kafo 6.4.0 → 6.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4298932fae581df1967c430be034c621ed435954ac95acf7cf7b23c9b7692d40
-  data.tar.gz: 8ce698b286d5ec94c19adfcfc23e541c8b0599cb1399e689ee00b4413668552c
+  metadata.gz: 674a595f056324470ff9175d38779f7ab8c153e044ab4892dc99ca0d6487b7ba
+  data.tar.gz: 83ffe976aa56291ebad41e0e7ba22d72908bbe299d926bb1af1aa5b1fbef0a75
 SHA512:
-  metadata.gz: 769146a010f1007993961a0075a03b1cbf9c4055a59bd8259940379662eaa36003ad5a83b746452e8dd0b35ea47640eb1a3064516a7a776d6e8030c6403321a1
-  data.tar.gz: dd05194e14a17c54a205b5eacc35677b78fe4f036b8ab851972a8301c59b1e327555dd065772d82476a190d878d50226ed0253afe1c5dc129496ee316555bac3
+  metadata.gz: a8b66a8f86409186fbf2ed5fde7b6b7eb9f6e2fadf4ab33234df205fa4702cadae85021ef043ea096f5450e8735d6b81fade0d81530f2aae43a929dfa2ac8866
+  data.tar.gz: bc3475cace0ec33b3ffb983f8d5921e75b1695908b6f5386b716c3e90434e9ba69f18e38af2c8c0c35372887cec1cfa167ac45c9edb10294fe55cd1384d50ab8

data/README.md

@@ -493,6 +493,39 @@ as key:value.
 When parsing the value, the first colon divides key and value. All other
 colons are ignored.
 
+## Sensitive arguments
+
+Puppet's `Sensitive` data type can be used as long as it's configured in Hiera
+too. Given the following manifest:
+
+```puppet
+class example (
+  Sensitive[String[1]] $password,
+) {
+```
+
+Here the following Hiera configuration is needed:
+```yaml
+lookup_options:
+  example::password:
+    convert_to: "Sensitive"
+```
+
+This is based on [Puppet's documentation](https://puppet.com/docs/puppet/6/securing-sensitive-data.html).
+
+Note that to provide a default inside the manifest inheritance must be used.
+
+```puppet
+class example (
+  Sensitive[String[1]] $password = $example::params::password,
+) inherits example::params {
+}
+
+class example::params {
+  $password = Sensitive('supersecret')
+}
+```
+
 ## Default values
 
 Default values for parameters are read from the class definitions in the

data/lib/kafo/data_type.rb

@@ -130,4 +130,4 @@ require 'kafo/data_types/struct'
 require 'kafo/data_types/tuple'
 require 'kafo/data_types/type_reference'
 require 'kafo/data_types/undef'
-require 'kafo/data_types/variant'
+require 'kafo/data_types/wrapped_data_type'

data/lib/kafo/data_type_parser.rb

@@ -10,7 +10,7 @@ module Kafo
       @logger = KafoConfigure.logger
       @types = {}
       manifest.each_line do |line|
-        if (type = TYPE_DEFINITION.match(line))
+        if (type = TYPE_DEFINITION.match(line.force_encoding("UTF-8")))
           @types[type[1]] = type[2]
         end
       end

data/lib/kafo/data_types/scalar.rb

@@ -7,7 +7,7 @@ module Kafo
       def_delegators :@inner_type, :condition_value, :dump_default, :multivalued?, :typecast, :valid?
 
       def initialize
-        @inner_type = DataTypes::Variant.new('Integer', 'Float', 'String', 'Boolean', 'Regexp')
+        @inner_type = DataTypes::WrappedDataType.new('Integer', 'Float', 'String', 'Boolean', 'Regexp')
       end
     end
 

data/lib/kafo/data_types/{variant.rb → wrapped_data_type.rb}

@@ -1,6 +1,6 @@
 module Kafo
   module DataTypes
-    class Variant < DataType
+    class WrappedDataType < DataType
       def initialize(*inner_types)
         @inner_types = inner_types.map { |t| DataType.new_from_string(t) }
       end
@@ -16,7 +16,7 @@ module Kafo
       end
 
       def multivalued?
-        @inner_types.any? { |t| t.multivalued? }
+        @inner_types.any?(&:multivalued?)
       end
 
       def to_s
@@ -33,7 +33,7 @@ module Kafo
         if type
           type.valid?(value, errors)
         else
-          errors << "#{value} is not one of #{to_s}"
+          errors << "#{value} is not one of #{self}"
           false
         end
       end
@@ -45,6 +45,7 @@ module Kafo
       end
     end
 
