bolt 2.44.0 → 3.0.0

data/lib/bolt/config/transport/local.rb

@@ -17,6 +17,7 @@ module Bolt
         OPTIONS = WINDOWS_OPTIONS.dup.concat(RUN_AS_OPTIONS).sort.freeze
 
         DEFAULTS = {
+          'bundled-ruby' => true,
           'cleanup' => true
         }.freeze
 

data/lib/bolt/config/transport/options.rb

@@ -21,7 +21,7 @@ module Bolt
             type: [TrueClass, FalseClass],
             _plugin: false,
             _example: true,
-            _default: false
+            _default: true
           },
           "cacert" => {
             type: String,

data/lib/bolt/logger.rb

@@ -4,7 +4,7 @@ require 'logging'
 
 module Bolt
   module Logger
-    LEVELS = %w[trace debug info notice warn error fatal].freeze
+    LEVELS = %w[trace debug info warn error fatal].freeze
 
     # This module is treated as a global singleton so that multiple classes
     # in Bolt can log warnings with IDs. Access to the following variables

data/lib/bolt/outputter/human.rb

@@ -392,7 +392,7 @@ module Bolt
 
       def print_target_info(targets)
         @stream.puts ::JSON.pretty_generate(
-          "targets": targets.map(&:detail)
+          targets: targets.map(&:detail)
         )
         count = "#{targets.count} target#{'s' unless targets.count == 1}"
         @stream.puts colorize(:green, count)

data/lib/bolt/outputter/json.rb

@@ -95,38 +95,38 @@ module Bolt
       end
 
       def print_puppetfile_result(success, puppetfile, moduledir)
-        @stream.puts({ "success": success,
-                       "puppetfile": puppetfile,
-                       "moduledir": moduledir.to_s }.to_json)
+        @stream.puts({ success: success,
+                       puppetfile: puppetfile,
+                       moduledir: moduledir.to_s }.to_json)
       end
 
       def print_targets(target_list, inventoryfile)
         @stream.puts ::JSON.pretty_generate(
-          "inventory": {
-            "targets": target_list[:inventory].map(&:name),
-            "count": target_list[:inventory].count,
-            "file": inventoryfile.to_s
+          inventory: {
+            targets: target_list[:inventory].map(&:name),
+            count: target_list[:inventory].count,
+            file: inventoryfile.to_s
           },
-          "adhoc": {
-            "targets": target_list[:adhoc].map(&:name),
-            "count": target_list[:adhoc].count
+          adhoc: {
+            targets: target_list[:adhoc].map(&:name),
+            count: target_list[:adhoc].count
           },
-          "targets": target_list.values.flatten.map(&:name),
-          "count": target_list.values.flatten.count
+          targets: target_list.values.flatten.map(&:name),
+          count: target_list.values.flatten.count
         )
       end
 
       def print_target_info(targets)
         @stream.puts ::JSON.pretty_generate(
-          "targets": targets.map(&:detail),
-          "count": targets.count
+          targets: targets.map(&:detail),
+          count: targets.count
         )
       end
 
       def print_groups(groups)
         count = groups.count
-        @stream.puts({ "groups": groups,
-                       "count": count }.to_json)
+        @stream.puts({ groups: groups,
+                       count: count }.to_json)
       end
 
       def fatal_error(err)

data/lib/bolt/pal.rb

@@ -449,7 +449,7 @@ module Bolt
           else
             Bolt::Logger.warn(
               "missing_plan_parameter",
-              "The documented parameter '#{name}' does not exist in plan signature"
+              "The documented parameter '#{name}' does not exist in signature for plan '#{plan.name}'"
             )
           end
         end

data/lib/bolt/pal/yaml_plan/evaluator.rb

@@ -24,7 +24,7 @@ module Bolt
 
         def task_step(scope, step)
           task = step['task']
-          targets = step['targets'] || step['target']
+          targets = step['targets']
           description = step['description']
           params = step['parameters'] || {}
 
