-
Add
plugin show
command (#2872)The
bolt plugin show
command andGet-BoltPlugin
PowerShell cmdlet can be used to list plugins available to the current project. -
Lookup hiera
plan_hierarchy
values from the CLI (#2815)The
bolt lookup
command now has a--plan-hierarchy
flag that will lookup values from Hiera'splan_hierarchy
. -
New Bolt debugging guide (#2871)
Bolt has a new guide with common debugging tips that can be accessed by running
bolt guide debugging
. -
Builtin tab completion (#2869)
Bolt now supports tab completion for Bolt commands, subcommands, and any flags available for a command. It also supports tab completing tasks and plans for certain project types when tasks and plans have been cached.
-
Test plans that use
parallelize()
plan function in BoltSpec (#2882)BoltSpec no longer fails when testing plans that include the
parallelize()
plan function. Previously, testing plans that used this function would cause the plan to fail with an argument mismatch error. -
Pass remaining arguments to PowerShell
-Arguments
parameter (#2788)The PuppetBolt PowerShell module now correctly supports passing multiple arguments to the
-Arguments
parameter. Previously, any unbound arguments were not passed to this parameter, causing the PowerShell parser to error.
-
PuppetBolt PowerShell module will not ship with Bolt packages in a future release (#2550)
The PuppetBolt PowerShell module will no longer ship with Bolt packages on Windows in a future release. The PuppetBolt PowerShell module should instead be installed from PowerShell Gallery.
-
Do not error when using
--run-as
on a Windows controller (#2874)Bolt no longer raises an error when using the
--run-as
command-line option on a Windows controller.
-
Ship PuppetBolt PowerShell module to PowerShell Gallery (#2550)
The PuppetBolt PowerShell module is now shipped to the PowerShell Gallery. For more information about installing the PuppetBolt PowerShell module, see the documentation.
-
Report whether tasks are run in no-operation mode (#2840)
Bolt now reports whether or not a task is run in no-operation mode when it collects analytics.
-
Provide project for
BoltSpec::Run::Runner#pal
(#2858)Fixes a project null reference in the invocation of the
download_file()
function in a plan driven by theBoltSpec::Run
runner. -
Undef variables are now included in Future block scopes (#2866)
Previously, Bolt would not include variables with a value
undef
in Future block scopes, leading them to be undefined. Bolt now includes those variables when creating the new scope for Future blocks.
-
Plan functions to support fire-and-forget parallelism (#2764)
Bolt now includes two new plan functions,
background()
andwait()
, to support fire-and-forget parallelism. Read more at https://pup.pt/bolt-parallelism. -
Support run-as for container transports when running on nix (#2806)
The Docker, LXD, and Podman transports now support
run-as
configuration and related configuration options when running on nix systems.run-as
is not supported for any Windows systems or the PowerShell shell over SSH.
-
Upload project plugin files to correct directory when running an apply (#2832)
Project plugin files are now uploaded to the correct directory when running an apply. Previously, if a project used a
Boltdir
or had a directory name that did not match the project's configured name, apply blocks could not correctly reference files in the project using Puppet file syntax (puppet:///modules/<project name>/<file name>
). -
Correctly set
DOCKER_HOST
environment variable when connecting to remote Docker hosts (#2813)Bolt now correctly sets the
DOCKER_HOST
environment variable when thedocker.service-url
configuration is set. Previously, this environment variable was not set correctly, preventing the transport from connecting to remote Docker hosts.Contributed by Mic Kaczmarczik
-
Support _run_as passed to apply_prep() (#2808)
Bolt now respects the
_run_as
metaparameter when passed to theapply_prep()
plan function. This is the only supported metaparameter, and takes highest precedence per the Bolt configuration precedence -
Don't stacktrace if welcome message file can't be written (#2814)
Previously, Bolt would stacktrace if it failed to make the directory to store the welcome message file in, which relies on tilde
~
expansion. Bolt now falls back to a system-level path, and then omits the welcome message entirely if the system-level path also fails to be created or written to. -
Do not error in
file::*
plan functions whenfuture
is not configured (#2828)The
file::exists
,file::read
, andfile::readable
plan functions no longer error when invoked outside of an apply block whenfuture
is not configured.
-
JSON output documentation (#2773)
The format for JSON output for each of Bolt's commands is now documented.
-
Facts diff task accepts
exclude
parameter (#2804)The
puppet_agent::facts_diff
task now accepts anexclude
parameter to filter output based on a provided regex. -
lookup
command to look up values with Hiera (#2499)The new
bolt lookup
andInvoke-BoltLookup
commands can be used to look up values with Hiera. -
Load files from specified Puppet paths (#2731)
If the project-level
future.file_paths
configuration is enabled, Puppet files can be loaded using the new loading syntax. For more information see https://pup.pt/bolt-loading-files.
-
Puppet5 collection no longer available for
puppet_agent::install
task (#2804)Now that this collection is unavailable to download from, it's not a valid parameter to the
puppet_agent::install
task.
-
Developer Update: Script loading changes
There's a new Developer Update in town, read it here.
-
Allow Docker connections using full ID as the host
The Bolt Docker transport now successfully connects to containers when the full SHA 256 container ID string is provided as a name or URL. Previously, Bolt could only connect when the 12 character shortened form of the ID string was used.
-
Fixed incorrect param in Get-BoltTask text (#2795)
Fixed the 'Additional Information' section of the help text for the Get-BoltTask cmdlet having an incorrect parameter for the task name
Contributed by Malivil
-
Default to showing all targets with
bolt inventory show
(#2747)The
bolt inventory show
andGet-BoltInventory
commands now default ot showing all targets in the inventory if a targetting option (--targets
,--query
,--rerun
) are not provided. -
Improved group information output (#2766)
The
bolt group show
andGet-BoltGroup
commands now displayhuman
output in a similar format to othershow
commands. Thejson
output now includes the path to the inventory file that the groups are loaded from. -
puppetdb_command
plan function (#2771)The
puppetdb_command
plan function can be used to invoke commands in PuppetDB. Currently, only thereplace_facts
command is officially tested and supported, though other commands might work as well.This feature is experimental and subject to change.
-
Do not error when using metaparameters in YAML plans (#2777)
Bolt no longer errors for YAML plans that include a plan or task step that includes an additional option (e.g.
_catch_errors
) under theparameters
key. -
Output correct inventory source with
inventory show
(#2766)The
bolt inventory show
andGet-BoltInventory
commands now output the correct source of inventory when using theBOLT_INVENTORY
environment variable. Previously, Bolt would output the path to the default inventory file.
-
Ensure all messages print, even after thread finishes (#2770)
Bolt now ensures that all messages from a command or script are printed back to the user. Previously, some messages would be lost if they were read after the thread finished executing or when Bolt had been prompted for a sudo password.
-
Improved inventory output (#2751)
The
bolt inventory show
andGet-BoltInventory
command now displayhuman
output in the same format as othershow
commands. -
Improved plan and task information output (#2754)
The
bolt plan|task show <name>
andGet-Bolt(Plan|Task) -Name <name>
commands now displayhuman
output in a similar format to othershow
commands. -
Podman transport (#2456)
The Podman transport connects to local running Podman containers, useful for testing scenarios or debugging.
-
Disable analytics in system, user, and project config files (#2759)
The new
analytics
configuration option can be used to disable data collection in Bolt and is supported in bothbolt-defaults.yaml
andbolt-project.yaml
. Disabling data collection cannot be overridden by enabling it in another configuration file.
-
Do not stack trace when missing project configuration file (#2756)
Bolt no longer stack traces when installing modules if the project does not have a
bolt-project.yaml
configuration file.
-
Test plans that use
run_task_with()
plan function in BoltSpec (#2692)Plans that use the
run_task_with()
plan function can now be tested with BoltSpec. -
run_container()
plan function (#2614)Bolt now ships with a
run_container()
Puppet plan function that will run a container and return its output. -
Update bundled modules (#2748)
The following bundled modules have been updated to their latest versions:
-
Do not warn on top level
plugin_hooks
config (#2742)Bolt no longer warns that
plugin_hooks
are an unknown option when configured in inventory file. -
Allow
version
key in inventory files (#2746)Bolt now recognizes the
version
configuration in an inventory file and doesn't raise a warning that the key is unknown.
-
Deprecate dotted fact names (#2737)
Dotted fact names (e.g.
foo.bar
) are now deprecated. Bolt issues a deprecation warning if it detects a target is loaded with these facts or has them added during a plan run.
-
Display merged stdout and stderr output for commands and scripts (#2653)
The
bolt command|script run
commands andInvoke-BoltCommand|Script
cmdlets now display merged output from stdout and stderr in the CLI. This merged output is also available to theResult
object in plans and in the JSON output format under themerged_output
key. -
Convert YAML plans by name (#2712)
The
bolt plan convert
andConvert-BoltPlan
commands now accept the name of a YAML plan to convert instead of just a path to a YAML plan. -
Add default value for
prompt
plan function (#2704)The
prompt
plan function has a newdefault
option which can be used to return a default value when a user does not provide input or when stdin is not a tty. -
LXD transport supports remote hosts (#2669)
The LXD transport includes a new
remote
option to configure connections to remote LXD servers. -
Add welcome message when users first run Bolt (#2711)
Bolt now prints a welcome message when users first run Bolt if they run
bolt
,bolt --help
, orbolt help
. -
prompt::menu
plan function (#2714)The new
prompt::menu
plan function can be used to prompt the user to select an option from a menu of options. -
Upgrade bundled modules (#2734)
The following bundled modules have been updated to their latest versions:
-
Ensure
env_vars
is a hash in commands and scripts (#2689)Bolt now ensures that the
env_vars
option passed to commands and scripts in plans is a hash and will raise a helpful error message otherwise. -
Convert
env_vars
hash values to JSON (#2689)Bolt now converts hash values for an environment variable passed to a command or script to JSON. Previously, a hash value would be passed with Ruby-style syntax.
-
Don't stacktrace when showing tasks that include untyped parameters (#2719)
Bolt will now correctly show task details for tasks that include parameters that do not specify a type, instead of stacktracing.
-
Do not error when showing 'noop' task info (#2722)
Bolt no longer errors when printing task information for a task that supports running in no-operation mode.
-
Handle malformed
_error
values in task results in Orchestrator (#2723)Bolt now handles
_error
from task results in the Orchestrator transport when the value of the key is not a hash, does not include thedetails
key, or thedetails
key is not a hash. Previously Bolt would error if any of these conditions was true.
-
Add LXD transport (#2311)
Bolt now includes a new LXD transport to use when connecting with containers managed with LXD. See the transport configuration reference for configuration options. This feature is experimental and might change between minor versions.
Contributed by Coleman McFarland
-
Stream output from targets (#102)
You can now stream output from a target as actions are running using the
stream
configuration option or the--stream
command-line option. For more information, see the documentation. This feature is experimental and might change between minor versions. -
Support metaparameters as top-level keys in YAML plan steps (#2629)
YAML plan steps now support metaparameters as top-level keys. For example, the
script
step supports anenv_vars
key which accepts a hash of environment variables to set on the target when running the script. -
Show plan descriptions in plan list (#2678)
Plan descriptions now appear in
bolt plan show
andGet-BoltPlan
output. -
Support Puppet paths when running scripts from the CLI (#2652)
You can now use Puppet paths (
<MODULE NAME>/<FILE NAME>
) to specify the path to a script when runningbolt script run
orInvoke-BoltScript
. -
Add
pwsh_params
option torun_script
plan function (#2651)The
run_script
plan function now accepts apwsh_params
option which can be used to pass named parameters to a PowerShell script. -
Upgrade bundled modules to latest versions
Several of Bolt's bundled modules have been upgraded to their latest versions. Some modules have been upgraded to new major versions, which are not compatible with Puppet 5. Bolt officially dropped support for Puppet 5 in Bolt 3.0.
The following modules have been upgraded to new major versions:
- puppetlabs-package 2.0.0
- puppetlabs-puppet_conf 1.0.0
- puppetlabs-scheduled_task 3.0.0
- puppetlabs-service 2.0.0
- puppetlabs-stdlib 7.0.0
- puppetlabs-reboot 4.0.0
The following module has been upgraded to the latest version and is still compatible with Puppet 5:
-
New analytics about plan function file source (#2687)
Bolt now reports whether a file path is an absolute path or a Puppet file path for the
run_script
,file::read
, andupload_file
plan functions.
-
Handle plan parameter tags without descriptions (#2672)
Bolt no longer errors if a plan includes a Puppet strings
@param
tag that does not have a description. -
Run YAML plan
plan
steps withtargets
key (#2677)YAML plans that have a
plan
step with a top-leveltargets
key now pass the targets to the plan. -
Test YAML plans with BoltSpec (#2682)
YAML plans can now be tested with BoltSpec.
-
Convert YAML plans with a
null
eval step (#2677)YAML plans that include a
null
eval step no longer raise an error when converted to a Puppet language plan. -
Correctly read SSL key contents in
http_request
task (#2693)The
http_request
now correctly reads key contents from the path passed to thekey
parameter. Previously, the task used the file path itself as the key contents. -
Support
run-as
configuration when downloading files (#2679)The
run-as
configuration for the SSH transport is now supported when downloading files. -
Do not send task parameters over stdin when using a tty (#2680)
Tasks with a
stdin
input method that are run on targets withtty: true
configuration no longer return the task's parameters as part of the task output. Previously, Bolt was sending these parameters to the task twice, causing them to be printed to standard out (stdout) and returned in the task output.
