bolt 2.17.0 → 2.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8d7b3fbf02e3b0162ead0c7ca8994eb6a96f5f8d49d9b27aa4620a54c111396d
-  data.tar.gz: 3ec22c605ca39808ffdc1f9589bdc05921889f4cdf7ef7079682614bd1298a81
+  metadata.gz: 87eb513700afc2d9fefa9f2497e8718f0e14e511ea2004c59eecfcb19e41bdbc
+  data.tar.gz: 499d4c8a1a3c0d4b883d83f6478019467a44999beba83712ce49a30ee2ff1fc8
 SHA512:
-  metadata.gz: 71c5644b0b1bcaee1aaf5d74b6e1ae895e82ffa56dc52df9b4fc2995f1fb7541c9da8c3a0a4d31b63b72e04ab2245d4fd377f3bf7eaf18ea4de7f8c7c2f46c6b
-  data.tar.gz: 503755fc3f2196d53fc26d6bfbe662671689ed6208ccf9ab06a384eb254d878f2e00d62b182f3c2185d09fc558bed8a2dfa8d2b942024bd62977b0e50e8c0d33
+  metadata.gz: 6046f666fe9bccc4df2a70b191582b14b834063caf31987c1131e7e7c57ac9280e0bf76d719f9b82f27f5de7205b744a2dd3d485f53e9aa867661b824a5b0945
+  data.tar.gz: fc77aa2acd93b4aab739f468a2aa6a6a2da2c9c10bbc4927005f60aeb20148ecb29884d6f2c6cf86bf84d76af276a55f1a8588734157444ab5844c0b9d9878c9

data/bolt-modules/boltlib/lib/puppet/functions/apply_prep.rb

@@ -13,10 +13,13 @@ require 'bolt/task'
 # > **Note:** Not available in apply block
 Puppet::Functions.create_function(:apply_prep) do
   # @param targets A pattern or array of patterns identifying a set of targets.
+  # @param options Options hash.
+  # @option options [Array] _required_modules An array of modules to sync to the target.
   # @example Prepare targets by name.
   #   apply_prep('target1,target2')
   dispatch :apply_prep do
     param 'Boltlib::TargetSpec', :targets
+    optional_param 'Hash[String, Data]', :options
   end
 
   def script_compiler
@@ -60,18 +63,34 @@ Puppet::Functions.create_function(:apply_prep) do
     @executor ||= Puppet.lookup(:bolt_executor)
   end
 
-  def apply_prep(target_spec)
+  def apply_prep(target_spec, options = {})
     unless Puppet[:tasks]
       raise Puppet::ParseErrorWithIssue
         .from_issue_and_stack(Bolt::PAL::Issues::PLAN_OPERATION_NOT_SUPPORTED_WHEN_COMPILING, action: 'apply_prep')
     end
 
+    options = options.transform_keys { |k| k.sub(/^_/, '').to_sym }
+
     applicator = Puppet.lookup(:apply_executor)
 
     executor.report_function_call(self.class.name)
 
     targets = inventory.get_targets(target_spec)
 
+    required_modules = options[:required_modules].nil? ? nil : Array(options[:required_modules])
+    if required_modules&.any?
+      Puppet.debug("Syncing only required modules: #{required_modules.join(',')}.")
+    end
+
+    # Gather facts, including custom facts
+    plugins = applicator.build_plugin_tarball do |mod|
+      next unless required_modules.nil? || required_modules.include?(mod.name)
+      search_dirs = []
+      search_dirs << mod.plugins if mod.plugins?
+      search_dirs << mod.pluginfacts if mod.pluginfacts?
+      search_dirs
+    end
+
     executor.log_action('install puppet and gather facts', targets) do
       executor.without_default_logging do
         # Skip targets that include the puppet-agent feature, as we know an agent will be available.
@@ -109,14 +128,6 @@ Puppet::Functions.create_function(:apply_prep) do
           need_install_targets.each { |target| set_agent_feature(target) }
         end
 