-    DataType.register_type('Variant', Variant)
+    DataType.register_type('Sensitive', WrappedDataType)
+    DataType.register_type('Variant', WrappedDataType)
   end
 end

data/lib/kafo/fact_writer.rb

@@ -14,10 +14,9 @@ module Kafo
     end
 
     def self.wrapper
-      # Ruby 2.0 doesn't have <<~ heredocs
-      <<-WRAPPER
-      require 'yaml'
-      Facter.add(:kafo) { setcode { YAML.load_file(File.join(__dir__, '#{DATA_FILENAME}')) } }
+      <<~WRAPPER
+        require 'yaml'
+        Facter.add(:kafo) { setcode { YAML.load_file(File.join(__dir__, '#{DATA_FILENAME}')) } }
       WRAPPER
     end
   end

data/lib/kafo/kafo_configure.rb

@@ -525,8 +525,8 @@ module Kafo
               @progress_bar.update(line) if @progress_bar
             end
           rescue Errno::EIO # we reach end of input
-            exit_status = PTY.check(pid, true) if PTY.respond_to?(:check) # ruby >= 1.9.2
-            if exit_status.nil? # process is still running or we have old ruby so we don't know
+            exit_status = PTY.check(pid, true)
+            if exit_status.nil? # process is still running
               begin
                 Process.wait(pid)
               rescue Errno::ECHILD # process could exit meanwhile so we rescue
@@ -535,7 +535,7 @@ module Kafo
             end
           end
         end
-      rescue PTY::ChildExited => e # could be raised by Process.wait on older ruby or by PTY.check
+      rescue PTY::ChildExited => e # could be raised by PTY.check
         self.class.exit_handler.exit_code = e.status.exitstatus
       end
 
@@ -564,11 +564,7 @@ module Kafo
     end
 
     def normalize_encoding(line)
-      if line.respond_to?(:encode) && line.respond_to?(:valid_encoding?)
-        line.valid_encoding? ? line : line.encode('UTF-16be', :invalid => :replace, :replace => '?').encode('UTF-8')
-      else  # Ruby 1.8.7, doesn't worry about invalid encodings
-        line
-      end
+      line.valid_encoding? ? line : line.encode('UTF-16be', :invalid => :replace, :replace => '?').encode('UTF-8')
     end
   end
 end

data/lib/kafo/logger.rb

@@ -13,7 +13,13 @@ module Kafo
 
     def log(level, *args, &block)
       if Logging.buffering?
-        Logging.to_buffer(@name, level, args, &block)
+        if block_given?
+          data = yield
+        else
+          data = args
+        end
+
+        Logging.to_buffer(@name, ::Logging::LogEvent.new(@name, ::Logging::LEVELS[level.to_s], data, false))
       else
         Logging.dump_buffer if Logging.dump_needed?
         @logger.send(level, *args, &block)

data/lib/kafo/logging.rb

@@ -118,7 +118,7 @@ module Kafo
 
       def dump_buffer
         @buffer.each do |log|
-          ::Logging.logger[log[0]].send(log[1], *([log[2]].flatten(2)), &log[3])
+          ::Logging.logger[log[0]].send(:log_event, log[1])
         end
         @buffer.clear
       end

data/lib/kafo/puppet_module.rb

@@ -81,7 +81,7 @@ module Kafo
 
       self
     rescue ConfigurationException => e
-      @logger.fatal "Unable to continue because of: #{e.message}"
+      @logger.fatal "Unable to parse #{manifest_path} because of: #{e.message}"
       KafoConfigure.exit(:manifest_error)
     end
 

