bolt 3.4.0 → 3.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2e66e28078af9324bb7d5668ee5079535d829913a2dcb4bce65daa4d471d4524
-  data.tar.gz: a821d82c490030be200c0d4ab5dc4a56a1abf1aa862d69d1e4c6a4595e47952d
+  metadata.gz: 41eb3934a2ddce5d1021b66f5aca6eccfdb91bdedd5dc08cfdc1cfb4664f91e8
+  data.tar.gz: 8a04142fd9de53e8812cff0c540098a8548a8b18245e300835896b457a86d348
 SHA512:
-  metadata.gz: 120dd18c9478c105387f2ad3634276cbaae05fe3638cc01d378aa9cbb1c423bf737991b7278ab4f96eb0a7cca39cd3d259cbba3d1734cea6ac071ba0695da901
-  data.tar.gz: 61171ff383d06883e6f6ffa0cafc423a80d41ea0f2d45c3c0e4b76c7037a4626ad7a4b8b625e3a013e077b9e96cdafaab06cad6d5a490dae392af3fbb410d0fe
+  metadata.gz: 24bc37edf14e9c5d3ef1b8df5d5ed9dd0161ebb44da96e0b2777703c5b71182179ebed740e5d67c04bad41b9ecdb6e0a40d5fcb5ec08eb59171da36a3d5a3756
+  data.tar.gz: 0e5795469709939091282a51df744076e87e40e5dad0f5bc6395d0d7927dcbf5f788bccf23bd5c455c29232faa958ddcbe5130626eb82d056404f8cb1e088cdd

data/Puppetfile

@@ -32,9 +32,9 @@ mod 'puppetlabs-ruby_plugin_helper', '0.2.0'
 mod 'puppetlabs-stdlib', '7.0.0'
 
 # Plugin modules
-mod 'puppetlabs-aws_inventory', '0.6.0'
+mod 'puppetlabs-aws_inventory', '0.7.0'
 mod 'puppetlabs-azure_inventory', '0.5.0'
-mod 'puppetlabs-gcloud_inventory', '0.2.0'
+mod 'puppetlabs-gcloud_inventory', '0.3.0'
 mod 'puppetlabs-http_request', '0.2.2'
 mod 'puppetlabs-pkcs7', '0.1.1'
 mod 'puppetlabs-secure_env_vars', '0.2.0'

data/bolt-modules/boltlib/lib/puppet/datatypes/containerresult.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+Puppet::DataTypes.create_type('ContainerResult') do
+  interface <<-PUPPET
+    attributes => {
+      'value' => Hash[String[1], Data],
+    },
+    functions => {
+      '[]' => Callable[[String[1]], Data],
+      error => Callable[[], Optional[Error]],
+      ok => Callable[[], Boolean],
+      status => Callable[[], String],
+      stdout => Callable[[], String],
+      stderr => Callable[[], String],
+      to_data => Callable[[], Hash]
+    }
+  PUPPET
+
+  load_file('bolt/container_result')
+
+  # Needed for Puppet to recognize Bolt::ContainerResult as a Puppet object when deserializing
+  Bolt::ContainerResult.include(Puppet::Pops::Types::PuppetObject)
+  implementation_class Bolt::ContainerResult
+end