-        # Gather facts, including custom facts
-        plugins = applicator.build_plugin_tarball do |mod|
-          search_dirs = []
-          search_dirs << mod.plugins if mod.plugins?
-          search_dirs << mod.pluginfacts if mod.pluginfacts?
-          search_dirs
-        end
-
         task = applicator.custom_facts_task
         arguments = { 'plugins' => Puppet::Pops::Types::PSensitiveType::Sensitive.new(plugins) }
         results = executor.run_task(targets, task, arguments)

data/lib/bolt/applicator.rb

@@ -18,7 +18,6 @@ module Bolt
                    pdb_client, hiera_config, max_compiles, apply_settings)
       # lazy-load expensive gem code
       require 'concurrent'
-
       @inventory = inventory
       @executor = executor
       @modulepath = modulepath || []
@@ -30,17 +29,6 @@ module Bolt
 
       @pool = Concurrent::ThreadPoolExecutor.new(max_threads: max_compiles)
       @logger = Logging.logger[self]
-      @plugin_tarball = Concurrent::Delay.new do
-        build_plugin_tarball do |mod|
-          search_dirs = []
-          search_dirs << mod.plugins if mod.plugins?
-          search_dirs << mod.pluginfacts if mod.pluginfacts?
-          search_dirs << mod.files if mod.files?
-          type_files = "#{mod.path}/types"
-          search_dirs << type_files if File.exist?(type_files)
-          search_dirs
-        end
-      end
     end
 
     private def libexec
@@ -188,7 +176,6 @@ module Bolt
 
     def apply_ast(raw_ast, targets, options, plan_vars = {})
       ast = Puppet::Pops::Serialization::ToDataConverter.convert(raw_ast, rich_data: true, symbol_to_string: true)
-
       # Serialize as pcore for *Result* objects
       plan_vars = Puppet::Pops::Serialization::ToDataConverter.convert(plan_vars,
                                                                        rich_data: true,
@@ -207,9 +194,26 @@ module Bolt
         # This data isn't available on the target config hash
         config: @inventory.transport_data_get
       }
-
       description = options[:description] || 'apply catalog'
 
+      required_modules = options[:required_modules].nil? ? nil : Array(options[:required_modules])
+      if required_modules&.any?
+        @logger.debug("Syncing only required modules: #{required_modules.join(',')}.")
+      end
+
+      @plugin_tarball = Concurrent::Delay.new do
+        build_plugin_tarball do |mod|
+          next unless required_modules.nil? || required_modules.include?(mod.name)
+          search_dirs = []
+          search_dirs << mod.plugins if mod.plugins?
+          search_dirs << mod.pluginfacts if mod.pluginfacts?
+          search_dirs << mod.files if mod.files?
+          type_files = "#{mod.path}/types"
+          search_dirs << type_files if File.exist?(type_files)
+          search_dirs
+        end
+      end
+
       r = @executor.log_action(description, targets) do
         futures = targets.map do |target|
           Concurrent::Future.execute(executor: @pool) do
@@ -236,6 +240,7 @@ module Bolt
                   result
                 end
               else
+
                 arguments = {
                   'catalog' => Puppet::Pops::Types::PSensitiveType::Sensitive.new(catalog),
                   'plugins' => Puppet::Pops::Types::PSensitiveType::Sensitive.new(plugins),

data/lib/bolt/apply_result.rb

@@ -20,7 +20,7 @@ module Bolt
              error_hash['msg'] =~ /The term 'ruby.exe' is not recognized as the name of a cmdlet/)
         # Windows does not have Ruby present
         {
-          'msg' => "Puppet is not installed on the target in $env:ProgramFiles, please install it to enable 'apply'",
+          'msg' => "Puppet was not found on the target or in $env:ProgramFiles, please install it to enable 'apply'",
           'kind' => 'bolt/apply-error'
         }
       elsif exit_code == 1 && error_hash['msg'] =~ /cannot load such file -- puppet \(LoadError\)/

data/lib/bolt/bolt_option_parser.rb

@@ -11,7 +11,7 @@ module Bolt
                 escalation: %w[run-as sudo-password sudo-password-prompt sudo-executable],
                 run_context: %w[concurrency inventoryfile save-rerun cleanup],
                 global_config_setters: %w[modulepath project configfile],
-                transports: %w[transport connect-timeout tty ssh-command copy-command],
+                transports: %w[transport connect-timeout tty native-ssh ssh-command copy-command],
                 display: %w[format color verbose trace],
                 global: %w[help version debug log-level] }.freeze
 
