bolt 2.30.0 → 2.31.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c8ca2906e21e39d1da306c9a02ddb970f64955133fcab01574e4138c1e6e154e
-  data.tar.gz: 4c875d82bf7ff9d4117440eca9e1276c1b9c2fa842fda4669227ebb0ec56f170
+  metadata.gz: 4b9f29b79c8544029c9a69f6dc76b083857a87e178c9aae0359e49c59ce3cfdb
+  data.tar.gz: 02166a6dda2dc381365b7556f506a419e2717267e88f6015af430f7f725d75d0
 SHA512:
-  metadata.gz: bd8e4327ddfeb4d88fdd1f94ab4233bcf1f0d8ce1390769587197dec11bfa024a16889c5693ec4a4333565cd7553a8c13487b6674ba5427a63f9408961e6a3a7
-  data.tar.gz: f2bcbe28ba4c26bc36d3c52ab89a8bafa6a132c930c310a92e48b841d0274389022f2480d3ed397bcc4bcf1f77fb272da82697362d33feccfe05ab0ca203cf6c
+  metadata.gz: 3a282194ca9ccf988e7282afc3a3a0b57b4edc16bb5bf61790fb0eb0ef234e0c7a76c0ea6cd44915047a99e6d423311be1307f435d8000c568d0552268f6afa6
+  data.tar.gz: 957e6be1a72af03bd448fe070e6f9bb0b78aa1bb65e90a8bda251ef0f6c56e5ffaa8ff64aa0c5852963d9fecb87144b61ffd24494fe0aabcbdff43ecde9947a3

data/Puppetfile

@@ -7,28 +7,28 @@ moduledir File.join(File.dirname(__FILE__), 'modules')
 # Core modules used by 'apply'
 mod 'puppetlabs-service', '1.3.0'
 mod 'puppetlabs-puppet_agent', '4.1.1'
-mod 'puppetlabs-facts', '1.0.0'
+mod 'puppetlabs-facts', '1.1.0'
 
 # Core types and providers for Puppet 6
-mod 'puppetlabs-augeas_core', '1.0.5'
+mod 'puppetlabs-augeas_core', '1.1.1'
 mod 'puppetlabs-host_core', '1.0.3'
-mod 'puppetlabs-scheduled_task', '2.0.1'
-mod 'puppetlabs-sshkeys_core', '1.0.3'
-mod 'puppetlabs-zfs_core', '1.0.4'
-mod 'puppetlabs-cron_core', '1.0.3'
+mod 'puppetlabs-scheduled_task', '2.2.1'
+mod 'puppetlabs-sshkeys_core', '2.1.0'
+mod 'puppetlabs-zfs_core', '1.1.0'
+mod 'puppetlabs-cron_core', '1.0.4'
 mod 'puppetlabs-mount_core', '1.0.4'
 mod 'puppetlabs-selinux_core', '1.0.4'
-mod 'puppetlabs-yumrepo_core', '1.0.6'
+mod 'puppetlabs-yumrepo_core', '1.0.7'
 mod 'puppetlabs-zone_core', '1.0.3'
 
 # Useful additional modules
-mod 'puppetlabs-package', '1.1.0'
+mod 'puppetlabs-package', '1.3.0'
 mod 'puppetlabs-puppet_conf', '0.6.0'
 mod 'puppetlabs-python_task_helper', '0.4.3'
 mod 'puppetlabs-reboot', '3.0.0'
 mod 'puppetlabs-ruby_task_helper', '0.5.1'
 mod 'puppetlabs-ruby_plugin_helper', '0.1.0'
-mod 'puppetlabs-stdlib', '6.3.0'
+mod 'puppetlabs-stdlib', '6.5.0'
 
 # Plugin modules
 mod 'puppetlabs-aws_inventory', '0.5.2'

data/bolt-modules/boltlib/lib/puppet/functions/write_file.rb

@@ -6,15 +6,15 @@ require 'tempfile'
 #
 # > **Note:** Not available in apply block
 Puppet::Functions.create_function(:write_file) do
-  # @param targets A pattern identifying zero or more targets. See {get_targets} for accepted patterns.
   # @param content File content to write.
   # @param destination An absolute path on the target(s).
+  # @param targets A pattern identifying zero or more targets. See {get_targets} for accepted patterns.
   # @option options [Boolean] _catch_errors Whether to catch raised errors.
   # @option options [String] _run_as User to run as using privilege escalation.
   # @return A list of results, one entry per target.
   # @example Write a file to a target
   #   $content = 'Hello, world!'
-  #   write_file($targets, $content, '/Users/me/hello.txt')
+  #   write_file($content, '/Users/me/hello.txt', $targets)
   dispatch :write_file do
     required_param 'String', :content
     required_param 'String[1]', :destination

data/lib/bolt/cli.rb

@@ -587,8 +587,24 @@ module Bolt
     end
 
     def list_targets
+      inventoryfile = config.inventoryfile || config.default_inventoryfile
+
+      # Retrieve the known group and target names. This needs to be done before
+      # updating targets, as that will add adhoc targets to the inventory.
+      known_names = inventory.target_names
+
       update_targets(options)
-      outputter.print_targets(options[:targets])
+
+      inventory_targets, adhoc_targets = options[:targets].partition do |target|
+        known_names.include?(target.name)
+      end
+
+      target_list = {
+        inventory: inventory_targets,
+        adhoc:     adhoc_targets
+      }
+
+      outputter.print_targets(target_list, inventoryfile)
     end
 
     def show_targets
@@ -617,10 +633,10 @@ module Bolt
         message = <<~MESSAGE.chomp
           Invalid plan name '#{plan_name}'. Plan names are composed of one or more name segments
           separated by double colons '::'.
-          
+
           Each name segment must begin with a lowercase letter, and may only include lowercase
           letters, digits, and underscores.
-          
+
           Examples of valid plan names:
               - #{config.project.name}
               - #{config.project.name}::my_plan
@@ -938,6 +954,7 @@ module Bolt
     # Loads a Puppetfile and installs its modules.
     #
     def install_puppetfile(config, puppetfile, moduledir)
+      outputter.print_message("Installing modules from Puppetfile")
       installer = Bolt::ModuleInstaller.new(outputter, pal)
       ok = installer.install_puppetfile(puppetfile, moduledir, config)
       ok ? 0 : 1
@@ -962,7 +979,7 @@ module Bolt
     end
 