This version of Bolt was not released.
-
Add Bolt Task directory to PSModulePath (#2633)
Add the bolt task target directory to the PSModulePath to allow Bolt tasks to ship powershell modules that can be automatically imported
-
Ship with
puppetlabs/powershell_task_helper
module (#2639)Bolt now ships with the
puppetlabs/powershell_task_helper
module, which includes helpers for writing tasks in PowerShell. -
Added
config_data
helper toBoltSpec
library (#2615)The
BoltSpec
library includes a newconfig_data
helper which can be used to set Bolt configuration in your plan unit tests.
-
Support Puppet file syntax for files in a Bolt project (#2504)
Bolt now supports Puppet file syntax (
puppet:///modules/<MODULE>/<FILE>
) in apply blocks for files in a Bolt projec. Previously, apply blocks would not compile if using this syntax for files in a Bolt project. -
Serialize Sensitive task output for
Result.to_data
method (#2633)Previously, the
to_data
method on aResult
object did not transformSensitive
task output. Now, theto_data
method serializes the output by calling theto_s
method onSensitive
output, which will simply print a "value redacted" message. -
Improve error messages for
bolt script
in PowerShell (#2659)Errors raised from running scripts in PowerShell on targets with an execution policy of
Restricted
orAllSigned
now include clearer messages. -
Expose inventory to
BoltSpec
stubs and mocks (#2615)Stubs and mocks that use the
return_from_targets
modifier now have access to Bolt's inventory. Previously, the inventory was not exposed to these stubs and mocks, resulting in 'Undefined method' errors.
-
Install Puppetfile without
modules
configuredBolt now correctly installs a Puppetfile with
bolt module install --no-resolve
andInstall-BoltModule -NoResolve
even if themodules
key is not configured or is an empty array. -
Fix PowerShell Cmdlet Version detection (#2636)
PowerShell users can now run
Get-BoltVersion
to list the Bolt version. This, andbolt --version
should both load more quickly.
-
Ship with Puppet 7 (#2547)
The Bolt gem and Bolt packages now ship with Puppet 7.
-
Use
bolt.bat
for execution on Windows (#2551)This removes the
bolt
PowerShell function and instead relies on a newbolt.bat
file that is included in Bolt packages. -
Update default modulepath (#2549)
Bolt's default modulepath is now
['modules']
instead of['modules', 'site', 'site-modules']
. Bolt will also automatically append the project's.modules/
directory to all modulepaths, whether a project uses the default modulepath or a configured modulepath. -
Improve bolt powershell task error message (#2509)
Format the exception powershell type tasks throw to make it easier for a user to read the error message.
-
Local transport's
bundled-ruby
option defaults to true (#2552)The local transport's
bundled-ruby
configuration option, which determines whether to use the Ruby bundled with Bolt packages for local targets, now defaults to 'true' instead of 'false'. The option can still be configured as before. -
Ship with puppetlabs/stdlib 6.6.0 (#2606)
Bolt packages now ship with the latest version of the puppetlabs/stdlib module.
-
Include plan name in
missing_plan_parameter
warnings (#2588)The
missing_plan_parameter
warning now includes the name of the plan that the message was logged for.
-
Remove support for the
bolt.yaml
configuration file (#2557)The
bolt.yaml
configuration file is no longer supported by Bolt. Usebolt-project.yaml
andbolt-defaults.yaml
instead. -
Remove support for Debian 8 (#2556)
Bolt no longer builds or tests packages for the Debian 8 platform.
-
Remove support for puppet-agent < 6.0.0 (#2422)
Bolt no longer supports puppet-agent versions earlier than 6.0.0. While applying Puppet code to targets with earlier versions of the puppet-agent package installed may still succeed, Bolt no longer guarantees compatibility.
-
Remove support for PowerShell 2.0 (#2561)
Bolt no longer supports PowerShell 2.0 on the controller or on targets. While running commands and tasks in PowerShell 2.0 may still succeed, Bolt no longer guarantees compatibility.
-
Remove deprecated command-line options (#2559)
The
--boltdir
,--configfile
,--debug
,--description
, and--puppetfile
command-line options have been removed. -
Remove deprecated configuration options (#2553)
The
apply_settings
,inventoryfile
,plugin_hooks
, andpuppetfile
configuration options have been removed. -
Remove
notice
log level (#2560)Bolt no longer accepts
notice
as a log level, via the command line or configuration. Useinfo
instead. -
Remove
bolt puppetfile
subcommand (#2558)Removes the
bolt puppetfile *
and*-BoltPuppetfile
subcommands. Use thebolt module *
and*-BoltModule
subcommands instead. -
Remove support for
private-key
,public-key
parameters in pkcs7 plugin (#2555)Support for the
private-key
andpublic-key
parameters in the pkcs7 plugin has been removed. Use theprivate_key
andpublic_key
parameters instead. -
Remove
source
andtarget
YAML plan step keys (#2554)Support for the
source
andtarget
keys in YAML plans has been removed. Useupload
andtargets
instead. -
Remove
aggregate::nodes
plan (#2565)Bolt no longer ships with the
aggregate::nodes
plan. Use theaggregate::targets
plan instead.
-
Hide private plans from
bolt plan show
andGet-BoltPlan
(#1549)Users can now set the top-level
private
key in YAML plans, or the@private
Puppet string, to mark a plan as private. -
Add
read-timeout
configuration option for PCP transport (#2518)Users can now configure a
read-timeout
for HTTP requests to the Orchestrator, which defines how long to wait for a response before raising a Timeout error. -
Support additional Puppet settings in
apply-settings
(#2516)The
log_level
,trace
, andevaltrace
Puppet settings can now be configured under theapply-settings
configuration option. These settings will be applied when executing an apply block. -
Add
resolve
key for Forge and git module specifications (#2522)Forge and git module specifications in
bolt-project.yaml
now support aresolve
key. When settingresolve: false
, Bolt will skip dependency resolution for the module, allowing users to include modules with broken metadata or modules hosted in a repository other than a public GitHub repository in their project configuration. -
Bolt modules usable with Puppet 7
Modules owned by the Bolt team now have a maximum Puppet version of 8, so are usable with Puppet 7 on the Bolt controller.
-
Suppress warnings with
disable-warnings
config option (#2542)The
disable-warnings
configuration option accepts an array of warning IDs that are used to suppress warnings in both the CLI and log files. This configuration option is supported in bothbolt-project.yaml
andbolt-defaults.yaml
.
-
Only spin while executing
run_*
plan functions (#2511)Bolt will now only print the spinner while executing
run_*
,file_upload
,file_download
, andwait_until_available
plan functions. It also now spins while running those functions equivalent commandline commands. This prevents the spinner from spinning while prompting for output from a plan. -
Correctly shadow fact/variable collisions in apply blocks (#2111)
Bolt now correctly shadows target and plan variables that collide with facts of the same name when running apply blocks.
-
Don't continue executing parallel block when prompting (#2543)
Bolt will now pause printing messages from parallel blocks when prompting the user for input, to avoid confusing printing to the screen.
-
Support
module-install
config when resolving modules (#2478)The
bolt module add|install
commands andAdd|Install-BoltModule
cmdlets now support themodule-install
config option when resolving module dependencies. -
Updated bundled modules to latest version (#2514)
The following bundled modules have been updated to their latest versions:
-
Support for project-level plugins (#2517)
Bolt now supports project-level plugins. Similar to module plugins, project-level plugins are implemented as tasks that use specific hooks and are referred to using the name of the project.
-
Allow entire inventory to be specified with a plugin (#2475)
Inventory files can now be specified with a plugin. For example, the following inventory file is now valid:
--- _plugin: yaml filepath: /path/to/inventory_partial.yaml
-
Delete transport config keys that resolved to
nil
(#2512)Previously, if a plugin reference resolved a transport config key to
nil
Bolt would still include that key in the target's transport config. This change ensures thatnil
-resolved transport config keys are deleted during inventory parsing. -
Don't stacktrace when converting YAML plans with errors (#2515)
Bolt will now error cleanly instead of stacktracing when users try to convert a YAML plan that has type or syntax errors.
-
Deprecate
puppetfile
in favor ofmodule-install
(#2361)The
puppetfile
configuration option has been deprecated in favor ofmodule-install
and will be removed in Bolt 3.0. Users should update their projects to use the module management feature, which uses themodule-install
option. -
Deprecate
puppetfile
commands (#2361)The
bolt puppetfile *
commands and*-BoltPuppetfile
cmdlets have been deprecated and will be removed in Bolt 3.0. Users should update their projects to use the module management feature, which uses thebolt module *
commands and*-BoltModule
cmdlets.
-
Only print spinner when stdout is a TTY (#2500)
We now only print the spinner when the STDOUT stream is a TTY.
-
Do not add
localhost
target to theall
group by default in PowerShell (#2505)Bolt no longer adds the
localhost
target to theall
group by default. Previously, when running Bolt in PowerShell, thelocalhost
target would be added to theall
group unintentionally.
-
Fix bug warning about keys under 'remote' transport (#2477)
Bolt now will not warn when keys are configured for the
remote
transport in inventory. -
Support plugins for suboptions under options that allow plugins (#2483)
All suboptions for config options that support plugins once again support plugins. For example, the
key-data
suboption for theprivate-key
option can use plugins again. -
Load the correct data for plugin invocations (#2487)
Bolt now correctly loads data for the plugin invocation based on the plugin data, not just cache
ttl
. Previously, any plugins with the same cache configuration would collide in the cache data and overwrite each other, causing the wrong data to be loaded.
-
bundled-ruby
local transport config option to enable local defaults (#2400)Set
bundled-ruby
in the local transport config to enable or disable the default config currently used for thelocalhost
target. -
module-install
configuration option (#2303)Bolt now supports a
module-install
configuration option inbolt-project.yaml
andbolt-defaults.yaml
. This option is used to configure proxies and an alternate forge when installing modules using thebolt module add|install
commands orAdd|Install-BoltModule
cmdlets.This option is not currently supported when resolving module dependencies.
-
Improved inventory validation (#2413)
Bolt now validates inventory against Bolt's inventory schema and indicates where errors are found.
-
CLI spinner for long running operations (#2432)
Bolt now has a spinner printed to the CLI for long-running operations, so that users know the Bolt process has not hung. Disable the spinner by setting
spinner: false
in any Bolt configuration file. -
JSON schema for YAML plans (#2046)
Bolt now offers a JSON schema for validating YAML plans.
-
Windows local transport returns correct exit codes and accepts pipes (#2299)
When running commands over the local transport on Windows machines, Bolt now returns the exit code returned by the command as opposed to just 0 or 1. It also accepts pipes as part of the command.
-
Accept plugins in
puppetdb
config (#2461)Fixes a regression to once again allow plugins to be used for defining the values of the
puppetdb
config.Contributed by Nick Maludy
-
Only warn that project content won't be loaded if there's project content (#2438)
Bolt will now only warn that project content won't be loaded if the proejct directory has a
tasks/
,plans/
, orfiles/
directory that may contain content. -
Allow caching for PuppetDB plugin (#2469)
Previously, our configuration validation would raise an error if users supplied
_cache
to the PuppetDB plugin. Cache is now configurable for the plugin. -
http_request
task converts header names to strings (#4Headers set under the
headers
parameter are now converted to strings before making a request. Previously, headers were passed to the request as symbols.Contributed by barskern
-
Plugin caching (#2383)
Bolt plugins can now be configured to cache their results. Users can either configure a default cache time-to-live for all plugins, or configure each plugin's TTL individually. See the documentation for more information.
This feature is considered experimental.
-
Support
notice
log level (#2410)Log levels can now be set to
notice
. Previously, Bolt would raise an error saying thatnotice
was not a supported log level.
-
Deprecate Powershell 2 support (#2365)
Support for Powershell 2 on both Bolt targets and controllers is deprecated, and will be dropped in Bolt 3.0.
-
Deprecate bolt.yaml (#2000)
The
bolt.yaml
configuration file is now deprecated, both at project-level and user/system-level. -
Deprecate
notice
log level (#2410)The
notice
log level is deprecated and will be removed in Bolt 3.0. Use theinfo
log level instead.
-
bolt plan new
andNew-BoltPlan
commands no longer experimentalThe
bolt plan new
andNew-BoltPlan
commands are no longer considered experimental. -
Module management workflow no longer experimental
The module management workflow is no longer considered experimental. For more information, see the modules overview in the Bolt documentation.
-
Configure
modules
withbolt project init
(#2110)The
bolt project init
command will now configure themodules
key in thebolt-project.yaml
file, enabling thebolt module
command. -
Create
inventory.yaml
file when creating new projects (#2364)The
bolt project init
andNew-BoltProject
commands now create aninventory.yaml
file in the new project. -
Log plugin task output at
trace
level (#2336)Plugin task output is now logged at
trace
level. -
Improved config validation (#2337)
Bolt now validates config files against Bolt's schemas and indicates which config file an error is found in.
-
Warn about unknown configuration options (#2376)
Bolt now issues a warning when it detects an unknown configuration option. The warning will indicate where the configuration option is located.
-
Added
value()
function toApplyResult
datatype (#2370)The
ApplyResult
datatype has a newvalue()
function that returns a hash that includes the Puppet report from an apply under thereport
key.