@@ -743,11 +743,15 @@ module Bolt
              "Specify a default transport: #{TRANSPORTS.keys.join(', ')}") do |t|
         @options[:transport] = t
       end
-      define('--ssh-command EXEC', "Executable to use instead of the net-ssh ruby library. ",
+      define('--[no-]native-ssh', 'Whether to shell out to native SSH or use the net-ssh Ruby library.',
+             'This option is experimental') do |bool|
+        @options[:'native-ssh'] = bool
+      end
+      define('--ssh-command EXEC', "Executable to use instead of the net-ssh Ruby library. ",
              "This option is experimental.") do |exec|
         @options[:'ssh-command'] = exec
       end
-      define('--copy-command EXEC', "Command to copy files to remote hosts if using external SSH. ",
+      define('--copy-command EXEC', "Command to copy files to remote hosts if using native SSH. ",
              "This option is experimental.") do |exec|
         @options[:'copy-command'] = exec
       end

data/lib/bolt/cli.rb

@@ -46,7 +46,6 @@ module Bolt
       Bolt::Logger.initialize_logging
       @logger = Logging.logger[self]
       @argv = argv
-      @config = Bolt::Config.default
       @options = {}
     end
 
@@ -77,61 +76,74 @@ module Bolt
     private :help?
 
     def parse
-      parser = BoltOptionParser.new(options)
-      # This part aims to handle both `bolt <mode> --help` and `bolt help <mode>`.
-      remaining = handle_parser_errors { parser.permute(@argv) } unless @argv.empty?
-      if @argv.empty? || help?(remaining)
-        # Update the parser for the subcommand (or lack thereof)
-        parser.update
-        puts parser.help
-        raise Bolt::CLIExit
-      end
-
-      options[:object] = remaining.shift
-
-      # Only parse task_options for task or plan
-      if %w[task plan].include?(options[:subcommand])
-        task_options, remaining = remaining.partition { |s| s =~ /.+=/ }
-        if options[:task_options]
-          unless task_options.empty?
-            raise Bolt::CLIError,
-                  "Parameters must be specified through either the --params " \
-                  "option or param=value pairs, not both"
-          end
-          options[:params_parsed] = true
-        elsif task_options.any?
-          options[:params_parsed] = false
-          options[:task_options] = Hash[task_options.map { |a| a.split('=', 2) }]
-        else
-          options[:params_parsed] = true
-          options[:task_options] = {}
+      begin
+        parser = BoltOptionParser.new(options)
+        # This part aims to handle both `bolt <mode> --help` and `bolt help <mode>`.
+        remaining = handle_parser_errors { parser.permute(@argv) } unless @argv.empty?
+        if @argv.empty? || help?(remaining)
+          # Update the parser for the subcommand (or lack thereof)
+          parser.update
+          puts parser.help
+          raise Bolt::CLIExit
         end
-      end
-      options[:leftovers] = remaining
 