data/bolt-modules/boltlib/lib/puppet/functions/run_container.rb

@@ -0,0 +1,162 @@
+# frozen_string_literal: true
+
+require 'bolt/container_result'
+require 'bolt/error'
+require 'bolt/util'
+
+# Run a container and return its output to stdout and stderr.
+#
+# > **Note:** Not available in apply block
+Puppet::Functions.create_function(:run_container) do
+  # Run a container.
+  # @param image The name of the image to run.
+  # @param options A hash of additional options.
+  # @option options [Boolean] _catch_errors Whether to catch raised errors.
+  # @option options [String] cmd A command to run in the container.
+  # @option options [Hash[String, Data]] env_vars Map of environment variables to set.
+  # @option options [Hash[Integer, Integer]] ports A map of container ports to
+  #   publish. Keys are the host port, values are the corresponding container
+  #   port.
+  # @option options [Boolean] rm Whether to remove the container once it exits.
+  # @option options [Hash[String, String]] volumes A map of absolute paths on
+  #   the host to absolute paths on the remote to mount.
+  # @option options [String] workdir The working directory within the container.
+  # @return Output from the container.
+  # @example Run Nginx proxy manager
+  #   run_container('jc21/nginx-proxy-manager', 'ports' => { 80 => 80, 81 => 81, 443 => 443 })
+  dispatch :run_container do
+    param 'String[1]', :image
+    optional_param 'Hash[String[1], Any]', :options
+    return_type 'ContainerResult'
+  end
+
+  def run_container(image, options = {})
+    unless Puppet[:tasks]
+      raise Puppet::ParseErrorWithIssue
+        .from_issue_and_stack(Bolt::PAL::Issues::PLAN_OPERATION_NOT_SUPPORTED_WHEN_COMPILING, action: 'run_container')
+    end
+
+    # Send Analytics Report
+    executor = Puppet.lookup(:bolt_executor)
+    executor.report_function_call(self.class.name)
+
+    options = options.transform_keys { |k| k.sub(/^_/, '').to_sym }
+    validate_options(options)
+
+    if options.key?(:env_vars)
+      options[:env_vars] = options[:env_vars].transform_values do |val|
+        [Array, Hash].include?(val.class) ? val.to_json : val
+      end
+    end
+
+    if options[:ports]
+      ports = options[:ports].each_with_object([]) do |(host_port, container_port), acc|
+        acc << "-p"
+        acc << "#{host_port}:#{container_port}"
+      end
+    end
+
+    if options[:volumes]
+      volumes = options[:volumes].each_with_object([]) do |(host_path, remote_path), acc|
+        begin
+          FileUtils.mkdir_p(host_path)
+        rescue StandardError => e
+          message = "Unable to create host volume directory #{host_path}: #{e.message}"
+          raise Bolt::Error.new(message, 'bolt/file-error')
+        end
+        acc << "-v"
+        acc << "#{host_path}:#{remote_path}"
+      end
+    end
+
+    # Run the container
+    # `docker run` will automatically pull the image if it isn't already downloaded
+    cmd = %w[run]
+    cmd += Bolt::Util.format_env_vars_for_cli(options[:env_vars]) if options[:env_vars]
+    cmd += volumes if volumes
+    cmd += ports if ports
+    cmd << "--rm" if options[:rm]
+    cmd += %W[-w #{options[:workdir]}] if options[:workdir]
+    cmd << image
+    cmd += Shellwords.shellsplit(options[:cmd]) if options[:cmd]
+
+    executor.publish_event(type: :container_start, image: image)
+    out, err, status = Bolt::Util.exec_docker(cmd)
+
+    o = out.is_a?(String) ? out.dup.force_encoding('utf-8') : out
+    e = err.is_a?(String) ? err.dup.force_encoding('utf-8') : err
+
+    unless status.exitstatus.zero?
+      result = Bolt::ContainerResult.from_exception(e,
+                                                    status.exitstatus,
+                                                    image,
+                                                    position: Puppet::Pops::PuppetStack.top_of_stack)
+      executor.publish_event(type: :container_finish, result: result)
+      if options[:catch_errors]
+        return result
+      else
+        raise Bolt::ContainerFailure, result
+      end
+    end
+
+    value = { 'stdout' => o, 'stderr' => e, 'exit_code' => status.exitstatus }
+    result = Bolt::ContainerResult.new(value, object: image)
+    executor.publish_event(type: :container_finish, result: result)
+    result
+  end
+
+  def validate_options(options)
+    if options.key?(:env_vars)
+      ev = options[:env_vars]
+      unless ev.is_a?(Hash)
+        msg = "Option 'env_vars' must be a hash. Received #{ev} which is a #{ev.class}"
+        raise Bolt::ValidationError, msg
+      end
+
+      if (bad_keys = ev.keys.reject { |k| k.is_a?(String) }).any?
+        msg = "Keys for option 'env_vars' must be strings: #{bad_keys.map(&:inspect).join(', ')}"
+        raise Bolt::ValidationError, msg
+      end
+    end
+
+    if options.key?(:volumes)
+      volumes = options[:volumes]
+      unless volumes.is_a?(Hash)
+        msg = "Option 'volumes' must be a hash. Received #{volumes} which is a #{volumes.class}"
+        raise Bolt::ValidationError, msg
+      end
+
+      if (bad_vs = volumes.reject { |k, v| k.is_a?(String) && v.is_a?(String) }).any?
+        msg = "Option 'volumes' only accepts strings for keys and values. "\
+          "Received: #{bad_vs.map(&:inspect).join(', ')}"
+        raise Bolt::ValidationError, msg
+      end
+    end
+
+    if options.key?(:cmd) && !options[:cmd].is_a?(String)
+      cmd = options[:cmd]
+      msg = "Option 'cmd' must be a string. Received #{cmd} which is a #{cmd.class}"
+      raise Bolt::ValidationError, msg
+    end
+
+    if options.key?(:workdir) && !options[:workdir].is_a?(String)
+      wd = options[:workdir]
+      msg = "Option 'workdir' must be a string. Received #{wd} which is a #{wd.class}"
+      raise Bolt::ValidationError, msg
+    end
+
+    if options.key?(:ports)
+      ports = options[:ports]
+      unless ports.is_a?(Hash)
+        msg = "Option 'ports' must be a hash. Received #{ports} which is a #{ports.class}"
+        raise Bolt::ValidationError, msg
+      end
+
+      if (bad_ps = ports.reject { |k, v| k.is_a?(Integer) && v.is_a?(Integer) }).any?
+        msg = "Option 'ports' only accepts integers for keys and values. "\
+          "Received: #{bad_ps.map(&:inspect).join(', ')}"
+        raise Bolt::ValidationError, msg
+      end
+    end
+  end
+end