     def pal
-      @pal ||= Bolt::PAL.new(config.modulepath,
+      @pal ||= Bolt::PAL.new(Bolt::Config::Modulepath.new(config.modulepath),
                              config.hiera_config,
                              config.project.resource_types,
                              config.compile_concurrency,
@@ -1061,7 +1078,7 @@ module Bolt
                   'Task' => [],
                   'Plugin' => Bolt::Plugin::BUILTIN_PLUGINS }
       if %w[plan task].include?(options[:subcommand]) && options[:action] == 'run'
-        default_content = Bolt::PAL.new([], nil, nil)
+        default_content = Bolt::PAL.new(Bolt::Config::Modulepath.new([]), nil, nil)
         content['Plan'] = default_content.list_plans.each_with_object([]) do |iter, col|
           col << iter&.first
         end
@@ -1076,7 +1093,7 @@ module Bolt
     # Gem installs include the aggregate, canary, and puppetdb_fact modules, while
     # package installs include modules listed in the Bolt repo Puppetfile
     def incomplete_install?
-      (Dir.children(Bolt::PAL::MODULES_PATH) - %w[aggregate canary puppetdb_fact secure_env_vars]).empty?
+      (Dir.children(Bolt::Config::Modulepath::MODULES_PATH) - %w[aggregate canary puppetdb_fact secure_env_vars]).empty?
     end
 
     # Mimicks the output from Outputter::Human#fatal_error. This should be used to print

data/lib/bolt/config/modulepath.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require 'bolt/config'
+
+module Bolt
+  class Config
+    class Modulepath
+      BOLTLIB_PATH = File.expand_path('../../../bolt-modules', __dir__)
+      MODULES_PATH = File.expand_path('../../../modules', __dir__)
+
+      # The user_modulepath only includes the original modulepath and is used during pluginsync.
+      # We don't want to pluginsync any of the content from BOLT_MODULES since that content
+      # includes core modules that can conflict with modules installed with an agent.
+      attr_reader :user_modulepath
+
+      def initialize(user_modulepath, boltlib_path: BOLTLIB_PATH, builtin_content_path: MODULES_PATH)
+        @user_modulepath = Array(user_modulepath).flatten
+        @boltlib_path = Array(boltlib_path).flatten
+        @builtin_content_path = Array(builtin_content_path).flatten
+      end
+
+      # The full_modulepath includes both the BOLTLIB
+      # path and the MODULES_PATH to ensure bolt functions and
+      # built-in content are available in the compliler
+      def full_modulepath
+        @boltlib_path + @user_modulepath + @builtin_content_path
+      end
+    end
+  end
+end

data/lib/bolt/config/transport/options.rb

@@ -374,7 +374,7 @@ module Bolt
           },
           "ssh-command" => {
             type: [Array, String],
-            description: "The command and flags to use when SSHing. This option is used when you need support for "\
+            description: "The command and options to use when SSHing. This option is used when you need support for "\
                          "features or algorithms that are not supported by the net-ssh Ruby library. **This option "\
                          "is experimental.** You can read more about this  option in [Native SSH "\
                          "transport](experimental_features.md#native-ssh-transport).",

data/lib/bolt/inventory.rb

@@ -56,16 +56,17 @@ module Bolt
         rescue Psych::Exception
           raise Bolt::ParseError, "Could not parse inventory from $#{ENVIRONMENT_VAR}"
         end
+      elsif config.inventoryfile
+        data = Bolt::Util.read_yaml_hash(config.inventoryfile, 'inventory')
+        logger.debug("Loaded inventory from #{config.inventoryfile}")
       else
-        data = if config.inventoryfile
-                 Bolt::Util.read_yaml_hash(config.inventoryfile, 'inventory')
-               else
-                 i = Bolt::Util.read_optional_yaml_hash(config.default_inventoryfile, 'inventory')
-                 logger.debug("Loaded inventory from #{config.default_inventoryfile}") if i
-                 i
-               end
-        # This avoids rubocop complaining about identical conditionals
-        logger.debug("Loaded inventory from #{config.inventoryfile}") if config.inventoryfile
+        data = Bolt::Util.read_optional_yaml_hash(config.default_inventoryfile, 'inventory')
+
+        if config.default_inventoryfile.exist?
+          logger.debug("Loaded inventory from #{config.default_inventoryfile}")
+        else
+          logger.debug("Tried to load inventory from #{config.default_inventoryfile}, but the file does not exist")
+        end
       end
 
       # Resolve plugin references from transport config

data/lib/bolt/module_installer.rb

@@ -16,20 +16,26 @@ module Bolt
     def add(name, modules, puppetfile_path, moduledir, config_path)
       require 'bolt/puppetfile'
 
+      @outputter.print_message("Adding module #{name} to project\n\n")
+
       # If the project configuration file already includes this module,
       # exit early.
       puppetfile  = Bolt::Puppetfile.new(modules)
       new_module  = Bolt::Puppetfile::Module.from_hash('name' => name)
 
       if puppetfile.modules.include?(new_module)
-        @outputter.print_message "Project configuration file #{config_path} already "\
-                                 "includes module #{new_module}. Nothing to do."
+        @outputter.print_action_step(
+          "Project configuration file #{config_path} already includes module #{new_module}. Nothing to do."
+        )
         return true
       end
 
       # If the Puppetfile exists, make sure it's managed by Bolt.
       if puppetfile_path.exist?
         assert_managed_puppetfile(puppetfile, puppetfile_path)
+        existing = Bolt::Puppetfile.parse(puppetfile_path)
+      else
+        existing = Bolt::Puppetfile.new
       end
 
       # Create a Puppetfile object that includes the new module and its
@@ -37,8 +43,11 @@ module Bolt
       # project config or modify the Puppetfile.
       puppetfile = add_new_module_to_puppetfile(new_module, modules, puppetfile_path)
 