-      validate(options)
+        options[:object] = remaining.shift
 
-      @config = if options[:configfile]
-                  Bolt::Config.from_file(options[:configfile], options)
-                else
-                  project = if options[:boltdir]
-                              dir = Pathname.new(options[:boltdir])
-                              if (dir + Bolt::Project::BOLTDIR_NAME).directory?
-                                Bolt::Project.create_project(dir + Bolt::Project::BOLTDIR_NAME)
+        # Only parse task_options for task or plan
+        if %w[task plan].include?(options[:subcommand])
+          task_options, remaining = remaining.partition { |s| s =~ /.+=/ }
+          if options[:task_options]
+            unless task_options.empty?
+              raise Bolt::CLIError,
+                    "Parameters must be specified through either the --params " \
+                    "option or param=value pairs, not both"
+            end
+            options[:params_parsed] = true
+          elsif task_options.any?
+            options[:params_parsed] = false
+            options[:task_options] = Hash[task_options.map { |a| a.split('=', 2) }]
+          else
+            options[:params_parsed] = true
+            options[:task_options] = {}
+          end
+        end
+        options[:leftovers] = remaining
+
+        validate(options)
+
+        @config = if ENV['BOLT_PROJECT']
+                    project = Bolt::Project.create_project(ENV['BOLT_PROJECT'], 'environment')
+                    Bolt::Config.from_project(project, options)
+                  elsif options[:configfile]
+                    Bolt::Config.from_file(options[:configfile], options)
+                  else
+                    project = if options[:boltdir]
+                                dir = Pathname.new(options[:boltdir])
+                                if (dir + Bolt::Project::BOLTDIR_NAME).directory?
+                                  Bolt::Project.create_project(dir + Bolt::Project::BOLTDIR_NAME)
+                                else
+                                  Bolt::Project.create_project(dir)
+                                end
                               else
-                                Bolt::Project.create_project(dir)
+                                Bolt::Project.find_boltdir(Dir.pwd)
                               end
-                            else
-                              Bolt::Project.find_boltdir(Dir.pwd)
-                            end
-                  Bolt::Config.from_project(project, options)
-                end
-
-      Bolt::Logger.configure(config.log, config.color)
+                    Bolt::Config.from_project(project, options)
+                  end
+
+        Bolt::Logger.configure(config.log, config.color)
+      rescue Bolt::Error => e
+        if $stdout.isatty
+          # Print the error message in red, mimicking outputter.fatal_error
+          $stdout.puts("\033[31m#{e.message}\033[0m")
+        else
+          $stdout.puts(e.message)
+        end
+        raise e
+      end
 
       # Logger must be configured before checking path case and project file, otherwise warnings will not display
-      @config.check_path_case('modulepath', @config.modulepath)
-      @config.project.check_deprecated_file
+      config.check_path_case('modulepath', config.modulepath)
+      config.project.check_deprecated_file
 
       # Log the file paths for loaded config files
       config_loaded
@@ -281,12 +293,12 @@ module Bolt
     def warn_inventory_overrides_cli(opts)
       inventory_source = if ENV[Bolt::Inventory::ENVIRONMENT_VAR]
                            Bolt::Inventory::ENVIRONMENT_VAR
-                         elsif @config.inventoryfile && Bolt::Util.file_stat(@config.inventoryfile)
-                           @config.inventoryfile
+                         elsif config.inventoryfile && Bolt::Util.file_stat(config.inventoryfile)
+                           config.inventoryfile
                          else
                            begin
-                             Bolt::Util.file_stat(@config.default_inventoryfile)
-                             @config.default_inventoryfile
+                             Bolt::Util.file_stat(config.default_inventoryfile)
+                             config.default_inventoryfile
                            rescue Errno::ENOENT
                              nil
                            end
@@ -390,7 +402,7 @@ module Bolt
         if options[:action] == 'generate-types'
           code = generate_types
         elsif options[:action] == 'install'
-          code = install_puppetfile(@config.puppetfile_config, @config.puppetfile, @config.modulepath)
+          code = install_puppetfile(config.puppetfile_config, config.puppetfile, config.modulepath)
         end
       when 'secret'
         code = Bolt::Secret.execute(plugins, outputter, options)
@@ -802,7 +814,7 @@ module Bolt
     end
 
     def rerun
-      @rerun ||= Bolt::Rerun.new(@config.rerunfile, @config.save_rerun)
+      @rerun ||= Bolt::Rerun.new(config.rerunfile, config.save_rerun)
     end
 
     def outputter

data/lib/bolt/config.rb

@@ -28,7 +28,7 @@ module Bolt
     DEFAULT_DEFAULT_CONCURRENCY = 100
 
     def self.default
-      new(Bolt::Project.create_project('.'), {})
+      new(Bolt::Project.default_project, {})
     end
 
     def self.from_project(project, overrides = {})
@@ -121,9 +121,22 @@ module Bolt
         )
       end
 