-
Targets without a uri can now use
apply()
andget_resources()
(#2346)Previously, if a target had a
host
set instead of auri
it would error when trying to set the Puppet certname to the target's URI. We now use the target'sname
instead of theuri
as the Puppet certname when compiling catalogs. -
Allow loading SSH Config through net-ssh when using native-ssh to fail (#2289
As skipping loading SSH config through the net-ssh gem is not feasible, we allow loading the ssh config to fail and fall back to the inventory file settings or the logged in user.
Contributed by Robert Führicht
-
Ship
puppet_agent
manifests directory (#2368)Bolt now includes the
puppet_agent
module manifests directory and it's classes in the Bolt gem and packages.
-
Deprecate
--boltdir
,--configfile
,--puppetfile
, and--description
command-line options (#2362)We are planning to remove the
--boltdir
,--configfile
,--puppetfile
, and--description
command line flags in the next major version of Bolt. This adds deprecation warnings that are printed when users specify any of these flags. -
Deprecate
inventoryfile
configuration option (#2363)The
inventoryfile
configuration option has been deprecated and will be removed in Bolt 3.0. Users should move contents from non-default inventory files to theinventory.yaml
file in a Bolt project, or can use the--inventoryfile
command-line option to load a non-default inventory file. -
Deprecate
plugin_hooks
in favor ofplugin-hooks
(#2358)The
plugin_hooks
configuration option has been deprecated in favor ofplugin-hooks
. -
Deprecate
apply_settings
in favor ofapply-settings
(#2357)The
apply_settings
configuration option has been deprecated in favor ofapply-settings
.
-
Set default ports for PuppetDB and Orchestrator (#2304)
Bolt now sets the ports for PuppetDB
server_urls
and Orchestratorservice-url
to 8081 and 8143 respectively if the port is not set in config. -
Filter project plans and tasks with glob patterns (#2180)
The
plans
andtasks
options inbolt-project.yaml
now support glob patterns in addition to plan and task names. Plans and tasks that match a glob pattern will appear inbolt plan|task show
andGet-Bolt(Plan|Task)
output. -
Execute plan functions in parallel with
parallelize
plan function (#2190)The new
parallelize
plan function can be used to execute part of a plan in parallel. It accepts an array of inputs and a block, executes the block on each input, and returns a list of results. This function can be used to continue executing part of a plan across multiple targets without waiting on results to finish for each target.This feature is experimental.
-
Error with invalid YAML plan step type (#2309)
Bolt now errors if a YAML plan step is not a hash. Previously, YAML plans would execute even if a plan step was not a hash.
-
Create new Puppet language plans with
--pp
flag (#2327)Bolt can now create new Puppet language plans using the
bolt plan new
command with the--pp
flag or theNew-BoltPlan
PowerShell cmdlet with the-Pp
parameter. -
Show PowerShell cmdlets in output when running in PowerShell (#2326)
Bolt output that includes commands will now show PowerShell cmdlets instead of *nix shell commands when running in PowerShell.
-
Fix complicated quoting in PowerShell Cmdlets (#2272)
When using the Powershell cmdlets module, Bolt no longer wraps each command in single quotes allowing users to successfully use more complicated quoting patterns.
-
Don't log task output from plugins (#2329)
Bolt no longer logs the output from plugin tasks, to avoid printing sensitive information to logs.
-
Fix module name validation for Forge and Git module specifications (#2314)
Forge and Git module specifications now correctly validate the module's name and permit uppercase letters in the owner segment of the module name. Previously, if the owner segment of a module name included uppercase letters, Bolt would raise an error.
-
Updated bundled modules to latest version
The following bundled modules have been updated to their latest versions:
-
Include file and line number in YAML plan code evaluation errors (#2278)
Errors raised when evaluating code in a YAML plan now include the path to the YAML plan and the line number that the error occurred on in the plan.
-
File and line number included in plan function errors (#2057)
If the plan functions
run_command
,run_script
, orrun_task
fail they will now include the file and line number in thedetails
key of the Result object. This information will also be printed when run with info level logging or higher.
-
Safely delete tmpdir used to configure Puppet for PAL (#2245)
Bolt now safely deletes the tmpdir used to configure Puppet when using PAL. Previously, if the tmpdir was deleted during a Bolt run before Bolt deleted the directory itself, an error with a stacktrace would be raised.
-
Do not override SSL variables in PowerShell module (#2171)
The PowerShell module no longer overrides the
SSL_CERT_FILE
andSSL_CERT_DIR
environment variables if they are already set.
-
Folded scalar values in YAML plans no longer evaluated (#2306)
Folded scalar values in YAML plans are no longer evaluated and are instead treated as string literals.
-
Add
json_endpoint
parameter tohttp_request
task (#2)The
http_request
task now accepts ajson_endpoint
parameter. When set totrue
, the task will convert the request body to JSON, set theContent-Type
header toapplication/json
, and parse the response body as JSON. -
Git module support for module management feature (#2187)
Git modules can now be specified in
bolt-project.yaml
and used with the module management feature. Only GitHub modules are supported.
-
Fix 'method not found' error when showing inventory (#2269)
Previously, when running
bolt inventory show
orGet-BoltInventory
with a configured inventory path and the human format a 'method not found' error was raised. This now correctly prints the targets in the inventory. -
Handle printing preformatted Puppet errors with
out::message
(#2241)The
out::message
plan function now correctly prints preformatted Puppet errors. Previously, printing preformatted Puppet errors would result in a 'stack level too deep' error.
-
Improved output for
bolt inventory show
andGet-BoltInventory
(#2205)The
bolt inventory show
command andGet-BoltInventory
cmdlet now show if a target was not found in inventory. Output also includes the path to the loaded inventory file and the number of inventory targets and adhoc targets. -
Print changes made to Puppetfile when adding modules (#2230)
The
bolt module add
command andAdd-BoltModule
cmdlet now display a message describing changes made to the Puppetfile, including modules that have been added, removed, upgraded, or downgraded. -
Update bundled modules to latest versions
The following bundled modules have been updated to their latest versions:
-
Log when default inventory file cannot be loaded (#2207)
Bolt now logs that it tried but failed to load the default inventory file when the default inventory file does not exist. Previously, Bolt would log that it loaded the default inventory file, even when it was unable to do so.
-
Add moduledir directive to generated Puppetfile (#2246)
Puppetfiles generated using the
bolt module install
command andInstall-BoltModule
cmdlet did not include themoduledir
directive.
-
Manage project dependencies with
bolt module
subcommand (#2082, #2083, #2131, #2134, #2135, #2182, #2184)The new
bolt module
subcommand andmodules
key in project configuration can be used to manage a project's module dependencies, including resolving dependencies and version ranges. To learn more about managing a project's module dependencies with Bolt, see the documentation. To read about why we added this feature, see the developer updates.This feature is experimental.
-
HTTP request task (#2103)
Bolt now ships with the
http_request
module, which includes thehttp_request
task for making HTTP requests.
-
Show missing module dependencies when resolving modules (#2224)
Bolt now correctly displays the names of missing module dependencies when resolving modules errors. Previously, if a module dependency was missing, Bolt did not display the name of the missing module.
-
Invalid YAML plans now fail gracefully (#2197)
Previously, if a YAML plan had a syntax error Bolt would stacktrace due to an assumption about what methods the resulting error had. It now fails gracefully with the line of the error.
-
Read command from a file or
stdin
usingbolt command run
(#2125)The
bolt command run
command can now read a command from a file orstdin
.
-
Reliably initialize logger with Bolt log levels (#2188)
Bolt now checks whether the logger includes all of Bolt's log levels if the logger has already been initialized.
-
Define Hiera data to be looked up outside apply blocks under plan_hierarchy key (#1835)
Previously, Bolt used the same Hiera hierarchy for lookups inside and outside apply blocks. Interpolations are only supported in apply blocks, so if a hierarchy included interpolations the user could not look up data outside an apply block. Users can now define a separate, statically configured hierarchy in their Hiera config to be used outside apply blocks.
-
Fix warning when running from a gem install
Bolt again properly detects when it's being run from a gem install and emits a warning.
-
Fix error 'no method found trace' error when running BoltSpec
There was one place where we didn't properly initialize the Bolt logger, causing a stacktrace in some BoltSpec uses. We now properly initialize the Bolt logger.
-
Bolt will now warn if a project has the same name as a module (#2108)
Any module with the same name as the Bolt project will be ignored, and Bolt will now issue a warning to indicate that.
-
Ensure task error objects have correct format (#2112)
Bolt now ensures that error objects returned from a task have the correct format and include a
msg
key. Bolt will also automatically addkind
anddetails
keys if they are absent from the object, with default values ofbolt/error
and{}
. -
Handle project file writing errors more gracefully (#2116)
Bolt will now warn and continue executing when it fails to write files to the active project. Additionally, any user-specified file data that fails to be written to will error.
-
Prevent data for the wrong target being used when compiling
apply()
blocks (#2156)Previously, a race condition allowed
apply()
blocks to use data for the wrong target during compilation. This could cause targets to apply incorrect or invalid catalogs.
-
Allow task output to be treated as sensitive (#2086)
Tasks can now return a
_sensitive
key in their output which can contain an arbitrary value which will be treated as sensitive by Bolt. This means that it won't be printed to the console or logged at any log level, and plans will need to useunwrap()
to get the value. -
Disable log files by setting them to
disable
(#2120)Log files can now be disabled if they were set at a previous level of the hierarchy. This also allows the default
bolt-debug.log
file to be disabled. -
Packages for Fedora 32 (#2042)
Bolt packages are now available for Fedora 32.
-
Add
puppet_agent::run
plan to run the agent (#2022)The
puppet_agent::run
plan will run the agent if it's available and returns aResultSet
including agents that failed and the results from runs that succeeded.
-
Correctly handle array parameters in PowerShell (#2118)
Changes the switch statement in the
Get-BoltCommandline
function to anif/else
statement to properly handle parameters that are arrays that are not supposed to be unwrapped. -
Initialize logger in
BoltSpec::Run
(#2117)Bolt now initializes the logger when using
BoltSpec::Run
methods. Previously, the logger was not initialized with Bolt's custom log levels, causingBoltSpec::Run
to raise an error when it encountered a message being logged to one of these custom levels.
-
Don't fail if bolt-debug.log can't be created (#2115)
This fixes a bug introduced in Bolt 2.24.0 where Bolt would fail when trying to create the
bolt-debug.log
file if the Bolt project didn't exist.
-
PowerShell validation for
-LogLevel
,-Rerun
, and-Filter
(#2090)Add PowerShell parameter validation for
-LogLevel
,-Rerun
, and-Filter
. -
Write a default log file (#2068)
Bolt will now log activity at
debug
level tobolt-debug.log
in the project directory. This log will be truncated each time Bolt runs. -
View information about Bolt concepts and features from the CLI (#2078)
Bolt can now display information about various Bolt features and concepts with the new CLI command
bolt guide
and PowerShell commandGet-Help about_bolt_*
. -
bolt project migrate
now updates project files (#2081)The
bolt project migrate
command will now updatebolt.yaml
tobolt-project.yaml
and move transport configuration toinventory.yaml
. Modified files are backed up to a.bolt-bak
directory in the project directory. -
Plan conversion maintains plan and parameter descriptions (#2039)
Converting a YAML plan to a Puppet plan will now preserve plan and parameter descriptions, so that
plan show
output is the same for the YAML plan as the converted Puppet plan.
-
Fix PowerShell
-Version
parameter (#2090)The PowerShell
-Version
parameter now looks at theRememberedInstallDir
property for Bolt's version file location. -
Show YAML plan parameters without default values as required (#2095)
Bolt was displaying YAML plan parameters without default values as optional in
bolt plan show
output. Now, Bolt will show a parameter without a default value as required.
-
Print objects using
out::message()
plan function (#2012)Users can now print any valid data type using the plan function
out::message()
. -
bolt project init
andNew-BoltProject
now createbolt-project.yaml
(#2003)bolt project init
andNew-BoltProject
now create abolt-project.yaml
file instead ofbolt.yaml
. The commands now accept a project name instead of a path to the project directory. -
Set interval for repeating block in
ctrl::do_until
plan function (#2072)The
ctrl::do_until
plan function now accepts aninterval
option. This option accepts a numeric value that specifies the number of seconds to wait before repeating the block.
-
Include
modules/
in displayed modulepath if it's in the user-configured modulepathBolt now includes
<bolt-installation-directory>/modules
in the displayed modulepath if the user has the path as a component of their configured modulepath. If installed as a package on *nix, bolt-installation-directory would be/opt/puppetlabs/bolt/lib/ruby/gems/2.5.0/gems/bolt-x.y.z/
. -
Do not error when analytics configuration file is empty
Empty analytics configuration files would cause Bolt to raise a
NoMethodError
. Now, if an analytics configuration file is empty, Bolt will instead rewrite the file. -
Correctly pass objects to YAML plan message step
Bolt was incorrectly passing objects used in the YAML plan
message
step, resulting in an error. Any objects used in YAML planmessage
steps are now correctly passed and printed to the console.
-
Use
-Name
parameters in PowerShell task and plan cmdlets (#2049)The
Get|Invoke-BoltTask
andGet|Invoke-BoltPlan
cmdlets now use a-Name
parameter instead of-Task
and-Plan
to specify the name of a task or plan. -
Create new project-level YAML plans with
bolt plan new
(#2004)Users can now quickly get started with writing a new project-level YAML plan using the
bolt plan new
command. The command accepts a single argument, the name of the plan to be generated, and creates the necessary directories and file in the project'splans
directory.Note: This feature is experimental and is subject to change.
