bolt 1.6.0 → 1.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 557353adda3a863e4f748933cb24860616848d1696d9f0914be23474616f43ca
-  data.tar.gz: 91dc4d72ba25e2e827c5bf170574bedef50c744a4e31ac48684699ff59cdf753
+  metadata.gz: cd168415311b9cd4c08f4bbd2a22df94d9ba2f513fa989868507118065720ce8
+  data.tar.gz: c5504e881412f51be3a583bb8d091370e4b571ef1a3ed46bca436e433d98fc96
 SHA512:
-  metadata.gz: 6a4c8b39f2c353498168cf89a5e70f7b4699e6332e2826efd24a905d94ca7b52ec76a6db98e94f83fe5f7fce4b6c7f58cbc51b56e79b3fce3acf0f014f2669f8
-  data.tar.gz: 6bf22f4aaef6a2741b64d77b900c9a85fd3c3588feb4a071d582415afbc5ecc479048ba7aea9912131c383d5ec2e3966682f5ea8a3cade87722a927d12275c7e
+  metadata.gz: 6934e093666be2c77949a390411237128fd535ac2dbe86435e4a34718eb7f72f39c5ba2412085e02d875daf7b677ffea45acc391bf3a82eb41ad607b8fc8e58e
+  data.tar.gz: e7decf1272c8654b10dbb513a1d89cdb6b49ee90f81e562c9f234d235b75e592c0e8f4d8dcabaf7653d75e9f737eb87cac8f16e68c9453f73651edeecd95f636

data/bolt-modules/boltlib/lib/puppet/functions/apply_prep.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require 'fileutils'
 require 'bolt/task'
 
 # Installs the puppet-agent package on targets if needed then collects facts, including any custom

data/bolt-modules/boltlib/lib/puppet/functions/get_resources.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+require 'bolt/task'
+
+# Query the state of resources on a list of targets using resource definitions in Bolt's modulepath.
+# The results are returned as a list of hashes representing each resource.
+#
+# Requires the Puppet Agent be installed on the target, which can be accomplished with apply_prep
+# or by directly running the puppet_agent::install task.
+Puppet::Functions.create_function(:get_resources) do
+  # @param targets A pattern or array of patterns identifying a set of targets.
+  # @param resources A resource type or instance, or an array of such.
+  # @example Collect resource states for packages and a file
+  #   get_resources('target1,target2', [Package, File[/etc/puppetlabs]])
+  dispatch :get_resources do
+    param 'Boltlib::TargetSpec', :targets
+    param 'Variant[String, Resource, Array[Variant[String, Resource]]]', :resources
+  end
+
+  def script_compiler
+    @script_compiler ||= Puppet::Pal::ScriptCompiler.new(closure_scope.compiler)
+  end
+
+  def run_task(executor, targets, name, args = {})
+    tasksig = script_compiler.task_signature(name)
+    raise Bolt::Error.new("#{name} could not be found", 'bolt/get-resources') unless tasksig
+
+    task = Bolt::Task.new(tasksig.task_hash)
+    results = executor.run_task(targets, task, args)
+    raise Bolt::RunFailure.new(results, 'run_task', task.name) unless results.ok?
+    results
+  end
+
+  def get_resources(target_spec, resources)
+    applicator = Puppet.lookup(:apply_executor) { nil }
+    executor = Puppet.lookup(:bolt_executor) { nil }
+    inventory = Puppet.lookup(:bolt_inventory) { nil }
+    unless applicator && executor && inventory && Puppet.features.bolt?
+      raise Puppet::ParseErrorWithIssue.from_issue_and_stack(
+        Puppet::Pops::Issues::TASK_MISSING_BOLT, action: _('get_resources')
+      )
+    end
+
+    resources = [resources].flatten
+    resources.each do |resource|
+      if resource !~ /^\w+$/ && resource !~ /^\w+\[.+\]$/
+        raise Bolt::Error.new("#{resource} is not a valid resource type or type instance name", 'bolt/get-resources')
+      end
+    end
+
+    executor.report_function_call('get_resources')
+
+    targets = inventory.get_targets(target_spec)
+
+    executor.log_action('gather resources', targets) do
+      executor.without_default_logging do
+        # Gather facts, including custom facts
+        plugins = applicator.build_plugin_tarball do |mod|
+          search_dirs = []
+          search_dirs << mod.plugins if mod.plugins?
+          search_dirs << mod.pluginfacts if mod.pluginfacts?
+          search_dirs
+        end
+
+        task = applicator.query_resources_task
+        arguments = {
+          'resources' => resources,
+          'plugins' => Puppet::Pops::Types::PSensitiveType::Sensitive.new(plugins)
+        }
+        results = executor.run_task(targets, task, arguments)
+        raise Bolt::RunFailure.new(results, 'run_task', task.name) unless results.ok?
+        results
+      end
+    end
+  end
+end