data/bolt-modules/boltlib/types/planresult.pp

@@ -12,5 +12,6 @@ type Boltlib::PlanResult = Variant[Boolean,
                                    ResultSet,
                                    Target,
                                    ResourceInstance,
+                                   ContainerResult,
                                    Array[Boltlib::PlanResult],
                                    Hash[String, Boltlib::PlanResult]]

data/lib/bolt/container_result.rb

@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'bolt/error'
+require 'bolt/result'
+
+module Bolt
+  class ContainerResult
+    attr_reader :value, :object
+
+    def self.from_exception(exception, exit_code, image, position: [])
+      details = Bolt::Result.create_details(position)
+      error = {
+        'kind' => 'puppetlabs.tasks/container-error',
+        'issue_code' => 'CONTAINER_ERROR',
+        'msg' => "Error running container '#{image}': #{exception}",
+        'details' => details
+      }
+      error['details']['exit_code'] = exit_code
+      ContainerResult.new({ '_error' => error }, object: image)
+    end
+
+    def _pcore_init_hash
+      { 'value' => @value,
+        'object' => @image }
+    end
+
+    # First argument can't be named given the way that Puppet deserializes variables
+    def initialize(value = nil, object: nil)
+      @value = value || {}
+      @object = object
+    end
+
+    def eql?(other)
+      self.class == other.class &&
+        value == other.value
+    end
+    alias == eql?
+
+    def [](key)
+      value[key]
+    end
+
+    def to_json(opts = nil)
+      to_data.to_json(opts)
+    end
+    alias to_s to_json
+
+    # This is the value with all non-UTF-8 characters removed, suitable for
+    # printing or converting to JSON. It *should* only be possible to have
+    # non-UTF-8 characters in stdout/stderr keys as they are not allowed from
+    # tasks but we scrub the whole thing just in case.
+    def safe_value
+      Bolt::Util.walk_vals(value) do |val|
+        if val.is_a?(String)
+          # Replace invalid bytes with hex codes, ie. \xDE\xAD\xBE\xEF
+          val.scrub { |c| c.bytes.map { |b| "\\x" + b.to_s(16).upcase }.join }
+        else
+          val
+        end
+      end
+    end
+
+    def stdout
+      value['stdout']
+    end
+
+    def stderr
+      value['stderr']
+    end
+
+    def to_data
+      {
+        "object" => object,
+        "status" => status,
+        "value" => safe_value
+      }
+    end
+
+    def status
+      ok? ? 'success' : 'failure'
+    end
+
+    def ok?
+      error_hash.nil?
+    end
+    alias ok ok?
+    alias success? ok?
+
+    # This allows access to errors outside puppet compilation
+    # it should be prefered over error in bolt code
+    def error_hash
+      value['_error']
+    end
+
+    # Warning: This will fail outside of a compilation.
+    # Use error_hash inside bolt.
+    # Is it crazy for this to behave differently outside a compiler?
+    def error
+      if error_hash
+        Puppet::DataTypes::Error.from_asserted_hash(error_hash)
+      end
+    end
+  end
+end

