bolt 1.30.0 → 1.30.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f863b5a29cc2286bc59ed3e987545be4e692c3b17e026ea33b4529625677c086
-  data.tar.gz: 65a2a7eff22001527871c72fcda6a65eeb6f8a943e1c043c232e1bd873dc9c27
+  metadata.gz: b5c70a9312d9fa6f384b140fec6cbc3c173906e9b428e0d3b19faaab91cf6590
+  data.tar.gz: 10fe1a0b13b4bd489cd41a9b3971d6e5a8f797fced7ddd1faeaf33c09c9f3e28
 SHA512:
-  metadata.gz: 1a0c09806f427b335ed26848072de21ae37ac53d196329dd5f8bcb5e1458460fc59804272a35336c9fc3196067bd74642baa9ac3a50be884eda99aba646c008b
-  data.tar.gz: d0dbfa6c28ab4a7c0f753e91c99ee0bf4379fe9e1843c7124d52555ea4fdc5ed9c7c46d6783206cb1b518f9e463dbe6d693c115c79c261ec7ae0adda99bab0b8
+  metadata.gz: 26f36949b058636604697ba4804e1aeb3068c94dd49890c19f336bb9afabe3256f5383661e876881d51b95c667d6c9f4f6bf149566d9d06e54c21456a6de1301
+  data.tar.gz: cc48faf53683fac36548175e42466a80330580942b48f3bdfd2fae060e1e91eef67b289c1e751e58bde2be3ab459bd52a5a2460e3c108468b77fc82ff4c37800

data/bolt-modules/boltlib/lib/puppet/functions/apply_prep.rb

@@ -28,7 +28,7 @@ Puppet::Functions.create_function(:apply_prep) do
   end
 
   def inventory
-    Puppet.lookup(:bolt_inventory)
+    @inventory ||= Puppet.lookup(:bolt_inventory)
   end
 
   def get_task(name, params = {})
@@ -61,7 +61,7 @@ Puppet::Functions.create_function(:apply_prep) do
   end
 
   def executor
-    Puppet.lookup(:bolt_executor)
+    @executor ||= Puppet.lookup(:bolt_executor)
   end
 
   def apply_prep(target_spec)

data/lib/bolt/applicator.rb

@@ -195,6 +195,7 @@ module Bolt
               arguments = {
                 'catalog' => Puppet::Pops::Types::PSensitiveType::Sensitive.new(catalog),
                 'plugins' => Puppet::Pops::Types::PSensitiveType::Sensitive.new(plugins),
+                '_task' => catalog_apply_task.name,
                 '_noop' => options['_noop']
               }
 
@@ -204,6 +205,8 @@ module Bolt
                 end
                 @executor.publish_event(event)
               end
+              # Respect the run_as default set on the executor
+              options = { '_run_as' => @executor.run_as }.merge(options) if @executor.run_as
               results = transport.batch_task(batch, catalog_apply_task, arguments, options, &callback)
               Array(results).map { |result| ApplyResult.from_task_result(result) }
             end

data/lib/bolt/transport/powershell.rb

@@ -193,7 +193,7 @@ PROCESS{
     return $xml.Objects | ConvertFrom-Xml
   }
   $propbag = @{}
-  foreach ($name in Get-Member -InputObject $xml -MemberType Properties | Where-Object{$_.Name -notmatch "^__|type"} | Select-Object -ExpandProperty name) {
+  foreach ($name in Get-Member -InputObject $xml -MemberType Properties | Where-Object{$_.Name -notmatch "^(__.*|type)$"} | Select-Object -ExpandProperty name) {
     Write-Debug "$Name Type: $($xml.$Name.type)" -Debug:$false
     $propbag."$Name" = Convert-Properties $xml."$name"
   }