-      # Move data under transport-config to top-level so it can be easily merged with
-      # config from other sources.
+      # Move data under inventory-config to top-level so it can be easily merged with
+      # config from other sources. Error early if inventory-config is not a hash or
+      # has a plugin reference.
       if data.key?('inventory-config')
+        unless data['inventory-config'].is_a?(Hash)
+          raise Bolt::ValidationError,
+                "Option 'inventory-config' must be of type Hash, received #{data['inventory-config']} "\
+                "#{data['inventory-config']} (file: #{filepath})"
+        end
+
+        if data['inventory-config'].key?('_plugin')
+          raise Bolt::ValidationError,
+                "Found unsupported key '_plugin' for option 'inventory-config'; supported keys are "\
+                "'#{INVENTORY_OPTIONS.keys.join("', '")}' (file: #{filepath})"
+        end
+
         data = data.merge(data.delete('inventory-config'))
       end
 

data/lib/bolt/config/options.rb

@@ -175,7 +175,7 @@ module Bolt
         "log" => {
           description: "A map of configuration for the logfile output. Under `log`, you can configure log options "\
                        "for `console` and add configuration for individual log files, such as "\
-                       "~/.puppetlabs/bolt/debug.log`. Individual log files must be valid filepaths. If the log "\
+                       "`~/.puppetlabs/bolt/debug.log`. Individual log files must be valid filepaths. If the log "\
                        "file does not exist, then Bolt will create it before logging information.",
           type: Hash,
           properties: {
@@ -440,6 +440,7 @@ module Bolt
         concurrency
         format
         inventory-config
+        log
         plugin_hooks
         plugins
         puppetdb

data/lib/bolt/config/transport/options.rb

@@ -108,17 +108,16 @@ module Bolt
           },
           "copy-command" => {
             type: [Array, String],
-            description: "The command to use when copying files using ssh-command. Bolt runs `<copy-command> <src> "\
+            description: "The command to use when copying files using native SSH. Bolt runs `<copy-command> <src> "\
                          "<dest>`. This option is used when you need support for features or algorithms that are not "\
                          "supported by the net-ssh Ruby library. **This option is experimental.** You can read more "\
-                         "about this option in [External SSH "\
-                         "transport](experimental_features.md#external-ssh-transport).",
+                         "about this option in [Native SSH transport](experimental_features.md#native-ssh-transport).",
             items: {
               type: String
             },
             _plugin: true,
-            _default: "scp -r",
-            _example: "scp -r -F ~/ssh-config/myconf"
+            _default: %w[scp -r],
+            _example: %w[scp -r -F ~/ssh-config/myconf]
           },
           "disconnect-timeout" => {
             type: Integer,
@@ -270,6 +269,13 @@ module Bolt
             _plugin: true,
             _example: %w[defaults hmac-md5]
           },
+          "native-ssh" => {
+            type: [TrueClass, FalseClass],
+            description: "This enables the native SSH transport, which shells out to SSH instead of using the "\
+                         "net-ssh Ruby library",
+            _default: false,
+            _example: true
+          },
           "password" => {
             type: String,
             description: "The password to use to login.",
@@ -368,16 +374,16 @@ module Bolt
           },
           "ssh-command" => {
             type: [Array, String],
-            description: "The command and flags to use when SSHing. This enables the external SSH transport, which "\
-                         "shells out to the specified command. This option is used when you need support for "\
+            description: "The command and flags to use when SSHing. This option is used when you need support for "\
                          "features or algorithms that are not supported by the net-ssh Ruby library. **This option "\
-                         "is experimental.** You can read more about this  option in [External SSH "\
-                         "transport](experimental_features.md#external-ssh-transport).",
+                         "is experimental.** You can read more about this  option in [Native SSH "\
+                         "transport](experimental_features.md#native-ssh-transport).",
             items: {
               type: String
             },
             _plugin: true,
-            _example: "ssh"
+            _default: 'ssh',
+            _example: %w[ssh -o Ciphers=chacha20-poly1305@openssh.com]
           },
           "ssl" => {
             type: [TrueClass, FalseClass],

data/lib/bolt/config/transport/ssh.rb

@@ -32,13 +32,14 @@ module Bolt
           user
         ].concat(RUN_AS_OPTIONS).sort.freeze
 