data/lib/bolt/error.rb

@@ -61,6 +61,21 @@ module Bolt
     end
   end
 
+  class ContainerFailure < Bolt::Error
+    attr_reader :result
+
+    def initialize(result)
+      details = {
+        'value' => result.value,
+        'object' => result.object
+      }
+      message = "Plan aborted: Running container '#{result.object}' failed."
+      super(message, 'bolt/container-failure', details)
+      @result = result
+      @error_code = 2
+    end
+  end
+
   class RunFailure < Bolt::Error
     attr_reader :result_set
 

data/lib/bolt/executor.rb

@@ -217,7 +217,7 @@ module Bolt
       results
     end
 
-    def report_transport(transport, count)
+    private def report_transport(transport, count)
       name = transport.class.name.split('::').last.downcase
       unless @reported_transports.include?(name)
         @analytics&.event('Transport', 'initialize', label: name, value: count)
@@ -475,7 +475,7 @@ module Bolt
       Time.now
     end
 
-    def wait_until(timeout, retry_interval)
+    private def wait_until(timeout, retry_interval)
       start = wait_now
       until yield
         raise(TimeoutError, 'Timed out waiting for target') if (wait_now - start).to_i >= timeout

data/lib/bolt/inventory/options.rb

@@ -11,8 +11,10 @@ module Bolt
         facts
         features
         groups
+        plugin_hooks
         targets
         vars
+        version
       ].freeze
 
       # Definitions used to validate the data.
@@ -123,6 +125,13 @@ module Bolt
           description: "A map of variables for the group or target.",
           type: Hash,
           _plugin: true
+        },
+        "version" => {
+          description: "The version of the inventory file.",
+          type: Integer,
+          _plugin: false,
+          _example: 2,
+          _default: 2
         }
       }.freeze
     end

data/lib/bolt/inventory/target.rb

@@ -92,6 +92,7 @@ module Bolt
       end
 
       def add_facts(new_facts = {})
+        validate_fact_names(new_facts)
         @facts = Bolt::Util.deep_merge(@facts, new_facts)
       end
 
@@ -153,9 +154,24 @@ module Bolt
           raise Bolt::UnknownTransportError.new(transport, uri)
         end
 
+        validate_fact_names(facts)
+
         transport_config
       end
 
+      # Validate fact names and issue a deprecation warning if any fact names have a dot.
+      #
+      private def validate_fact_names(facts)
+        if (dotted = facts.keys.select { |name| name.include?('.') }).any?
+          Bolt::Logger.deprecate(
+            'dotted_fact_name',
+            "Target '#{safe_name}' includes dotted fact names: '#{dotted.join("', '")}'. Dotted fact "\
+            "names are deprecated and Bolt does not automatically convert facts with dotted names to "\
+            "structured facts. For more information, see https://pup.pt/bolt-dotted-facts"
+          )
+        end
+      end
+
       def host
         @uri_obj.hostname || transport_config['host']
       end

data/lib/bolt/outputter/human.rb

@@ -92,6 +92,10 @@ module Bolt
             print_plan_start(event)
           when :plan_finish
             print_plan_finish(event)
+          when :container_start
+            print_container_start(event) if plan_logging?
+          when :container_finish
+            print_container_finish(event) if plan_logging?
           when :start_spin
             start_spin
           when :stop_spin
@@ -112,6 +116,34 @@ module Bolt
         @stream.puts(colorize(:green, "Started on #{target.safe_name}..."))
       end
 
