bolt 0.20.5 → 0.20.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: be38f987a3976c357fd09e70de9ad65509014fd7
-  data.tar.gz: c92478de40249c5714dc67490b378dee76bd3f97
+  metadata.gz: ecd8364f409304d8286adae0544a3f2b34038403
+  data.tar.gz: e13c9abe1b098794394947baec4da9d349a922fe
 SHA512:
-  metadata.gz: e8094e1f2879c548bdd4f37af9419fbac6d6acefacfa32eead97fd020cdf301682060f6f1c482e9dd4ff4f8ddc41d7c6a0e94761099013bf006814c0a440d008
-  data.tar.gz: a76234f46802619085b65907b5f38f4c83c5865ffd91a7a45ad6472461ae78d7cc7eb7cb3b776a49263f1af72715986b972123fb1e168cdb466c1a39d1e953df
+  metadata.gz: d98430251616d064eb98830532ce8c7de35c4f60b7b55768b9d82a9fbbb9c183363888da3e98d2d915df9637ff488893a495f6a5fe0a6254ed329ecfa2077908
+  data.tar.gz: 99827f1b25b5b83849c9900551168f3377b2f3b99da600c32f9284173247988c6fbf550ac737f81875d32ea78cf2885d2b9395879e314f6d64d4eb53ae2ff835

data/bolt-modules/boltlib/lib/puppet/datatypes/target.rb

@@ -14,7 +14,7 @@ Puppet::DataTypes.create_type('Target') do
       protocol => Callable[[], Optional[String[1]]],
       user => Callable[[], Optional[String[1]]],
     }
-    PUPPET
+  PUPPET
 
   load_file('bolt/target')
 

data/lib/bolt/analytics.rb

@@ -0,0 +1,160 @@
+# frozen_string_literal: true
+
+require 'bolt/version'
+require 'httpclient'
+require 'json'
+require 'locale'
+require 'logging'
+require 'securerandom'
+
+module Bolt
+  module Analytics
+    PROTOCOL_VERSION = 1
+    APPLICATION_NAME = 'bolt'
+    TRACKING_ID = 'UA-120367942-1'
+    TRACKING_URL = 'https://google-analytics.com/collect'
+
+    def self.build_client
+      logger = Logging.logger[self]
+
+      config_file = File.expand_path('~/.puppetlabs/bolt/analytics.yaml')
+      config = load_config(config_file)
+
+      if config['disabled'] || ENV['BOLT_DISABLE_ANALYTICS']
+        logger.debug "Analytics opt-out is set, analytics will be disabled"
+        NoopClient.new
+      else
+        unless config.key?('user-id')
+          config['user-id'] = SecureRandom.uuid
+          write_config(config_file, config)
+        end
+
+        Client.new(config['user-id'])
+      end
+    rescue StandardError => e
+      logger.debug "Failed to initialize analytics client, analytics will be disabled: #{e}"
+      NoopClient.new
+    end
+
+    def self.load_config(filename)
+      if File.exist?(filename)
+        YAML.load_file(filename)
+      else
+        {}
+      end
+    end
+
+    def self.write_config(filename, config)
+      FileUtils.mkdir_p(File.dirname(filename))
+      File.write(filename, config.to_yaml)
+    end
+
+    class Client
+      attr_reader :user_id
+
+      def initialize(user_id)
+        @logger = Logging.logger[self]
+        @http = HTTPClient.new
+        @user_id = user_id
+        @executor = Concurrent.global_io_executor
+        @os = compute_os
+      end
+
+      def screen_view(screen)
+        screen_view_params = {
+          # Type
+          t: 'screenview',
+          # Screen Name
+          cd: screen
+        }
+
+        submit(base_params.merge(screen_view_params))
+      end
+
+      def event(category, action, label = nil, value = nil)
+        event_params = {
+          # Type
+          t: 'event',
+          # Event Category
+          ec: category,
+          # Event Action
+          ea: action
+        }
+
+        # Event Label
+        event_params[:el] = label if label
+        # Event Value
+        event_params[:ev] = value if value
+
+        submit(base_params.merge(event_params))
+      end
+
+      def submit(params)
+        # Handle analytics submission in the background to avoid blocking the
+        # app or polluting the log with errors
+        Concurrent::Future.execute(executor: @executor) do
+          @logger.debug "Submitting analytics: #{JSON.pretty_generate(params)}"
+          @http.post(TRACKING_URL, params)
+          @logger.debug "Completed analytics submission"
+        end
+      end
+
+      # These parameters have terrible names. See this page for complete documentation:
+      # https://developers.google.com/analytics/devguides/collection/protocol/v1/parameters
+      def base_params
+        {
+          v: PROTOCOL_VERSION,
+          # Client ID
+          cid: @user_id,
+          # Tracking ID
+          tid: TRACKING_ID,
+          # Application Name
+          an: APPLICATION_NAME,
+          # Application Version
+          av: Bolt::VERSION,
+          # Anonymize IPs
+          aip: true,
+          # User locale
+          ul: Locale.current.to_rfc,
+          # Custom Dimension 1 (Operating System)
+          cd1: @os.value
+        }
+      end
+
+      def compute_os
+        Concurrent::Future.execute(executor: @executor) do
+          require_relative '../../vendored/require_vendored'
+          require 'facter'
+          os = Facter.value('os')
+          "#{os['name']} #{os.dig('release', 'major')}"
+        end
+      end
+
+      # If the user is running a very fast command, there may not be time for
+      # analytics submission to complete before the command is finished. In
+      # that case, we give a little buffer for any stragglers to finish up.
+      # 250ms strikes a balance between accomodating slower networks while not
+      # introducing a noticeable "hang".
+      def finish
+        @executor.shutdown
+        @executor.wait_for_termination(0.25)
+      end
+    end
+
+    class NoopClient
+      def initialize
+        @logger = Logging.logger[self]
+      end
+
+      def screen_view(screen)
+        @logger.debug "Skipping submission of '#{screen}' screenview because analytics is disabled"
+      end
+
+      def event(category, action, _label = nil, _value = nil)
+        @logger.debug "Skipping submission of '#{category} #{action}' event because analytics is disabled"
+      end
+
+      def finish; end
+    end
+  end
+end