+      # Display the diff between the existing Puppetfile and the new Puppetfile.
+      print_puppetfile_diff(existing, puppetfile)
+
       # Add the module to the project configuration.
-      @outputter.print_message "Updating project configuration file at #{config_path}"
+      @outputter.print_action_step("Updating project configuration file at #{config_path}")
 
       data = Bolt::Util.read_yaml_hash(config_path, 'project')
       data['modules'] ||= []
@@ -54,7 +63,7 @@ module Bolt
       end
 
       # Write the Puppetfile.
-      @outputter.print_message "Writing Puppetfile at #{puppetfile_path}"
+      @outputter.print_action_step("Writing Puppetfile at #{puppetfile_path}")
       puppetfile.write(puppetfile_path, moduledir)
 
       # Install the modules.
@@ -64,7 +73,7 @@ module Bolt
     # Creates a new Puppetfile that includes the new module and its dependencies.
     #
     private def add_new_module_to_puppetfile(new_module, modules, path)
-      @outputter.print_message "Resolving module dependencies, this may take a moment"
+      @outputter.print_action_step("Resolving module dependencies, this may take a moment")
 
       # If there is an existing Puppetfile, add the new module and attempt
       # to resolve. This will not update the versions of any installed modules.
@@ -92,11 +101,72 @@ module Bolt
       puppetfile
     end
 
+    # Outputs a diff of an old Puppetfile and a new Puppetfile.
+    #
+    def print_puppetfile_diff(old, new)
+      # Build hashes mapping the module title to the module object. This makes it
+      # a little easier to determine which modules have been added, removed, or
+      # modified.
+      old = old.modules.each_with_object({}) do |mod, acc|
+        acc[mod.title] = mod
+      end
+
+      new = new.modules.each_with_object({}) do |mod, acc|
+        acc[mod.title] = mod
+      end
+
+      # New modules are those present in new but not in old.
+      added = new.reject { |title, _mod| old.include?(title) }.values
+
+      if added.any?
+        diff = "Adding the following modules:\n"
+        added.each { |mod| diff += "#{mod.title} #{mod.version}\n" }
+        @outputter.print_action_step(diff)
+      end
+
+      # Upgraded modules are those that have a newer version in new than old.
+      upgraded = new.select do |title, mod|
+        if old.include?(title)
+          SemanticPuppet::Version.parse(mod.version) > SemanticPuppet::Version.parse(old[title].version)
+        end
+      end.keys
+
+      if upgraded.any?
+        diff = "Upgrading the following modules:\n"
+        upgraded.each { |title| diff += "#{title} #{old[title].version} to #{new[title].version}\n" }
+        @outputter.print_action_step(diff)
+      end
+
+      # Downgraded modules are those that have an older version in new than old.
+      downgraded = new.select do |title, mod|
+        if old.include?(title)
+          SemanticPuppet::Version.parse(mod.version) < SemanticPuppet::Version.parse(old[title].version)
+        end
+      end.keys
+
+      if downgraded.any?
+        diff = "Downgrading the following modules: \n"
+        downgraded.each { |title| diff += "#{title} #{old[title].version} to #{new[title].version}\n" }
+        @outputter.print_action_step(diff)
+      end
+
+      # Removed modules are those present in old but not in new.
+      removed = old.reject { |title, _mod| new.include?(title) }.values
+
+      if removed.any?
+        diff = "Removing the following modules:\n"
+        removed.each { |mod| diff += "#{mod.title} #{mod.version}\n" }
+        @outputter.print_action_step(diff)
+      end
+    end
+
     # Installs a project's module dependencies.
     #
     def install(modules, path, moduledir, force: false, resolve: true)
       require 'bolt/puppetfile'
 
+      @outputter.print_message("Installing project modules\n\n")
+
       puppetfile = Bolt::Puppetfile.new(modules)
 
       # If the Puppetfile exists, check if it includes specs for each declared
@@ -110,16 +180,16 @@ module Bolt
         if path.exist? && !force
           assert_managed_puppetfile(puppetfile, path)
         else
-          @outputter.print_message "Resolving module dependencies, this may take a moment"
+          @outputter.print_action_step("Resolving module dependencies, this may take a moment")
           puppetfile.resolve
 
-          @outputter.print_message "Writing Puppetfile at #{path}"
+          @outputter.print_action_step("Writing Puppetfile at #{path}")
           # We get here either through 'bolt module install' which uses the
           # managed modulepath (which isn't configurable) or through bolt
           # project init --modules, which uses the default modulepath. This
           # should be safe to assume that if `.modules/` is the moduledir the
           # user is using the new workflow
-          if moduledir.basename == '.modules'
+          if moduledir.basename.to_s == '.modules'
             puppetfile.write(path, moduledir)
           else
             puppetfile.write(path)
@@ -136,7 +206,7 @@ module Bolt
     def install_puppetfile(path, moduledir, config = {})
       require 'bolt/puppetfile/installer'
 
-      @outputter.print_message "Syncing modules from #{path} to #{moduledir}"
+      @outputter.print_action_step("Syncing modules from #{path} to #{moduledir}")
       ok = Bolt::Puppetfile::Installer.new(config).install(path, moduledir)
 
       # Automatically generate types after installing modules

data/lib/bolt/outputter/human.rb

@@ -248,7 +248,7 @@ module Bolt
         task_info << "MODULE:\n"
 
         path = task.files.first['path'].chomp("/tasks/#{task.files.first['name']}")
-        task_info << if path.start_with?(Bolt::PAL::MODULES_PATH)
+        task_info << if path.start_with?(Bolt::Config::Modulepath::MODULES_PATH)
                        "built-in module"
                      else
                        path
@@ -278,7 +278,7 @@ module Bolt
         plan_info << "MODULE:\n"
 
         path = plan['module']
-        plan_info << if path.start_with?(Bolt::PAL::MODULES_PATH)
+        plan_info << if path.start_with?(Bolt::Config::Modulepath::MODULES_PATH)
                        "built-in module"
                      else
                        path
@@ -331,10 +331,28 @@ module Bolt
         end
       end
 