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '1.30.0'
+  VERSION = '1.30.1'
 end

data/lib/bolt_server/file_cache.rb

@@ -83,7 +83,7 @@ module BoltServer
       begin
         client.request(req) do |resp|
           if resp.code != "200"
-            msg = "Failed to download task: #{resp.body}"
+            msg = "Failed to download file: #{resp.body}"
             @logger.warn resp.body
             raise Error, msg
           end
@@ -96,7 +96,7 @@ module BoltServer
           raise e
         else
           @logger.warn e
-          raise Error, "Failed to download task: #{e.message}"
+          raise Error, "Failed to download file: #{e.message}"
         end
       end
     ensure
@@ -157,7 +157,7 @@ module BoltServer
       file_dir = create_cache_dir(file_data['sha256'])
       file_path = File.join(file_dir, File.basename(file_data['filename']))
       if check_file(file_path, sha)
-        @logger.debug("Using prexisting task file: #{file_path}")
+        @logger.debug("Using prexisting file: #{file_path}")
         return file_path
       end
 

data/lib/bolt_server/schemas/action-check_node_connections.json

@@ -0,0 +1,14 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema#",
+  "title": "check_node_connections request",
+  "description": "POST <transport>/check_node_connections request schema",
+  "type": "object",
+  "properties": {
+    "targets": {
+      "type": "array",
+      "items": { "$ref": "partial:target-any" }
+    }
+  },
+  "required": ["targets"],
+  "additionalProperties": false
+}

data/lib/bolt_server/schemas/action-upload_file.json

@@ -0,0 +1,47 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema#",
+  "title": "upload_file request",
+  "description": "POST <transport>/upload_file request schema",
+  "type": "object",
+  "properties": {
+    "files": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties": {
+          "relative_path": {
+            "type": "string"
+          },
+          "uri": {
+            "type": "object",
+            "properties": {
+              "path": {
+                "type": "string"
+              },
+              "params": {
+                "type": "object"
+              }
+            },
+            "required": ["path", "params"]
+          },
+          "sha256": {
+            "type": "string"
+          },
+          "kind": {
+            "type": "string"
+          }
+        },
+        "required": ["relative_path", "uri", "sha256", "kind"]
+      }
+    },
+    "job_id": {
+      "type": "integer"
+    },
+    "destination": {
+      "type": "string"
+    },
+    "target": { "$ref": "partial:target-any" }
+  },
+  "required": ["files", "job_id", "destination", "target"],
+  "additionalProperties": false
+}

data/lib/bolt_server/schemas/transport-ssh.json

@@ -4,7 +4,22 @@
   "description": "POST /ssh/<action> request schema",
   "type": "object",
   "properties": {
-    "target": { "$ref": "partial:target-ssh" }
+    "target": { "$ref": "partial:target-ssh" },
+    "targets": {
+      "type": "array",
+      "items": {
+        "$ref": "partial:target-ssh"
+      }
+    }
   },
-  "required": ["target"]
+  "oneOf": [
+    {
+      "type": "object",
+      "required": ["target"]
+    },
+    {
+      "type": "object",
+      "required": ["targets"]
+    }
+  ]
 }

data/lib/bolt_server/schemas/transport-winrm.json

@@ -4,7 +4,16 @@
   "description": "POST /winrm/<action> request schema",
   "type": "object",
   "properties": {
-    "target": { "$ref": "partial:target-winrm" }
+    "target": { "$ref": "partial:target-winrm" },
+    "targets": {
+      "type": "array",
+      "items": {
+        "$ref": "partial:target-winrm"
+      }
+    }
   },
-  "required": ["target"]
+  "oneOf": [
+    { "required":  ["target"] },
+    { "required":  ["targets"] }
+  ]
 }

data/lib/bolt_server/transport_app.rb

@@ -19,7 +19,14 @@ module BoltServer
     PARTIAL_SCHEMAS = %w[target-any target-ssh target-winrm task].freeze
 