data/lib/bolt/applicator.rb

@@ -56,6 +56,15 @@ module Bolt
       end
     end
 
+    def query_resources_task
+      @query_resources_task ||= begin
+        path = File.join(libexec, 'query_resources.rb')
+        file = { 'name' => 'query_resources.rb', 'path' => path }
+        metadata = { 'supports_noop' => true, 'input_method' => 'stdin' }
+        Bolt::Task.new(name: 'apply_helpers::query_resources', files: [file], metadata: metadata)
+      end
+    end
+
     def compile(target, ast, plan_vars)
       trusted = Puppet::Context::TrustedInformation.new('local', target.host, {})
 

data/lib/bolt/bolt_option_parser.rb

@@ -214,7 +214,7 @@ Usage: bolt apply <manifest.pp> [options]
              'Maximum number of simultaneous manifest block compiles (default: number of cores)') do |concurrency|
         @options[:'compile-concurrency'] = concurrency
       end
-      define('--modulepath MODULES',
+      define('-m', '--modulepath MODULES',
              "List of directories containing modules, separated by '#{File::PATH_SEPARATOR}'") do |modulepath|
         # When specified from the CLI, modulepath entries are relative to pwd
         @options[:modulepath] = modulepath.split(File::PATH_SEPARATOR).map do |moduledir|
@@ -229,7 +229,7 @@ Usage: bolt apply <manifest.pp> [options]
              'Specify where to load config from (default: ~/.puppetlabs/bolt/bolt.yaml)') do |path|
         @options[:configfile] = path
       end
-      define('--inventoryfile FILEPATH',
+      define('-i', '--inventoryfile FILEPATH',
              'Specify where to load inventory from (default: ~/.puppetlabs/bolt/inventory.yaml)') do |path|
         if ENV.include?(Bolt::Inventory::ENVIRONMENT_VAR)
           raise Bolt::CLIError, "Cannot pass inventory file when #{Bolt::Inventory::ENVIRONMENT_VAR} is set"
@@ -262,7 +262,7 @@ Usage: bolt apply <manifest.pp> [options]
       define('-h', '--help', 'Display help') do |_|
         @options[:help] = true
       end
-      define('--verbose', 'Display verbose logging') do |_|
+      define('-v', '--verbose', 'Display verbose logging') do |_|
         @options[:verbose] = true
       end
       define('--debug', 'Display debug logging') do |_|

data/lib/bolt/config.rb

@@ -146,7 +146,12 @@ module Bolt
       # Expand paths relative to the Boltdir. Any settings that came from the
       # CLI will already be absolute, so the expand will be skipped.
       if data.key?('modulepath')
-        @modulepath = data['modulepath'].split(File::PATH_SEPARATOR).map do |moduledir|
+        moduledirs = if data['modulepath'].is_a?(String)
+                       data['modulepath'].split(File::PATH_SEPARATOR)
+                     else
+                       data['modulepath']
+                     end
+        @modulepath = moduledirs.map do |moduledir|
           File.expand_path(moduledir, @boltdir.path)
         end
       end

data/lib/bolt/transport/ssh.rb

@@ -9,7 +9,8 @@ module Bolt
   module Transport
     class SSH < Base
       def self.options
-        %w[port user password sudo-password private-key host-key-check connect-timeout tmpdir run-as tty run-as-command]
+        %w[port user password sudo-password private-key host-key-check
+           connect-timeout tmpdir run-as tty run-as-command proxyjump]
       end
 