data/lib/bolt/cli.rb

@@ -6,6 +6,7 @@ require 'json'
 require 'io/console'
 require 'logging'
 require 'optparse'
+require 'bolt/analytics'
 require 'bolt/config'
 require 'bolt/error'
 require 'bolt/executor'
@@ -493,6 +494,15 @@ Available options are:
         exit!
       end
 
+      @analytics = Bolt::Analytics.build_client
+
+      screen = "#{options[:mode]}_#{options[:action]}"
+      # submit a different screen for `bolt task show` and `bolt task show foo`
+      if options[:action] == 'show' && options[:object]
+        screen += '_object'
+      end
+      @analytics.screen_view(screen)
+
       if options[:mode] == 'plan' || options[:mode] == 'task'
         pal = Bolt::PAL.new(config)
       end
@@ -540,17 +550,16 @@ Available options are:
                          params: params }
         plan_context[:description] = options[:description] if options[:description]
 
-        executor = Bolt::Executor.new(config, options[:noop])
+        executor = Bolt::Executor.new(config, @analytics, options[:noop])
         executor.start_plan(plan_context)
         result = pal.run_plan(options[:object], options[:task_options], executor, inventory, puppetdb_client)
 
         # If a non-bolt exeception bubbles up the plan won't get finished
-        # TODO: finish the plan once ORCH-2224
-        # executor.finish_plan(result)
+        executor.finish_plan(result)
         outputter.print_plan_result(result)
         code = result.ok? ? 0 : 1
       else
-        executor = Bolt::Executor.new(config, options[:noop])
+        executor = Bolt::Executor.new(config, @analytics, options[:noop])
         targets = options[:targets]
 
         results = nil
@@ -606,6 +615,7 @@ Available options are:
     ensure
       # restore original signal handler
       Signal.trap :INT, handler if handler
+      @analytics&.finish
     end
 
     def validate_file(type, path)

data/lib/bolt/executor.rb

@@ -5,6 +5,8 @@ require 'English'
 require 'json'
 require 'concurrent'
 require 'logging'
+require 'set'
+require 'bolt/analytics'
 require 'bolt/result'
 require 'bolt/config'
 require 'bolt/notifier'
@@ -16,14 +18,18 @@ module Bolt
     attr_reader :noop, :transports
     attr_accessor :run_as, :plan_logging
 
-    def initialize(config = Bolt::Config.new, noop = nil)
+    def initialize(config = Bolt::Config.new, analytics = Bolt::Analytics::NoopClient.new, noop = nil)
       @config = config
+      @analytics = analytics
       @logger = Logging.logger[self]
       @plan_logging = false
 
       @transports = Bolt::TRANSPORTS.each_with_object({}) do |(key, val), coll|
-        coll[key.to_s] = Concurrent::Delay.new { val.new }
+        coll[key.to_s] = Concurrent::Delay.new do
+          val.new
+        end
       end
+      @reported_transports = Set.new
 
       @noop = noop
       @run_as = nil
@@ -50,6 +56,7 @@ module Bolt
     def batch_execute(targets)
       promises = targets.group_by(&:protocol).flat_map do |protocol, protocol_targets|
         transport = transport(protocol)
+        report_transport(transport, protocol_targets.count)
         transport.batches(protocol_targets).flat_map do |batch|
           batch_promises = Array(batch).each_with_object({}) do |target, h|
             h[target] = Concurrent::Promise.new(executor: :immediate)
@@ -110,6 +117,12 @@ module Bolt
     end
     private :log_action
 
+    def report_transport(transport, count)
+      name = transport.class.name.split('::').last.downcase
+      @analytics&.event('Transport', 'initialize', name, count) unless @reported_transports.include?(name)
+      @reported_transports.add(name)
+    end
+
     def with_node_logging(description, batch)
       @logger.info("#{description} on #{batch.map(&:uri)}")
       result = yield

data/lib/bolt/pal.rb

@@ -3,6 +3,7 @@
 require 'bolt/executor'
 require 'bolt/error'
 require 'bolt/plan_result'
+require 'bolt/util'
 
 module Bolt
   class PAL
@@ -54,7 +55,7 @@ module Bolt
     end
 
     def self.load_puppet
-      if Gem.win_platform?
+      if Bolt::Util.windows?
         # Windows 'fix' for openssl behaving strangely. Prevents very slow operation
         # of random_bytes later when establishing winrm connections from a Windows host.
         # See https://github.com/rails/rails/issues/25805 for background.
@@ -64,6 +65,7 @@ module Bolt
 
       begin
         require_relative '../../vendored/require_vendored'
+        require 'puppet_pal'
       rescue LoadError
         raise Bolt::Error.new("Puppet must be installed to execute tasks", "bolt/puppet-missing")
       end

data/lib/bolt/puppetdb/config.rb

@@ -1,30 +1,35 @@
 # frozen_string_literal: true
 
 require 'json'
+require 'bolt/util'
 
 module Bolt
   module PuppetDB
     class Config
       DEFAULT_TOKEN = File.expand_path('~/.puppetlabs/token')
-      DEFAULT_CONFIG = File.expand_path('~/.puppetlabs/client-tools/puppetdb.conf')
+      DEFAULT_CONFIG = { user: File.expand_path('~/.puppetlabs/client-tools/puppetdb.conf'),
+                         global: '/etc/puppetlabs/client-tools/puppetdb.conf',
+                         win_global: 'C:/ProgramData/PuppetLabs/client-tools/puppetdb.conf' }.freeze
 
       def initialize(config_file, options)
         @settings = load_config(config_file)
         @settings.merge!(options)
-
         expand_paths
         validate
       end
 
       def load_config(filename)
+        global_path = Bolt::Util.windows? ? DEFAULT_CONFIG[:win_global] : DEFAULT_CONFIG[:global]
         if filename
           if File.exist?(filename)
             config = JSON.parse(File.read(filename))
           else
             raise Bolt::PuppetDBError, "config file #{filename} does not exist"
           end
-        elsif File.exist?(DEFAULT_CONFIG)
-          config = JSON.parse(File.read(DEFAULT_CONFIG))
+        elsif File.exist?(DEFAULT_CONFIG[:user])
+          config = JSON.parse(File.read(DEFAULT_CONFIG[:user]))
+        elsif File.exist?(global_path)
+          config = JSON.parse(File.read(global_path))
         else
           config = {}
         end

data/lib/bolt/transport/local.rb

@@ -5,6 +5,7 @@ require 'fileutils'
 require 'tmpdir'
 require 'bolt/transport/base'
 require 'bolt/result'
+require 'bolt/util'
 
 module Bolt
   module Transport
@@ -20,7 +21,7 @@ module Bolt
       def initialize
         super
 