-      def print_targets(targets)
-        count = "#{targets.count} target#{'s' unless targets.count == 1}"
-        @stream.puts targets.map(&:name).join("\n")
-        @stream.puts colorize(:green, count)
+      def print_targets(target_list, inventoryfile)
+        adhoc = colorize(:yellow, "(Not found in inventory file)")
+
+        targets  = []
+        targets += target_list[:inventory].map { |target| [target.name, nil] }
+        targets += target_list[:adhoc].map { |target| [target.name, adhoc] }
+
+        if targets.any?
+          print_table(targets, 0, 2)
+          @stream.puts
+        end
+
+        @stream.puts "INVENTORY FILE:"
+        if inventoryfile.exist?
+          @stream.puts inventoryfile
+        else
+          @stream.puts wrap("Tried to load inventory from #{inventoryfile}, but the file does not exist")
+        end
+
+        @stream.puts "\nTARGET COUNT:"
+        @stream.puts "#{targets.count} total, #{target_list[:inventory].count} from inventory, "\
+                     "#{target_list[:adhoc].count} adhoc"
       end
 
       def print_target_info(targets)
@@ -413,7 +431,7 @@ module Bolt
         @stream.puts(colorize(:red, indent(4, message)))
       end
 
-      def print_migrate_step(step)
+      def print_action_step(step)
         first, *remaining = wrap(step, 76).lines
 
         first     = indent(2, "→ #{first}")
@@ -423,7 +441,7 @@ module Bolt
         @stream.puts(step)
       end
 
-      def print_migrate_error(error)
+      def print_action_error(error)
         # Running everything through 'wrap' messes with newlines. Separating
         # into lines and wrapping each individually ensures separate errors are
         # distinguishable.

data/lib/bolt/outputter/json.rb

@@ -48,7 +48,7 @@ module Bolt
 
       def print_task_info(task)
         path = task.files.first['path'].chomp("/tasks/#{task.files.first['name']}")
-        module_dir = if path.start_with?(Bolt::PAL::MODULES_PATH)
+        module_dir = if path.start_with?(Bolt::Config::Modulepath::MODULES_PATH)
                        "built-in module"
                      else
                        path
@@ -62,7 +62,7 @@ module Bolt
 
       def print_plan_info(plan)
         path = plan.delete('module')
-        plan['module_dir'] = if path.start_with?(Bolt::PAL::MODULES_PATH)
+        plan['module_dir'] = if path.start_with?(Bolt::Config::Modulepath::MODULES_PATH)
                                "built-in module"
                              else
                                path
@@ -100,10 +100,19 @@ module Bolt
                        "moduledir": moduledir.to_s }.to_json)
       end
 
-      def print_targets(targets)
+      def print_targets(target_list, inventoryfile)
         @stream.puts ::JSON.pretty_generate(
-          "targets": targets.map(&:name),
-          "count": targets.count
+          "inventory": {
+            "targets": target_list[:inventory].map(&:name),
+            "count": target_list[:inventory].count,
+            "file": inventoryfile.to_s
+          },
+          "adhoc": {
+            "targets": target_list[:adhoc].map(&:name),
+            "count": target_list[:adhoc].count
+          },
+          "targets": target_list.values.flatten.map(&:name),
+          "count": target_list.values.flatten.count
         )
       end
 
@@ -137,10 +146,10 @@ module Bolt
       end
       alias print_error print_message
 
-      def print_migrate_step(step)
+      def print_action_step(step)
         $stderr.puts(step)
       end
-      alias print_migrate_error print_migrate_step
+      alias print_action_error print_action_step
     end
   end
 end

data/lib/bolt/pal.rb

@@ -5,18 +5,16 @@ require 'bolt/executor'
 require 'bolt/error'
 require 'bolt/plan_result'
 require 'bolt/util'
+require 'bolt/config/modulepath'
 require 'etc'
 
 module Bolt
   class PAL
-    BOLTLIB_PATH = File.expand_path('../../bolt-modules', __dir__)
-    MODULES_PATH = File.expand_path('../../modules', __dir__)
-
     # PALError is used to convert errors from executing puppet code into
     # Bolt::Errors
     class PALError < Bolt::Error
       def self.from_preformatted_error(err)
-        if err.cause&.is_a? Bolt::Error
+        if err.cause.is_a? Bolt::Error
           err.cause
         else
           from_error(err)
@@ -45,16 +43,16 @@ module Bolt
       end
     end
 
-    attr_reader :modulepath, :user_modulepath
-
     def initialize(modulepath, hiera_config, resource_types, max_compiles = Etc.nprocessors,
                    trusted_external = nil, apply_settings = {}, project = nil)
+      unless modulepath.is_a?(Bolt::Config::Modulepath)
+        msg = "Type error in PAL: modulepath must be a Bolt::Config::Modulepath"
+        raise Bolt::Error.new(msg, "bolt/execution-error")
+      end
       # Nothing works without initialized this global state. Reinitializing
       # is safe and in practice only happens in tests
       self.class.load_puppet
-
-      @user_modulepath = modulepath
-      @modulepath = [BOLTLIB_PATH, *modulepath, MODULES_PATH]
+      @modulepath = modulepath
       @hiera_config = hiera_config
       @trusted_external = trusted_external
       @apply_settings = apply_settings
@@ -63,13 +61,21 @@ module Bolt
       @project = project
 
       @logger = Bolt::Logger.logger(self)
-      if modulepath && !modulepath.empty?
-        @logger.debug("Loading modules from #{@modulepath.join(File::PATH_SEPARATOR)}")
+      unless user_modulepath.empty?
+        @logger.debug("Loading modules from #{full_modulepath.join(File::PATH_SEPARATOR)}")
       end
 
