_string_literal: true
-
-require 'pathname'
-
-module Bolt
-  class Boltdir
-    BOLTDIR_NAME = 'Boltdir'
-
-    attr_reader :path, :config_file, :inventory_file, :modulepath, :hiera_config,
-                :puppetfile, :rerunfile, :type, :resource_types
-
-    def self.default_boltdir
-      Boltdir.new(File.join('~', '.puppetlabs', 'bolt'), 'user')
-    end
-
-    # Search recursively up the directory hierarchy for the Boltdir. Look for a
-    # directory called Boltdir or a file called bolt.yaml (for a control repo
-    # type Boltdir). Otherwise, repeat the check on each directory up the
-    # hierarchy, falling back to the default if we reach the root.
-    def self.find_boltdir(dir)
-      dir = Pathname.new(dir)
-      if (dir + BOLTDIR_NAME).directory?
-        new(dir + BOLTDIR_NAME, 'embedded')
-      elsif (dir + 'bolt.yaml').file?
-        new(dir, 'local')
-      elsif dir.root?
-        default_boltdir
-      else
-        find_boltdir(dir.parent)
-      end
-    end
-
-    def initialize(path, type = 'option')
-      @path = Pathname.new(path).expand_path
-      @config_file = @path + 'bolt.yaml'
-      @inventory_file = @path + 'inventory.yaml'
-      @modulepath = [(@path + 'modules').to_s, (@path + 'site-modules').to_s, (@path + 'site').to_s]
-      @hiera_config = @path + 'hiera.yaml'
-      @puppetfile = @path + 'Puppetfile'
-      @rerunfile = @path + '.rerun.json'
-      @resource_types = @path + '.resource_types'
-      @type = type
-    end
-
-    def to_s
-      @path.to_s
-    end
-
-    def eql?(other)
-      path == other.path
-    end
-    alias == eql?
-  end
-end

data/lib/bolt/plugin/pkcs7.rb

@@ -1,104 +0,0 @@
-# frozen_string_literal: true
-
-require 'bolt/secret/base'
-require 'fileutils'
-
-module Bolt
-  class Plugin
-    class Pkcs7 < Bolt::Secret::Base
-      def self.validate_config(config = {})
-        known_keys = %w[private-key public-key keysize]
-        known_keys.each do |key|
-          unless key.is_a? String
-            raise Bolt::ValidationError, "Invalid config for pkcs7 plugin: '#{key}' is not a String"
-          end
-        end
-
-        config.each_key do |key|
-          unless known_keys.include?(key)
-            raise Bolt::ValidationError, "Unpexpected key in pkcs7 plugin config: #{key}"
-          end
-        end
-      end
-
-      def name
-        'pkcs7'
-      end
-
-      def initialize(config:, context:, **_opts)
-        self.class.validate_config(config)
-        require 'openssl'
-        @context = context
-        @options = config || {}
-        @logger = Logging.logger[self]
-      end
-
-      def boltdir
-        @context.boltdir
-      end
-
-      def private_key_path
-        path = @options['private-key'] || 'keys/private_key.pkcs7.pem'
-        path = File.expand_path(path, boltdir)
-        @logger.debug("Using private-key: #{path}")
-        path
-      end
-
-      def private_key
-        @private_key ||= OpenSSL::PKey::RSA.new(File.read(private_key_path))
-      end
-
-      def public_key_path
-        path = @options['public-key'] || 'keys/public_key.pkcs7.pem'
-        path = File.expand_path(path, boltdir)
-        @logger.debug("Using public-key: #{path}")
-        path
-      end
-
-      def public_key
-        @public_key ||= OpenSSL::X509::Certificate.new(File.read(public_key_path))
-      end
-
-      def keysize
-        @options['keysize'] || 2048
-      end
-
-      # The following implementations are intended to be compatible with hiera-eyaml
-      def encrypt_value(plaintext)
-        cipher = OpenSSL::Cipher::AES.new(256, :CBC)
-        OpenSSL::PKCS7.encrypt([public_key], plaintext, cipher, OpenSSL::PKCS7::BINARY).to_der
-      end
-
-      def decrypt_value(ciphertext)
-        pkcs7 = OpenSSL::PKCS7.new(ciphertext)
-        pkcs7.decrypt(private_key, public_key)
-      end
-
-      def secret_createkeys
-        key = OpenSSL::PKey::RSA.new(keysize)
-
-        cert = OpenSSL::X509::Certificate.new
-        cert.subject = OpenSSL::X509::Name.parse('/')
-        cert.serial = 1
-        cert.version = 2
-        cert.not_before = Time.now
-        cert.not_after = Time.now + 50 * 365 * 24 * 60 * 60
-        cert.public_key = key.public_key
-        cert.sign(key, OpenSSL::Digest.new('SHA512'))
-
-        @logger.warn("Overwriting private-key '#{private_key_path}'") if File.exist?(private_key_path)
-        @logger.warn("Overwriting public-key '#{public_key_path}'") if File.exist?(public_key_path)
-
-        private_keydir = File.dirname(private_key_path)
-        FileUtils.mkdir_p(private_keydir) unless File.exist?(private_keydir)
-        FileUtils.touch(private_key_path)
-        File.chmod(0o600, private_key_path)
-        File.write(private_key_path, key.to_pem)
-
-        public_keydir = File.dirname(public_key_path)
-        FileUtils.mkdir_p(public_keydir) unless File.exist?(public_keydir)
-        File.write(public_key_path, cert.to_pem)
-      end
-    end
-  end
-end

data/lib/bolt/secret/base.rb

@@ -1,41 +0,0 @@
-# frozen_string_literal: true
-
-module Bolt
-  class Secret
-    class Base
-      def hooks
-        %i[resolve_reference secret_encrypt secret_decrypt secret_createkeys validate_resolve_reference]
-      end
-
-      def encode(raw)
-        coded = Base64.encode64(raw).strip
-        "ENC[#{name.upcase},#{coded}]"
-      end
-
-      def decode(code)
-        format = %r{\AENC\[(?<plugin>\w+),(?<encoded>[\w\s+-=/]+)\]\s*\z}
-        match = format.match(code)
-
-        raise Bolt::ValidationError, "Could not parse as an encrypted value: #{code}" unless match
-
-        raw = Base64.decode64(match[:encoded])
-        [raw, match[:plugin]]
-      end
-
-      def secret_encrypt(opts)
-        encrypted = encrypt_value(opts['plaintext_value'])
-        encode(encrypted)
-      end
-
-      def secret_decrypt(opts)
-        raw, _plugin = decode(opts['encrypted_value'])
-        decrypt_value(raw)
-      end
-      alias resolve_reference secret_decrypt
-
-      def validate_resolve_reference(opts)
-        decode(opts['encrypted_value'])
-      end
-    end
-  end
-end