       def provided_features

data/lib/bolt/transport/ssh/connection.rb

@@ -5,6 +5,7 @@ require 'shellwords'
 require 'bolt/node/errors'
 require 'bolt/node/output'
 require 'bolt/util'
+require 'net/ssh/proxy/jump'
 
 module Bolt
   module Transport
@@ -116,6 +117,8 @@ module Bolt
                                       end
           options[:timeout] = target.options['connect-timeout'] if target.options['connect-timeout']
 
+          options[:proxy] = Net::SSH::Proxy::Jump.new(target.options['proxyjump']) if target.options['proxyjump']
+
           if @load_config
             # Mirroring:
             # https://github.com/net-ssh/net-ssh/blob/master/lib/net/ssh/authentication/agent.rb#L80

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '1.6.0'
+  VERSION = '1.7.0'
 end

data/lib/bolt_spec/plans.rb

@@ -211,6 +211,11 @@ module BoltSpec
       nil
     end
 
+    def allow_get_resources
+      allow_task('apply_helpers::query_resources')
+      nil
+    end
+
     # Example helpers to mock other run functions
     # The with_targets method makes sense for all stubs
     # with_params could be reused for options

data/lib/bolt_spec/plans/action_stubs.rb

@@ -36,7 +36,7 @@ module BoltSpec
       def initialize(expect = false)
         @calls = 0
         @expect = expect
-        @expected_calls = 1
+        @expected_calls = nil
         # invocation spec
         @invocation = {}
         # return value
@@ -63,6 +63,7 @@ module BoltSpec
       # This changes the stub from an allow to an expect which will validate
       # that it has been called.
       def expect_call
+        @expected_calls = 1
         @expect = true
         self
       end

data/lib/bolt_spec/plans/action_stubs/script_stub.rb

@@ -31,7 +31,7 @@ module BoltSpec
       end
 
       def parameters
-        @invocation[:arguments] + @invocation[:options]
+        @invocation[:arguments] + @invocation[:options] if @invocation.include[:arguments]
       end
 
       def result_for(target, stdout: '', stderr: '')

data/lib/bolt_spec/plans/action_stubs/task_stub.rb

@@ -30,7 +30,7 @@ module BoltSpec
       end
 
       def parameters
-        @invocation[:arguments] + @invocation[:options]
+        @invocation[:arguments] + @invocation[:options] if @invocation.include?(:arguments)
       end
 
       # Allow any data.

data/lib/bolt_spec/run.rb

@@ -9,7 +9,6 @@ require 'bolt/puppetdb'
 require 'bolt/util'
 
 # This is intended to provide a relatively stable method of executing bolt in process from tests.
-# Currently it provides run_task, run_plan, run_script and run_command helpers.
 module BoltSpec
   module Run
     def run_task(task_name, targets, params = nil, config: nil, inventory: nil)
@@ -49,6 +48,27 @@ module BoltSpec
       Bolt::Util.walk_keys(result, &:to_s)
     end
 
+    def apply_manifest(manifest, targets, execute: false, noop: false, config: nil, inventory: nil)
+      # The execute parameter is equivalent to the --execute option
+      if execute
+        code = manifest
+      else
+        begin
+          unless File.stat(manifest).readable?
+            raise BOLT::FileError.new("The manifest '#{manifest}' is unreadable", manifest)
+          end
+        rescue Errno::ENOENT
+          raise Bolt::FileError.new("The manifest '#{manifest}' does not exist", manifest)
+        end
+        code = File.read(File.expand_path(manifest))
+        filename = manifest
+      end
+      result = BoltRunner.with_runner(config, inventory) do |runner|
+        runner.apply_manifest(code, targets, filename, noop)
+      end
+      JSON.parse(result.to_json)
+    end
+
     class BoltRunner
       # Creates a temporary boltdir so no settings are picked up
       # WARNING: puppetdb config and orch config which do not use the boltdir may
@@ -107,6 +127,20 @@ module BoltSpec
         targets = inventory.get_targets(targets)
         executor.run_script(targets, script, arguments, options)
       end
+
+      def apply_manifest(code, targets, filename = nil, noop = false)
+        ast = pal.parse_manifest(code, filename)
+        executor = Bolt::Executor.new(config.concurrency, @analytics, noop)
+        targets = inventory.get_targets(targets)
+
+        pal.in_plan_compiler(executor, inventory, puppetdb_client) do |compiler|
+          compiler.call_function('apply_prep', targets)
+        end
+
+        pal.with_bolt_executor(executor, inventory, puppetdb_client) do
+          Puppet.lookup(:apply_executor).apply_ast(ast, targets, '_catch_errors' => true, '_noop' => noop)
+        end
+      end
     end
   end
 end