-        # Options available when using the external ssh transport
-        EXTERNAL_OPTIONS = %w[
+        # Options available when using the native ssh transport
+        NATIVE_OPTIONS = %w[
           cleanup
           copy-command
           host
           host-key-check
           interpreters
+          native-ssh
           port
           private-key
           script-dir
@@ -56,17 +57,30 @@ module Bolt
           "tty"                => false
         }.freeze
 
-        # The set of options available for the ssh and external ssh transports overlap, so we
+        # The set of options available for the ssh and native ssh transports overlap, so we
         # need to check which transport is used before fully initializing, otherwise options
         # may not be filtered correctly.
         def initialize(data = {}, project = nil)
           assert_hash_or_config(data)
-          @external = true if data['ssh-command']
+          @native = true if data['native-ssh']
           super(data, project)
         end
 
+        # This method is used to filter CLI options in the Config class. This
+        # should include `ssh-command` so that we can later warn if the option
+        # is present without `native-ssh`
+        def self.options
+          %w[ssh-command native-ssh].concat(OPTIONS)
+        end
+
         private def filter(unfiltered)
-          @external ? unfiltered.slice(*EXTERNAL_OPTIONS) : unfiltered.slice(*OPTIONS)
+          # Because we filter before merging config together it's impossible to
+          # know whether both ssh-command *and* native-ssh will be specified
+          # unless they are both in the filter. However, we can't add
+          # ssh-command to OPTIONS since that's used for documenting available
+          # options. This makes it so that ssh-command is preserved so we can
+          # warn once all config is resolved if native-ssh isn't set.
+          @native ? unfiltered.slice(*NATIVE_OPTIONS) : unfiltered.slice(*self.class.options)
         end
 
         private def validate
@@ -83,11 +97,11 @@ module Bolt
               @config['private-key'] = File.expand_path(key_opt, @project)
 
               # We have an explicit test for this to only warn if using net-ssh transport
-              Bolt::Util.validate_file('ssh key', @config['private-key']) if @config['ssh-command']
+              Bolt::Util.validate_file('ssh key', @config['private-key']) if @config['native-ssh']
             end
 
-            if key_opt.instance_of?(Hash) && @config['ssh-command']
-              raise Bolt::ValidationError, 'private-key must be a filepath when using ssh-command'
+            if key_opt.instance_of?(Hash) && @config['native-ssh']
+              raise Bolt::ValidationError, 'private-key must be a filepath when using native-ssh'
             end
           end
 
@@ -117,8 +131,8 @@ module Bolt
             end
           end
 
-          if @config['ssh-command'] && !@config['load-config']
-            msg = 'Cannot use external SSH transport with load-config set to false'
+          if @config['native-ssh'] && !@config['load-config']
+            msg = 'Cannot use native SSH transport with load-config set to false'
             raise Bolt::ValidationError, msg
           end
         end

data/lib/bolt/logger.rb

@@ -15,6 +15,7 @@ module Bolt
       return if Logging.initialized?
 
       Logging.init :debug, :info, :notice, :warn, :error, :fatal, :any
+      @mutex = Mutex.new
 
       Logging.color_scheme(
         'bolt',
@@ -102,5 +103,16 @@ module Bolt
     def self.reset_logging
       Logging.reset
     end
+
+    def self.warn_once(type, msg)
+      @mutex.synchronize {
+        @warnings ||= []
+        @logger ||= Logging.logger[self]
+        unless @warnings.include?(type)
+          @logger.warn(msg)
+          @warnings << type
+        end
+      }
+    end
   end
 end

data/lib/bolt/project.rb

@@ -31,6 +31,7 @@ module Bolt
     # hierarchy, falling back to the default if we reach the root.
     def self.find_boltdir(dir)
       dir = Pathname.new(dir)
+
       if (dir + BOLTDIR_NAME).directory?
         create_project(dir + BOLTDIR_NAME, 'embedded')
       elsif (dir + 'bolt.yaml').file? || (dir + 'bolt-project.yaml').file?
@@ -44,6 +45,15 @@ module Bolt
 