       @loaded = false
     end
 
+    def full_modulepath
+      @modulepath.full_modulepath
+    end
+
+    def user_modulepath
+      @modulepath.user_modulepath
+    end
+
     # Puppet logging is global so this is class method to avoid confusion
     def self.configure_logging
       Puppet::Util::Log.destinations.clear
@@ -157,7 +163,7 @@ module Bolt
     def in_bolt_compiler
       # TODO: If we always call this inside a bolt_executor we can remove this here
       setup
-      r = Puppet::Pal.in_tmp_environment('bolt', modulepath: @modulepath, facts: {}) do |pal|
+      r = Puppet::Pal.in_tmp_environment('bolt', modulepath: full_modulepath, facts: {}) do |pal|
         # Only load the project if it a) exists, b) has a name it can be loaded with
         Puppet.override(bolt_project: @project,
                         yaml_plan_instantiator: Bolt::PAL::YamlPlan::Loader) do
@@ -212,11 +218,11 @@ module Bolt
         apply_executor: applicator || Applicator.new(
           inventory,
           executor,
-          @modulepath,
+          full_modulepath,
           # Skip syncing built-in plugins, since we vendor some Puppet 6
           # versions of "core" types, which are already present on the agent,
           # but may cause issues on Puppet 5 agents.
-          @user_modulepath,
+          user_modulepath,
           @project,
           pdb_client,
           @hiera_config,
@@ -443,8 +449,8 @@ module Bolt
     #   The information hash provides the name, version, and a string
     #   indicating whether the module belongs to an internal module group.
     def list_modules
-      internal_module_groups = { BOLTLIB_PATH => 'Plan Language Modules',
-                                 MODULES_PATH => 'Packaged Modules',
+      internal_module_groups = { Bolt::Config::Modulepath::BOLTLIB_PATH => 'Plan Language Modules',
+                                 Bolt::Config::Modulepath::MODULES_PATH => 'Packaged Modules',
                                  @project.managed_moduledir.to_s => 'Project Dependencies' }
 
       in_bolt_compiler do

data/lib/bolt/plugin.rb

@@ -168,7 +168,7 @@ module Bolt
     end
 
     def modules
-      @modules ||= Bolt::Module.discover(@pal.modulepath)
+      @modules ||= Bolt::Module.discover(@pal.full_modulepath)
     end
 
     def add_plugin(plugin)

data/lib/bolt/project.rb

@@ -190,7 +190,7 @@ module Bolt
           Invalid project name '#{name}' in bolt-project.yaml; project name must begin with a lowercase letter
           and can include lowercase letters, numbers, and underscores.
           ERROR_STRING
-        elsif Dir.children(Bolt::PAL::BOLTLIB_PATH).include?(name)
+        elsif Dir.children(Bolt::Config::Modulepath::BOLTLIB_PATH).include?(name)
           raise Bolt::ValidationError, "The project '#{name}' will not be loaded. The project name conflicts "\
             "with a built-in Bolt module of the same name."
         end

data/lib/bolt/project_migrator.rb

@@ -21,7 +21,7 @@ module Bolt
 
       @outputter.print_message("Migrating project #{@config.project.path}\n\n")
 
-      @outputter.print_migrate_step(
+      @outputter.print_action_step(
         "Migrating a Bolt project may make irreversible changes to the project's "\
         "configuration and inventory files. Before continuing, make sure the "\
         "project has a backup or uses a version control system."

data/lib/bolt/project_migrator/base.rb

@@ -12,7 +12,7 @@ module Bolt
 
       protected def backup_file(origin_path, backup_dir)
         unless File.exist?(origin_path)
-          @outputter.print_migrate_step(
+          @outputter.print_action_step(
             "Could not find file #{origin_path}, skipping backup."
           )
           return
@@ -24,7 +24,7 @@ module Bolt
         filename = File.basename(origin_path)
         backup_path = File.join(backup_dir, "#{filename}.#{date}.bak")
 
-        @outputter.print_migrate_step(
+        @outputter.print_action_step(
           "Backing up #{filename} from #{origin_path} to #{backup_path}"
         )
 

data/lib/bolt/project_migrator/config.rb

@@ -39,7 +39,7 @@ module Bolt
           backup_file(config_file, backup_dir)
 
           begin
-            @outputter.print_migrate_step(
+            @outputter.print_action_step(
               "Moving transportation configuration options '#{transport_data.keys.join(', ')}' "\
               "from bolt.yaml to inventory.yaml"
             )
@@ -51,10 +51,10 @@ module Bolt
           end
         end
 
-        @outputter.print_migrate_step("Renaming bolt.yaml to bolt-project.yaml")
+        @outputter.print_action_step("Renaming bolt.yaml to bolt-project.yaml")
         FileUtils.mv(config_file, project_file)
 
-        @outputter.print_migrate_step(
+        @outputter.print_action_step(
           "Successfully migrated config. Please add a 'name' key to bolt-project.yaml "\
           "to use project-level tasks and plans. Learn more about projects by running "\
           "'bolt guide project'."

data/lib/bolt/project_migrator/inventory.rb

@@ -28,7 +28,7 @@ module Bolt
 
         begin
           File.write(inventory_file, data.to_yaml)
-          @outputter.print_migrate_step(
+          @outputter.print_action_step(
             "Successfully migrated Bolt inventory to the latest version."
           )
           true

data/lib/bolt/project_migrator/modules.rb

@@ -19,7 +19,7 @@ module Bolt
 
         # Notify user to manually migrate modules if using non-default modulepath
         if configured_modulepath != modulepath
-          @outputter.print_migrate_step(
+          @outputter.print_action_step(
             "Project has a non-default configured modulepath, unable to automatically "\
             "migrate project modules. To migrate project modules manually, see "\
             "http://pup.pt/bolt-modules"
@@ -46,10 +46,10 @@ module Bolt
         require 'bolt/puppetfile/installer'
 
         begin
-          @outputter.print_migrate_step("Parsing Puppetfile at #{puppetfile_path}")
+          @outputter.print_action_step("Parsing Puppetfile at #{puppetfile_path}")
           puppetfile = Bolt::Puppetfile.parse(puppetfile_path, skip_unsupported_modules: true)
         rescue Bolt::Error => e
-          @outputter.print_migrate_error("#{e.message}\nSkipping module migration.")
+          @outputter.print_action_error("#{e.message}\nSkipping module migration.")
           return false
         end
 
@@ -62,10 +62,10 @@ module Bolt
         # Attempt to resolve dependencies
         begin
           @outputter.print_message('')
-          @outputter.print_migrate_step("Resolving module dependencies, this may take a moment")
+          @outputter.print_action_step("Resolving module dependencies, this may take a moment")
           puppetfile.resolve
         rescue Bolt::Error => e
-          @outputter.print_migrate_error("#{e.message}\nSkipping module migration.")
+          @outputter.print_action_error("#{e.message}\nSkipping module migration.")
           return false
         end
 
@@ -90,17 +90,17 @@ module Bolt
           # Show the new Puppetfile content
           message  = "Generated new Puppetfile content:\n\n"
           message += puppetfile.modules.map(&:to_spec).join("\n").to_s
-          @outputter.print_migrate_step(message)
+          @outputter.print_action_step(message)
 
           # Write Puppetfile
-          @outputter.print_migrate_step("Updating Puppetfile at #{puppetfile_path}")
+          @outputter.print_action_step("Updating Puppetfile at #{puppetfile_path}")
           puppetfile.write(puppetfile_path, managed_moduledir)
 
           # Install Puppetfile
-          @outputter.print_migrate_step("Syncing modules from #{puppetfile_path} to #{managed_moduledir}")
+          @outputter.print_action_step("Syncing modules from #{puppetfile_path} to #{managed_moduledir}")
           Bolt::Puppetfile::Installer.new({}).install(puppetfile_path, managed_moduledir)
         else
-          @outputter.print_migrate_step(
+          @outputter.print_action_step(
             "Project does not include any managed modules, deleting Puppetfile "\
             "at #{puppetfile_path}"
           )
@@ -112,7 +112,7 @@ module Bolt
       # the selected modules.
       #
       private def select_modules(modules)
-        @outputter.print_migrate_step(
+        @outputter.print_action_step(
           "Select modules that are direct dependencies of your project. Bolt will "\
           "automatically manage dependencies for each module selected, so do not "\
           "select a module's dependencies unless you use content from it directly "\
@@ -135,7 +135,7 @@ module Bolt
         sources.select! { |source| Dir.exist?(source) }
 
         if sources.any?
-          @outputter.print_migrate_step(
+          @outputter.print_action_step(
             "Moving modules from #{sources.join(', ')} to #{moduledir}"
           )
 
@@ -166,7 +166,7 @@ module Bolt
       # Deletes modules from a specified directory.
       #
       private def delete_modules(moduledir, modules)
-        @outputter.print_migrate_step("Cleaning up #{moduledir}")
+        @outputter.print_action_step("Cleaning up #{moduledir}")
         moduledir = Pathname.new(moduledir)
 
         modules.each do |mod|
@@ -178,7 +178,7 @@ module Bolt
       # Adds a list of modules to the project configuration file.
       #
       private def update_project_config(modules, config_file)
-        @outputter.print_migrate_step("Updating project configuration at #{config_file}")
+        @outputter.print_action_step("Updating project configuration at #{config_file}")
         data = Bolt::Util.read_optional_yaml_hash(config_file, 'project')
         data.merge!('modules' => modules)
         data.delete('modulepath')

data/lib/bolt/puppetfile.rb

@@ -61,8 +61,15 @@ module Bolt
     #
     def write(path, moduledir = nil)
       File.open(path, 'w') do |file|
-        file.puts '# This Puppetfile is managed by Bolt. Do not edit.'
-        file.puts "moduledir '#{moduledir.basename}'" if moduledir
+        if moduledir
+          file.puts "# This Puppetfile is managed by Bolt. Do not edit."
+          file.puts "# For more information, see https://pup.pt/bolt-modules"
+          file.puts
+          file.puts "# The following directive installs modules to the managed moduledir."
+          file.puts "moduledir '#{moduledir.basename}'"
+          file.puts
+        end
+
         modules.each { |mod| file.puts mod.to_spec }
       end
     rescue SystemCallError => e

data/lib/bolt/puppetfile/module.rb

@@ -13,7 +13,10 @@ module Bolt
       def initialize(owner, name, version = nil)
         @owner   = owner
         @name    = name
-        @version = version unless version == :latest
+
+        if version.is_a?(String)
+          @version = version[0] == '=' ? version[1..-1] : version
+        end
       end
 
       # Creates a new module from a hash.

data/lib/bolt/shell/bash.rb

@@ -202,13 +202,14 @@ module Bolt
       end
 
       def handle_sudo_errors(err)
-        if err =~ /^#{conn.user} is not in the sudoers file\./
+        case err
+        when /^#{conn.user} is not in the sudoers file\./
           @logger.trace { err }
           raise Bolt::Node::EscalateError.new(
             "User #{conn.user} does not have sudo permission on #{target}",
             'SUDO_DENIED'
           )
-        elsif err =~ /^Sorry, try again\./
+        when /^Sorry, try again\./
           @logger.trace { err }
           raise Bolt::Node::EscalateError.new(
             "Sudo password for user #{conn.user} not recognized on #{target}",

data/lib/bolt/transport/ssh/connection.rb

@@ -30,7 +30,7 @@ module Bolt
           @transport_logger = transport_logger
           @logger.trace("Initializing ssh connection to #{@target.safe_name}")
 
-          if target.options['private-key']&.instance_of?(String)
+          if target.options['private-key'].instance_of?(String)
             begin
               Bolt::Util.validate_file('ssh key', target.options['private-key'])
             rescue Bolt::FileError => e

data/lib/bolt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bolt
-  VERSION = '2.30.0'
+  VERSION = '2.31.0'
 end

data/lib/bolt_server/transport_app.rb

@@ -14,7 +14,9 @@ require 'json-schema'
 
 # These are only needed for the `/plans` endpoint.
 require 'puppet'
-require 'bolt_server/pe/pal'
+
+# Needed by the `/project_file_metadatas` endpoint
+require 'puppet/file_serving/fileset'
 
 module BoltServer
   class TransportApp < Sinatra::Base
@@ -35,6 +37,17 @@ module BoltServer
       transport-winrm
     ].freeze
 
+    # PE_BOLTLIB_PATH is intended to function exactly like the BOLTLIB_PATH used
+    # in Bolt::PAL. Paths and variable names are similar to what exists in
+    # Bolt::PAL, but with a 'PE' prefix.
+    PE_BOLTLIB_PATH = '/opt/puppetlabs/server/apps/bolt-server/pe-bolt-modules'
+
+    # For now at least, we maintain an entirely separate codedir from
+    # puppetserver by default, so that filesync can work properly. If filesync
+    # is not used, this can instead match the usual puppetserver codedir.
+    # See the `orchestrator.bolt.codedir` tk config setting.
+    DEFAULT_BOLT_CODEDIR = '/opt/puppetlabs/server/data/orchestration-services/code'
+
     def initialize(config)
       @config = config
       @schemas = Hash[REQUEST_SCHEMAS.map do |basename|
@@ -191,10 +204,52 @@ module BoltServer
       [@executor.run_script(target, file_location, body['arguments'])]
     end
 