@@ -48,7 +48,7 @@ module Bolt
 
         def script_step(scope, step)
           script = step['script']
-          targets = step['targets'] || step['target']
+          targets = step['targets']
           description = step['description']
           arguments = step['arguments'] || []
 
@@ -64,7 +64,7 @@ module Bolt
 
         def command_step(scope, step)
           command = step['command']
-          targets = step['targets'] || step['target']
+          targets = step['targets']
           description = step['description']
 
           args = [command, targets]
@@ -73,9 +73,9 @@ module Bolt
         end
 
         def upload_step(scope, step)
-          source = step['upload'] || step['source']
+          source = step['upload']
           destination = step['destination']
-          targets = step['targets'] || step['target']
+          targets = step['targets']
           description = step['description']
 
           args = [source, destination, targets]
@@ -86,7 +86,7 @@ module Bolt
         def download_step(scope, step)
           source = step['download']
           destination = step['destination']
-          targets = step['targets'] || step['target']
+          targets = step['targets']
           description = step['description']
 
           args = [source, destination, targets]
@@ -99,7 +99,7 @@ module Bolt
         end
 
         def resources_step(scope, step)
-          targets = step['targets'] || step['target']
+          targets = step['targets']
 
           # TODO: Only call apply_prep when needed
           scope.call_function('apply_prep', targets)
@@ -154,18 +154,6 @@ module Bolt
         # This is the method that Puppet calls to evaluate the plan. The name
         # makes more sense for .pp plans.
         def evaluate_block_with_bindings(closure_scope, args_hash, plan)
-          if plan.steps.any? { |step| step.body.key?('target') }
-            msg = "The 'target' parameter for YAML plan steps is deprecated and will be removed "\
-                  "in a future version of Bolt. Use the 'targets' parameter instead."
-            Bolt::Logger.deprecate("yaml_plan_target", msg)
-          end
-
-          if plan.steps.any? { |step| step.body.key?('source') }
-            msg = "The 'source' parameter for YAML plan upload steps is deprecated and will be removed "\
-                  "in a future version of Bolt. Use the 'upload' parameter instead."
-            Bolt::Logger.deprecate("yaml_plan_source", msg)
-          end
-
           plan_result = closure_scope.with_local_scope(args_hash) do |scope|
             plan.steps.each do |step|
               step_result = dispatch_step(scope, step)

data/lib/bolt/pal/yaml_plan/step.rb

@@ -9,19 +9,17 @@ module Bolt
         attr_reader :name, :type, :body, :targets
 
         def self.allowed_keys
-          Set['name', 'description', 'target', 'targets']
+          Set['name', 'description', 'targets']
         end
 
         STEP_KEYS = %w[
           command
-          destination
           download
           eval
           message
           plan
           resources
           script
-          source
           task
           upload
         ].freeze
@@ -34,13 +32,7 @@ module Bolt
           when 1
             type = type_keys.first
           else
-            if [Set['source', 'destination'], Set['upload', 'destination']].include?(type_keys.to_set)
-              type = 'upload'
-            elsif type_keys.to_set == Set['download', 'destination']
-              type = 'download'
-            else
-              raise step_error("Multiple action keys detected: #{type_keys.inspect}", step_body['name'], step_number)
-            end
+            raise step_error("Multiple action keys detected: #{type_keys.inspect}", step_body['name'], step_number)
           end
 
           step_class = const_get("Bolt::PAL::YamlPlan::Step::#{type.capitalize}")
@@ -51,7 +43,7 @@ module Bolt
         def initialize(step_body)
           @name = step_body['name']
           @description = step_body['description']
-          @targets = step_body['targets'] || step_body['target']
+          @targets = step_body['targets']
           @body = step_body
         end
 
@@ -96,19 +88,6 @@ module Bolt
           # Ensure all required keys are present
           missing_keys = required_keys - body.keys
 
-          # Handle cases where steps with a required 'targets' key are using the deprecated
-          # 'target' key instead.
-          # TODO: Remove this when 'target' is removed
-          if body.include?('target')
-            missing_keys -= ['targets']
-          end
-
-          # Handle cases where upload step uses deprecated 'source' key instead of 'upload'
-          # TODO: Remove when 'source' is removed
-          if body.include?('source')
-            missing_keys -= ['upload']
-          end
-
           if missing_keys.any?
             error_message = "The #{step_type.inspect} step requires: #{missing_keys.to_a.inspect} key(s)"
             err = step_error(error_message, body['name'], step_number)

data/lib/bolt/pal/yaml_plan/step/upload.rb

@@ -6,7 +6,7 @@ module Bolt
       class Step
         class Upload < Step
           def self.allowed_keys
-            super + Set['source', 'destination', 'upload']
+            super + Set['destination', 'upload']
           end
 
           def self.required_keys
@@ -15,7 +15,7 @@ module Bolt
 
           def initialize(step_body)
             super
-            @source = step_body['upload'] || step_body['source']
+            @source = step_body['upload']
             @destination = step_body['destination']
           end
 

data/lib/bolt/plugin/module.rb

@@ -30,10 +30,6 @@ module Bolt
         @module = mod
         @config = config
         @context = context
-
-        if @module.name == 'pkcs7'
-          @config = handle_deprecated_pkcs7_keys(@config)
-        end
       end
 
       # This method interacts with the module on disk so it's separate from initialize
@@ -160,10 +156,6 @@ module Bolt
         # out now.
         meta, params = opts.partition { |key, _val| key.start_with?('_') }.map(&:to_h)
 
-        if task.module_name == 'pkcs7'
-          params = handle_deprecated_pkcs7_keys(params)
-        end
-
         # Reject parameters from config that are not accepted by the task and
         # merge in parameter defaults
         params = if task.parameters
@@ -181,21 +173,6 @@ module Bolt
         [params, meta]
       end
 
-      # Raises a deprecation warning if the pkcs7 plugin is using deprecated keys and
-      # modifies the keys so they are the correct format
-      def handle_deprecated_pkcs7_keys(params)
-        if params.key?('private-key') || params.key?('public-key')
-          message = "pkcs7 keys 'private-key' and 'public-key' have been deprecated and will be "\
-                    "removed in a future version of Bolt; use 'private_key' and 'public_key' instead."
-          Bolt::Logger.deprecate("pkcs7_params", message)
-        end
-
-        params['private_key'] = params.delete('private-key') if params.key?('private-key')
-        params['public_key'] = params.delete('public-key') if params.key?('public-key')
-
-        params
-      end
-
       def extract_task_parameter_schema
         # Get the intersection of expected types (using Set)
         type_set = @hook_map.each_with_object({}) do |(_hook, task), acc|

data/lib/bolt/plugin/puppet_connect_data.rb

@@ -3,12 +3,45 @@
 module Bolt
   class Plugin
     class PuppetConnectData
+      INPUT_DATA_VAR = 'PUPPET_CONNECT_INPUT_DATA'
+
       def initialize(context:, **_opts)
-        puppet_connect_data_yaml_path = File.join(context.boltdir, 'puppet_connect_data.yaml')
+        if ENV.key?(INPUT_DATA_VAR)
+          # The user provided input data that they will copy-paste into the Puppet Connect UI
+          # for inventory syncing. This environment variable will likely be set when invoking a
+          # general "test Puppet Connect input data" command. That command tests that parsing
+          # the inventory with the given input data results in connectable targets. Part of
+          # that requires validating that the input data contains all of the referenced keys,
+          # which is what this plugin will do in validate_resolve_reference.
+          @input_data_path = ENV[INPUT_DATA_VAR]
+          data_path = @input_data_path
+        else
+          # The user is using this plugin during a regular Bolt invocation, so fetch the (minimal)
+          # required data from the default location. This data should typically be non-autoloadable
+          # secrets like WinRM passwords.
+          #
+          # Note that any unspecified keys will be resolved to nil.
+          data_path = File.join(context.boltdir, 'puppet_connect_data.yaml')
+        end
+
         @data = Bolt::Util.read_optional_yaml_hash(
-          puppet_connect_data_yaml_path,
-          'puppet_connect_data.yaml'
+          data_path,
+          File.basename(data_path)
         )
+
+        if @input_data_path
+          # Validate that the data does not contain any plugin-reference
+          # values
+          @data.each do |key, toplevel_value|
+            # Use walk_vals to check for nested plugin references
+            Bolt::Util.walk_vals(toplevel_value) do |current_value|
+              if current_value.is_a?(Hash) && current_value.key?('_plugin')
+                raise invalid_input_data_err("the #{key} key's value contains a plugin reference")
+              end
+              current_value
+            end
+          end
+        end
       end
 
       def name
@@ -29,6 +62,15 @@ module Bolt
           raise Bolt::ValidationError,
                 "puppet_connect_data plugin requires that 'key' be specified"
         end
+        if @input_data_path && !@data.key?(opts['key'])
+          # Input data for Puppet Connect was provided and opts['key'] does not have a
+          # value specified. Raise an error for this case.
+          raise invalid_input_data_err("a value for the #{opts['key']} key is not specified")
+        end
+      end
+
+      def invalid_input_data_err(msg)
+        Bolt::ValidationError.new("invalid input data #{@input_data_path}: #{msg}")
       end
     end
   end

data/lib/bolt/project.rb

@@ -11,7 +11,7 @@ module Bolt
     BOLTDIR_NAME = 'Boltdir'
     CONFIG_NAME  = 'bolt-project.yaml'
 
-    attr_reader :path, :data, :config_file, :inventory_file, :hiera_config,
+    attr_reader :path, :data, :inventory_file, :hiera_config,
                 :puppetfile, :rerunfile, :type, :resource_types, :project_file,
                 :downloads, :plans_path, :modulepath, :managed_moduledir,
                 :backup_dir, :plugin_cache_file, :plan_cache_file
@@ -24,31 +24,21 @@ module Bolt
     end
 
     # Search recursively up the directory hierarchy for the Project. Look for a
-    # directory called Boltdir or a file called bolt.yaml (for a control repo
-    # type Project). Otherwise, repeat the check on each directory up the
+    # directory called Boltdir or a file called bolt-project.yaml (for a control
+    # repo type Project). Otherwise, repeat the check on each directory up the
     # hierarchy, falling back to the default if we reach the root.
     def self.find_boltdir(dir)
       dir = Pathname.new(dir)
 
       if (dir + BOLTDIR_NAME).directory?
         create_project(dir + BOLTDIR_NAME, 'embedded')
-      elsif (dir + 'bolt.yaml').file?
-        command = Bolt::Util.powershell? ? 'Update-BoltProject' : 'bolt project migrate'
-        Bolt::Logger.deprecate(
-          "bolt_yaml",
-          "Configuration file #{dir + 'bolt.yaml'} is deprecated and will be "\
-          "removed in Bolt 3.0.\nUpdate your Bolt project to the latest Bolt practices "\
-          "using #{command}."
-        )
-        create_project(dir, 'local')
       elsif (dir + CONFIG_NAME).file?
         create_project(dir, 'local')
       elsif dir.root?
         default_project
       else
         Bolt::Logger.debug(
-          "Did not detect Boltdir, bolt.yaml, or bolt-project.yaml at '#{dir}'. "\
-          "This directory won't be loaded as a project."
+          "Did not detect Boltdir or bolt-project.yaml at '#{dir}'. This directory won't be loaded as a project."
         )
         find_boltdir(dir.parent)
       end
@@ -85,9 +75,8 @@ module Bolt
       project_file = File.join(fullpath, CONFIG_NAME)
       data         = Bolt::Util.read_optional_yaml_hash(File.expand_path(project_file), 'project')
       default      = type =~ /user|system/ ? 'default ' : ''
-      exist        = File.exist?(File.expand_path(project_file))
 
