bolt 3.22.1 → 3.23.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9bb70cb2643e6f83db4c78140e69b63f1adb0547babb48a56f7263d6e231e190
-  data.tar.gz: 87bac24240c774e3142631834692b1c1f03aacd28ec35bb1ef33693be42af1ba
+  metadata.gz: 6b79c90eb580d16111b19753003a7620e530ab9f10a47eb2cc4a5d5f5f1e15e1
+  data.tar.gz: 791076493e0979acd945dd80f6d513eefaaa1170d36f626bf71c1d9a8ff990f3
 SHA512:
-  metadata.gz: 9a5bdda010517568732212c1436560c952da36be78511cfaf2543ce7b330245d7c8d78ebf1c8c2a1feb986f2276d644edf54ccaa1c52cd4d1072954c3e644214
-  data.tar.gz: cc5ec411b3b3d3772f89ce19cca8d3a9bf086c7b4da580c334ccb0c31c763a1641fe5972389a71e7874e64e10323ec7286027bc6c4b86447a8beb28cdb04796a
+  metadata.gz: 881675efbe7148a860a49fb4d74d8c8332af588d27526e29a1df99acbeacee0f802e6f0c71c710506bfdd1e6210a82645eaf1cdb1053d52b760318898142ee93
+  data.tar.gz: 316cb92d945be0a2f3287e6dd7e4cee7505af08b8918f539f9b9ee678f7c9e7704d5dbb83f617eab772dc86f4521c93fab8e01778e5348873c8b39488baf3b43

data/Puppetfile

@@ -5,14 +5,14 @@ forge "http://forge.puppetlabs.com"
 moduledir File.join(File.dirname(__FILE__), 'modules')
 
 # Core modules used by 'apply'
-mod 'puppetlabs-service', '2.1.0'
-mod 'puppetlabs-puppet_agent', '4.9.0'
+mod 'puppetlabs-service', '2.2.0'
+mod 'puppetlabs-puppet_agent', '4.11.0'
 mod 'puppetlabs-facts', '1.4.0'
 
 # Core types and providers for Puppet 6
 mod 'puppetlabs-augeas_core', '1.2.0'
 mod 'puppetlabs-host_core', '1.1.0'
-mod 'puppetlabs-scheduled_task', '3.0.1'
+mod 'puppetlabs-scheduled_task', '3.1.0'
 mod 'puppetlabs-sshkeys_core', '2.3.0'
 mod 'puppetlabs-zfs_core', '1.3.0'
 mod 'puppetlabs-cron_core', '1.1.0'
@@ -22,14 +22,14 @@ mod 'puppetlabs-yumrepo_core', '1.1.0'
 mod 'puppetlabs-zone_core', '1.0.3'
 
 # Useful additional modules
-mod 'puppetlabs-package', '2.1.0'
+mod 'puppetlabs-package', '2.2.0'
 mod 'puppetlabs-powershell_task_helper', '0.1.0'
-mod 'puppetlabs-puppet_conf', '1.2.0'
+mod 'puppetlabs-puppet_conf', '1.3.0'
 mod 'puppetlabs-python_task_helper', '0.5.0'
 mod 'puppetlabs-reboot', '4.1.0'
-mod 'puppetlabs-ruby_task_helper', '0.6.0'
+mod 'puppetlabs-ruby_task_helper', '0.6.1'
 mod 'puppetlabs-ruby_plugin_helper', '0.2.0'
-mod 'puppetlabs-stdlib', '8.1.0'
+mod 'puppetlabs-stdlib', '8.2.0'
 
 # Plugin modules
 mod 'puppetlabs-aws_inventory', '0.7.0'

data/bolt-modules/boltlib/lib/puppet/functions/puppetdb_command.rb

@@ -17,6 +17,8 @@ require 'bolt/error'
 # > **Note:** Not available in apply block
 #
 Puppet::Functions.create_function(:puppetdb_command) do
+  # Send a command with a payload to PuppetDB.
+  #
   # @param command The command to invoke.
   # @param version The version of the command to invoke.
   # @param payload The payload to the command.
@@ -38,7 +40,36 @@ Puppet::Functions.create_function(:puppetdb_command) do
     return_type 'String'
   end
 
+  # Send a command with a payload to a named PuppetDB instance.
+  #
+  # @param command The command to invoke.
+  # @param version The version of the command to invoke.
+  # @param payload The payload to the command.
+  # @param instance The PuppetDB instance to send the command to.
+  # @return The UUID identifying the response sent by PuppetDB.
+  # @example Replace facts for a target using a named PuppetDB instance
+  #   $payload = {
+  #     'certname'           => 'localhost',
+  #     'environment'        => 'dev',
+  #     'producer'           => 'bolt',
+  #     'producer_timestamp' => '1970-01-01',
+  #     'values'             => { 'orchestrator' => 'bolt' }
+  #   }
+  #
+  #   puppetdb_command('replace_facts', 5, $payload, 'instance-1')
+  dispatch :puppetdb_command_with_instance do
+    param 'String[1]', :command
+    param 'Integer', :version
+    param 'Hash[Data, Data]', :payload
+    param 'String', :instance
+    return_type 'String'
+  end
+
   def puppetdb_command(command, version, payload)
+    puppetdb_command_with_instance(command, version, payload, nil)
+  end
+
+  def puppetdb_command_with_instance(command, version, payload, instance)
     # Disallow in apply blocks.
     unless Puppet[:tasks]
       raise Puppet::ParseErrorWithIssue.from_issue_and_stack(
@@ -61,6 +92,6 @@ Puppet::Functions.create_function(:puppetdb_command) do
       )
     end
 
-    puppetdb_client.send_command(command, version, payload)
+    puppetdb_client.send_command(command, version, payload, instance)
   end
 end

data/bolt-modules/boltlib/lib/puppet/functions/puppetdb_fact.rb

@@ -7,6 +7,8 @@ require 'bolt/error'
 # If a node is not found in PuppetDB, it's included in the returned hash with an empty facts hash.
 # Otherwise, the node is included in the hash with a value that is a hash of its facts.
 Puppet::Functions.create_function(:puppetdb_fact) do
+  # Collect facts from PuppetDB.
+  #
   # @param certnames Array of certnames.
   # @return A hash of certname to facts hash for each matched Target.
   # @example Get facts for nodes
@@ -16,13 +18,30 @@ Puppet::Functions.create_function(:puppetdb_fact) do
     return_type 'Hash[String, Data]'
   end
 
+  # Collects facts from a named PuppetDB instance.
+  #
+  # @param certnames Array of certnames.
+  # @param instance The PuppetDB instance to query.
+  # @return A hash of certname to facts hash for each matched Target.
+  # @example Get facts for nodes from a named PuppetDB instance
+  #   puppetdb_fact(['app.example.com', 'db.example.com'], 'instance-1')
+  dispatch :puppetdb_fact_with_instance do
+    param 'Array[String]', :certnames
+    param 'String', :instance
+    return_type 'Hash[String, Data]'
+  end
+
   def puppetdb_fact(certnames)
+    puppetdb_fact_with_instance(certnames, nil)
+  end
+
+  def puppetdb_fact_with_instance(certnames, instance)
     puppetdb_client = Puppet.lookup(:bolt_pdb_client)
     # Bolt executor not expected when invoked from apply block
     executor = Puppet.lookup(:bolt_executor) { nil }
     # Send Analytics Report
     executor&.report_function_call(self.class.name)
 
-    puppetdb_client.facts_for_node(certnames)
+    puppetdb_client.facts_for_node(certnames, instance)
   end
 end

data/bolt-modules/boltlib/lib/puppet/functions/puppetdb_query.rb

@@ -6,6 +6,8 @@ require 'bolt/error'
 # using Bolt's PuppetDB client.
 Puppet::Functions.create_function(:puppetdb_query) do
   # rubocop:disable Layout/LineLength
+  # Make a query to PuppetDB.
+  #
   # @param query A PQL query.
   #   Learn more about [Puppet's query language](https://puppet.com/docs/puppetdb/latest/api/query/tutorial-pql.html), PQL.
   # @return Results of the PuppetDB query.
@@ -16,15 +18,35 @@ Puppet::Functions.create_function(:puppetdb_query) do
     param 'Variant[String, Array[Data]]', :query
     return_type 'Array[Data]'
   end
+
+  # rubocop:disable Layout/LineLength
+  # Make a query to a named PuppetDB instance.
+  #
+  # @param query A PQL query.
+  #   Learn more about [Puppet's query language](https://puppet.com/docs/puppetdb/latest/api/query/tutorial-pql.html), PQL.
+  # @param instance The PuppetDB instance to query.
+  # @return Results of the PuppetDB query.
+  # @example Request certnames for all nodes using a named PuppetDB instance
+  #   puppetdb_query('nodes[certname] {}', 'instance-1')
+  # rubocop:enable Layout/LineLength
+  dispatch :make_query_with_instance do
+    param 'Variant[String, Array[Data]]', :query
+    param 'String', :instance
+    return_type 'Array[Data]'
+  end
   # The query type could be more specific ASTQuery = Array[Variant[String, ASTQuery]]
 
   def make_query(query)
+    make_query_with_instance(query, nil)
+  end
+
+  def make_query_with_instance(query, instance)
     puppetdb_client = Puppet.lookup(:bolt_pdb_client)
     # Bolt executor not expected when invoked from apply block
     executor = Puppet.lookup(:bolt_executor) { nil }
     # Send Analytics Report
     executor&.report_function_call(self.class.name)
 
-    puppetdb_client.make_query(query)
+    puppetdb_client.make_query(query, nil, instance)
   end
 end

data/bolt-modules/boltlib/lib/puppet/functions/run_task.rb

@@ -57,6 +57,7 @@ Puppet::Functions.create_function(:run_task) do
 
     options, params = args.partition { |k, _v| k.start_with?('_') }.map(&:to_h)
     options = options.transform_keys { |k| k.sub(/^_/, '').to_sym }
+    options[:description] = description if description
 
     executor = Puppet.lookup(:bolt_executor)
     inventory = Puppet.lookup(:bolt_inventory)
@@ -68,18 +69,24 @@ Puppet::Functions.create_function(:run_task) do
       executor.report_function_call(self.class.name)
     end
 
-    # Report Analytics for bundled content, this should capture tasks run from both CLI and Plans
+    # Report Analytics for bundled content, this should capture tasks run from
+    # both CLI and Plans.
     executor.report_bundled_content('Task', task_name)
 
-    # Ensure that given targets are all Target instances
+    # Ensure that given targets are all Target instances.
     targets = inventory.get_targets(targets)
 
-    options[:description] = description if description
+    # Return early if there are no targets.
+    if targets.empty?
+      return Bolt::ResultSet.new([])
+    end
 
-    # Don't bother loading the local task definition if all targets use the 'pcp' transport.
-    if !targets.empty? && targets.all? { |t| t.transport == 'pcp' }
-      # create a fake task
-      task = Bolt::Task.new(task_name, {}, [{ 'name' => '', 'path' => '' }])
+    # If all targets use the PCP transport, create a fake task instead of
+    # loading the actual task definition.
+    if targets.all? { |t| t.transport == 'pcp' }
+      task = Bolt::Task.new(task_name,
+                            { 'supports_noop' => true },
+                            [{ 'name' => '', 'path' => '' }])
     else
       # TODO: use the compiler injection once PUP-8237 lands
       task_signature = Puppet::Pal::ScriptCompiler.new(closure_scope.compiler).task_signature(task_name)
@@ -89,7 +96,8 @@ Puppet::Functions.create_function(:run_task) do
 
       task = Bolt::Task.from_task_signature(task_signature)
 
-      # Set the default value for any params that have one and were not provided or are undef
+      # Set the default value for any params that have one and were not provided
+      # or are undef.
       params = task.parameter_defaults.merge(params) do |_, default, passed|
         passed.nil? ? default : passed
       end
@@ -99,9 +107,9 @@ Puppet::Functions.create_function(:run_task) do
       end || (raise with_stack(:TYPE_MISMATCH, 'Task parameters do not match'))
     end
 
+    # Generate a helpful error message about the type-mismatch between the type
+    # Data and the actual type of params.
     unless Puppet::Pops::Types::TypeFactory.data.instance?(params)
-      # generate a helpful error message about the type-mismatch between the type Data
-      # and the actual type of params
       params_t = Puppet::Pops::Types::TypeCalculator.infer_set(params)
       desc = Puppet::Pops::Types::TypeMismatchDescriber.singleton.describe_mismatch(
         'Task parameters are not of type Data. run_task()',
@@ -133,23 +141,20 @@ Puppet::Functions.create_function(:run_task) do
     # Report whether the task was run in noop mode.
     executor.report_noop_mode(executor.noop || options[:noop])
 
-    if targets.empty?
-      Bolt::ResultSet.new([])
-    else
-      file_line = Puppet::Pops::PuppetStack.top_of_stack
-      result = if executor.in_parallel?
-                 executor.run_in_thread do
-                   executor.run_task(targets, task, params, options, file_line)
-                 end
-               else
+    file_line = Puppet::Pops::PuppetStack.top_of_stack
+    result = if executor.in_parallel?
+               executor.run_in_thread do
                  executor.run_task(targets, task, params, options, file_line)
                end
+             else
+               executor.run_task(targets, task, params, options, file_line)
+             end
 
-      if !result.ok && !options[:catch_errors]
-        raise Bolt::RunFailure.new(result, 'run_task', task_name)
-      end
-      result
+    if !result.ok && !options[:catch_errors]
+      raise Bolt::RunFailure.new(result, 'run_task', task_name)
     end
+
+    result
   end
 
   def with_stack(kind, msg)

data/bolt-modules/boltlib/lib/puppet/functions/run_task_with.rb

@@ -92,10 +92,17 @@ Puppet::Functions.create_function(:run_task_with) do
     # Get all the targets
     targets = Array(inventory.get_targets(targets))
 
+    # Return early if there are no targets.
+    if targets.empty?
+      return Bolt::ResultSet.new([])
+    end
+
     # If all targets use the 'pcp' transport, use a fake task instead of loading the local definition
     # Otherwise, load the local task definition
-    if (pcp_only = targets.any? && targets.all? { |t| t.transport == 'pcp' })
-      task = Bolt::Task.new(task_name, {}, [{ 'name' => '', 'path' => '' }])
+    if (pcp_only = targets.all? { |t| t.transport == 'pcp' })
+      task = Bolt::Task.new(task_name,
+                            { 'supports_noop' => true },
+                            [{ 'name' => '', 'path' => '' }])
     else
       task_signature = Puppet::Pal::ScriptCompiler.new(closure_scope.compiler).task_signature(task_name)
 
@@ -178,27 +185,23 @@ Puppet::Functions.create_function(:run_task_with) do
     # Report whether the task was run in noop mode.
     executor.report_noop_mode(executor.noop || options[:noop])
 
-    if targets.empty?
-      Bolt::ResultSet.new([])
-    else
-      # Combine the results from the task run with any failing results that were
-      # generated earlier when creating the target mapping
-      file_line = Puppet::Pops::PuppetStack.top_of_stack
-      task_result = if executor.in_parallel?
-                      executor.run_in_thread do
-                        executor.run_task_with(target_mapping, task, options, file_line)
-                      end
-                    else
+    # Combine the results from the task run with any failing results that were
+    # generated earlier when creating the target mapping
+    file_line = Puppet::Pops::PuppetStack.top_of_stack
+    task_result = if executor.in_parallel?
+                    executor.run_in_thread do
                       executor.run_task_with(target_mapping, task, options, file_line)
                     end
-      result = Bolt::ResultSet.new(task_result.results + error_set)
-
-      if !result.ok && !options[:catch_errors]
-        raise Bolt::RunFailure.new(result, 'run_task', task_name)
-      end
+                  else
+                    executor.run_task_with(target_mapping, task, options, file_line)
+                  end
+    result = Bolt::ResultSet.new(task_result.results + error_set)
 
-      result
+    if !result.ok && !options[:catch_errors]
+      raise Bolt::RunFailure.new(result, 'run_task', task_name)
     end
+
+    result
   end
 
   def with_stack(kind, msg)

data/lib/bolt/applicator.rb

@@ -162,7 +162,13 @@ module Bolt
 
     def validate_hiera_config(hiera_config)
       if File.exist?(File.path(hiera_config))
-        data = File.open(File.path(hiera_config), "r:UTF-8") { |f| YAML.safe_load(f.read, [Symbol]) }
+        data = File.open(File.path(hiera_config), "r:UTF-8") do |f|
+          if Psych.method(:safe_load).parameters.rassoc(:permitted_classes)
+            YAML.safe_load(f.read, permitted_classes: [Symbol])
+          else
+            YAML.safe_load(f.read, [Symbol])
+          end
+        end
         if data.nil?
           return nil
         elsif data['version'] != 5
@@ -219,7 +225,7 @@ module Bolt
         code_ast: ast,
         modulepath: @modulepath,
         project: @project.to_h,
-        pdb_config: @pdb_client.config.to_hash,
+        pdb_config: @pdb_client.instance(options[:puppetdb]).config.to_hash,
         hiera_config: @hiera_config,
         plan_vars: plan_vars,
         # This data isn't available on the target config hash

data/lib/bolt/bolt_option_parser.rb

@@ -10,7 +10,7 @@ module Bolt
     OPTIONS = { inventory: %w[targets query rerun],
                 authentication: %w[user password password-prompt private-key host-key-check ssl ssl-verify],
                 escalation: %w[run-as sudo-password sudo-password-prompt sudo-executable],
-                run_context: %w[concurrency inventoryfile save-rerun cleanup],
+                run_context: %w[concurrency inventoryfile save-rerun cleanup puppetdb],
                 global_config_setters: PROJECT_PATHS + %w[modulepath],
                 transports: %w[transport connect-timeout tty native-ssh ssh-command copy-command],
                 display: %w[format color verbose trace stream],
@@ -1054,6 +1054,9 @@ module Bolt
       define('--[no-]save-rerun', 'Whether to update the rerun file after this command.') do |save|
         @options[:'save-rerun'] = save
       end
+      define('--puppetdb INSTANCE', 'The named PuppetDB instance to connect to by default.') do |instance|
+        @options[:default_puppetdb] = instance
+      end
 
       separator "\n#{self.class.colorize(:cyan, 'Remote environment options')}"
       define('--env-var ENVIRONMENT_VARIABLES', 'Environment variables to set on the target.') do |envvar|

data/lib/bolt/catalog.rb

@@ -56,7 +56,7 @@ module Bolt
     end
 
     def compile_catalog(request)
-      pdb_client = Bolt::PuppetDB::Client.new(Bolt::PuppetDB::Config.new(request['pdb_config']))
+      pdb_client = Bolt::PuppetDB::Client.new(config: request['pdb_config'])
       project = request['project']
       bolt_project = Struct.new(:name, :path, :load_as_module?).new(project['name'],
                                                                     project['path'],

data/lib/bolt/config/options.rb

@@ -54,6 +54,58 @@ module Bolt
         }
       }.freeze
 
+      # PuppetDB options.
+      PUPPETDB_OPTIONS = {
+        "cacert" => {
+          description: "The path to the ca certificate for PuppetDB.",
+          type: String,
+          _example: "/etc/puppetlabs/puppet/ssl/certs/ca.pem",
+          _plugin: true
+        },
+        "cert" => {
+          description: "The path to the client certificate file to use for authentication.",
+          type: String,
+          _example: "/etc/puppetlabs/puppet/ssl/certs/my-host.example.com.pem",
+          _plugin: true
+        },
+        "connect_timeout" => {
+          description: "How long to wait in seconds when establishing connections with PuppetDB.",
+          type: Integer,
+          minimum: 1,
+          _default: 60,
+          _example: 120,
+          _plugin: true
+        },
+        "key" => {
+          description: "The private key for the certificate.",
+          type: String,
+          _example: "/etc/puppetlabs/puppet/ssl/private_keys/my-host.example.com.pem",
+          _plugin: true
+        },
+        "read_timeout" => {
+          description: "How long to wait in seconds for a response from PuppetDB.",
+          type: Integer,
+          minimum: 1,
+          _default: 60,
+          _example: 120,
+          _plugin: true
+        },
+        "server_urls" => {
+          description: "An array containing the PuppetDB host to connect to. Include the protocol `https` "\
+                        "and the port, which is usually `8081`. For example, "\
+                        "`https://my-puppetdb-server.com:8081`.",
+          type: Array,
+          _example: ["https://puppet.example.com:8081"],
+          _plugin: true
+        },
+        "token" => {
+          description: "The path to the PE RBAC Token.",
+          type: String,
+          _example: "~/.puppetlabs/token",
+          _plugin: true
+        }
+      }.freeze
+
       # Definitions used to validate config options.
       # https://github.com/puppetlabs/bolt/blob/main/schemas/README.md
       OPTIONS = {
@@ -409,55 +461,17 @@ module Bolt
           description: "A map containing options for [configuring the Bolt PuppetDB "\
                        "client](bolt_connect_puppetdb.md).",
           type: Hash,
-          properties: {
-            "cacert" => {
-              description: "The path to the ca certificate for PuppetDB.",
-              type: String,
-              _example: "/etc/puppetlabs/puppet/ssl/certs/ca.pem",
-              _plugin: true
-            },
-            "cert" => {
-              description: "The path to the client certificate file to use for authentication.",
-              type: String,
-              _example: "/etc/puppetlabs/puppet/ssl/certs/my-host.example.com.pem",
-              _plugin: true
-            },
-            "connect_timeout" => {
-              description: "How long to wait in seconds when establishing connections with PuppetDB.",
-              type: Integer,
-              minimum: 1,
-              _default: 60,
-              _example: 120,
-              _plugin: true
-            },
-            "key" => {
-              description: "The private key for the certificate.",
-              type: String,
-              _example: "/etc/puppetlabs/puppet/ssl/private_keys/my-host.example.com.pem",
-              _plugin: true
-            },
-            "read_timeout" => {
-              description: "How long to wait in seconds for a response from PuppetDB.",
-              type: Integer,
-              minimum: 1,
-              _default: 60,
-              _example: 120,
-              _plugin: true
-            },
-            "server_urls" => {
-              description: "An array containing the PuppetDB host to connect to. Include the protocol `https` "\
-                           "and the port, which is usually `8081`. For example, "\
-                           "`https://my-puppetdb-server.com:8081`.",
-              type: Array,
-              _example: ["https://puppet.example.com:8081"],
-              _plugin: true
-            },
-            "token" => {
-              description: "The path to the PE RBAC Token.",
-              type: String,
-              _example: "~/.puppetlabs/token",
-              _plugin: true
-            }
+          properties: PUPPETDB_OPTIONS,
+          _plugin: true
+        },
+        "puppetdb-instances" => {
+          description: "A map of named PuppetDB instances and their configuration, where keys are the name "\
+                       "of a PuppetDB instance and values are maps of configuration options. For more "\
+                       "information, see [Connecting Bolt to PuppetDB](bolt_connect_puppetdb.md).",
+          type: Hash,
+          additionalProperties: {
+            type: Hash,
+            properties: PUPPETDB_OPTIONS
           },
           _plugin: true
         },
@@ -610,6 +624,7 @@ module Bolt
         plugin-hooks
         plugins
         puppetdb
+        puppetdb-instances
         save-rerun
         spinner
         stream
@@ -637,6 +652,7 @@ module Bolt
         plugins
         policies
         puppetdb
+        puppetdb-instances
         rerunfile
         save-rerun
         spinner

data/lib/bolt/config.rb

@@ -181,6 +181,7 @@ module Bolt
         'plugin-hooks'        => {},
         'plugins'             => {},
         'puppetdb'            => {},
+        'puppetdb-instances'  => {},
         'save-rerun'          => true,
         'spinner'             => true,
         'transport'           => 'ssh'
@@ -225,7 +226,7 @@ module Bolt
 
       # Pull out config options. We need to add 'transport' and 'inventoryfile' as they're
       # not part of the OPTIONS hash but are valid options that can be set with CLI options
-      overrides = opts.slice(*OPTIONS.keys, 'inventoryfile', 'transport')
+      overrides = opts.slice(*OPTIONS.keys, 'inventoryfile', 'transport', 'default_puppetdb')
 
       # Pull out transport config options
       TRANSPORT_CONFIG.each do |transport, config|
@@ -252,14 +253,14 @@ module Bolt
       config_data.inject({}) do |acc, config|
         acc.merge(config) do |key, val1, val2|
           case key
-          # Plugin config is shallow merged for each plugin
+          # Shallow merge config for each plugin
           when 'plugins'
             val1.merge(val2) { |_, v1, v2| v1.merge(v2) }
           # Transports are deep merged
           when *TRANSPORT_CONFIG.keys
             Bolt::Util.deep_merge(val1, val2)
           # Hash values are shallow merged
-          when 'apply-settings', 'log', 'plugin-hooks', 'puppetdb'
+          when 'apply-settings', 'log', 'plugin-hooks', 'puppetdb', 'puppetdb-instances'
             val1.merge(val2)
           # Disabled warnings are concatenated
           when 'disable-warnings'
@@ -407,6 +408,14 @@ module Bolt
       @data['puppetdb']
     end
 
+    def puppetdb_instances
+      @data['puppetdb-instances']
+    end
+
+    def default_puppetdb
+      @data['default_puppetdb']
+    end
+
     def color
       @data['color']
     end

data/lib/bolt/outputter/human.rb

@@ -405,10 +405,15 @@ module Bolt
 
         # Add plan name and description
         info << colorize(:cyan, "#{plan['name']}\n")
-        info << if plan['description']
-                  indent(2, plan['description'].chomp)
-                else
+
+        description = +''
+        description << "#{plan['summary']}\n\n" if plan['summary']
+        description << plan['docstring'] if plan['docstring']
+
+        info << if description.empty?
                   indent(2, 'No description available.')
+                else
+                  indent(2, description.strip)
                 end
         info << "\n\n"
 

data/lib/bolt/pal/yaml_plan/loader.rb

@@ -50,7 +50,7 @@ module Bolt
         def self.parse_plan(yaml_string, source_ref)
           # This passes the filename as the second arg for compatibility with Psych used with ruby < 2.6
           # This can be removed when we remove support for ruby 2.5
-          parse_tree = if Psych.method(:parse).parameters.include?('legacy_filename')
+          parse_tree = if Psych.method(:parse).parameters.rassoc(:filename) == %i[key filename]
                          Psych.parse(yaml_string, filename: source_ref)
                        else
                          Psych.parse(yaml_string, source_ref)

data/lib/bolt/pal.rb

@@ -531,7 +531,9 @@ module Bolt
           'description' => description,
           'parameters'  => parameters,
           'module'      => mod,
-          'private'     => private_plan?(plan)
+          'private'     => private_plan?(plan),
+          'summary'     => plan.tag(:summary)&.text,
+          'docstring'   => (plan.docstring unless plan.docstring.empty?)
         }
 
         pp_info.merge!(get_plan_mtime(plan.file)) if with_mtime
@@ -564,7 +566,9 @@ module Bolt
           'description' => plan.description,
           'parameters'  => parameters,
           'module'      => mod,
-          'private'     => !!plan.private
+          'private'     => !!plan.private,
+          'docstring'   => plan.description,
+          'summary'     => nil
         }
 
         yaml_info.merge!(get_plan_mtime(yaml_path)) if with_mtime