+    # This function is nearly identical to Bolt::Pal's `with_puppet_settings` with the
+    # one difference that we set the codedir to point to actual code, rather than the
+    # tmpdir. We only use this funtion inside the Modulepath initializer so that Puppet
+    # is correctly configured to pull environment configuration correctly. If we don't
+    # set codedir in this way: when we try to load and interpolate the modulepath it
+    # won't correctly load.
+    #
+    # WARNING: THIS FUNCTION SHOULD ONLY BE CALLED INSIDE A SYNCHRONIZED PAL MUTEX
+    def with_pe_pal_init_settings(codedir, environmentpath, basemodulepath)
+      Dir.mktmpdir('pe-bolt') do |dir|
+        cli = []
+        Puppet::Settings::REQUIRED_APP_SETTINGS.each do |setting|
+          dir = setting == :codedir ? codedir : dir
+          cli << "--#{setting}" << dir
+        end
+        cli << "--environmentpath" << environmentpath
+        cli << "--basemodulepath" << basemodulepath
+        Puppet.settings.send(:clear_everything_for_tests)
+        Puppet.initialize_settings(cli)
+        yield
+      end
+    end
+
+    # Use puppet to identify the modulepath from an environment.
+    #
+    # WARNING: THIS FUNCTION SHOULD ONLY BE CALLED INSIDE A SYNCHRONIZED PAL MUTEX
+    def modulepath_from_environment(environment_name)
+      codedir = DEFAULT_BOLT_CODEDIR
+      environmentpath = "#{codedir}/environments"
+      basemodulepath = "#{codedir}/modules:/opt/puppetlabs/puppet/modules"
+      modulepath_dirs = nil
+      with_pe_pal_init_settings(codedir, environmentpath, basemodulepath) do
+        environment = Puppet.lookup(:environments).get!(environment_name)
+        modulepath_dirs = environment.modulepath
+      end
+      modulepath_dirs
+    end
+
     def in_pe_pal_env(environment)
       return [400, '`environment` is a required argument'] if environment.nil?
       @pal_mutex.synchronize do
-        pal = BoltServer::PE::PAL.new({}, environment)
+        modulepath_obj = Bolt::Config::Modulepath.new(
+          modulepath_from_environment(environment),
+          boltlib_path: [PE_BOLTLIB_PATH, Bolt::Config::Modulepath::BOLTLIB_PATH]
+        )
+        pal = Bolt::PAL.new(modulepath_obj, nil, nil)
         yield pal
       rescue Puppet::Environments::EnvironmentNotFound
         [400, {
@@ -213,16 +268,11 @@ module BoltServer
       @pal_mutex.synchronize do
         project = Bolt::Project.create_project(project_dir)
         bolt_config = Bolt::Config.from_project(project, { log: { 'bolt-debug.log' => 'disable' } })
-        pal = Bolt::PAL.new(bolt_config.modulepath, nil, nil, nil, nil, nil, bolt_config.project)
-        module_path = [
-          BoltServer::PE::PAL::PE_BOLTLIB_PATH,
-          Bolt::PAL::BOLTLIB_PATH,
-          *bolt_config.modulepath,
-          Bolt::PAL::MODULES_PATH
-        ]
-        # CODEREVIEW: I *think* this is the only thing we need to make different between bolt's PAL. Is it acceptable
-        # to hack this? Modulepath is currently a readable attribute, could we make it writeable?
-        pal.instance_variable_set(:@modulepath, module_path)
+        modulepath_object = Bolt::Config::Modulepath.new(
+          bolt_config.modulepath,
+          boltlib_path: [PE_BOLTLIB_PATH, Bolt::Config::Modulepath::BOLTLIB_PATH]
+        )
+        pal = Bolt::PAL.new(modulepath_object, nil, nil, nil, nil, nil, bolt_config.project)
         context = {
           pal: pal,
           config: bolt_config
@@ -307,6 +357,23 @@ module BoltServer
       plans.map { |plan_name| { 'name' => plan_name } }
     end
 
+    def file_metadatas(pal, module_name, file)
+      pal.in_bolt_compiler do
+        mod = Puppet.lookup(:current_environment).module(module_name)
+        raise ArgumentError, "`module_name`: #{module_name} does not exist" unless mod
+        abs_file_path = mod.file(file)
+        raise ArgumentError, "`file`: #{file} does not exist inside the module's 'files' directory" unless abs_file_path
+        fileset = Puppet::FileServing::Fileset.new(abs_file_path, 'recurse' => 'yes')
+        Puppet::FileServing::Fileset.merge(fileset).collect do |relative_file_path, base_path|
+          metadata = Puppet::FileServing::Metadata.new(base_path, relative_path: relative_file_path)
+          metadata.checksum_type = 'sha256'
+          metadata.links = 'follow'
+          metadata.collect
+          metadata.to_data_hash
+        end
+      end
+    end
+
     get '/' do
       200
     end
@@ -550,6 +617,19 @@ module BoltServer
       end
     end
 
+    # Implements puppetserver's file_metadatas endpoint for projects.
+    #
+    # @param project_ref [String] the project_ref to fetch the file metadatas from
+    get '/project_file_metadatas/:module_name/*' do
+      in_bolt_project(params['project_ref']) do |context|
+        file = params[:splat].first
+        metadatas = file_metadatas(context[:pal], params[:module_name], file)
+        [200, metadatas.to_json]
+      end
+    rescue ArgumentError => e
+      [400, e.message]
+    end
+
     error 404 do
       err = Bolt::Error.new("Could not find route #{request.path}",
                             'boltserver/not-found')

data/lib/bolt_spec/bolt_context.rb

@@ -105,7 +105,7 @@ module BoltSpec
 
       # Set the things
       Puppet[:tasks] = true
-      RSpec.configuration.module_path = [modulepath, Bolt::PAL::BOLTLIB_PATH].join(File::PATH_SEPARATOR)
+      RSpec.configuration.module_path = [modulepath, Bolt::Config::Modulepath::BOLTLIB_PATH].join(File::PATH_SEPARATOR)
       opts = {
         bolt_executor: executor,
         bolt_inventory: inventory,
@@ -153,7 +153,9 @@ module BoltSpec
     end
 
     def pal
-      @pal ||= Bolt::PAL.new(config.modulepath, config.hiera_config, config.project.resource_types)
+      @pal ||= Bolt::PAL.new(Bolt::Config::Modulepath.new(config.modulepath),
+                             config.hiera_config,
+                             config.project.resource_types)
     end
 