     def self.create_project(path, type = 'option')
       fullpath = Pathname.new(path).expand_path
+
+      if !Bolt::Util.windows? && type != 'environment' && fullpath.world_writable?
+        raise Bolt::Error.new(
+          "Project directory '#{fullpath}' is world-writable which poses a security risk. Set "\
+          "BOLT_PROJECT='#{fullpath}' to force the use of this project directory.",
+          "bolt/world-writable-error"
+        )
+      end
+
       project_file = File.join(fullpath, 'bolt-project.yaml')
       data = Bolt::Util.read_optional_yaml_hash(File.expand_path(project_file), 'project')
       new(data, path, type)
@@ -51,6 +61,7 @@ module Bolt
 
     def initialize(raw_data, path, type = 'option')
       @path = Pathname.new(path).expand_path
+
       @project_file = @path + 'bolt-project.yaml'
 
       @warnings = []

data/lib/bolt/shell/powershell/snippets.rb

@@ -85,12 +85,21 @@ module Bolt
 
           def shell_init
             <<~PS
-            $ENV:PATH += ";${ENV:ProgramFiles}\\Puppet Labs\\Puppet\\bin\\;" +
-            "${ENV:ProgramFiles}\\Puppet Labs\\Puppet\\puppet\\bin;" +
-            "${ENV:ProgramFiles}\\Puppet Labs\\Puppet\\sys\\ruby\\bin\\"
-            $ENV:RUBYLIB = "${ENV:ProgramFiles}\\Puppet Labs\\Puppet\\puppet\\lib;" +
-            "${ENV:ProgramFiles}\\Puppet Labs\\Puppet\\facter\\lib;" +
-            "${ENV:ProgramFiles}\\Puppet Labs\\Puppet\\hiera\\lib;" +
+            $installRegKey = Get-ItemProperty -Path "HKLM:\\Software\\Puppet Labs\\Puppet" -ErrorAction 0
+            if(![string]::IsNullOrEmpty($installRegKey.RememberedInstallDir64)){
+              $boltBaseDir = $installRegKey.RememberedInstallDir64
+            }elseif(![string]::IsNullOrEmpty($installRegKey.RememberedInstallDir)){
+              $boltBaseDir = $installRegKey.RememberedInstallDir
+            }else{
+              $boltBaseDir = "${ENV:ProgramFiles}\\Puppet Labs\\Puppet"
+            }
+
+            $ENV:PATH += ";${boltBaseDir}\\bin\\;" +
+            "${boltBaseDir}\\puppet\\bin;" +
+            "${boltBaseDir}\\sys\\ruby\\bin\\"
+            $ENV:RUBYLIB = "${boltBaseDir}\\puppet\\lib;" +
+            "${boltBaseDir}\\facter\\lib;" +
+            "${boltBaseDir}\\hiera\\lib;" +
             $ENV:RUBYLIB
 
             Add-Type -AssemblyName System.ServiceModel.Web, System.Runtime.Serialization

data/lib/bolt/transport/ssh.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require 'bolt/logger'
 require 'bolt/node/errors'
 require 'bolt/transport/simple'
 
@@ -21,7 +22,12 @@ module Bolt
       end
 
       def with_connection(target)
-        conn = if target.transport_config['ssh-command']
+        if target.transport_config['ssh-command'] && !target.transport_config['native-ssh']
+          Bolt::Logger.warn_once("ssh-command and native-ssh conflict",
+                                 "native-ssh must be true to use ssh-command")
+        end
+
+        conn = if target.transport_config['native-ssh']
                  ExecConnection.new(target)
                else
                  Connection.new(target, @transport_logger)

data/lib/bolt/transport/ssh/exec_connection.rb

@@ -58,7 +58,7 @@ module Bolt
         end
 
         def build_ssh_command(command)
-          ssh_conf = @target.transport_config['ssh-command']
+          ssh_conf = @target.transport_config['ssh-command'] || 'ssh'
           ssh_cmd = Array(ssh_conf)
           ssh_cmd += ssh_opts
           ssh_cmd << userhost

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '2.17.0'
+  VERSION = '2.18.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 2.17.0
+  version: 2.18.0
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-07-07 00:00:00.000000000 Z
+date: 2020-07-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable