bolt 1.47.0 → 1.48.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8d8c51d1ab9354303ccda2f36ebd31553fa0d8bf91adfe2e505e701cb8fc32eb
-  data.tar.gz: f092a00fc4ea73fea86b54e6d36f535e873a15d79d00bc85bae433b5fa6eace5
+  metadata.gz: 006dcb3a880fefec3005eebb9f31126c3dc164c45d90010f5e7d5b6d984556e2
+  data.tar.gz: eaf4f944a88fba6aa4f1a0bb6fabe227246fa1ca90a63516a60d8db656f05176
 SHA512:
-  metadata.gz: 741f8a885261e3b50413201fcfb0688d5a0c39a593a6225e9472c2822a114ae135be3b3fb30ee0433d0572ec4440f6cc0f505e10727098d55613b722fd9d86aa
-  data.tar.gz: 3bce21f684265bd81f23b2a182c6d3bdc858a742faa28591a2483836dea04c736282d0e3551cd54843c7276d85d2e27e1f0794e956a7d973f57493e18973311a
+  metadata.gz: 3fc3a8337bed7f52c5b091a94b388de07514d3dcc0840d1523b1417769e244dfa1840b8a77616170589343ceb451e726121752eb4927db271cda526ad7eb0b0e
+  data.tar.gz: 617985134dd23308316303222af69da7ca08bf1840b5fb7301a0dc9b609ba0cc1430877b3bf02c7aaa1f2173c1ca20a76dc36594332f0b8f979aa65b5620f449

data/Puppetfile

@@ -6,8 +6,8 @@ moduledir File.join(File.dirname(__FILE__), 'modules')
 
 # Core modules used by 'apply'
 mod 'puppetlabs-service', '1.1.0'
-mod 'puppetlabs-facts', '0.6.0'
-mod 'puppetlabs-puppet_agent', '2.2.2'
+mod 'puppetlabs-puppet_agent', '3.0.1'
+mod 'puppetlabs-facts', '1.0.0'
 
 # Core types and providers for Puppet 6
 mod 'puppetlabs-augeas_core', '1.0.5'

data/bolt-modules/boltlib/lib/puppet/functions/apply_prep.rb

@@ -7,13 +7,9 @@ require 'bolt/task'
 # installed using either the configured plugin or the `task` plugin with the
 # `puppet_agent::install` task.
 #
-# Agent detection will be skipped if the target includes the 'puppet-agent' feature, either as a
+# Agent installation will be skipped if the target includes the 'puppet-agent' feature, either as a
 # property of its transport (PCP) or by explicitly setting it as a feature in Bolt's inventory.
 #
-# If Bolt does not detect an agent on the target using the 'puppet_agent::version' task,
-# it will install the agent using either the configured plugin or the
-# task plugin.
-#
 # **NOTE:** Not available in apply block
 Puppet::Functions.create_function(:apply_prep) do
   # @param targets A pattern or array of patterns identifying a set of targets.
@@ -41,7 +37,7 @@ Puppet::Functions.create_function(:apply_prep) do
       raise Bolt::ValidationError, "Invalid parameters for #{errors.join("\n")}"
     end
 
-    Bolt::Task.new(tasksig.task_hash)
+    Bolt::Task.from_task_signature(tasksig)
   end
 
   # rubocop:disable Naming/AccessorMethodName
@@ -79,53 +75,40 @@ Puppet::Functions.create_function(:apply_prep) do
     executor.log_action('install puppet and gather facts', targets) do
       executor.without_default_logging do
         # Skip targets that include the puppet-agent feature, as we know an agent will be available.
-        agent_targets, unknown_targets = targets.partition { |target| agent?(target, executor, inventory) }
+        agent_targets, need_install_targets = targets.partition { |target| agent?(target, executor, inventory) }
         agent_targets.each { |target| Puppet.debug "Puppet Agent feature declared for #{target.name}" }
-        unless unknown_targets.empty?
-          # Ensure Puppet is installed
-          version_task = get_task('puppet_agent::version')
-          versions = run_task(unknown_targets, version_task)
-          raise Bolt::RunFailure.new(versions, 'run_task', 'puppet_agent::version') unless versions.ok?
-          need_install, installed = versions.partition { |r| r['version'].nil? }
-          installed.each do |r|
-            Puppet.debug "Puppet Agent #{r['version']} installed on #{r.target.name}"
-            set_agent_feature(r.target)
-          end
-
-          unless need_install.empty?
-            need_install_targets = need_install.map(&:target)
-            # lazy-load expensive gem code
-            require 'concurrent'
-            pool = Concurrent::ThreadPoolExecutor.new
-
-            hooks = need_install_targets.map do |t|
-              begin
-                opts = t.plugin_hooks&.fetch('puppet_library').dup
-                plugin_name = opts.delete('plugin')
-                hook = inventory.plugins.get_hook(plugin_name, :puppet_library)
-                { 'target' => t,
-                  'hook_proc' => hook.call(opts, t, self) }
-              rescue StandardError => e
-                Bolt::Result.from_exception(t, e)
-              end
+        unless need_install_targets.empty?
+          # lazy-load expensive gem code
+          require 'concurrent'
+          pool = Concurrent::ThreadPoolExecutor.new
+
+          hooks = need_install_targets.map do |t|
+            begin
+              opts = t.plugin_hooks&.fetch('puppet_library').dup
+              plugin_name = opts.delete('plugin')
+              hook = inventory.plugins.get_hook(plugin_name, :puppet_library)
+              { 'target' => t,
+                'hook_proc' => hook.call(opts, t, self) }
+            rescue StandardError => e
+              Bolt::Result.from_exception(t, e)
             end
+          end
 
-            hook_errors, ok_hooks = hooks.partition { |h| h.is_a?(Bolt::Result) }
-
-            futures = ok_hooks.map do |hash|
-              Concurrent::Future.execute(executor: pool) do
-                hash['hook_proc'].call
-              end
-            end
+          hook_errors, ok_hooks = hooks.partition { |h| h.is_a?(Bolt::Result) }
 
-            results = futures.zip(ok_hooks).map do |f, hash|
-              f.value || Bolt::Result.from_exception(hash['target'], f.reason)
+          futures = ok_hooks.map do |hash|
+            Concurrent::Future.execute(executor: pool) do
+              hash['hook_proc'].call
             end
-            set = Bolt::ResultSet.new(results + hook_errors)
-            raise Bolt::RunFailure.new(set.error_set, 'apply_prep') unless set.ok
+          end
 
-            need_install_targets.each { |target| set_agent_feature(target) }
+          results = futures.zip(ok_hooks).map do |f, hash|
+            f.value || Bolt::Result.from_exception(hash['target'], f.reason)
           end
+          set = Bolt::ResultSet.new(results + hook_errors)
+          raise Bolt::RunFailure.new(set.error_set, 'apply_prep') unless set.ok
+
+          need_install_targets.each { |target| set_agent_feature(target) }
         end
 
         # Gather facts, including custom facts

data/bolt-modules/boltlib/lib/puppet/functions/get_resources.rb

@@ -30,7 +30,7 @@ Puppet::Functions.create_function(:get_resources) do
     tasksig = script_compiler.task_signature(name)
     raise Bolt::Error.new("#{name} could not be found", 'bolt/get-resources') unless tasksig
 
-    task = Bolt::Task.new(tasksig.task_hash)
+    task = Bolt::Task.from_task_signature(tasksig)
     results = executor.run_task(targets, task, args)
     raise Bolt::RunFailure.new(results, 'run_task', task.name) unless results.ok?
     results

data/bolt-modules/boltlib/lib/puppet/functions/run_task.rb

@@ -72,7 +72,7 @@ Puppet::Functions.create_function(:run_task) do
     # Don't bother loading the local task definition if all targets use the 'pcp' transport.
     if !targets.empty? && targets.all? { |t| t.transport == 'pcp' }
       # create a fake task
-      task = Bolt::Task.new(name: task_name, files: [{ 'name' => '', 'path' => '' }])
+      task = Bolt::Task.new(task_name, {}, [{ 'name' => '', 'path' => '' }])
     else
       # TODO: use the compiler injection once PUP-8237 lands
       task_signature = Puppet::Pal::ScriptCompiler.new(closure_scope.compiler).task_signature(task_name)
@@ -80,7 +80,7 @@ Puppet::Functions.create_function(:run_task) do
         raise Bolt::Error.unknown_task(task_name)
       end
 
-      task = Bolt::Task.new(task_signature.task_hash)
+      task = Bolt::Task.from_task_signature(task_signature)
 
       # Set the default value for any params that have one and were not provided
       params = task.parameter_defaults.merge(params)

data/lib/bolt/applicator.rb

@@ -1,19 +1,20 @@
 # frozen_string_literal: true
 
 require 'base64'
+require 'bolt/apply_result'
+require 'bolt/apply_target'
+require 'bolt/config'
+require 'bolt/error'
+require 'bolt/task'
+require 'bolt/util/puppet_log_level'
 require 'find'
 require 'json'
 require 'logging'
 require 'open3'
-require 'bolt/error'
-require 'bolt/task'
-require 'bolt/apply_result'
-require 'bolt/apply_target'
-require 'bolt/util/puppet_log_level'
 
 module Bolt
   class Applicator
-    def initialize(inventory, executor, modulepath, plugin_dirs, pdb_client, hiera_config, max_compiles)
+    def initialize(inventory, executor, modulepath, plugin_dirs, pdb_client, hiera_config, max_compiles, apply_settings)
       # lazy-load expensive gem code
       require 'concurrent'
 
@@ -23,6 +24,7 @@ module Bolt
       @plugin_dirs = plugin_dirs
       @pdb_client = pdb_client
       @hiera_config = hiera_config ? validate_hiera_config(hiera_config) : nil
+      @apply_settings = apply_settings || {}
 
       @pool = Concurrent::ThreadPoolExecutor.new(max_threads: max_compiles)
       @logger = Logging.logger[self]
@@ -50,7 +52,7 @@ module Bolt
                        { 'name' => 'custom_facts.rb' },
                        { 'name' => 'custom_facts.rb', 'remote' => true }
                      ] }
-        Bolt::Task.new(name: 'apply_helpers::custom_facts', files: [file], metadata: metadata)
+        Bolt::Task.new('apply_helpers::custom_facts', metadata, [file])
       end
     end
 
@@ -63,7 +65,7 @@ module Bolt
                                                { 'name' => 'apply_catalog.rb' },
                                                { 'name' => 'apply_catalog.rb', 'remote' => true }
                                              ] }
-                                Bolt::Task.new(name: 'apply_helpers::apply_catalog', files: [file], metadata: metadata)
+                                Bolt::Task.new('apply_helpers::apply_catalog', metadata, [file])
                               end
     end
 
@@ -77,7 +79,7 @@ module Bolt
                        { 'name' => 'query_resources.rb', 'remote' => true }
                      ] }
 
-        Bolt::Task.new(name: 'apply_helpers::query_resources', files: [file], metadata: metadata)
+        Bolt::Task.new('apply_helpers::query_resources', metadata, [file])
       end
     end
 
@@ -250,7 +252,9 @@ module Bolt
       end
       # rubocop:enable Style/GlobalVars
 
-      r = @executor.log_action('apply catalog', targets) do
+      description = options[:description] || 'apply catalog'
+
+      r = @executor.log_action(description, targets) do
         futures = targets.map do |target|
           Concurrent::Future.execute(executor: @pool) do
             @executor.with_node_logging("Compiling manifest block", [target]) do
@@ -270,6 +274,7 @@ module Bolt
               arguments = {
                 'catalog' => Puppet::Pops::Types::PSensitiveType::Sensitive.new(catalog),
                 'plugins' => Puppet::Pops::Types::PSensitiveType::Sensitive.new(plugins),
+                'apply_settings' => @apply_settings,
                 '_task' => catalog_apply_task.name,
                 '_noop' => options[:noop]
               }

data/lib/bolt/bolt_option_parser.rb

@@ -127,7 +127,7 @@ module Bolt
       when 'task'
         case action
         when 'run'
-          { flags: ACTION_OPTS + %w[params tmpdir],
+          { flags: ACTION_OPTS + %w[params tmpdir noop],
             banner: TASK_RUN_HELP }
         when 'show'
           { flags: OPTIONS[:global] + OPTIONS[:global_config_setters],
@@ -627,7 +627,7 @@ module Bolt
              "'success' nodes that succeeded in the last run.") do |rerun|
         @options[:rerun] = rerun
       end
-      define('--noop', 'Execute a task that supports it in noop mode') do |_|
+      define('--noop', 'See what changes Bolt will make without actually executing the changes') do |_|
         @options[:noop] = true
       end
       define('--description DESCRIPTION',

data/lib/bolt/cli.rb

@@ -132,6 +132,9 @@ module Bolt
       # Logger must be configured before checking path case, otherwise warnings will not display
       @config.check_path_case('modulepath', @config.modulepath)
 
+      # Log the file paths for loaded config files
+      config_loaded
+
       parser.warnings.each { |warning| @logger.warn(warning[:msg]) }
       # After validation, initialize inventory and targets. Errors here are better to catch early.
       # After this step
@@ -448,7 +451,7 @@ module Bolt
     end
 
     def show_task(task_name)
-      outputter.print_task_info(pal.get_task_info(task_name))
+      outputter.print_task_info(pal.get_task(task_name))
     end
 
     def list_tasks
@@ -665,7 +668,8 @@ module Bolt
                              config.hiera_config,
                              config.boltdir.resource_types,
                              config.compile_concurrency,
-                             config.trusted_external)
+                             config.trusted_external,
+                             config.apply_settings)
     end
 
     def convert_plan(plan)
@@ -717,5 +721,12 @@ module Bolt
 
       content
     end
+
+    def config_loaded
+      msg = <<~MSG
+        Loaded configuration from: '#{config.config_files.join("', '")}'
+      MSG
+      @logger.debug(msg)
+    end
   end
 end

data/lib/bolt/config.rb

@@ -34,22 +34,18 @@ module Bolt
   class Config
     attr_accessor :concurrency, :format, :trace, :log, :puppetdb, :color, :save_rerun,
                   :transport, :transports, :inventoryfile, :compile_concurrency, :boltdir,
-                  :puppetfile_config, :plugins, :plugin_hooks, :future, :trusted_external
+                  :puppetfile_config, :plugins, :plugin_hooks, :future, :trusted_external,
+                  :apply_settings
     attr_writer :modulepath
+    attr_reader :config_files
 
     OPTIONS = {
+      "apply_settings"           => "A map of Puppet settings to use when applying Puppet code",
       "color"                    => "Whether to use colored output when printing messages to the console.",
       "compile-concurrency"      => "The maximum number of simultaneous manifest block compiles.",
       "concurrency"              => "The number of threads to use when executing on remote targets.",
       "format"                   => "The format to use when printing results. Options are `human` and `json`.",
       "hiera-config"             => "The path to your Hiera config.",
-      "interpreters"             => "A map of an extension name to the absolute path of an executable, "\
-                                    "enabling you to override the shebang defined in a task executable. The "\
-                                    "extension can optionally be specified with the `.` character (`.py` and "\
-                                    "`py` both map to a task executable `task.py`) and the extension is case "\
-                                    "sensitive. The transports that support interpreter configuration are "\
-                                    "`docker`, `local`, `ssh`, and `winrm`. When a target's name is `localhost`, "\
-                                    "Ruby tasks run with the Bolt Ruby interpreter by default.",
       "inventoryfile"            => "The path to a structured data inventory file used to refer to groups of "\
                                     "targets on the command line and from plans.",
       "log"                      => "The configuration of the logfile output. Configuration can be set for "\
@@ -58,6 +54,8 @@ module Bolt
                                     "of directories or a string containing a list of directories separated by the "\
                                     "OS-specific PATH separator.",
       "plugin_hooks"             => "Which plugins a specific hook should use.",
+      "plugins"                  => "A map of plugins and their configuration data.",
+      "puppetdb"                 => "A map containing options for configuring the Bolt PuppetDB client.",
       "puppetfile"               => "A map containing options for the `bolt puppetfile install` command.",
       "save-rerun"               => "Whether to update `.rerun.json` in the Bolt project directory. If "\
                                     "your target names include passwords, set this value to `false` to avoid "\
@@ -101,23 +99,64 @@ module Bolt
       "level"  => "`warn` for console, `notice` for file"
     }.freeze
 
+    APPLY_SETTINGS = {
+      "show_diff" => "Whether to log and report a contextual diff when files are being replaced. "\
+                     "See [Puppet documentation](https://puppet.com/docs/puppet/latest/configuration.html#showdiff) "\
+                     "for details"
+    }.freeze
+
+    DEFAULT_APPLY_SETTINGS = {
+      "show_diff" => false
+    }.freeze
+
     def self.default
       new(Bolt::Boltdir.new('.'), {})
     end
 
     def self.from_boltdir(boltdir, overrides = {})
-      data = Bolt::Util.read_config_file(nil, [boltdir.config_file], 'config') || {}
+      data = {
+        filepath: boltdir.config_file,
+        data: Bolt::Util.read_config_file(nil, [boltdir.config_file], 'config')
+      }
+
+      data = load_defaults.push(data).select { |config| config[:data]&.any? }
+
       new(boltdir, data, overrides)
     end
 
     def self.from_file(configfile, overrides = {})
       boltdir = Bolt::Boltdir.new(Pathname.new(configfile).expand_path.dirname)
-      data = Bolt::Util.read_config_file(configfile, [], 'config') || {}
+
+      data = {
+        filepath: boltdir.config_file,
+        data: Bolt::Util.read_config_file(configfile, [], 'config')
+      }
+
+      data = load_defaults.push(data).select { |config| config[:data]&.any? }
 
       new(boltdir, data, overrides)
     end
 
+    def self.load_defaults
+      # Lazy-load expensive gem code
+      require 'win32/dir' if Bolt::Util.windows?
+
+      system_path = if Bolt::Util.windows?
+                      Pathname.new(File.join(Dir::COMMON_APPDATA, 'PuppetLabs', 'bolt', 'etc', 'bolt.yaml'))
+                    else
+                      Pathname.new(File.join('/etc', 'puppetlabs', 'bolt', 'bolt.yaml'))
+                    end
+      user_path = Pathname.new(File.expand_path(File.join('~', '.puppetlabs', 'etc', 'bolt', 'bolt.yaml')))
+
+      [{ filepath: system_path, data: Bolt::Util.read_config_file(nil, [system_path], 'config') },
+       { filepath: user_path, data: Bolt::Util.read_config_file(nil, [user_path], 'config') }]
+    end
+
     def initialize(boltdir, config_data, overrides = {})
+      unless config_data.is_a?(Array)
+        config_data = [{ filepath: boltdir.config_file, data: config_data }]
+      end
+
       @logger = Logging.logger[self]
 
       @boltdir = boltdir
@@ -131,6 +170,7 @@ module Bolt
       @puppetfile_config = {}
       @plugins = {}
       @plugin_hooks = {}
+      @apply_settings = {}
 
       # add an entry for the default console logger
       @log = { 'console' => {} }
@@ -141,12 +181,39 @@ module Bolt
         @transports[key] = transport.default_options
       end
 
+      @config_files = config_data.map { |config| config[:filepath] }
+
+      config_data = merge_config_data(config_data)
       update_from_file(config_data)
+
       apply_overrides(overrides)
 
       validate
     end
 
+    # Merge configuration
+    # Precedence from highest to lowest is: project, user-level, system-wide
+    def merge_config_data(config_data)
+      config_data.inject({}) do |acc, config|
+        acc.merge(config[:data]) do |key, val1, val2|
+          case key
+          # Plugin config is shallow merged for each plugin
+          when 'plugins'
+            val1.merge(val2) { |_, v1, v2| v1.merge(v2) }
+          # Transports are deep merged
+          when *TRANSPORTS.keys.map(&:to_s)
+            Bolt::Util.deep_merge(val1, val2)
+          # Hash values are shallow mergeed
+          when 'puppetdb', 'plugin_hooks', 'apply_settings', 'log'
+            val1.merge(val2)
+          # All other values are overwritten
+          else
+            val2
+          end
+        end
+      end
+    end
+
     def overwrite_transport_data(transport, transports)
       @transport = transport
       @transports = transports
@@ -224,14 +291,16 @@ module Bolt
       @trusted_external = if data.key?('trusted-external-command')
                             File.expand_path(data['trusted-external-command'], @boltdir.path)
                           end
+
+      if data.key?('apply_settings')
+        @apply_settings = data['apply_settings'].select { |k, _| APPLY_SETTINGS.keys.include?(k) }
+      end
+
       @compile_concurrency = data['compile-concurrency'] if data.key?('compile-concurrency')
 
       @save_rerun = data['save-rerun'] if data.key?('save-rerun')
 
-      @plugins = data['plugins'] if data.key?('plugins')
-      @plugin_hooks = data['plugin_hooks'] if data.key?('plugin_hooks')
-
-      %w[concurrency format puppetdb color].each do |key|
+      %w[concurrency format puppetdb color plugins plugin_hooks].each do |key|
         send("#{key}=", data[key]) if data.key?(key)
       end
 

data/lib/bolt/outputter/human.rb

@@ -222,9 +222,9 @@ module Bolt
         # Building lots of strings...
         pretty_params = +""
         task_info = +""
-        usage = +"bolt task run --targets <node-name> #{task['name']}"
+        usage = +"bolt task run --targets <node-name> #{task.name}"
 
-        task['metadata']['parameters']&.each do |k, v|
+        task.parameters&.each do |k, v|
           pretty_params << "- #{k}: #{v['type'] || 'Any'}\n"
           pretty_params << "    Default: #{v['default'].inspect}\n" if v.key?('default')
           pretty_params << "    #{v['description']}\n" if v['description']
@@ -235,16 +235,16 @@ module Bolt
                    end
         end
 
-        usage << " [--noop]" if task['metadata']['supports_noop']
+        usage << " [--noop]" if task.supports_noop
 
-        task_info << "\n#{task['name']}"
-        task_info << " - #{task['metadata']['description']}" if task['metadata']['description']
+        task_info << "\n#{task.name}"
+        task_info << " - #{task.description}" if task.description
         task_info << "\n\n"
         task_info << "USAGE:\n#{usage}\n\n"
         task_info << "PARAMETERS:\n#{pretty_params}\n" unless pretty_params.empty?
         task_info << "MODULE:\n"
 
-        path = task['files'][0]['path'].chomp("/tasks/#{task['files'][0]['name']}")
+        path = task.files.first['path'].chomp("/tasks/#{task.files.first['name']}")
         task_info << if path.start_with?(Bolt::PAL::MODULES_PATH)
                        "built-in module"
                      else

data/lib/bolt/outputter/json.rb

@@ -55,13 +55,13 @@ module Bolt
       alias print_module_list print_table
 
       def print_task_info(task)
-        path = task['files'][0]['path'].chomp("/tasks/#{task['files'][0]['name']}")
-        task['module_dir'] = if path.start_with?(Bolt::PAL::MODULES_PATH)
-                               "built-in module"
-                             else
-                               path
-                             end
-        @stream.puts task.to_json
+        path = task.files.first['path'].chomp("/tasks/#{task.files.first['name']}")
+        module_dir = if path.start_with?(Bolt::PAL::MODULES_PATH)
+                       "built-in module"
+                     else
+                       path
+                     end
+        @stream.puts task.to_h.merge(module_dir: module_dir).to_json
       end
 
       def print_tasks(tasks, modulepath)

data/lib/bolt/pal.rb

@@ -39,7 +39,8 @@ module Bolt
 
     attr_reader :modulepath
 
-    def initialize(modulepath, hiera_config, resource_types, max_compiles = Etc.nprocessors, trusted_external = nil)
+    def initialize(modulepath, hiera_config, resource_types, max_compiles = Etc.nprocessors,
+                   trusted_external = nil, apply_settings = {})
       # Nothing works without initialized this global state. Reinitializing
       # is safe and in practice only happens in tests
       self.class.load_puppet
@@ -48,6 +49,7 @@ module Bolt
       @modulepath = [BOLTLIB_PATH, *modulepath, MODULES_PATH]
       @hiera_config = hiera_config
       @trusted_external = trusted_external
+      @apply_settings = apply_settings
       @max_compiles = max_compiles
       @resource_types = resource_types
 