     BoltSpec::Plans::MOCKED_ACTIONS.each do |action|

data/lib/bolt_spec/plans.rb

@@ -224,7 +224,7 @@ module BoltSpec
 
     def run_plan(name, params)
       pal = Bolt::PAL.new(
-        config.modulepath,
+        Bolt::Config::Modulepath.new(config.modulepath),
         config.hiera_config,
         config.project.resource_types,
         config.compile_concurrency,

data/lib/bolt_spec/run.rb

@@ -179,7 +179,7 @@ module BoltSpec
       end
 
       def pal
-        @pal ||= Bolt::PAL.new(config.modulepath,
+        @pal ||= Bolt::PAL.new(Bolt::Config::Modulepath.new(config.modulepath),
                                config.hiera_config,
                                config.project.resource_types,
                                config.compile_concurrency)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bolt
 version: !ruby/object:Gem::Version
-  version: 2.30.0
+  version: 2.31.0
 platform: ruby
 authors:
 - Puppet
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-09-30 00:00:00.000000000 Z
+date: 2020-10-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -444,6 +444,7 @@ files:
 - lib/bolt/catalog/logging.rb
 - lib/bolt/cli.rb
 - lib/bolt/config.rb
+- lib/bolt/config/modulepath.rb
 - lib/bolt/config/options.rb
 - lib/bolt/config/transport/base.rb
 - lib/bolt/config/transport/docker.rb
@@ -542,7 +543,6 @@ files:
 - lib/bolt_server/base_config.rb
 - lib/bolt_server/config.rb
 - lib/bolt_server/file_cache.rb
-- lib/bolt_server/pe/pal.rb
 - lib/bolt_server/schemas/action-check_node_connections.json
 - lib/bolt_server/schemas/action-run_command.json
 - lib/bolt_server/schemas/action-run_script.json

data/lib/bolt_server/pe/pal.rb

@@ -1,67 +0,0 @@
-# frozen_string_literal: true
-
-require 'bolt/pal'
-require 'bolt/util'
-
-module BoltServer
-  module PE
-    class PAL < Bolt::PAL
-      # PE_BOLTLIB_PATH is intended to function exactly like the BOLTLIB_PATH used
-      # in Bolt::PAL. Paths and variable names are similar to what exists in
-      # Bolt::PAL, but with a 'PE' prefix.
-      PE_BOLTLIB_PATH = '/opt/puppetlabs/server/apps/bolt-server/pe-bolt-modules'
-
-      # For now at least, we maintain an entirely separate codedir from
-      # puppetserver by default, so that filesync can work properly. If filesync
-      # is not used, this can instead match the usual puppetserver codedir.
-      # See the `orchestrator.bolt.codedir` tk config setting.
-      DEFAULT_BOLT_CODEDIR = '/opt/puppetlabs/server/data/orchestration-services/code'
-
-      # This function is nearly identical to Bolt::Pal's `with_puppet_settings` with the
-      # one difference that we set the codedir to point to actual code, rather than the
-      # tmpdir. We only use this funtion inside the PEBolt::PAL initializer so that Puppet
-      # is correctly configured to pull environment configuration correctly. If we don't
-      # set codedir in this way: when we try to load and interpolate the modulepath it
-      # won't correctly load.
-      def with_pe_pal_init_settings(codedir, environmentpath, basemodulepath)
-        Dir.mktmpdir('pe-bolt') do |dir|
-          cli = []
-          Puppet::Settings::REQUIRED_APP_SETTINGS.each do |setting|
-            dir = setting == :codedir ? codedir : dir
-            cli << "--#{setting}" << dir
-          end
-          cli << "--environmentpath" << environmentpath
-          cli << "--basemodulepath" << basemodulepath
-          Puppet.settings.send(:clear_everything_for_tests)
-          Puppet.initialize_settings(cli)
-          yield
-          # Ensure the puppet settings go back to what bolt expects after
-          # we finish with the settings we need for PEBolt::PAL init.
-          with_puppet_settings { |_| nil }
-        end
-      end
-
-      def initialize(plan_executor_config, environment_name, hiera_config = nil, max_compiles = nil)
-        # Bolt::PAL#initialize takes the modulepath as its first argument, but we
-        # want to customize it later, so we pass an empty value:
-        super([], hiera_config, max_compiles)
-
-        codedir = plan_executor_config['codedir'] || DEFAULT_BOLT_CODEDIR
-        environmentpath = plan_executor_config['environmentpath'] || "#{codedir}/environments"
-        basemodulepath = plan_executor_config['basemodulepath'] || "#{codedir}/modules:/opt/puppetlabs/puppet/modules"
-
-        with_pe_pal_init_settings(codedir, environmentpath, basemodulepath) do
-          environment = Puppet.lookup(:environments).get!(environment_name)
-          # A new modulepath is created from scratch (rather than using super's @modulepath)
-          # so that we can have full control over all the entries in modulepath. In the future
-          # it's likely we will need to preceed _both_ Bolt::PAL::BOLTLIB_PATH _and_
-          # Bolt::PAL::MODULES_PATH which would be more complex if we tried to use @modulepath since
-          # we need to append our modulepaths and exclude modules shiped in bolt gem code
-          modulepath_dirs = environment.modulepath
-          @user_modulepath = modulepath_dirs
-          @modulepath = [PE_BOLTLIB_PATH, Bolt::PAL::BOLTLIB_PATH, *modulepath_dirs]
-        end
-      end
-    end
-  end
-end