-        if Gem.win_platform?
+        if Bolt::Util.windows?
           raise NotImplementedError, "The local transport is not yet implemented on Windows"
         else
           @conn = Shell.new
@@ -83,7 +84,7 @@ module Bolt
         executable = target.select_impl(task, PROVIDED_FEATURES)
         raise "No suitable implementation of #{task.name} for #{target.name}" unless executable
 
-        input_method = task.input_method
+        input_method = task.input_method || "both"
         stdin = STDIN_METHODS.include?(input_method) ? JSON.dump(arguments) : nil
         env = ENVIRONMENT_METHODS.include?(input_method) ? arguments : nil
 

data/lib/bolt/transport/orch.rb

@@ -42,7 +42,7 @@ module Bolt
             begin
               conn.finish_plan(result)
             rescue StandardError => e
-              @logger.error("Failed to finish plan on #{conn.key}: #{e.message}")
+              @logger.debug("Failed to finish plan on #{conn.key}: #{e.message}")
             end
           end
         end

data/lib/bolt/transport/orch/connection.rb

@@ -28,6 +28,7 @@ module Bolt
 
           @client = OrchestratorClient.new(client_opts, true)
           @plan_job = start_plan(plan_context)
+          logger.debug("Started plan #{@plan_job}")
           @environment = opts["task-environment"]
         end
 

data/lib/bolt/transport/ssh.rb

@@ -9,7 +9,7 @@ module Bolt
   module Transport
     class SSH < Base
       def self.options
-        %w[port user password sudo-password private-key host-key-check connect-timeout tmpdir run-as tty]
+        %w[port user password sudo-password private-key host-key-check connect-timeout tmpdir run-as tty run-as-command]
       end
 
       PROVIDED_FEATURES = ['shell'].freeze
@@ -39,6 +39,11 @@ module Bolt
           error_msg = "connect-timeout value must be an Integer, received #{timeout_value}:#{timeout_value.class}"
           raise Bolt::ValidationError, error_msg
         end
+
+        run_as_cmd = options['run-as-command']
+        if run_as_cmd && (!run_as_cmd.is_a?(Array) || run_as_cmd.any? { |n| !n.is_a?(String) })
+          raise Bolt::ValidationError, "run-as-command must be an Array of Strings, received #{run_as_cmd}"
+        end
       end
 
       def initialize
@@ -113,7 +118,7 @@ module Bolt
         executable = target.select_impl(task, PROVIDED_FEATURES)
         raise "No suitable implementation of #{task.name} for #{target.name}" unless executable
 
-        input_method = task.input_method
+        input_method = task.input_method || "both"
         with_connection(target) do |conn|
           conn.running_as(options['_run_as']) do
             stdin, output = nil

data/lib/bolt/transport/ssh/connection.rb

@@ -4,6 +4,7 @@ require 'logging'
 require 'shellwords'
 require 'bolt/node/errors'
 require 'bolt/node/output'
+require 'bolt/util'
 
 module Bolt
   module Transport
@@ -24,12 +25,22 @@ module Bolt
           def chown(owner)
             return if owner.nil? || owner == @owner
 
-            @owner = owner
-            result = @node.execute(['chown', '-R', "#{@owner}:", @path], sudoable: true, run_as: 'root')
+            result = @node.execute(['id', '-g', owner])
+            if result.exit_code != 0
+              message = "Could not identify group of user #{owner}: #{result.stderr.string}"
+              raise Bolt::Node::FileError.new(message, 'ID_ERROR')
+            end
+            group = result.stdout.string.chomp
+
+            # Chown can only be run by root.
+            result = @node.execute(['chown', '-R', "#{owner}:#{group}", @path], sudoable: true, run_as: 'root')
             if result.exit_code != 0
-              message = "Could not change owner of '#{@path}' to #{@owner}: #{result.stderr.string}"
+              message = "Could not change owner of '#{@path}' to #{owner}: #{result.stderr.string}"
               raise Bolt::Node::FileError.new(message, 'CHOWN_ERROR')
             end
+
+            # File ownership successfully changed, record the new owner.
+            @owner = owner
           end
 
           def delete
@@ -52,7 +63,7 @@ module Bolt
           @logger = Logging.logger[@target.host]
         end
 