-      if exist
+      if File.exist?(File.expand_path(project_file))
         Bolt::Logger.info("Loaded #{default}project from '#{fullpath}'")
       end
 
@@ -105,67 +94,37 @@ module Bolt
     def self.schema
       {
         type:        Hash,
-        properties:  Bolt::Config::BOLT_PROJECT_OPTIONS.map { |opt| [opt, _ref: opt] }.to_h,
+        properties:  Bolt::Config::PROJECT_OPTIONS.map { |opt| [opt, _ref: opt] }.to_h,
         definitions: Bolt::Config::OPTIONS
       }
     end
 
-    def initialize(raw_data, path, type = 'option')
-      @path         = Pathname.new(path).expand_path
-      @project_file = @path + CONFIG_NAME
-
-      if (@path + 'bolt.yaml').file? && project_file?
-        Bolt::Logger.deprecate(
-          "bolt_yaml",
-          "Project-level configuration in bolt.yaml is deprecated if using bolt-project.yaml. "\
-          "Transport config should be set in inventory.yaml, all other config should be set in "\
-          "bolt-project.yaml."
-        )
-      end
-
+    def initialize(data, path, type = 'option')
+      @type              = type
+      @path              = Pathname.new(path).expand_path
+      @project_file      = @path + CONFIG_NAME
       @inventory_file    = @path + 'inventory.yaml'
       @hiera_config      = @path + 'hiera.yaml'
       @puppetfile        = @path + 'Puppetfile'
       @rerunfile         = @path + '.rerun.json'
       @resource_types    = @path + '.resource_types'
-      @type              = type
       @downloads         = @path + 'downloads'
       @plans_path        = @path + 'plans'
       @managed_moduledir = @path + '.modules'
       @backup_dir        = @path + '.bolt-bak'
       @plugin_cache_file = @path + '.plugin_cache.json'
       @plan_cache_file   = @path + '.plan_cache.json'
+      @modulepath        = [(@path + 'modules').to_s]
 
-      if (tc = Bolt::Config::INVENTORY_OPTIONS.keys & raw_data.keys).any?
+      if (tc = Bolt::Config::INVENTORY_OPTIONS.keys & data.keys).any?
         Bolt::Logger.warn(
           "project_transport_config",
           "Transport configuration isn't supported in bolt-project.yaml. Ignoring keys #{tc}."
         )
       end
 
-      @data = raw_data.reject { |k, _| Bolt::Config::INVENTORY_OPTIONS.include?(k) }
-
-      # If the 'modules' key is present in the project configuration file,
-      # use the new, shorter modulepath.
-      @modulepath = if @data.key?('modules')
-                      [(@path + 'modules').to_s]
-                    else
-                      [(@path + 'modules').to_s, (@path + 'site-modules').to_s, (@path + 'site').to_s]
-                    end
-
-      # Once bolt.yaml deprecation is removed, this attribute should be removed
-      # and replaced with .project_file in lib/bolt/config.rb
-      @config_file = if (Bolt::Config::BOLT_OPTIONS & @data.keys).any?
-                       if (@path + 'bolt.yaml').file?
-                         Bolt::Logger.warn(
-                           "project_config_conflict",
-                           "bolt-project.yaml contains valid config keys, bolt.yaml will be ignored"
-                         )
-                       end
-                       @project_file
-                     else
-                       @path + 'bolt.yaml'
-                     end
+      @data = data.slice(*Bolt::Config::PROJECT_OPTIONS)
+
       validate if project_file?
     end
 
@@ -219,7 +178,8 @@ module Bolt
     end
 
     def modules
-      @modules ||= @data['modules']&.map do |mod|
+      mod_data = @data['modules'] || []
+      @modules ||= mod_data.map do |mod|
         if mod.is_a?(String)
           { 'name' => mod }
         else