-
Do not modify order of plan variables in catalog compilation (#2025)
Bolt will no longer error during catalog compilation when a plan variable shares the same name as a target variable. Previously, Bolt would modify the order plan variables were listed in a catalog if they shared the name of a target variable, causing catalog compilation to fail when deserializing variables.
-
Fix parameter description parsing in PowerShell module (#2049)
Removes encoding HTML special characters from the parameter description fields in the PowerShell module.
-
Reject multi-line project names (#2061)
Previously, Bolt would accept a multi-line string as a project name, causing multiple errors. Bolt will now reject multi-line strings as project names.
-
Specify remote environment variables using
--env-var
(#1980)Users can now set environment variables on targets when running commands and scripts using the
--env-var
CLI option. -
Add
secure_env_vars
plan (#1980)The new builtin Bolt plan
secure_env_vars
reads JSON from a special environment variable,BOLT_ENV_VARS
, and passes that hash to eitherrun_command
orrun_script
. -
YAML plan
message
step (#2038)YAML plans now support a
message
step that prints a message. -
Service task now supports
enable
anddisable
when available (puppetlabs-service#151)The builtin Bolt
service
task now supportsenable
anddisable
actions for agentless targets if the actions are available on the target. -
New
dir::children
plan function (#2047)The new plan function
dir::children
returns an array containing all of the filenames in the given directory, similar to Ruby'sDir.children()
.
-
Gracefully handle WinRM connection loss (#1982)
Bolt will now detect WinRM connection loss and return an error rather than printing a stacktrace and deadlocking.
-
Handle existing file errors when downloading files (#2054)
Bolt now handles existing file errors raised when creating the destination directory for file downloads. Previously, if a file already existed somewhere on the destination directory path, Bolt would raise an error with a full backtrace.
-
Added
bolt file download
CLI command (#1868)Users can now download files and directories from targets to the local system using the
bolt file download
CLI command. This command accepts a path to the file or directory to download from the targets and a path to a destination directory on the local system. The destination directory is expanded relative to the project downloads directory,<project>/downloads/
. -
Add
download_file
plan function (#1868)The
download_file
plan function can be used to download a file or directory from a list of targets to a destination directory on the local system. The result returned from this function includes the path to the downloaded file on the local system. -
Add YAML plan download step (#1868)
YAML plans now support a download step which can be used to download a file or directory from a list of targets to a destination directory on the local system.
-
Add
allow_download
andexpect_download
stubs to BoltSpec (#1868)Users can use the
allow_download
andexpect_download
stubs to test plans that contain calls todownload_file
. -
Ship Bolt with PowerShell cmdlets on Windows (#1895)
Bolt now ships with PowerShell cmdlets on Windows. All Bolt commands are mapped to PowerShell cmdlets following approved verb-noun conventions. Unix-like CLI options are also mapped to equivalent PowerShell names (i.e.
--targets
becomes-targets
).The PowerShell cmdlets are autogenerated from Bolt's source code, ensuring both command-level and parameter-level help is available in the PowerShell help system.
Bolt commands are mapped to the following cmdlets:
Bolt PowerShell bolt apply
Invoke-BoltApply
bolt command run
Invoke-BoltCommand
bolt file download
Receive-BoltFile
bolt file upload
Send-BoltFile
bolt group show
Get-BoltGroup
bolt inventory show
Get-BoltInventory
bolt plan convert
Convert-BoltPlan
bolt plan run
Invoke-BoltPlan
bolt plan show
Get-BoltPlan
bolt project init
New-BoltProject
bolt project migrate
Update-BoltProject
bolt puppetfile generate-types
Register-BoltPuppetfileTypes
bolt puppetfile install
Install-BoltPuppetfile
bolt puppetfile show-modules
Get-BoltPuppetfileModules
bolt script run
Invoke-BoltScript
bolt secret createkeys
New-BoltSecretKey
bolt secret decrypt
Unprotect-BoltSecret
bolt secret encrypt
Protect-BoltSecret
bolt task run
Invoke-BoltTask
bolt task show
Get-BoltTask
-
Configure connection and read timeout length in PuppetDB client (#1994)
Users can now configure the connection and read timeout length for the PuppetDB client with the
connect_timeout
andread_timeout
options under thepuppetdb
config option. -
Environment preservation permission no longer required when using run-as (#1993)
Bolt no longer passes the
-E
flag to sudo when building commands using 'run-as', which allows users who do not have permission to use the flag to use Bolt.
-
Do not re-rescue errors raised before config is loaded (#2005)
Errors raised before Bolt's configuration was loaded were raising a second, ambiguous
NoMethodError
. Bolt now correctly handles errors raised before configuration is loaded and will no longer trigger additional errors.
-
Deprecate
source
key for YAML plan upload step (#1868)The
source
key used in YAML plan upload steps has been deprecated in favor of a less ambiguousupload
key.
-
Support rainbow format on Windows 10 (#1983)
The
rainbow
format is now supported on Windows 10.
-
Do not fail for tasks referring to project-level files (#1984)
Tasks with a
files
key that refers to files that exist at the project level will now load properly rather than throwing an error.
-
Specify module plugins to sync during apply and apply prep (#1934)
The
apply_prep
andapply
plan functions now accept a_required_modules
option that allows plan authors to specify a list of module plugins to sync to targets. When the_required_modules
option is not set, all module plugins will be synced.Contributed by Bert Hajee
-
Use
native-ssh
config option to enable native SSH (#1938)Use the new
native-ssh
SSH transport configuration option or--native-ssh
CLI option to opt-in to the experimental native SSH. The SSH transport configuration optionssh-command
no longer enables native SSH. -
Support configuring log files in
bolt-defaults.yaml
(#1968)The system-wide and user-level default configuration file,
bolt-defaults.yaml
, now supports configuring log files using thelog
option. -
Do not load projects from world-writable directories (#1894)
Bolt now raises an error when attempting to load a project from a world-writable directory on Unix-like systems. Users who wish to override this behavior and run a project from a world-writable directory should can set the
BOLT_PROJECT
environment variable to the project directory path.
-
Validate
inventory-config
option inbolt-defaults.yaml
(#1963)Bolt now checks that the
inventory-config
option in abolt-defaults.yaml
file is a hash and is not a plugin reference before merging configuration files. Previously, setting this value to a hash or plugin reference would raise an unhelpful error. -
Don't load default project for every Bolt invocation (#1917)
Bolt will no longer load the default project at
~/.puppetlabs/bolt
for every Bolt invocation. Exceptions raised during project loading are now handled correctly and will not show a backtrace. -
Correctly detect puppet agent install path on Windows (#1967)
Bolt now correctly detects the Puppet Agent install path on Windows during the initialization steps in a WinRM connection.
-
Set environment variables for commands and scripts (#1899)
The
run_command()
andrun_script()
plan functions now support an_env_vars
argument which accepts a Hash of environment variable declarations to set when running the command/script. -
Add location of plan failures in error messages (#1923)
Errors raised by plan failures now include the location of the plan failure, including the filepath, line, and column.
-
Add
--log-level
CLI option (#1920)The new
--log-level
CLI option can be used to override the console's log level. It accepts the following log levels:debug
,info
,notice
,warn
,error
,fatal
,any
.
-
Load projects with an embedded Boltdir when specified on the CLI (#1953)
Bolt now looks for a
Boltdir
in the directory specified by--project
or--boltdir
and uses it as the project directory if it is present. Otherwise, the specified directory is used as the project directory. -
Support plugin references in JSON schemas (#1900)
The JSON schemas no longer mark plugin references as invalid values when the option can accept a plugin reference. Previously, the schemas would mark any plugin reference as an invalid value.
-
Add
--project
as an alias for the--boltdir
CLI flag (#1931)The new CLI flag
--project
can be used in place of--boltdir
.
-
localhost
default config is now target-level instead of group-level (#1904)Previously, the 'localhost' special default config was merged at the group-level, meaning that group-level config in the inventory would override it. The config is now target-level and must be overridden at the target-level in inventory.
-
Output plan events when using
rainbow
format (#1926)Plan events are now printed when using the
rainbow
output format -
Fix use of spaces in powershell
mkdir
method (#1927)Fixes the powershell
mkdir
command to correctly handle paths with spaces in them. When passed to the command line, paths have to be quoted, the previous code did not handle this. This uses double quotes instead of single quotes to allow string interpolation to happen when it is finally passed to PowerShell. -
Upload files with the correct name when destination is a directory (#1928)
Files uploaded to directories will now retain the name of the original source file rather than changing their name to the same name as the destination directory. This also fixes the case where the destination was
.
-
Project names must be explicitly specified (#1871)
Proejct names must now be specified in
bolt-project.yaml
in order for project-level content to be loaded, rather than the name being inferred by the name of the project directory.
-
Add rainbow output format (#1911)
The new format option
rainbow
prints success messages in rainbow colors. This option is not available on Windows. -
Add
bolt-defaults.yaml
configuration file (#1845)Bolt now supports a new
bolt-defaults.yaml
configuration file in the system-wide and user-level directories. This configuration file is intended to replace thebolt.yaml
configuration file in the system-wide and user-level directories in a future version of Bolt. If abolt-defaults.yaml
file exists alongside abolt.yaml
file, Bolt will ignore thebolt.yaml
file.
-
Log error for unhandled catalog compilation errors (#1881)
We now log whatever is on STDERR when catalog compilation fails in a way that isn't already handled, and raise an ApplyError.
-
Fix uninitialized constant error for
bolt secret createkeys
Running
bolt secret createkeys
should now succeed, where previously it threw an uninitialized constant error.
-
System-wide and user-level
bolt.yaml
is deprecated (#1845)The system-wide and user-level
bolt.yaml
files have been deprecated in favor ofbolt-defaults.yaml
.
-
Load config from bolt-project.yaml (#1842)
Bolt configuration options, excluding transport config, can now be loaded from
bolt-project.yaml
. If bothbolt-project.yaml
andbolt.yaml
are present in the project andbolt-project.yaml
has bolt config keys (e.g.format
),bolt.yaml
will be ignored. -
Specify preferred algorithms for SSH transport connections (#1862)
Users can now specify a list of preferred algorithms to use when establishing connections with targets using the SSH transport with the
encryption-algorithms
,host-key-algorithms
,kex-algorithms
, andmac-algorithms
config options. Each option accepts an array of algorithms and overrides the default list of preferred algorithms. You can read more about these options in the Bolt configuration reference. -
Add resource plan function to find a
ResourceInstance
on a target (#1874)This adds a
resource
plan function that can be used to find aResourceInstance
on a Target object by type and title.
-
Improve low ulimit warning (#1870)
Users running Bolt with a low ulimit should only be warned if the number of targets they're running against may cause file limit issues.
-
Raise correct error when passing unknown plan parameters (#1886)
Bolt was raising an obscure error when a plan received an unknown parameter. It now raises the correct error indicating that the parameter is unknown.
-
Return correct exit code when running commands in powershell (#1846)
Bolt will now display the correct exit code when running commands in powershell that exit with code > 1.
-
Empty apply blocks now error correctly (#1880)
This raises an appropriate error when an apply block is empty, instead of an undefined method error.
-
Use task parameter default when specified parameter is
Undef
(#1847)Task parameters that are specified with a value of
Undef
will now use the default parameter value if one is defined in the task's metadata. -
Accept
resource_type
key in resource data hash forset_resources
plan function (#1872)The
set_resources
function now accepts resource data hashes that have aresource_type
key instead of atype
key. This allows users to set resources directly from reports from an apply block, which set a resource's type under theresource_type
key. -
Added
[]
function to theResourceInstance
data type (#1873)The
[]
function can be used to directly access thestate
hash for aResourceInstance
object and return the specified attribute.
-
Project-level content can now be used in apply blocks (#1836)
Project-level classes and defines can now be used in
apply
blocks andbolt apply
. -
Correct
ResourceInstance.add_event
return type (#1869)Previously, the
add_event
function had a typo that prevented it from successfully returning. It now correctly expects anArray[Hash[String[1], Data]]]
.
-
Support
--hiera-config
option when usingbolt apply
(#1839)The
--hiera-config
option can now be used with thebolt apply
command to specify the path to a Hiera configuration file. -
Warn when applying manifests that only contain definitions (#1785)
Applying a manifest that only contains definitions with the
bolt apply
command will now display a warning that no changes will be applied to the targets. -
Analytics configuration loaded from user-level config directory (#1843)
Analytics configuration is now written to and loaded from
~/.puppetlabs/etc/bolt/analytics.yaml
by default. Bolt will fall back to loading analytics config from~/.puppetlabs/bolt/analytics.yaml
when the file does not exist in the user-level config directory. -
Use
Sensitive
plan parameters withbolt plan run
(#1790)Plans now support parameters with the
Sensitive
wrapper type when run with thebolt plan run
command. Parameters marked asSensitive
will be automatically wrapped with theSensitive
wrapper type upon plan startup.
-
Fall back to system-wide config path if homedir expansion fails (#1829)
Bolt now falls back to
/etc/puppetlabs/bolt
as the default project directory if expanding the homedir fails.