-        if !!File::ALT_SEPARATOR
+        if Bolt::Util.windows?
           require 'ffi'
           module Win
             extend FFI::Library
@@ -95,7 +106,7 @@ module Bolt
               @logger.debug { "Disabling use_agent in net-ssh: ssh-agent is not available" }
               options[:use_agent] = false
             end
-          elsif !!File::ALT_SEPARATOR
+          elsif Bolt::Util.windows?
             pageant_wide = 'Pageant'.encode('UTF-16LE')
             if Win.FindWindow(pageant_wide, pageant_wide).to_i == 0
               @logger.debug { "Disabling use_agent in net-ssh: pageant process not running" }
@@ -160,6 +171,8 @@ module Bolt
               channel.wait
               return true
             else
+              # Cancel the sudo prompt to prevent later commands getting stuck
+              channel.close
               raise Bolt::Node::EscalateError.new(
                 "Sudo password for user #{@user} was not provided for #{target.uri}",
                 'NO_PASSWORD'
@@ -184,14 +197,20 @@ module Bolt
         def execute(command, sudoable: false, **options)
           result_output = Bolt::Node::Output.new
           run_as = options[:run_as] || self.run_as
-          use_sudo = sudoable && run_as && @user != run_as
+          escalate = sudoable && run_as && @user != run_as
+          use_sudo = escalate && @target.options['run-as-command'].nil?
 
           command_str = command.is_a?(String) ? command : Shellwords.shelljoin(command)
-          if use_sudo
-            sudo_flags = ["sudo", "-S", "-u", run_as, "-p", sudo_prompt]
-            sudo_flags += ["-E"] if options[:environment]
-            sudo_str = Shellwords.shelljoin(sudo_flags)
-            command_str = "#{sudo_str} #{command_str}"
+          if escalate
+            if use_sudo
+              sudo_flags = ["sudo", "-S", "-u", run_as, "-p", sudo_prompt]
+              sudo_flags += ["-E"] if options[:environment]
+              sudo_str = Shellwords.shelljoin(sudo_flags)
+              command_str = "#{sudo_str} #{command_str}"
+            else
+              run_as_str = Shellwords.shelljoin(@target.options['run-as-command'] + [run_as])
+              command_str = "#{run_as_str} #{command_str}"
+            end
           end
 
           # Including the environment declarations in the shelljoin will escape
@@ -221,14 +240,14 @@ module Bolt
                 unless use_sudo && handled_sudo(channel, data)
                   result_output.stdout << data
                 end
-                @logger.debug { "stdout: #{data}" }
+                @logger.debug { "stdout: #{data.strip}" }
               end
 
               channel.on_extended_data do |_, _, data|
                 unless use_sudo && handled_sudo(channel, data)
                   result_output.stderr << data
                 end
-                @logger.debug { "stderr: #{data}" }
+                @logger.debug { "stderr: #{data.strip}" }
               end
 
               channel.on_request("exit-status") do |_, data|
@@ -249,6 +268,9 @@ module Bolt
             @logger.info { "Command failed with exit code #{result_output.exit_code}" }
           end
           result_output
+        rescue StandardError
+          @logger.debug { "Command aborted" }
+          raise
         end
 
         def write_remote_file(source, destination)
@@ -258,12 +280,10 @@ module Bolt
         end
 
         def make_tempdir
-          if target.options['tmpdir']
-            tmppath = "#{target.options['tmpdir']}/#{SecureRandom.uuid}"
-            command = ['mkdir', '-m', 700, tmppath]
-          else
-            command = ['mktemp', '-d']
-          end
+          tmpdir = target.options.fetch('tmpdir', '/tmp')
+          tmppath = "#{tmpdir}/#{SecureRandom.uuid}"
+          command = ['mkdir', '-m', 700, tmppath]
+
           result = execute(command)
           if result.exit_code != 0
             raise Bolt::Node::FileError.new("Could not make tempdir: #{result.stderr.string}", 'TEMPDIR_ERROR')