data/lib/kafo/version.rb

@@ -1,5 +1,5 @@
 # encoding: UTF-8
 module Kafo
   PARSER_CACHE_VERSION = 1
-  VERSION = "6.4.0"
+  VERSION = "6.4.1"
 end

data/modules/kafo_configure/lib/puppet/functions/kafo_configure/dump_lookups.rb

@@ -10,6 +10,13 @@ Puppet::Functions.create_function(:'kafo_configure::dump_lookups') do
   end
 
   def dump_lookups(parameters)
-    Hash[parameters.map { |param| [param, call_function('lookup', [param], 'default_value' => nil)] }]
+    Hash[parameters.map { |param| [param, lookup(param)] }]
+  end
+
+  private
+
+  def lookup(param)
+    value = call_function('lookup', [param], 'default_value' => nil)
+    value.respond_to?(:unwrap) ? value.unwrap : value
   end
 end

data/modules/kafo_configure/lib/puppet/functions/kafo_configure/dump_variables.rb

@@ -8,6 +8,12 @@ Puppet::Functions.create_function(:'kafo_configure::dump_variables') do
 
   def dump_variables(variables)
     scope = closure_scope
-    Hash[variables.map { |var| [var, scope[var]] }]
+    Hash[variables.map { |var| [var, unwrap(scope[var])] }]
+  end
+
+  private
+
+  def unwrap(value)
+    value.respond_to?(:unwrap) ? value.unwrap : value
   end
 end

data/modules/kafo_configure/spec/fixtures/hiera/test.yaml

@@ -2,3 +2,8 @@
 classes:
   - dummy
 my_module::param: override
+my_module::password: batteryhorsestaple
+
+lookup_options:
+  my_module::password:
+    convert_to: "Sensitive"

data/modules/kafo_configure/spec/fixtures/modules/dummy/manifests/init.pp

@@ -1,5 +1,6 @@
 class dummy (
   String $first = $dummy::params::first,
   Optional[Integer] $second = undef,
+  Sensitive[String[1]] $password = $dummy::params::password,
 ) inherits dummy::params {
 }

data/modules/kafo_configure/spec/fixtures/modules/dummy/manifests/params.pp

@@ -1,3 +1,4 @@
 class dummy::params {
   $first = 'foo'
+  $password = Sensitive('supersecret')
 }

data/modules/kafo_configure/spec/functions/dump_lookups_spec.rb

@@ -4,4 +4,5 @@ describe 'kafo_configure::dump_lookups' do
   let(:hiera_config) { 'spec/fixtures/hiera/hiera.yaml' }
   it { is_expected.to run.with_params([]).and_return({}) }
   it { is_expected.to run.with_params(['my_module::param']).and_return({'my_module::param' => 'override'}) }
+  it { is_expected.to run.with_params(['my_module::password']).and_return({'my_module::password' => 'batteryhorsestaple'}) }
 end

data/modules/kafo_configure/spec/functions/dump_variables_spec.rb

@@ -6,5 +6,6 @@ describe 'kafo_configure::dump_variables' do
   context 'with values' do
     let(:pre_condition) { 'include dummy' }
     it { is_expected.to run.with_params(['dummy::first']).and_return({'dummy::first' => 'foo'}) }
+    it { is_expected.to run.with_params(['dummy::password']).and_return({'dummy::password' => 'supersecret'}) }
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kafo
 version: !ruby/object:Gem::Version
-  version: 6.4.0
+  version: 6.4.1
 platform: ruby
 authors:
 - Marek Hulan
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-07 00:00:00.000000000 Z
+date: 2022-05-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -245,7 +245,7 @@ files:
 - lib/kafo/data_types/tuple.rb
 - lib/kafo/data_types/type_reference.rb
 - lib/kafo/data_types/undef.rb
-- lib/kafo/data_types/variant.rb
+- lib/kafo/data_types/wrapped_data_type.rb
 - lib/kafo/exceptions.rb
 - lib/kafo/execution_environment.rb
 - lib/kafo/exit_handler.rb
@@ -320,7 +320,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.2.22
 signing_key:
 specification_version: 4
 summary: A gem for making installations based on puppet user friendly