-
Do not attempt to use
Etc::SC_OPEN_MAX
when it is not defined (1858)When the
SC_OPEN_MAX
constant is not defined (for example when running under JRuby) do not attempt to use it to determine default concurrency.
-
Lower default concurrency when ulimit is low (#1789)
Concurrency defaults to 1/3 the ulimit if ulimit is below 300, and warns if lowered concurrency is used.
-
Type aliases are available in apply blocks (#1828)
Users can now use type aliases defined on their modulepath inside apply blocks.
-
Add Puppet data types to plugin tarball (BOLT-1549)
Puppet types are now added to the plugin tarball when running an apply block.
Contributed by Bert Hajee
-
Add
PuppetObject
interface to Bolt data types (#1836)Bolt data types would sometimes not be deserialized correctly when using
apply
blocks in plans. All Bolt data types now implement thePuppetObject
interface so they can be deserialized correctly.
-
Use plugins to set PuppetDB config (#1771)
Plugin references can now be used to set configuration options for the PuppetDB client used by Bolt, in the
puppetdb
section of the config. -
Packages for Ubuntu 20.04 now available (#1782)
Bolt packages are now available for Ubuntu 20.04.
-
Added
ResourceInstance
data type (#1781)The new
ResourceInstance
data type is available for use in plans and can be used to store the observed state, desired state, and events for a target's resource. -
Added
set_resources
plan function (#1781)The
set_resources
plan function can be used to setResourceInstance
s on aTarget
. -
Added
resources
function toTarget
data type (#1781)Target
objects have a newresources
function that can be used to return a map ofResourceInstance
s for the target. -
Specify a local project directory with a
bolt-project.yaml
file (#1816)Directories containing a
bolt-project.yaml
file are now considered a local project directory. -
Allow users to shell out to SSH (#1780)
Users can now specify an SSH command, which Bolt will shell out to when using the SSH transport. This allows users to run SSH as if it were run locally without worrying about Ruby library feature support.
-
Expand filepaths passed on the CLI relative to the current working directory (#1791)
Config options
hiera-config
andprivate-key
are now expanded relative to the directory Bolt was run from when specified on the CLI, inline with other CLI options.
-
Project configuration file changed to
bolt-project.yaml
(#1816)The project configuration file name
project.yaml
has been deprecated in favor of a more-specificbolt-project.yaml
. Bolt will no longer load project configuration from aproject.yaml
file.
-
Warn when Bolt is installed as a gem (#1779)
Bolt now issues a warning when it detects that it may have been installed as a gem. This warning can be disabled by setting the
BOLT_GEM
environment tofalse
.To install Bolt reliably and with all of its dependencies, it should be installed as a package.
-
Added JSON schemas for validating Bolt configuration files (#1795)
JSON schemas are now available for validating
bolt.yaml
,inventory.yaml
, andproject.yaml
files.
-
Task output that contains invalid UTF-8 is now rejected (#1759)
Tasks are defined as returning UTF-8, but Bolt didn't handle the non-UTF-8 case explicitly, leading to messy error messages and stack traces. The error should now be clear and meaningful.
-
Non-UTF-8 characters in command and script output are removed before printing (#1759)
Commands and scripts are allowed to return UTF-8, but Bolt would error when trying to print those results or return them as JSON. Now, accessing fields of the result from a Puppet plan will return the values unmodified, but invalid characters will be replaced by their hex-escaped equivalents when printing the result or converting it to JSON.
-
Improved support for non-UTF-8 character encodings (#1759)
Commands run from a target where the default character encoding is non-UTF-8 will now return proper results when using the WinRM transport.
-
Fix
bolt plan show <plan>
for project-level plans (#1799)This command was throwing errors due to a type mismatch that is now resolved.
-
Make an
ApplyResult
a validPlanResult
(#1807)Plans may now return
ApplyResult
s outside of aResultSet
.
-
Support project-level Puppet content (#1267)
Users can now load Puppet content from the root of the Bolt project directory, such as
<boltdir>/tasks
. Users must opt-in to this experimental feature by creating aproject.yaml
in their project directory. This feature is experimental. -
Project authors can whitelist
bolt * show
output (#1756)Project authors can now whitelist individual
bolt [plan|task] show
content inproject.yaml
using thetasks
andplans
settings. -
Added
run_task_with
plan function (#1673)The new plan function
run_task_with
lets you run tasks on a set of targets with target-specific parameters. It accepts a lambda that returns aHash
of parameters for a particular target. -
pkcs7
plugin converted to module-based plugin (#1736)The
pkcs7
plugin has been converted to a module-based plugin and includes thepkcs7::secret_encrypt
,pkcs7::secret_decrypt
, andpkcs7::secret_createkeys
tasks. -
Require
--force
option to overwrite existing keys (#1738)The
bolt secret createkeys
command now accepts an optional--force
option to force secret plugins to overwrite existing keys. The defaultpkcs7
secret plugin will now error when attempting to overwrite existing keys without the--force
option set. -
Support default task parameters in plugins (#1754)
Bolt now merges default task parameters for a plugin with parameters set in a
bolt.yaml
andinventory.yaml
file. -
Add
--hiera-config
option forbolt plan run
command (#1403)The
bolt plan run
command now supports a--hiera-config
option that accepts an absolute or relative path to a Hiera config file. -
Support
lookup
plan function outside of apply blocks (#1403)Plans can now use the
lookup
plan function outside of apply blocks to look up data with Hiera. Thelookup
function will use the Hiera config file specified in the Bolt config. Interpolations are not available outside of apply blocks and will cause a plan to error.
-
Target objects of the same name are now identical (#1773)
Target objects will now be considered identical in all cases if they have the same name. This allows uniq to operate on arrays of Targets as well as Targets to be used as Hash keys.
-
Fixed 'broken pipe' errors with SSH and local transports (#1769)
The SSH and local transports could experience broken pipes when using run-as while running a task that accepted input on stdin but didn't read it.
-
Set
gcloud_inventory::resolve_reference
task to private (#1783)The
gcloud_inventory::resolve_reference
task has been set to private and will no longer appear when usingbolt task show
.
-
private-key
andpublic-key
options forpkcs7
plugin have been deprecated (#1736)The
pkcs7
plugin now acceptsprivate_key
andpublic_key
options. Support for theprivate-key
andpublic-key
options will be removed in a future release of Bolt.
-
Mock out sub-plans in BoltSpec testing (#1630)
New stubs
allow_plan
andexpect_plan
are available in BoltSpec::Plans for mocking outrun_plan
functions during Bolt spec testing. New flagsexecute_any_plan
(default) andexecute_no_plan
are avilable to control the behavior of sub-plan executions. The new stubsallow_plan
andexpect_plan
work with all of the existing action modifiers except forwith_targets
andreturn_for_targets
.Contributed by Nick Maludy
-
Experimental support for interacting with Windows hosts via PowerShell over SSH (#813)
The
login-shell: powershell
config setting can be set on a target to connect over SSH while running commands and tasks via PowerShell instead of Bash. This feature requires OpenSSH >= 7.9 on the target. -
Print group membership for targets when running
bolt inventory show --detail
(#1701)The
bolt inventory show --detail
command now lists a target's group membership.Contributed by Nick Maludy
-
--no-cleanup
option to leave behind temporary files (#1729)The
--no-cleanup
flag orcleanup: false
transport option can now be set to instruct Bolt not to clean up on a target after it's finished. This is useful for debugging what Bolt is doing on a system. -
Add
prompt
plan function (#1755)The new
prompt
plan function lets you pause plan execution and prompt the user for input. -
OpenSSH config option StrictHostKeyChecking now honored (#1758)
Setting
StrictHostKeyChecking
in your ssh config will now be loaded and merged with config along with other OpenSSH settings -
Support for ed25519 SSH keys (#1758)
Key exchange algorithm curve25519sha256 is now supported
-
New
optional
anddefault
keys for theenv_var
plugin (#1768)The
env_var
plugin accepts two new optional keys. Thedefault
key allows you to set a default value that the plugin should return when the environment variable is not set, while theoption
key allows the plugin to returnnil
when the environment variable is not set instead of erroring.
-
Target facts with the same name as a plan or Target variable should not raise an error (#1725)
Previously, defining a fact with the same name as another variable would cause a redefinition error in the apply block, where now referencing the variable will refer to the fact value.
-
Google Cloud inventory plugin (#1707)
Bolt now includes a
gcloud_inventory
plugin to generate inventory from Google Cloud compute engine instances. -
Commands run over local transport on Windows use powershell (#1708)
Previously, the local transport on Windows would exec commands directly, meaning powershell constructs couldn't be used. These commands are now always executed through powershell, so powershell commands and script snippets can be run.
-
Commands and tasks on Windows now consistently return \r\n (#1708)
The local transport on Windows was returning \n while WinRM returned \r\n. They are now consistent and always use \r\n.
-
YAML plan step parameter
target
deprecated in favor oftargets
(#1722)The
target
parameter for YAML plan steps has been deprecated in favor oftargets
and will be removed in a future release of Bolt.
-
Add Boltspec helper to load Bolt constructs (#1688)
A new helper function
in_bolt_context
can be used to wrap code that references Bolt constructs, such as the Boltlib::TargetSpec datatype. -
Added
transport
andtransport_config
functions toTarget
data type (#1686)The
Target
data type now supports atransport
function, which returns the transport used to connect to the target, and atransport_config
function, which returns a hash of merged configuration for the target's transport.
-
Bolt::Util.deep_clone
can now clone frozen objects (#1696)The
Bolt::Util.deep_clone
method can now clone frozen objects, preserving the 'frozen' attribute -
Fix bug in Bolt::Result where nil actions threw an exception (#1714, #1724)
Returning from a plan with results of
run_task()
on a remote transport that returnednil
, threw an exception. Returning from a plan with results ofwait_until_available()
, threw an exception.Contributed by Nick Maludy
-
Fix a bug passing arguments to local shell transport (#1713)
Local shell transport could miss some bytes when writing non-ASCII characters to stdin.
-
Don't fail when the
run-as
user's home directory doesn't exist (#1702)When running commands with
run-as
set, Bolt will try tocd
to the new user's home directory before running the command. If that fails because the directory doesn't exist, it will now run the command from wherever it currently is rather than aborting. -
Don't rely on sudo to preserve environment variables (#1702)
Bolt previously set environment variables when invoking
sudo
and relied on it to preserve them when running the task executable. That behavior isn't reliable for all configurations, so now environment variables are set directly when running the underlying executable.
-
Populate all target attributes in the
puppetdb
plugin'starget_mapping
(#1689)Previously, the
target_mapping
field only supported populating a target'suri
,name
andconfig
values. All of a target's attributes can now be specified in thetarget_mapping
field, includingfacts
,vars
,features
, andalias
.Contributed by Nick Maludy
-
Validate that a specified Hiera config file exists (#1692)
Bolt was not properly validating that a Hiera config file specified with the
hiera-config
option in abolt.yaml
existed.
-
Enable basic-auth-only option for WinRM when using SSL (#1658)
Users can now use WinRM Basic authentication when SSL is configured.
-
Add debugging statements to task errors (#1647)
The
ruby_task_helper
andpython_task_helper
modules include newdebug
anddebug_statements
helper methods for adding debugging statements to task errors. -
Initialize a Bolt project with modules and their dependencies (#1574)
The
bolt project init
command has a new--modules
option that accepts a comma-separated list of modules to install when initializing a project. Modules and their dependencies are fully resolved, saved to aPuppetfile
in the project directory, and then automatically installed withbolt puppetfile install
.
-
Handle cases where loading hardcoded homedir paths fail (#1671)
Bolt's user level config and analytics config paths are hardcoded and include
~
, which errors out when getlogin fails to return a user. We now skip loading user level config if loading the file fails, and disable analytics if loading the analytics config fails.
-
Support plugins in
bolt.yaml
transport configuration (#1591)Plugins can now be used to configure transports in a
bolt.yaml
file. Bolt will also provide more helpful error messages when a plugin is used in an unsupported location.
-
New
write_file
plan function (#1597)The new plan function,
write_file
, allows you to write content to a file on the given targets. -
Add
--puppetfile
option forpuppetfile install
command (#1612)The
puppetfile install
command now supports a--puppetfile
option that accepts a relative or absolute path to a Puppetfile. -
Update reboot plan parameter
nodes
totargets
(puppetlabs-reboot#223)Users who explicitly set the
nodes
parameter will need to update the parameter name totargets
. Calling thereboot
plan with-t
orrun_plan('reboot', $mytargets)
behaves the same as before and does not require an update. -
Package Bolt for MacOS 10.15 (#1445)
Bolt packages are now available for MacOS 10.15.
-
Fixed performance regression with large inventory files (#1627)
Large inventory groups were taking a long time to validate and should now be faster.
-
Modifications to an inventory when using
run_plan
are validated correctly (#1627)When using
run_plan(..., _catch_errors => true)
and making invalid modifications to the inventory, errors would be caught but the modifications would still be made to the inventory. Modifications to the inventory are now validated prior to applying them to the inventory.
- WARNING: Starting with this release, new Bolt packages are not available for macOS 10.11, 10.12, 10.13, and Fedora 28, 29.
-
Fixed a performance regression with large inventory files (#1625)
Large inventory groups were taking a long time to load and should now be faster.
-
project migrate
command correctly migrates version 1 inventory files (#1623)The
project migrate
command now correctly replaces allnodes
keys in an inventory file withtargets
. Previously, only the first group in an array of groups was having itsnodes
key replaced.