+      def print_container_result(result)
+        if result.success?
+          @stream.puts(colorize(:green, "Finished running container #{result.object}:"))
+        else
+          @stream.puts(colorize(:red, "Failed running container #{result.object}:"))
+        end
+
+        if result.error_hash
+          @stream.puts(colorize(:red, remove_trail(indent(2, result.error_hash['msg']))))
+          return 0
+        end
+
+        # Only print results if there's something other than empty string and hash
+        safe_value = result.safe_value
+        if safe_value['stdout'].strip.empty? && safe_value['stderr'].strip.empty?
+          @stream.puts(indent(2, "Running container #{result.object} completed successfully with no result"))
+        else
+          unless safe_value['stdout'].strip && safe_value['stdout'].strip.empty?
+            @stream.puts(indent(2, "STDOUT:"))
+            @stream.puts(indent(4, safe_value['stdout']))
+          end
+          unless safe_value['stderr'].strip.empty?
+            @stream.puts(indent(2, "STDERR:"))
+            @stream.puts(indent(4, safe_value['stderr']))
+          end
+        end
+      end
+
       def print_result(result)
         if result.success?
           @stream.puts(colorize(:green, "Finished on #{result.target.safe_name}:"))
@@ -180,6 +212,25 @@ module Bolt
         @stream.puts(colorize(:green, message))
       end
 
+      def print_container_start(image:, **_kwargs)
+        @stream.puts(colorize(:green, "Starting: run container '#{image}'"))
+      end
+
+      def print_container_finish(event)
+        result = if event[:result].is_a?(Bolt::ContainerFailure)
+                   event[:result].result
+                 else
+                   event[:result]
+                 end
+
+        if result.success?
+          @stream.puts(colorize(:green, "Finished: run container '#{result.object}' succeeded."))
+        else
+          @stream.puts(colorize(:red, "Finished: run container '#{result.object}' failed."))
+        end
+        print_container_result(result) if @verbose
+      end
+
       def print_plan_start(event)
         @plan_depth += 1
         # We use this event to both mark the start of a plan _and_ to enable
@@ -445,6 +496,10 @@ module Bolt
           @stream.puts("Plan completed successfully with no result")
         when Bolt::ApplyFailure, Bolt::RunFailure
           print_result_set(value.result_set)
+        when Bolt::ContainerResult
+          print_container_result(value)
+        when Bolt::ContainerFailure
+          print_container_result(value.result)
         when Bolt::ResultSet
           print_result_set(value)
         else

data/lib/bolt/outputter/logger.rb

@@ -20,6 +20,10 @@ module Bolt
           log_plan_start(event)
         when :plan_finish
           log_plan_finish(event)
+        when :container_start
+          log_container_start(event)
+        when :container_finish
+          log_container_finish(event)
         end
       end
 
@@ -48,6 +52,19 @@ module Bolt
         duration = event[:duration]
         @logger.info("Finished: plan #{plan} in #{duration.round(2)} sec")
       end
+
+      def log_container_start(event)
+        @logger.info("Starting: run container '#{event[:image]}'")
+      end
+
+      def log_container_finish(event)
+        result = event[:result]
+        if result.success?
+          @logger.info("Finished: run container '#{result.object}' succeeded.")
+        else
+          @logger.info("Finished: run container '#{result.object}' failed.")
+        end
+      end
     end
   end
 end

data/lib/bolt/result.rb

@@ -164,15 +164,12 @@ module Bolt
         target == other.target &&
         value == other.value
     end
+    alias == eql?
 
     def [](key)
       value[key]
     end
 
-    def ==(other)
-      eql?(other)
-    end
-
     def to_json(opts = nil)
       to_data.to_json(opts)
     end

data/lib/bolt/transport/docker/connection.rb

@@ -34,6 +34,11 @@ module Bolt
           @container_info["Id"]
         end
 
+        private def env_hash
+          # Set the DOCKER_HOST if we are using a non-default service-url
+          @docker_host.nil? ? {} : { 'DOCKER_HOST' => @docker_host }
+        end
+
         def connect
           # We don't actually have a connection, but we do need to
           # check that the container exists and is running.
@@ -54,10 +59,7 @@ module Bolt
         end
 
         def add_env_vars(env_vars)
-          @env_vars = env_vars.each_with_object([]) do |env_var, acc|
-            acc << "--env"
-            acc << "#{env_var[0]}=#{env_var[1]}"
-          end
+          @env_vars = Bolt::Util.format_env_vars_for_cli(env_vars)
         end
 