     # These schemas combine shared schemas to describe client requests
-    REQUEST_SCHEMAS = %w[action-run_task action-run_command transport-ssh transport-winrm].freeze
+    REQUEST_SCHEMAS = %w[
+      action-check_node_connections
+      action-run_command
+      action-run_task
+      action-upload_file
+      transport-ssh
+      transport-winrm
+    ].freeze
 
     def initialize(config)
       @config = config
@@ -56,21 +63,92 @@ module BoltServer
       end
     end
 
+    # Turns a Bolt::ResultSet object into a status hash that is fit
+    # to return to the client in a response.
+    #
+    # If the `result_set` has more than one result, the status hash
+    # will have a `status` value and a list of target `results`.
+    # If the `result_set` contains only one item, it will be returned
+    # as a single result object. Set `aggregate` to treat it as a set
+    # of results with length 1 instead.
+    def result_set_to_status_hash(result_set, aggregate: false)
+      scrubbed_results = result_set.map do |result|
+        scrub_stack_trace(result.status_hash)
+      end
+
+      if aggregate || scrubbed_results.length > 1
+        # For actions that act on multiple targets, construct a status hash for the aggregate result
+        all_succeeded = scrubbed_results.all? { |r| r[:status] == 'success' }
+        {
+          status: all_succeeded ? 'success' : 'failure',
+          result: scrubbed_results
+        }
+      else
+        # If there was only one target, return the first result on its own
+        scrubbed_results.first
+      end
+    end
+
     def run_task(target, body)
       error = validate_schema(@schemas["action-run_task"], body)
-      return [400, error.to_json] unless error.nil?
+      return [], error unless error.nil?
 
       task = Bolt::Task::PuppetServer.new(body['task'], @file_cache)
       parameters = body['parameters'] || {}
-      @executor.run_task(target, task, parameters)
+      [@executor.run_task(target, task, parameters), nil]
     end
 
     def run_command(target, body)
       error = validate_schema(@schemas["action-run_command"], body)
-      return [400, error.to_json] unless error.nil?
+      return [], error unless error.nil?
 
       command = body['command']
-      @executor.run_command(target, command)
+      [@executor.run_command(target, command), nil]
+    end
+
+    def check_node_connections(targets, body)
+      error = validate_schema(@schemas["action-check_node_connections"], body)
+      return [], error unless error.nil?
+
+      # Puppet Enterprise's orchestrator service uses the
+      # check_node_connections endpoint to check whether nodes that should be
+      # contacted over SSH or WinRM are responsive. The wait time here is 0
+      # because the endpoint is meant to be used for a single check of all
+      # nodes; External implementations of wait_until_available (like
+      # orchestrator's) should contact the endpoint in their own loop.
+      [@executor.wait_until_available(targets, wait_time: 0), nil]
+    end
+
+    def upload_file(target, body)
+      error = validate_schema(@schemas["action-upload_file"], body)
+      return [], error unless error.nil?
+
+      files = body['files']
+      destination = body['destination']
+      job_id = body['job_id']
+      cache_dir = @file_cache.create_cache_dir(job_id.to_s)
+      FileUtils.mkdir_p(cache_dir)
+      files.each do |file|
+        relative_path = file['relative_path']
+        uri = file['uri']
+        sha256 = file['sha256']
+        kind = file['kind']
+        path = File.join(cache_dir, relative_path)
+        if kind == 'file'
+          # The parent should already be created by `directory` entries,
+          # but this is to be on the safe side.
+          parent = File.dirname(path)
+          FileUtils.mkdir_p(parent)
+          @file_cache.download_file(path, sha256, uri)
+        elsif kind == 'directory'
+          # Create directory in cache so we can move files in.
+          FileUtils.mkdir_p(path)
+        else
+          return [400, Bolt::Error.new("Invalid `kind` of '#{kind}' supplied. Must be `file` or `directory`.",
+                                       'boltserver/schema-error').to_json]
+        end
+      end
+      [@executor.upload_file(target, cache_dir, destination), nil]
     end
 
     get '/' do
@@ -92,7 +170,31 @@ module BoltServer
       raise 'Unexpected error'
     end
 