- WARNING: Support for macOS 10.11, 10.12, 10.13, and Fedora 28, 29 will be dropped in the near future.
-
Better output for errors in plans (#1607)
Plans that fail due to an unhandled error now print output the same as if the error were caught and then returned. Failures during compilation of
apply()
blocks now provide clean error messages. -
Filter tasks and plans by substring (#1596)
Users can now filter available tasks and plans when using
bolt task show
andbolt plan show
by using the--filter
CLI option. This option accepts a substring to match task and plan names against.
-
Bundled
resolve_reference
tasks set to private (#1599)resolve_reference
tasks in bundled content have been set to private and will no longer appear when usingbolt task show
.
Bolt 2.0 contains backward-incompatible changes to the CLI, plan language, and configuration files.
-
JSON output now has
target_count
instead ofnode_count
-
JSON result objects now have
target
andvalue
keys instead ofnode
andresult
-
The
prompt
plugin now prompts on stderr instead of stdout
-
--nodes
is removed in favor of--targets
-
--password
and--sudo-password
now require an argumentThese used to optionally take an argument and would prompt otherwise. Now they require an argument and the new options
--password-prompt
and--sudo-password-prompt
can be used to trigger a prompt.
-
add_facts()
now returns the Target passed to itPreviously, this function returned the Target's set of facts.
-
Target.new
no longer accepts anoptions
keyBoth
Target.new("options" => ...)
andTarget.new($uri, "options" => ...)
are now disallowed.Target.new
now accepts either a string argument which is the URI or a hash argument shaped like a target in the inventory file. -
Puppet datatypes are available in
apply()
blocksThese types include
Target
,Result
,ResultSet
andError
. They previously showed up inapply()
blocks as strings or hashes. -
get_target()
andget_targets()
are no longer allowed inapply()
blocksTo access targets in an
apply()
block, callget_target()
orget_targets()
outside the block and assign the result to a variable. -
run_plan(plan::name, $targets)
will fail if the plan has both a$nodes
and$targets
parameterIf a plan has parameters called both
$nodes
and$targets
, they must be set explicitly using named arguments.
-
sudo-password
now defaults to the value ofpassword
if unspecified -
PuppetDB cert, key, cacert and token file paths are expanded relative to the Boltdir instead of the current working directory
-
Inventory v1 has been removed (#1567)
Inventory v1 is no longer supported by Bolt and has been removed. The inventory now defaults to v2.
-
The
future
flag is no longer honored (#1590)All "future" behavior is now the only behavior.
-
Support for
config
key in a plugin'sbolt_plugin.json
has been removed (#1598)Plugins can no longer set config in their
bolt_plugin.json
. Config is instead inferred from task parameters, with config values passed as parameters to the task.
-
Support for Ruby 2.3 and 2.4 has been dropped
Ruby 2.5 is now the minimum Ruby version.. This only affects gem installs, as OS packages of Bolt contain their own Ruby.
-
bolt-inventory-pdb
command has been removedUse the
puppetdb
plugin in an inventory file to replicate this functionality in a more dynamic way.
-
Add Kerberos support for SSH transport
Users can now authenticate with Kerberos when using the SSH transport.
-
Remove apply result hash from human output (#1585)
Apply result hashes will no longer be displayed when using human output. Instead, a metrics message will be shown.
-
Warning when task metadata has unknown keys (#1542)
Unexpected keys in task metadata may signal either a typo or a task that depends on features that aren't in this version of Bolt, so Bolt will now print a warning if it sees such keys.
-
apply_prep
plan function ensures Puppet agent version (#1208)The
apply_prep
plan function now attempts to install the specified version of the Puppet agent on a target even when a version of the agent is already installed. If the specified version of the agent cannot be installed, thenapply_prep
will error. -
Add show_diff configuration option (#1433)
Users can now configure the
show_diff
Puppet setting in their Bolt configuration file, which will be respected when applying Puppet code via Bolt. -
Add
env_var
plugin (#1564)Bolt now includes a plugin to look up data from an environment variable.
-
Support
_description
parameter forapply
blocks (#1537)apply
blocks in plans now support a_description
parameter that gives the block a description that is displayed in plan output. -
Support for system-wide and user-level configuration files (#608)
Bolt now supports system-wide and user configuration files, in addition to the existing project configuration file. File precedence and merge strategy can be found in the Bolt configuration docs.
-
Require a message when using the prompt plugin (#1568)
The
prompt
plugin now correctly requires amessage
option.
-
The install_agent plugin has been officially removed. The
install_agent
plugin was deprecated in version 1.35 in favor of thepuppet_agent
plugin, and is now removed. The plugins have the exact same behavior. -
Support for plan method
Target.new(<uri>, <options>)
will be dropped in Bolt 2.0. UseTarget.new(<config>)
, whereconfig
is a hash with the same structure used to define targets in the inventory V2 file. See the docs for more information and examples. -
Support for
options
key in the hash parameter forTarget.new()
plan function will be dropped in Bolt 2.0. UseTarget.new(<config>)
, whereconfig
is a hash with the same structure used to define targets in the inventory V2 file. See the docs for more information and examples.
-
Remove empty strings and objects from results in human output (#1544)
Human formatted results no longer show empty strings or JSON objects. When a result only has an
_options
key, and the value is an empty string or whitespace, a message will be displayed saying the action completed successfully with no result.
-
SSH commands will run from the home directory of the run-as user, not the connected user (#1518)
Connecting via SSH and then switching users will now run as though it had connected as the new user in the first place, using that user's home directory as the working directory.
-
Support for the
bolt-inventory-pdb
command will be dropped in Bolt 2.0. Users can use the puppetdb inventory plugin with a v2 inventory file to lookup targets from PuppetDB. -
Support for the v1 inventory files will be dropped in Bolt 2.0. Inventory files can be migrated automatically using the
bolt project migrate
command.
-
Packages for Fedora 31 (#1373)
Bolt packages are now available for Fedora 31.
-
Node definitions are supported when applying manifest code (#1338)
Node definitions can now be used with
bolt apply
(but not yet withapply()
blocks in plans). This makes it easier to reuse existing Puppet codebases with Bolt. -
Support trusted external facts (#1431)
A new Bolt configuration option
trusted-external-command
configures the path to the executable on the Bolt controller to run to retrieve trusted external facts. If configured, trusted external facts are available when running Bolt. This feature is experimental in both Puppet and Bolt, and this API may change or be removed.
-
New
file::join
plan function (#837)The new plan function,
file::join
, allows you to join file paths using the separator/
.
-
The ssh configuration option
key-data
was not compatible with thefuture
flag (#1504)Bolt no longer attempts to expand a
private-key
configurationHash
whenkey-data
is being used in conjunction with thefuture
setting.
-
Plan language objects available inside apply blocks (#1244)
Previously, plan language objects (Result, ApplyResult, ResultSet, and Target) were not available inside apply blocks as objects, only as flat data. They're now accessible as read-only objects, where functions that modify the object (such as
$target.set_var
) are not available but functions that read data (such as$target.vars
) can be used. -
run_plan
plan function will specify a plan's$targets
parameter using the second positional argument (#1446)When running a plan with a
$targets
parameter with therun_plan
plan function, the second positional argument can be used to specify the$targets
parameter. If a plan has a$nodes
parameter, the second positional argument will only specify the$nodes
parameter. -
Add
script-dir
option for specifying predictable subpath to the tmpdirWhen uploading files to remote targets, Bolt uploads them to a tmpdir which includes a randomized directory name. The
script-dir
option sets a predictable subdirectory fortmpdir
where files will be uploaded. -
Bundled content updated to use
$targets
parameter (#1376)Plans that are part of the
canary
,puppetdb_fact
, andaggregate
modules have been updated to use a$targets
parameter instead of$nodes
. Theaggregate::nodes
plan still uses a$nodes
parameter, but the module now includes aaggregate::targets
plan that uses a$targets
parameter. -
Add
sudo-executable
transport configuration option (#1200)When using
run-as
, thesudo-executable
transport configuration option can be used to specify an executable to use to run as another user. This option can be set in alocal
orssh
config map or with the--sudo-executable
flag on the CLI. This feature is experimental.
-
CLI help text updated to be more consistent with other Puppet tools (#1441)
Bolt's help text has been reformatted to be more consistent with the formatting in other Puppet tools.
-
Packages for Debian 10 (#1444)
Bolt packages are now available for Debian 10.
-
SSH transport sets
sudo-password
to the same value aspassword
by default (#1425)If
sudo-password
is not set when usingrun-as
, Bolt will set the value ofsudo-password
to match the value ofpassword
. This behavior is gated on the future config option, and will be available by default in Bolt 2.0.
-
Default PuppetDB config lookup used hardcoded path in Windows (#1427)
Bolt will now lookup the default PuppetDB config at
%COMMON_APPDATA%\PuppetLabs\client-tools\puppetdb.conf
instead of the hardcoded pathC:\ProgramData\PuppetLabs\client-tools\puppetdb.conf
. -
Bolt could not find plans in subdirectories of
plans
directory (#1473)Bolt now searches for subdir paths, under the
plans
directory, for plan names when determining if the plan is a Puppet or YAML plan.
-
Added
target_mapping
field interraform
andaws_inventory
inventory plugins (#1404)The
terraform
andaws_inventory
inventory plugins have a newtarget_mapping
field which accepts a hash of target configuration options and the lookup values to populate them with. -
Ruby helper library for inventory plugins (#1404)
A new library has been added to help write inventory plugins in Ruby:
Use this library to map lookup values to a target's configuration options in a
resolve_references
task.
-
bolt plan show
displays plan and parameter descriptions (#1442)bolt plan show
now uses Puppet Strings to parse plan documentation and show plan and parameter descriptions as well as parameter defaults. -
New
remove_from_group
plan function (#1418)The new plan function,
remove_from_group
, allows you to remove a target from an inventory group during plan execution. -
Added
target_mapping
field inpuppetdb
inventory plugin (#1408)The
puppetdb
inventory plugin has a newtarget_mapping
field which accepts a hash of target configuration options and the facts to populate them with.
-
Task metadata can now specify parameter defaults (#1394)
Parameter defaults can be set in the task metadata file and will be used if no value is supplied for the parameter.
-
bolt inventory show --detail
did not display all target aliases (#1379)Bolt now displays aliases from all groups, where a target is a member, in the output for
bolt inventory show --detail
. Previously, only the rightmost alias appeared in the output. -
Plugins did not ignore command line flags (#1382)
When running plugins locally to populate config or inventory information, command line flags such as
--run-as
will no longer be applied to the local transport. -
Optional plan parameters referenced in
apply
blocks issued warning (#1288)Previously, plan parameters that were explicitly set to
undef
(optional parameters) and were referenced in anapply
block resulted in a warning message when applying Puppet code. The warning is no longer issued when optional parameters are referenced.
-
Addition of a YAML plugin (#1358)
Bolt now includes a plugin to look up data from a YAML file which allows multiple YAML files to be composed into a single Bolt inventory file. This is useful to breakup a large monolithic inventory file or to load user specific data, like credentials, from outside the project directory.
-
Pass value of
--targets
or--nodes
toTargetSpec $target
plan parameter (#1175)Bolt now passes the value of
--targets
or--nodes
to plans with aTargetSpec $targets
parameter. -
Support
_run_as
parameter for puppet_library hook (#1191)Bolt now accepts the
_run_as
metaparameter for puppet_library hooks._run_as
specifies which user the library install task will be executed as. -
Added
--password-prompt
and--sudo-password-prompt
to CLI flags (#1269)Two new flags have been added to support users who would like to set a
password
orsudo-password
from a prompt without using a plugin. A deprecation message will appear when a value is not supplied for--password
or--sudo-password
. -
Subcommand
project migrate
new to the CLI (#1377)The CLI now provides the subcommand
project migrate
which migrates Bolt projects to the latest version. When migrating a project the inventory file will be changed fromv1
tov2
. Changes are made in place and will not preserve comments or formatting. -
Plugin support in
bolt.yml
(#1381)Plugin configuration can now be set by looking up data from other plugins. For example, the password for one plugin can be queried from another plugin.
-
Bolt issued an error for unset environment variables with
system::env
(#1414)The
system::env
function no longer errors when the environment variable is unset. -
Results from
file::exists
andfile::readable
errored (#1415)The
file::exists
andfile::readable
functions no longer error when the file path is specified relative to a module and the file doesn't exist.
-
New
resolve_references
plan function (#1365)The new plan function,
resolve_references
, accepts a hash of structured data and returns a hash of structured data with all plugin references resolved.
-
Allow optional
--password
and--sudo-password
parameters (#1269)Optional parameters for
--password
and--sudo-password
were prematurely removed. The previous behavior of prompting for a password when an argument is not specified for--password
or--sudo-password
has been added back. Arguments will be required in a future version.
-
Change arguments for
--password
and--sudo-password
from optional to required (#1269)The
--password
and--sudo-password
options now require a password as an argument. Previously, if the password was omitted the user would be prompted to enter one. To continue to be prompted for a password, use theprompt
plugin. -
Favor
--targets
over--nodes
(#1375)The
--nodes
command line option has been deprecated in favor of--targets
. When using--nodes
, a deprecation warning will be displayed.
