Puppet (apply) provisioning plugin

libioc/Config/Jail/File/Fstab.py

@@ -147,10 +147,7 @@ def __hash__(self) -> int:
         return hash(None)
 
 
-class Fstab(
-    libioc.Config.Jail.File.ResourceConfig,
-    collections.MutableSequence
-):
+class Fstab(collections.MutableSequence):
     """
     Fstab configuration file wrapper.
 
@@ -203,10 +200,7 @@ def path(self) -> str:
             path = self.file
         else:
             path = f"{self.jail.dataset.mountpoint}/{self.file}"
-            self._require_path_relative_to_resource(
-                filepath=path,
-                resource=self.jail
-            )
+            self.jail._require_relative_path(path)
 
         return path
 
@@ -400,7 +394,16 @@ def add_line(
 
         Use save() to write changes to the fstab file.
         """
-        if self.__contains__(line):
+        if type(line) == FstabLine:
+            if self.jail._is_path_relative(line["destination"]) is False:
+                line = FstabLine(line)  # clone to prevent mutation
+                line["destination"] = libioc.Types.AbsolutePath("/".join([
+                    self.jail.root_path,
+                    line["destination"].lstrip("/")
+                ]))
+
+        line_already_exists = self.__contains__(line)
+        if line_already_exists:
             destination = line["destination"]
             if replace is True:
                 self.logger.verbose(
@@ -425,11 +428,13 @@ def add_line(
 
         if type(line) == FstabLine:
             # destination is always relative to the jail resource
-            if line["destination"].startswith(self.jail.root_path) is False:
-                line["destination"] = libioc.Types.AbsolutePath("/".join([
+            if self.jail._is_path_relative(line["destination"]) is False:
+                _destination = libioc.Types.AbsolutePath("/".join([
                     self.jail.root_path,
                     line["destination"].strip("/")
                 ]))
+                self.jail._require_relative_path(_destination)
+                line["destination"] = _destination
 
             libioc.helpers.require_no_symlink(str(line["destination"]))
 
@@ -442,12 +447,17 @@ def add_line(
                     os.makedirs(line["destination"], 0o700)
 
             if (auto_mount_jail and self.jail.running) is True:
+                destination = line["destination"]
+                self.jail._require_relative_path(destination)
+                self.logger.verbose(
+                    f"auto-mount {destination}"
+                )
                 mount_command = [
                     "/sbin/mount",
                     "-o", line["options"],
                     "-t", line["type"],
                     line["source"],
-                    line["destination"]
+                    destination
                 ]
                 libioc.helpers.exec(mount_command, logger=self.logger)
                 _source = line["source"]
@@ -632,7 +642,7 @@ def insert(
             # find FstabAutoPlaceholderLine instead
             line = list(filter(
                 lambda x: isinstance(x, FstabAutoPlaceholderLine),
-                self._line
+                self._lines
             ))[0]
             real_index = self._lines.index(line)
         else:

libioc/Config/Jail/File/__init__.py

@@ -30,36 +30,6 @@
 import libioc.helpers_object
 import libioc.LaunchableResource
 
-
-class ResourceConfig:
-    """Shared abstract code between various config files in a resource."""
-
-    def _require_path_relative_to_resource(
-        self,
-        filepath: str,
-        resource: 'libioc.LaunchableResource.LaunchableResource'
-    ) -> None:
-
-        if self._is_path_relative_to_resource(filepath, resource) is False:
-            raise libioc.errors.SecurityViolationConfigJailEscape(
-                file=filepath
-            )
-
-    def _is_path_relative_to_resource(
-        self,
-        filepath: str,
-        resource: 'libioc.LaunchableResource.LaunchableResource'
-    ) -> bool:
-
-        real_resource_path = self._resolve_path(resource.dataset.mountpoint)
-        real_file_path = self._resolve_path(filepath)
-
-        return real_file_path.startswith(real_resource_path)
-
-    def _resolve_path(self, filepath: str) -> str:
-        return os.path.realpath(os.path.abspath(filepath))
-
-
 class ConfigFile(dict):
     """Abstraction of UCL file based config files in Resources."""
 
@@ -221,7 +191,7 @@ def __getitem__(
         return None
 
 
-class ResourceConfigFile(ConfigFile, ResourceConfig):
+class ResourceConfigFile(ConfigFile):
     """Abstraction of UCL file based config files in Resources."""
 
     def __init__(
@@ -238,8 +208,5 @@ def __init__(
     def path(self) -> str:
         """Absolute path to the file."""
         path = f"{self.resource.root_dataset.mountpoint}/{self.file}"
-        self._require_path_relative_to_resource(
-            filepath=path,
-            resource=self.resource
-        )
+        self.resource._require_relative_path(path)
         return os.path.abspath(path)

libioc/Config/Type/JSON.py

@@ -53,6 +53,6 @@ class DatasetConfigJSON(
     libioc.Config.Dataset.DatasetConfig,
     ConfigJSON
 ):
-    """ResourceConfig in JSON format."""
+    """ConfigFile in JSON format."""
 
     pass

libioc/Config/Type/UCL.py

@@ -52,6 +52,6 @@ class DatasetConfigUCL(
     libioc.Config.Dataset.DatasetConfig,
     ConfigUCL
 ):
-    """ResourceConfig in UCL format."""
+    """ConfigFile in UCL format."""
 