-    ACTIONS = %w[run_task run_command].freeze
+    ACTIONS = %w[
+      check_node_connections
+      run_command
+      run_task
+      upload_file
+    ].freeze
+
+    def make_ssh_target(target_hash)
+      defaults = {
+        'host-key-check' => false
+      }
+
+      overrides = {
+        'load-config' => false
+      }
+
+      opts = defaults.merge(target_hash.clone).merge(overrides)
+
+      if opts['private-key-content']
+        private_key_content = opts.delete('private-key-content')
+        opts['private-key'] = { 'key-data' => private_key_content }
+      end
+
+      Bolt::Target.new(target_hash['hostname'], opts)
+    end
 
     post '/ssh/:action' do
       not_found unless ACTIONS.include?(params[:action])
@@ -103,20 +205,24 @@ module BoltServer
       error = validate_schema(@schemas["transport-ssh"], body)
       return [400, error.to_json] unless error.nil?
 
-      defaults = { 'host-key-check' => false }
-      opts = defaults.merge(body['target'])
-      if opts['private-key-content']
-        opts['private-key'] = { 'key-data' => opts['private-key-content'] }
-        opts.delete('private-key-content')
+      targets = (body['targets'] || [body['target']]).map do |target|
+        make_ssh_target(target)
       end
-      opts['load-config'] = false
-      target = [Bolt::Target.new(body['target']['hostname'], opts)]
 
-      results = method(params[:action]).call(target, body)
+      result_set, error = method(params[:action]).call(targets, body)
+      return [400, error.to_json] unless error.nil?
+
+      aggregate = body['target'].nil?
+      [200, result_set_to_status_hash(result_set, aggregate: aggregate).to_json]
+    end
+
+    def make_winrm_target(target_hash)
+      overrides = {
+        'protocol' => 'winrm'
+      }
 
-      # Since this will only be on one node we can just return the first result
-      result = scrub_stack_trace(results.first.status_hash)
-      [200, result.to_json]
+      opts = target_hash.clone.merge(overrides)
+      Bolt::Target.new(target_hash['hostname'], opts)
     end
 
     post '/winrm/:action' do
@@ -128,14 +234,15 @@ module BoltServer
       error = validate_schema(@schemas["transport-winrm"], body)
       return [400, error.to_json] unless error.nil?
 
-      opts = body['target'].clone.merge('protocol' => 'winrm')
-      target = [Bolt::Target.new(body['target']['hostname'], opts)]
+      targets = (body['targets'] || [body['target']]).map do |target|
+        make_winrm_target(target)
+      end
 
-      results = method(params[:action]).call(target, body)
+      result_set, error = method(params[:action]).call(targets, body)
+      return [400, error.to_json] if error
 
-      # Since this will only be on one node we can just return the first result
-      result = scrub_stack_trace(results.first.status_hash)
-      [200, result.to_json]
+      aggregate = body['target'].nil?
+      [200, result_set_to_status_hash(result_set, aggregate: aggregate).to_json]
     end
 
     error 404 do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 1.30.0
+  version: 1.30.1
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-09-05 00:00:00.000000000 Z
+date: 2019-09-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -441,8 +441,10 @@ files:
 - lib/bolt_server/base_config.rb
 - lib/bolt_server/config.rb
 - lib/bolt_server/file_cache.rb
+- lib/bolt_server/schemas/action-check_node_connections.json
 - lib/bolt_server/schemas/action-run_command.json
 - lib/bolt_server/schemas/action-run_task.json
+- lib/bolt_server/schemas/action-upload_file.json
 - lib/bolt_server/schemas/partials/target-any.json
 - lib/bolt_server/schemas/partials/target-ssh.json
 - lib/bolt_server/schemas/partials/target-winrm.json