-
Add
--detail
option forinventory show
command (#1200)The
inventory show
command now supports a--detail
option to show resolved configuration for specified targets. -
prompt
messages print tostderr
(#1269)The
prompt
plugin now prints messages tostderr
instead ofstdout
. -
Subcommand
project init
new to the CLI (#1285)The CLI now provides the subcommand
project init
which creates a new filebolt.yaml
in the current working directory, making the directory a Bolt project directory. -
Bolt issues a warning when inventory overrides a CLI option (#1341)
Bolt issues a warning when an option is set both on the CLI and in the inventory, whether the inventory loads from a file or from the
bolt_inventory
environment variable.
-
Some configured paths were relative to Boltdir and some were relative to the current working directory (#1162)
This fix standardizes all configured paths, including the modulepath, to be relative to the Boltdir. It only applies to file-based configs, not command line flags which expand relative to the current working directory. It is gated on the future config option, and will be available by default in Bolt 2.0.
-
Replace
install_agent
plugin withpuppet_agent
module (#1294)The
puppetlabs-puppet_agent
module now provides the same functionality as theinstall_agent
plugin did previously. Theinstall_agent
plugin has been removed and thepuppet_agent
module is now the default plugin for thepuppet_library
hook. If you do not use the bundledpuppet_agent
module you will need to update to version2.2.1
of the module. If you reference theinstall_agent
plugin you will need to now referencepuppet_agent
instead.
-
Support
limit
option fordo_until
function (#1270)The
do_until
function now supports alimit
option that prevents it from iterating infinitely. -
Improve parameter passing for module plugins (#1322)
In the absence of a
config
section inbolt_plugin.json
, Bolt will validate any configuration options inbolt.yaml
against the schema for each task of the plugin’s hook. Bolt passes the values to the task at runtime and merges them with options set ininventory.yaml
.
-
Harmonize JSON and Puppet language
Result
Objects (#1245)Previously the JSON representation of a
Result
object showed different keys than were available when working with the object in a plan. This feature makes the same keys available in both the JSON representation and the Puppet object. It is only available when thefuture
flag is set totrue
in the bolt configuration file. -
The
add_facts
plan function returns aTarget
object (#1211)The
add_facts
function now returns aTarget
object to match theset_*
plan functions for consistency and to allow chaining. This feature is only available when thefuture
flag is set totrue
in the bolt configuration file.
-
Failed to log transport type when making a connection (#1307)
When making a connection to a target node, Bolt now logs the transport type (for example, WinRM or SSH) at debug level.
-
Error when calling
puppet_library
hook of external plugin (#1321)Bolt no longer errors when calling the
puppet_library
hook of a module-based plugin. -
apply_prep
failed whenplugin_hooks
key was not set using inventory version 2 (#1303)When the
plugin_hooks
key was not set for a target/group in inventory version 2, theapply_prep
function would not work. Bolt now uses the defaultplugin_hooks
and honorsplugin_hooks
from Bolt config when using inventory version 2. -
Unhelpful error message when parsing malformed
yaml
files (#1296)When parsing a malformed
yaml
file, Bolt now gives an error message containing the path to the file and the line and column in the file where the error originated. -
run_task
function didn't respect_noop
option (#1207)When calling the
run_task
function from a plan with the_noop
metaparameter,_noop
is now passed to the task.
-
Bolt failed to load
azure_inventory
plugin (#1301)Bolt now looks in the default modulepath when loading plugins, so it can successfully load the Azure inventory plugin.
-
When referring to
Target
s in log or output, use theirsafe_name
(#1243)When using inventory version 2, a
Target
'ssafe_name
is theuri
minus the password (unless theTarget
has an explicitly definedname
, in which casesafe_name
is the value ofname
). For inventory version 1,safe_name
is the value ofhost
. -
The
ResultSet
type is now indexable (#1178)When working with
ResultSet
types in plans, use the bracket[]
operator to getResults
by index. -
Log file transfer details at debug level (#1256)
When Bolt transfers a file, it logs hostname and filepath details at the debug level. Previously Bolt did not log this information.
-
The plan function
apply
incorrectly returned successful if the report was unparseable (#1241)Unexpected results for the result of an
apply
are now treated as errors. -
interpreters
with spaces fail with the WinRM transport (#1158)The
interpreters
setting on the WinRM transport now supports spaces in the path to an interpreter. -
Resource Types were not registered while running plans (#1140)
Running
puppetfile generate-types
will now generate all built-in types and types on the modulepath, and make those resource types available for plan execution.
-
Azure inventory plugin (#1148)
A new module based plugin allows the discovery of Bolt targets from Azure VMs.
-
Clear API for
Target
(#1125)An updated
Target
API for creating and configuring BoltTargets
during plan execution with inventory version 2 is now available. -
New stub for
out::message
available forBoltSpec::Plans
(#1217)Users can now use
BoltSpec::Plans
to test plans that contain calls toout::message
. -
New sub command
bolt group show
(#537)The CLI now provides a new command
bolt group show
that will list all of the groups in the inventory file.
-
Spurious plan failures and warnings on startup
Eliminated a race condition with the analytics client that could cause Bolt operations to fail or extraneous warnings to appear during startup.
-
WARNING: Changes to
aws::ec2
,pkcs7
, andtask
plugins.To improve consistency of plugin behavior, there are three changes to plugins. The
aws::ec2
plugin is now namedaws_inventory
. Thepkcs7
plugin now expects a field calledencrypted_value
rather thanencrypted-value
. The task plugin now expects tasks to return both Target lists and config data under thevalue
key instead of thetargets
orvalues
keys.
-
Tried to read
cacert
file when using WinRM without SSL (#1164)When using the WinRM transport without SSL, Bolt no longer tries to read the
cacert
file. This avoids confusing errors whencacert
is not readable. -
Some configuration options would not support file path expansion (#1174)
The
token-file
andcacert
file paths for the PCP transport, and thecacert
file path for the WinRM transport all now support file expansion.
-
Plugins can ship with modules (1.31.0)
Modules can now include Bolt plugins by adding a
bolt_plugin.json
file at the top level. Users can configure these task-based plugins inbolt.yaml
. (#1133)
- WARNING: Starting with this release the puppetlabs apt repo for trusty (Ubuntu 1404) no longer contains new puppet-bolt packages.
-
apply
blocks would ignore the_run_as
argument passed to their containing plan (#1167)Apply blocks in sub-plans now honor the parent plan's
_run_as
argument. -
Task parameters with
type
in the name were filtered out in PowerShell version 2.x or earlier (#1205)PowerShell tasks executed on targets with PowerShell version 2.x or earlier can now use task parameters with the string
type
in the name (though a parameter simply namedtype
is still incompatible). PowerShell version 3.x or higher does not have this limitation.
- WARNING: Ubuntu 14.04 support will be dropped in the near future. Users can install Bolt from the Ubuntu 16.04 package.
-
Allow users to configure
apply_prep
plan function (#1123)Users can now configure how the Puppet agent gets installed when a plan calls the
apply_prep
function. Users can configure two plugins:install_agent
, which maintains previousapply_prep
behavior and is the defaulttask
, which allows users to either use thepuppet_agent::install
task with non-default parameters, or use their own task.
-
Add CHANGELOG.md (#1138)
Bolt now tracks release notes about new features, bug fixes, and deprecation warnings in a
CHANGELOG.md
file in the root of the repo. This file is updated per pull request. As the CHANGELOG file, I'd argue it's the best file in the whole repo.
-
task show
andplan show
modulepaths used incorrect file path separator (#1183)The modulepath displayed by
bolt task show
andbolt plan show
now uses an OS-correct file path separator. -
bolt-inventory-pdb was not installed on path (#1172)
During Bolt installation, the
bolt-inventory-pdb
tool is now installed on the user's path. -
Task helpers did not print errors (puppetlabs/puppetlabs-ruby_task_helper#5 and puppetlabs/puppetlabs-python_task_helper#)
The Ruby task helper and Python task helper now wrap error results in
{ _error: < error >}
and correctly display errors.
-
Tasks with input method
stdin
hung with the--tty
option (#1129)Tasks no longer hang over the SSH transport when the input method is
stdin
, the--tty
option is set, and the--run-as
option is unset. -
Docker transport was incompatible with the Windows Bolt controller (#1060)
When running on Windows, the Docker transport can now execute actions on Linux containers.
-
Remote state files for Terraform inventory plugin
The Terraform plugin for inventory configuration now supports both local and remote state files. (BOLT-1469)
-
Reorganized command reference documentation
The command reference documentation now shows a list of options available for each command, instead of having separate sections for commands and options. (BOLT-1422)
-
Using
--sudo-password
without--run-as
raised a warningCLI commands that contain
--sudo-password
but not--run-as
now run as expected without any warnings. (BOLT-1514)
-
YAML plans automatically call apply_prep before executing a resources step
Bolt automatically calls
apply_prep
on all target nodes before running any resources step in a YAML plan. (BOLT-1451) -
Bolt images are published to Docker Hub
We now publish Bolt container images to the Puppet Docker Hub when releasing new versions. (BOLT-1407)
-
AWS plugin has a new location for configuring information
You now configure the AWS plugin in the configuration file's
plugin
section instead of itsaws
section. (BOLT-1501) -
Use Vault KV secrets engine to populate inventory fields
You can now populate inventory configuration fields (such as passwords) by looking up secrets from a Vault KV engine. (BOLT-1424)
-
Users are alerted to analytics policies
When Bolt first runs, it warns users about collecting and sending analytics and gives instructions for turning analytics collection off. (BOLT-1487)
-
Improved documentation for converting plans from YAML to the Puppet language
Bolt documentation explains what structures within a YAML plan can't fully convert into a Puppet language plan. (BOLT-1286)
-
Bolt actions hung over SSH when
ProxyCommand
is set in OpenSSH configA new
disconnect-timeout
configuration option for the SSH transport ensures that SSH connections are terminated. (BOLT-1423)
-
Calling
get_targets
in manifest blocks with inventory version 2 caused an exceptionget_targets
now returns a newTarget
object within a manifest block with inventory version 2. When you pass the argumentall
with inventory v2,get_targets
always returns an empty array. (BOLT-1492) -
Bolt ignored script arguments that contain "="
Bolt now properly recognizes script arguments that contain "=". For example,
bolt script run myscript.sh foo a=b c=d -n mynode
recognizes and uses all three arguments. (BOLT-1412)
-
Use WinRM with Kerberos
You can now use Kerberos to authenticate WinRM connections from a Linux host node. This feature is experimental. (BOLT-126)
-
New analytics about Boltdir usage
Bolt now reports analytics about whether it is using a Boltdir in the default location, a Boltdir in a user-specified location, or a bare
bolt.yaml
without a Boltdir. (BOLT-1315) -
AWS inventory discovery integration
You can now dynamically load AWS EC2 instances as Bolt targets in the inventory. (BOLT-1328)
-
New analytics for inventory plugins
Bolt now sends an analytics event when it uses the built-in inventory plugins. (BOLT-1410)
-
Bolt debug output showed task and script arguments as Ruby hashes, not JSON
Bolt debug output now prints task and script arguments as JSON instead of Ruby hashes. (BOLT-1456)
-
out::message
didn't print whenformat=json
The
out::message
standard plan function now prints messages as expected even when it is configured to use JSON. (BOLT-1455)
-
Options for PCP transport now configurable in
bolt.yaml
The
job-poll-timeout
andjob-poll-interview
options for the PCP transport are now configurable inbolt.yaml
. (BOLT-1425) -
Task plugin improvements
The
task
plugin now enables you to run a task to discover targets or look up configuration information in the version 2 inventory file. (BOLT-1408) -
Ability to see nodes in an inventory group
You can now see what nodes a Bolt command acts on using the
bolt inventory show
subcommand. Pass a targeting option, such as-n node1,node2
,-n groupname
,-q query
,--rerun
, and other targeting options to specify which nodes to list. (BOLT-1398) -
Support for an apply step
YAML plans now support applying Puppet resources with a
resources
step. (BOLT-1222)
-
Modulepath now handles folder names in uppercase characters on Windows
Bolt now prints a warning stating that it is case sensitive when the specified path is not found but another path is found with different capitalization. For example, if the actual path is
C:\User\Administrator\modules
but the user specifiesC:\user\administrator\modules
, a warning states that the specified path was not used and that the correct path isC:\User\Administrator\modules
. (BOLT-1318)
-
out::message
didn't work insidewithout_default_logging
The
out::message
standard library plan function now works within awithout_default_logging
block. (BOLT-1406) -
Task action stub parameter method incorrectly merged options and arguments
When a task action stub expectation fails, the expected parameters are now properly displayed. (BOLT-1399)
-
lookups removed from target_lookups
We have deprecated the target-lookups key in the experimental inventory file v2. To address this change, migrate any target-lookups entries to targets and move the plugin key in each entry to _plugin.