         # Executes a command inside the target container. This is called from the shell class.
@@ -88,9 +90,9 @@ module Bolt
 
         def upload_file(source, destination)
           @logger.trace { "Uploading #{source} to #{destination}" }
-          _stdout, stderr, status = execute_local_command('cp', [source, "#{container_id}:#{destination}"])
-          unless status.exitstatus.zero?
-            raise "Error writing to container #{container_id}: #{stderr}"
+          _out, err, stat = Bolt::Util.exec_docker(['cp', source, "#{container_id}:#{destination}"], env_hash)
+          unless stat.exitstatus.zero?
+            raise "Error writing to container #{container_id}: #{err}"
           end
         rescue StandardError => e
           raise Bolt::Node::FileError.new(e.message, 'WRITE_ERROR')
@@ -102,31 +104,14 @@ module Bolt
           # copy the *contents* of the directory.
           # https://docs.docker.com/engine/reference/commandline/cp/
           FileUtils.mkdir_p(destination)
-          _stdout, stderr, status = execute_local_command('cp', ["#{container_id}:#{source}", destination])
-          unless status.exitstatus.zero?
-            raise "Error downloading content from container #{container_id}: #{stderr}"
+          _out, err, stat = Bolt::Util.exec_docker(['cp', "#{container_id}:#{source}", destination], env_hash)
+          unless stat.exitstatus.zero?
+            raise "Error downloading content from container #{container_id}: #{err}"
           end
         rescue StandardError => e
           raise Bolt::Node::FileError.new(e.message, 'WRITE_ERROR')
         end
 
-        # Executes a Docker CLI command. This is useful for running commands as
-        # part of this class without having to go through the `execute`
-        # function and manage pipes.
-        #
-        # @param subcommand [String] The docker subcommand to run
-        #   e.g. 'inspect' for `docker inspect`
-        # @param arguments [Array] Arguments to pass to the docker command
-        #   e.g. 'src' and 'dest' for `docker cp <src> <dest>
-        # @return [String, String, Process::Status] The output of the command: STDOUT, STDERR, Process Status
-        private def execute_local_command(subcommand, arguments = [])
-          # Set the DOCKER_HOST if we are using a non-default service-url
-          env_hash = @docker_host.nil? ? {} : { 'DOCKER_HOST' => @docker_host }
-          docker_command = [subcommand].concat(arguments)
-
-          Open3.capture3(env_hash, 'docker', *docker_command, { binmode: true })
-        end
-
         # Executes a Docker CLI command and parses the output in JSON format
         #
         # @param subcommand [String] The docker subcommand to run
@@ -135,14 +120,14 @@ module Bolt
         #   e.g. 'src' and 'dest' for `docker cp <src> <dest>
         # @return [Object] Ruby object representation of the JSON string
         private def execute_local_json_command(subcommand, arguments = [])
-          command_options = ['--format', '{{json .}}'].concat(arguments)
-          stdout, _stderr, _status = execute_local_command(subcommand, command_options)
-          extract_json(stdout)
+          cmd = [subcommand, '--format', '{{json .}}'].concat(arguments)
+          out, _err, _stat = Bolt::Util.exec_docker(cmd, env_hash)
+          extract_json(out)
         end
 
         # Converts the JSON encoded STDOUT string from the docker cli into ruby objects
         #
-        # @param stdout_string [String] The string to convert
+        # @param stdout [String] The string to convert
         # @return [Object] Ruby object representation of the JSON string
         private def extract_json(stdout)
           # The output from the docker format command is a JSON string per line.