data/libexec/query_resources.rb

@@ -0,0 +1,49 @@
+#! /opt/puppetlabs/puppet/bin/ruby
+# frozen_string_literal: true
+
+require 'json'
+require 'puppet'
+require 'puppet/module_tool/tar'
+require 'tempfile'
+
+args = JSON.parse(STDIN.read)
+
+RESOURCE_INSTANCE = /^([^\[]+)\[([^\]]+)\]$/.freeze
+
+def instance(type_name, resource_name)
+  resource = Puppet::Resource.indirection.find("#{type_name}/#{resource_name}")
+  stringify_resource(resource)
+end
+
+Dir.mktmpdir do |puppet_root|
+  # Create temporary directories for all core Puppet settings so we don't clobber
+  # existing state or read from puppet.conf. Also create a temporary modulepath.
+  moduledir = File.join(puppet_root, 'modules')
+  Dir.mkdir(moduledir)
+  cli = Puppet::Settings::REQUIRED_APP_SETTINGS.flat_map do |setting|
+    ["--#{setting}", File.join(puppet_root, setting.to_s.chomp('dir'))]
+  end
+  cli << '--modulepath' << moduledir
+  Puppet.initialize_settings(cli)
+
+  Tempfile.open('plugins.tar.gz') do |plugins|
+    File.binwrite(plugins, Base64.decode64(args['plugins']))
+    Puppet::ModuleTool::Tar.instance.unpack(plugins, moduledir, Etc.getlogin || Etc.getpwuid.name)
+  end
+
+  env = Puppet.lookup(:environments).get('production')
+  env.each_plugin_directory do |dir|
+    $LOAD_PATH << dir unless $LOAD_PATH.include?(dir)
+  end
+
+  resources = args['resources'].flat_map do |resource_desc|
+    if (match = RESOURCE_INSTANCE.match(resource_desc))
+      Puppet::Resource.indirection.find("#{match[1]}/#{match[2]}", environment: env)
+    else
+      Puppet::Resource.indirection.search(resource_desc, environment: env)
+    end
+  end
+  puts({ 'resources' => resources }.to_json)
+end
+
+exit 0

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 1.6.0
+  version: 1.7.0
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-12-13 00:00:00.000000000 Z
+date: 2018-12-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -301,6 +301,7 @@ files:
 - bolt-modules/boltlib/lib/puppet/functions/apply_prep.rb
 - bolt-modules/boltlib/lib/puppet/functions/facts.rb
 - bolt-modules/boltlib/lib/puppet/functions/fail_plan.rb
+- bolt-modules/boltlib/lib/puppet/functions/get_resources.rb
 - bolt-modules/boltlib/lib/puppet/functions/get_targets.rb
 - bolt-modules/boltlib/lib/puppet/functions/puppetdb_fact.rb
 - bolt-modules/boltlib/lib/puppet/functions/puppetdb_query.rb
@@ -390,6 +391,7 @@ files:
 - libexec/apply_catalog.rb
 - libexec/bolt_catalog
 - libexec/custom_facts.rb
+- libexec/query_resources.rb
 - modules/aggregate/lib/puppet/functions/aggregate/count.rb
 - modules/aggregate/lib/puppet/functions/aggregate/nodes.rb
 - modules/aggregate/plans/count.pp