     pass

libioc/Jail.py

@@ -726,7 +726,7 @@ def _wrap_hook_script_command(
         self,
         commands: typing.Optional[typing.Union[str, typing.List[str]]],
         ignore_errors: bool=True,
-        jailed: bool=False,
+        jailed: bool=False,  # ToDo: remove unused argument
         write_env: bool=True
     ) -> typing.List[str]:
 
@@ -862,6 +862,7 @@ def _run_hook(self, hook_name: str) -> typing.Optional[
         raise NotImplementedError("_run_hook only supports start/stop")
 
     def _ensure_script_dir(self) -> None:
+        """Ensure that the launch scripts dir exists."""
         realpath = os.path.realpath(self.launch_script_dir)
         if realpath.startswith(self.dataset.mountpoint) is False:
             raise libioc.errors.SecurityViolationConfigJailEscape(
@@ -2174,6 +2175,14 @@ def env(self) -> typing.Dict[str, str]:
 
         jail_env["IOC_JAIL_PATH"] = self.root_dataset.mountpoint
         jail_env["IOC_JID"] = str(self.jid)
+        jail_env["PATH"] = ":".join((
+            "/sbin",
+            "/bin",
+            "/usr/sbin",
+            "/usr/bin",
+            "/usr/local/sbin",
+            "/usr/local/bin",
+        ))
 
         return jail_env
 

libioc/Provisioning/__init__.py

@@ -24,10 +24,90 @@
 # POSSIBILITY OF SUCH DAMAGE.
 """iocage provisioning prototype."""
 import typing
+import urllib.parse
 
 import libioc.errors
+import libioc.Types
 import libioc.helpers
 import libioc.Provisioning.ix
+import libioc.Provisioning.puppet
+
+_SourceType = typing.Union[
+    urllib.parse.ParseResult,
+    libioc.Types.AbsolutePath,
+]
+_SourceInputType = typing.Union[_SourceType, str]
+
+class Source(str):
+
+    _value: _SourceType
+
+    def __init__(
+        self,
+        value: _SourceInputType
+    ) -> None:
+       self.value = value
+
+    @property
+    def value(self) -> _SourceType:
+        return self._value
+
+    @value.setter
+    def value(self, value: _SourceInputType) -> None:
+
+        if isinstance(value, libioc.Types.AbsolutePath) is True:
+            self._value = typing.Cast(libioc.Types.AbsolutePath, value)
+            return
+        elif isinstance(value, urllib.parse.ParseResult) is True:
+            url = typing.Cast(urllib.parse.ParseResult, value)
+            self.__require_valid_url(url)
+            self._value = _value
+            return
+        elif isinstance(value, str) is False:
+            raise TypeError(
+                f"Input must be URL, AbsolutePath or str, but was {type(value)}"
+            )
+
+        try:
+            self._value = libioc.Types.AbsolutePath(value)
+            return
+        except ValueError as e:
+            pass
+
+        try:
+            url = urllib.parse.urlparse(value)
+            self.__require_valid_url(url)
+            self._value = url
+            return
+        except ValueError:
+            pass
+
+        raise ValueError("Provisioning Source must be AbsolutePath or URL")
+
+    @property
+    def local(self) -> bool:
+        """Return True when the source is local."""
+        return (isinstance(self.value, libioc.Types.AbsolutePath) is True)
+
+    @property
+    def remote(self) -> bool:
+        """Return True when the source is a remote URL."""
+        return (self.local is False)
+
+    def __require_valid_url(self, url: urllib.parse.ParseResult) -> None:
+        if url.scheme not in ("https", "http", "ssh", "git"):
+            raise ValueError(f"Invalid Source Scheme: {url.scheme}")
+
+    def __str__(self) -> str:
+        """Return the Provisioning Source as string."""
+        value = self.value
+        if isinstance(value, urllib.parse.ParseResult) is True:
+            return value.geturl()
+        else:
+            return str(value)
+
+    def __repr__(self) -> str:
+        return f"<Source '{self.__str__()}'>"
 
 
 class Prototype:
@@ -46,14 +126,14 @@ def method(self) -> str:
 		self.__METHOD
 
 	@property
-	def source(self) -> typing.Optional[str]:
+	def source(self) -> typing.Optional[Source]:
 		config_value = self.jail.config["provisioning.source"]
-		return None if (config_value is None) else str(config_value)
+		return None if (config_value is None) else Source(config_value)
 
 	@property
 	def rev(self) -> typing.Optional[str]:
 		config_value = self.jail.config["provisioning.rev"]
-		return None if (config_value is None) else str(config_value)
+		return None if (config_value is None) else str(Source(config_value))
 
 	def check_requirements(self) -> None:
 		"""Check requirements before executing the provisioner."""
@@ -84,7 +164,8 @@ def __available_provisioning_modules(
 		self
 	) -> typing.Dict[str, Prototype]:
 		return dict(
-			ix=libioc.Provisioning.ix
+			ix=libioc.Provisioning.ix,
+			puppet=libioc.Provisioning.puppet
 		)
 
 	@property