@@ -175,7 +177,8 @@ module Bolt
           @original_modulepath,
           pdb_client,
           @hiera_config,
-          @max_compiles
+          @max_compiles,
+          @apply_settings
         )
       }
       Puppet.override(opts, &block)
@@ -280,14 +283,14 @@ module Bolt
       end
     end
 
-    def get_task_info(task_name)
+    def get_task(task_name)
       task = task_signature(task_name)
 
       if task.nil?
         raise Bolt::Error.unknown_task(task_name)
       end
 
-      task.task_hash.reject { |k, _| k == 'parameters' }
+      Bolt::Task.from_task_signature(task)
     end
 
     def list_plans

data/lib/bolt/plugin.rb

@@ -83,7 +83,7 @@ module Bolt
           raise Bolt::Error.unknown_task(task_name) unless tasksig
 
           Bolt::Task::Run.validate_params(tasksig, params) if params
-          Bolt::Task.new(tasksig.task_hash)
+          Bolt::Task.from_task_signature(tasksig)
         end
       end
 
@@ -142,8 +142,8 @@ module Bolt
       plugins
     end
 
-    RUBY_PLUGINS = %w[task pkcs7 prompt].freeze
-    BUILTIN_PLUGINS = %w[task terraform pkcs7 prompt vault aws_inventory puppetdb azure_inventory yaml].freeze
+    RUBY_PLUGINS = %w[task pkcs7 prompt env_var].freeze
+    BUILTIN_PLUGINS = %w[task terraform pkcs7 prompt vault aws_inventory puppetdb azure_inventory yaml env_var].freeze
     DEFAULT_PLUGIN_HOOKS = { 'puppet_library' => { 'plugin' => 'puppet_agent', 'stop_service' => true } }.freeze
 
     attr_reader :pal, :plugin_context

data/lib/bolt/plugin/env_var.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Bolt
+  class Plugin
+    class EnvVar
+      def initialize(*_args); end
+
+      def name
+        'env_var'
+      end
+
+      def hooks
+        %i[resolve_reference validate_resolve_reference]
+      end
+
+      def validate_resolve_reference(opts)
+        unless opts['var']
+          raise Bolt::ValidationError, "env_var plugin requires that the 'var' is specified"
+        end
+        unless ENV[opts['var']]
+          raise Bolt::ValidationError, "env_var plugin requires that the var '#{opts['var']}' be set"
+        end
+      end
+
+      def resolve_reference(opts)
+        ENV[opts['var']]
+      end
+    end
+  end
+end

data/lib/bolt/plugin/prompt.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require 'concurrent/delay'
 module Bolt
   class Plugin
     class Prompt
@@ -11,7 +10,7 @@ module Bolt
       end
 
       def hooks
-        [:resolve_reference]
+        %i[resolve_reference validate_resolve_reference]
       end
 
       def validate_resolve_reference(opts)

data/lib/bolt/task.rb

@@ -8,30 +8,33 @@ module Bolt
     end
   end
 
-  # Represents a Task.
-  # @file and @files are mutually exclusive.
-  # @name [String] name of the task
-  # @file [Hash, nil] containing `filename` and `file_content`
-  # @files [Array<Hash>] where each entry includes `name` and `path`
-  # @metadata [Hash] task metadata
-  Task = Struct.new(
-    :name,
-    :file,
-    :files,
-    :metadata
-  ) do
-    attr_reader :remote
-
-    def initialize(task, remote: false)
-      super(nil, nil, [], {})
-
+  class Task
+    METADATA_KEYS = %w[description extensions files implementations
+                       input_method parameters private puppet_task_version
+                       remote supports_noop].freeze
+
+    attr_reader :name, :files, :metadata, :remote
+
+    # name [String] name of the task
+    # files [Array<Hash>] where each entry includes `name` and `path`
+    # metadata [Hash] task metadata
+    def initialize(name, metadata = {}, files = [], remote = false)
+      @name = name
+      @metadata = metadata
+      @files = files
       @remote = remote
+      @logger = Logging.logger[self]
+
+      validate_metadata
+    end
 
-      task.reject { |k, _| k == 'parameters' }.each { |k, v| self[k] = v }
+    def self.from_task_signature(task_sig)
+      hash = task_sig.task_hash
+      new(hash['name'], hash.fetch('metadata', {}), hash.fetch('files', []))
     end
 
     def remote_instance
-      self.class.new(to_h.each_with_object({}) { |(k, v), h| h[k.to_s] = v }, remote: true)
+      self.class.new(@name, @metadata, @files, true)
     end
 
     def description
@@ -118,5 +121,33 @@ module Bolt
 
       impl
     end
+
+    def eql?(other)
+      self.class == other.class &&
+        @name == other.name &&
+        @metadata == other.metadata &&
+        @files == other.files &&
+        @remote == other.remote
+    end
+
+    alias == :eql?
+
+    def to_h
+      {
+        name: @name,
+        files: @files,
+        metadata: @metadata
+      }
+    end
+
+    def validate_metadata
+      unknown_keys = metadata.keys - METADATA_KEYS
+
+      if unknown_keys.any?
+        msg = "Metadata for task '#{@name}' contains unknown keys: #{unknown_keys.join(', ')}."
+        msg += " This could be a typo in the task metadata or may result in incorrect behavior."
+        @logger.warn(msg)
+      end
+    end
   end
 end

data/lib/bolt/task/puppet_server.rb

@@ -4,21 +4,18 @@ module Bolt
   class Task
     class PuppetServer < Bolt::Task
       def remote_instance
-        self.class.new(to_h.each_with_object({}) { |(k, v), h| h[k.to_s] = v },
-                       @file_cache,
-                       remote: true)
+        self.class.new(@name, @metadata, @files, @file_cache, true)
       end
 
-      def initialize(task, file_cache, **opts)
-        super(task, **opts)
+      def initialize(name, metadata, files, file_cache, remote = false)
+        super(name, metadata, files, remote)
         @file_cache = file_cache
-        update_file_data(task)
+        update_file_data
       end
 
       # puppetserver file entries have 'filename' rather then 'name'
-      def update_file_data(task_data)
-        task_data['files'].each { |f| f['name'] = f['filename'] }
-        task_data
+      def update_file_data
+        @files.each { |f| f['name'] = f['filename'] }
       end
 
       def file_path(file_name)

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '1.47.0'
+  VERSION = '1.48.0'
 end

data/lib/bolt_server/transport_app.rb

@@ -101,7 +101,8 @@ module BoltServer
       error = validate_schema(@schemas["action-run_task"], body)
       return [], error unless error.nil?
 
-      task = Bolt::Task::PuppetServer.new(body['task'], @file_cache)
+      task_data = body['task']
+      task = Bolt::Task::PuppetServer.new(task_data['name'], task_data['metadata'], task_data['files'], @file_cache)
       parameters = body['parameters'] || {}
       [@executor.run_task(target, task, parameters), nil]
     end

data/libexec/apply_catalog.rb

@@ -28,6 +28,9 @@ Puppet[:report] = false
 
 # Make sure to apply the catalog
 Puppet[:noop] = args['_noop'] || false
+args['apply_settings'].each do |setting, value|
+  Puppet[setting.to_sym] = value
+end
 
 Puppet[:default_file_terminus] = :file_server
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 1.47.0
+  version: 1.48.0
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-01-27 00:00:00.000000000 Z
+date: 2020-02-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -420,6 +420,7 @@ files:
 - lib/bolt/pal/yaml_plan/transpiler.rb
 - lib/bolt/plan_result.rb
 - lib/bolt/plugin.rb
+- lib/bolt/plugin/env_var.rb
 - lib/bolt/plugin/module.rb
 - lib/bolt/plugin/pkcs7.rb
 - lib/bolt/plugin/prompt.rb