data/lib/bolt/util.rb

@@ -332,6 +332,29 @@ module Bolt
         end
       end
 
+      # Executes a Docker CLI command. This is useful for running commands as
+      # part of this class without having to go through the `execute`
+      # function and manage pipes.
+      #
+      # @param cmd [String] The docker command and arguments to run
+      #   e.g. 'cp <src> <dest>' for `docker cp <src> <dest>`
+      # @return [String, String, Process::Status] The output of the command: STDOUT, STDERR, Process Status
+      def exec_docker(cmd, env = {})
+        Open3.capture3(env, 'docker', *cmd, { binmode: true })
+      end
+
+      # Formats a map of environment variables to be passed to a command that
+      # accepts repeated `--env` flags
+      #
+      # @param env_vars [Hash] A map of environment variables keys and their values
+      # @return [String]
+      def format_env_vars_for_cli(env_vars)
+        @env_vars = env_vars.each_with_object([]) do |(key, value), acc|
+          acc << "--env"
+          acc << "#{key}=#{value}"
+        end
+      end
+
       def unix_basename(path)
         raise Bolt::ValidationError, "path must be a String, received #{path.class} #{path}" unless path.is_a?(String)
         path.split('/').last

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '3.4.0'
+  VERSION = '3.5.0'
 end

data/lib/bolt_spec/plans/mock_executor.rb

@@ -17,7 +17,7 @@ module BoltSpec
 
     # Nothing on the executor is 'public'
     class MockExecutor
-      attr_reader :noop, :error_message, :in_parallel
+      attr_reader :noop, :error_message, :in_parallel, :transports
       attr_accessor :run_as, :transport_features, :execute_any_plan
 
       def initialize(modulepath)
@@ -91,6 +91,14 @@ module BoltSpec
         result
       end
 
+      def run_task_with(target_mapping, task, options = {}, _position = [])
+        resultsets = target_mapping.map do |target, arguments|
+          run_task([target], task, arguments, options)
+        end.compact
+
+        Bolt::ResultSet.new(resultsets.map(&:results).flatten)
+      end
+
       def download_file(targets, source, destination, options = {}, _position = [])
         result = nil
         if (doub = @download_doubles[source] || @download_doubles[:default])
@@ -210,16 +218,6 @@ module BoltSpec
         yield
       end
 
-      def report_function_call(_function); end
-
-      def report_bundled_content(_mode, _name); end
-
-      def report_file_source(_plan_function, _source); end
-
-      def report_apply(_statements, _resources); end
-
-      def report_yaml_plan(_plan); end
-
       def publish_event(event)
         if event[:type] == :message
           unless @stub_out_message
@@ -257,6 +255,87 @@ module BoltSpec
         end.new(transport_features)
       end
       # End apply_prep mocking
+
+      # Evaluates a `parallelize()` block and returns the result. Normally,
+      # Bolt's executor wraps this in a Yarn for each object passed to the
+      # `parallelize()` function, and then executes them in parallel before
+      # returning the result from the block. However, in BoltSpec the block is
+      # executed for each object sequentially, and this function returns the
+      # result itself.
+      #
+      def create_yarn(scope, block, object, _index)
+        # Create the new scope
+        newscope = Puppet::Parser::Scope.new(scope.compiler)
+        local = Puppet::Parser::Scope::LocalScope.new
+
+        # Compress the current scopes into a single vars hash to add to the new scope
+        current_scope = scope.effective_symtable(true)
+        until current_scope.nil?
+          current_scope.instance_variable_get(:@symbols)&.each_pair { |k, v| local[k] = v }
+          current_scope = current_scope.parent
+        end
+        newscope.push_ephemerals([local])
+
+        begin
+          result = catch(:return) do
+            args = { block.parameters[0][1].to_s => object }
+            block.closure.call_by_name_with_scope(newscope, args, true)
+          end
+
+          # If we got a return from the block, get it's value
+          # Otherwise the result is the last line from the block
+          result = result.value if result.is_a?(Puppet::Pops::Evaluator::Return)
+
+          # Validate the result is a PlanResult
+          unless Puppet::Pops::Types::TypeParser.singleton.parse('Boltlib::PlanResult').instance?(result)
+            raise Bolt::InvalidParallelResult.new(result.to_s, *Puppet::Pops::PuppetStack.top_of_stack)
+          end
+
+          result
+        rescue Puppet::PreformattedError => e
+          if e.cause.is_a?(Bolt::Error)
+            e.cause
+          else
+            raise e
+          end
+        end
+      end
+
+      # BoltSpec already evaluated the `parallelize()` block for each object
+      # passed to the function, so these results can be returned as-is.
+      #
+      def round_robin(results)
+        results
+      end
+
+      # Public methods on Bolt::Executor that need to be mocked so there aren't
+      # "undefined method" errors.
+
+      def batch_execute(_targets); end
+
+      def finish_plan(_plan_result); end
+
+      def handle_event(_event); end
+
+      def prompt(_prompt, _options); end
+
+      def report_function_call(_function); end
+
+      def report_bundled_content(_mode, _name); end
+
+      def report_file_source(_plan_function, _source); end
+
+      def report_apply(_statements, _resources); end
+
+      def report_yaml_plan(_plan); end
+
+      def shutdown; end
+
+      def start_plan(_plan_context); end
+
+      def subscribe(_subscriber, _types = nil); end
+
+      def unsubscribe(_subscriber, _types = nil); end
     end
   end
 end

data/modules/puppet_connect/plans/test_input_data.pp

@@ -13,6 +13,19 @@
 #
 plan puppet_connect::test_input_data(TargetSpec $targets = 'all') {
   $targs = get_targets($targets)
+  $unique_plugins = $targs.group_by |$t| {$t.plugin_hooks['puppet_library']}
+  if ($unique_plugins.keys.length > 1) {
+    out::message('Multiple puppet_library plugin hooks detected')
+    $unique_plugins.each |$plug, $target_list| {
+      $target_message = if ($target_list.length > 10) {
+                          "${target_list.length} targets"
+                        } else {
+                          $target_list.join(', ')
+                        }
+      out::message("Plugin hook ${plug} configured for ${target_message}")
+    }
+    fail_plan("The puppet_library plugin config must be the same across all targets")
+  }
   $targs.each |$target| {
     case $target.transport {
       'ssh': {
@@ -59,6 +72,15 @@ plan puppet_connect::test_input_data(TargetSpec $targets = 'all') {
         fail_plan("Inventory contains target ${target} with unsupported transport, must be ssh or winrm")
       }
     }
+
+    # Bolt defaults to using the "module" based form of the puppet_agent plugin. Connect defaults
+    # to using the "task" based form as *only* the task based form in supported in Connect. This check
+    # ensures that if the default is not being used, only task based plugins are allowed.
+    $plugin = $target.plugin_hooks["puppet_library"]
+    $user_configured_plugin = $plugin != { "plugin"=> "puppet_agent", "stop_service"=> true }
+    if ($user_configured_plugin and $plugin["plugin"] != "task"){
+      fail_plan("Only task plugins are acceptable for puppet_library hook")
+    }
   }
   # The SSH/WinRM transports will report an 'unknown host' error for targets where
   # 'host' is unknown so run_command's implementation will take care of raising that

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 3.4.0
+  version: 3.5.0
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-03-23 00:00:00.000000000 Z
+date: 2021-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -398,6 +398,7 @@ extra_rdoc_files: []
 files:
 - Puppetfile
 - bolt-modules/boltlib/lib/puppet/datatypes/applyresult.rb
+- bolt-modules/boltlib/lib/puppet/datatypes/containerresult.rb
 - bolt-modules/boltlib/lib/puppet/datatypes/resourceinstance.rb
 - bolt-modules/boltlib/lib/puppet/datatypes/result.rb
 - bolt-modules/boltlib/lib/puppet/datatypes/resultset.rb
@@ -419,6 +420,7 @@ files:
 - bolt-modules/boltlib/lib/puppet/functions/resolve_references.rb
 - bolt-modules/boltlib/lib/puppet/functions/resource.rb
 - bolt-modules/boltlib/lib/puppet/functions/run_command.rb
+- bolt-modules/boltlib/lib/puppet/functions/run_container.rb
 - bolt-modules/boltlib/lib/puppet/functions/run_plan.rb
 - bolt-modules/boltlib/lib/puppet/functions/run_script.rb
 - bolt-modules/boltlib/lib/puppet/functions/run_task.rb
@@ -474,6 +476,7 @@ files:
 - lib/bolt/config/transport/remote.rb
 - lib/bolt/config/transport/ssh.rb
 - lib/bolt/config/transport/winrm.rb
+- lib/bolt/container_result.rb
 - lib/bolt/error.rb
 - lib/bolt/executor.rb
 - lib/bolt/inventory.rb