-
Help text only lists options for a given command
Help text now only shows options for the specified subcommand and action. Previously, all options were displayed in the help text, even if those options did not apply to the specified subcommand and action. (BOLT-1342)
-
Packages for Fedora 30
Bolt packages are now available for Fedora 30. (BOLT-1302)
-
Adds support for embedding eyaml data in the inventory
This change adds a hiera-eyaml compatible pkcs7 plugin and support for embedding eyaml data in the inventory. (BOLT-1270)
-
Allow
$nodes
as positional arg forrun_plan
This change allows the
run_plan
function to be invoked with$nodes
as the second positional argument, so that it can be used the same wayrun_task
is used. (BOLT-1197)
-
catch_errors
functionThe new plan function,
catch_errors
, accepts a list of types of errors to catch and a block of code to run where, if it errors, the plan continues executing. (BOLT-1316) -
Forge
baseurl
setting inpuppetfile
configThe
puppetfile
config section now supports a Forge subsection that you can use to set an alternate Forge location from which to download modules. (BOLT-1376)
-
The
wait_until_available
function returned incorrect results using orchestratorWhen using the PCP transport, the plan function
wait_until_available
now returns error results only for targets that can't be reached. (BOLT-1382) -
PowerShell tasks on localhost didn't use correct default
PS_ARGS
PowerShell scripts and tasks run over the local transport on Windows hosts no longer load profiles and are run with the
Bypass
execution policy to maintain parity with the WinRM transport. (BOLT-1358)
-
Proxy configuration
You can now specify an HTTP proxy for
bolt puppetfile install
inbolt.yaml
, for example:puppetfile: proxy: https://proxy.example.com
-
Support for version 4 Terraform state files
Target-lookups using the Terraform plugin are now compatible with the version 4 Terraform state files generated by Terraform version 0.12.x. (BOLT-1341)
-
Prompt for sensitive data from inventory v2
A new
prompt
plugin in inventory v2 allows setting configuration values via a prompt. (BOLT-1269)
-
Set custom exec commands for Docker transport
New configuration options,
shell-command
andtty
, for the Docker transport allow setting custom Docker exec commands. -
Check existence and readability of files
New functions,
file::exists
andfile::readable
, test whether a given file exists and is readable, respectively. (BOLT-1338) -
Output a message
The new
out::message
function can be used to print a message to the user during a plan. (BOLT-1325) -
Return a filtered ResultSet with a ResultSet
A new
filter_set
function in theResultSet
data type filters aResultSet
with a lambda to return aResultSet
object. (BOLT-1337) -
Improved error handling for unreadable private keys
A more specific warning is now surfaced when an SSH private key can't be read from Bolt configuration. (BOLT-1297)
-
Look up PuppetDB facts in inventory v2
The PuppetDB plugin can now be used to look up configuration values from PuppetDB facts for the
name
,uri
, andconfig
inventory options for each target. (BOLT-1264)
-
Configuration location ~/.puppetlab/bolt.yaml
When the Boltdir was added as the local default configuration directory, the previous directory,
~/.puppetlab/bolt.yaml
, was deprecated in favor of~/.puppetlabs/bolt/bolt.yaml
. For more information on the current default directory for configfile, inventoryfile and modules, see Configuring Bolt. (BOLT-503)
-
Terraform plugin in inventory v2
A new plugin in inventory v2 loads Terraform state and map resource properties to target parameters. This plugin enables using a Terraform project to dynamically determine the targets to use when running Bolt. (BOLT-1265)
-
Type info available in plans
A new
to_data
method is available for plan result objects that provides a hash representation of the object. (BOLT-1223) -
Improved logging for apply
The Bolt
apply
command and theapply
function from plans now show log messages for changes and failures that happened while applying Puppet code. (BOLT-901)
-
Inventory was loaded for commands that didn't use it
Inventory was loaded even for commands that don't use targets, such as
bolt task show
. An error in the inventory could subsequently cause the command to fail. (BOLT-1268) -
YAML plan converter wrapped single-line evaluation steps
The
bolt plan convert
command wrapped single-line evaluation steps in awith
statement unnecessarily. (BOLT-1299)
-
Convert YAML plans to Puppet plans
You can now convert YAML plans to Puppet plans with the
bolt plan convert
command. (BOLT-1195) -
Improved error handling for missing commands
A clear error message is now shown when no object is specified on the command line, for example
bolt command run --nodes <NODE_NAME>
. (BOLT-1243)
-
Inventory file version 2
An updated version of the inventory file, version 2, is now available for experimentation and testing. In addition to several syntax changes, this version enables setting a human readable name for nodes and dynamically populating groups from PuppetDB queries. This version of the inventory file is still in development and might experience breaking changes in future releases. (BOLT-1232)
-
YAML plan validation
YAML plan validation now alerts on syntax errors before plan execution. (BOLT-1194)
-
File upload stalled with local transport using run-as
The
bolt file upload
command stalled when using local the local transport if the destination file existed. (BOLT-1262) -
Rerun file wasn't generated without an existing project directory
If no Bolt project directory existed, a
.rerun.json
file wasn't created, preventing you from rerunning failed commands. Bolt now creates a default project directory when one doesn't exist so it can generate.rerun.json
files as expected. (BOLT-1263)
-
Rerun failed commands
Bolt now stores information about the last failed run in a
.rerun.json
file in the Bolt project directory. You can use this record to target nodes for the next run using--retry failure
instead of--nodes
.For repositories that contain a Bolt project directory, add
$boltdir/.last_failure.json
to.gitignore
files.Stored information may include passwords, so if you save passwords in URIs, set
save-failures: false
in your Bolt config file to avoid writing passwords to the.rerun.json
file. (BOLT-843)
-
SELinux management didn't work on localhost
Bolt now ships with components similar to the Puppet agent to avoid discrepancies between using a puppet-agent to apply Puppet code locally versus using the Bolt puppet-agent. (BOLT-1244)
-
Packaged hiera-eyaml Gem
Bolt packages now include the hiera-eyaml Gem. (BOLT-1026)
-
Local transport options for
run-as
,run-as-command
, andsudo-password
The local transport now accepts the
run-as
,run-as-command,
andsudo-password
options on non-Windows nodes. These options escalate the system user (who ran Bolt) to the specified user, and behave like the same options using the SSH transport.\_run_as
can also be configured for individual plan function calls for the local transport. (BOLT-1052) -
Localhost target applies the puppet-agent feature
When the target hostname is
localhost
, the puppet-agent feature is automatically added to the target, because the Puppet agent installed with Bolt is present on the local system. This functionality is available on all transports, not just the local transport. (BOLT-1200) -
Tasks use the Bolt Ruby interpreter only for localhost
Bolt sets its own installed Ruby as the default interpreter for all
*.rb
scripts running on localhost. Previously, this default was used on all commands run over the local transport; it's now used when the hostname islocalhost
regardless of the transport. (BOLT-1205) -
Fact indicates whether Bolt is compiling a catalog
If Bolt is compiling a catalog,
$facts['bolt']
is set to true, allowing you to determine whether modules are being used from a Bolt catalog. (BOLT-1199)
-
Linux implementation of the service and package tasks returned incorrect results
The PowerShell and Bash implementations for the service and package tasks are more robust and provide output more consistent with the Ruby implementation. (BOLT-1103, BOLT-1104)
-
YAML plans
You can now write plans in the YAML language. YAML plans run a list of steps in order, which allows you to define simple workflows. Steps can contain embedded Puppet code expressions to add logic where necessary. For more details about YAML plans, see Writing plans in YAML. For an example of a YAML plan in use, see the Puppet blog. (BOLT-1150)
This version also adds analytics data collection about the number of steps and the return type of YAML plans. (BOLT-1193)
-
Support for Red Hat Enterprise Linux 8
A Bolt package is now available for RHEL 8. (BOLT-1204)
-
Improved load time
Bolt startup is now more efficient. (BOLT-1119)
-
Details about Result and ResultSet objects
The Result and ResultSet objects now include information in the JSON output about the action that generated the result. (BOLT-1125)
-
Inventory warning about unexepected keys
An informative warning message is now logged when invalid group or node configuration keys are detected in the inventoryfile. (BOLT-1017)
-
BoltSpec::Run support for uploading files to remote systems
BoltSpec::Run now supports the upload_file action. (BOLT-953)
-
Remote tasks could run on non-remote targets
Remote tasks can now be run only on remote targets (BOLT-1203)
-
known_hosts weren't parsed correctly
Previously, when a valid hostname entry was present in known_hosts and the host-key-check SSH configuration option was set, host key validation could fail when a valid IP address was not included in the known_hosts entry. This behavior was inconsistent with system SSH where the IP address is not required. Host key checking has been updated to match system SSH. (BOLT-495)
-
Plan variables were visible to sub-plans
Variables defined in scope in a plan were visible to sub-plans called with run_plan. (BOLT-1190)
-
Support for Puppet device modules in a manifest block
You can now apply Puppet code on targets that can't run a Puppet agent using the remote transport via a proxy. This is an experimental feature and might change in future minor (y) releases. (BOLT-645)
-
Validation and error handling for invalid PCP tokens
The PCP transport token-file configuration option now includes validation and a more helpful error message. (BOLT-1076)
-
The _run_as option was clobbered by configuration
The run-as configuration option took precedence over the _run_as parameter when calling run_* functions in a plan. The _run_as parameter now has a higher priority than config or CLI. (BOLT-1050)
-
Tasks with certain configuration options failed when using stdin
When both interpreters and run-as were configured, tasks that required parameters to be passed over stdin failed. (BOLT-1155)
-
SMB file transfer on Windows
When transferring files to a Windows host, you can now optionally use the SMB protocol to reduce transfer time. You must have either administrative rights to use an administrative share, like
\host\C$
, or use UNC style paths to access existing shares, like\host\share
. You can use SMB file transfers only over HTTP, not HTTPS, and SMB3, which supports encryption, is not yet supported. (BOLT-153) -
Interpreter configuration option
An interpreters configuration option enables setting the interpreter that is used to execute a task based on file extension. This options lets you override the shebang defined in the task source code with the path to the executable on the remote system. (BOLT-146)
-
Improved error handling
Clearer error messages now alert you when you use plan functions not meant to be called in manifest blocks. (BOLT-1131)
-
Ruby task helper symbolized only top-level parameter keys
Previously the ruby_task_helperTaskHelper.run method symbolized only-top level parameter keys. Now nested keys are also symbolized. (BOLT-1053)
-
Updated project directory structure
Within your project directory, we now recommend using a directory called site-modules, instead of the more ambiguously named site, to contain any modules not intended to be managed with a Puppetfile. Both site-modules and site are included on the default modulepath to maintain backward compatibility. (BOLT-1108)
-
bolt puppetfile show-modules command
A new bolt puppetfile show-modules command lists the modules, and their versions, installed in the current Boltdir. (BOLT-1118)
-
BoltSpec::Run helpers accept options consistently
All BoltSpec::Run helpers now require the params or arguments argument to be passed. (BOLT-1057)
-
String segments in commands had to be triple-quoted in PowerShell
When running Bolt in PowerShell with commands to be run on *nix nodes, string segments that could be interpreted by PowerShell needed to be triple-quoted. (BOLT-159)
-
bolt task show displays module path
Task and plan list output now includes the module path to help you better understand why a task or plan is not included. (BOLT-1027)
-
PowerShell scripts over the PCP transport
You can now run PowerShell scripts on Windows targets over the PCP transport. (BOLT-830)
-
RSA keys with OpenSSH format
RSA keys stored in the OpenSSH format can now be used for authentication with the SSH transport. (BOLT-1124)
-
Support for new platforms
Bolt packages are now available for Fedora 28 and 29 (BOLT-978), and macOS 10.14 Mojave (BOLT-1040)
-
Unsecured download of the puppet_agent::install task
The bash implementation of the puppet_agent::install task now downloads packages over HTTPS instead of HTTP. This fix ensures the download is authenticated and secures against a man-in-the-middle attack.
-
Hyphens allowed in aliases and group names
Node aliases and group names in the Bolt inventory can now contain hyphens. (BOLT-1022)
-
Unsecured download of the puppet_agent::install_powershell task
The PowerShell implementation of the puppet_agent::install task now downloads Windows .msi files using HTTPS instead of HTTP. This fix ensures the download is authenticated and secures against a man-in-the-middle attack.
-
Improved out-of-the-box tasks
The package and service tasks now select task implementation based on available target features while their platform-specific implementations are private. (BOLT-1049)
-
Respect multiple PuppetDB server_urls
Bolt now tries to connect to all configured PuppetDBserver_urls before failing. (BOLT-938)
-
Bolt crashed if PuppetDB configuration was invalid
If an invalid puppetdb.conf file is detected, Bolt now issues a warning instead of crashing (BOLT-756)
-
Local transport returned incorrect exit status
Local transport now correctly returns an exit code instead of the stat of the process status as an integer. (BOLT-1074)
-
Standard library functions weren't packaged in 1.8.0
Version 1.8.0 didn't include new standard library functions as intended. This release now includes standard library functions in the gem and packages. (BOLT-1065)
-
Standard library functions
Bolt now includes several standard library functions useful for writing plans, including:
- ctrl::sleep
- ctrl::do_until
- file::read
- file::write
- system::env
See Plan execution functions and standard libraries for details. (BOLT-1054)
-
puppet_agent::install task didn't match on Red Hat
The puppet_agent::install task now uses updates in the facts task to resolve Red Hat operating system facts and to download the correct puppet-agent package. (BOLT-997)
-
Configure proxy SSH connections through jump hosts
You can now configure proxy SSH connections through jump hosts from the inventory file with the proxyjump SSH configuration option. (BOLT-1039)
-
Query resource states from a plan
You can now query resource states from a plan with the get_resources function. (BOLT-1035)
-
Specify an array of directories in modulepath
You can now specify an array of directories for the modulepath setting in bolt.yaml, rather than just a string. This change enables using a single bolt.yaml on both *nix and Windows clients. (BOLT-817)
-
Save keystrokes on modulepath, inventoryfile, and verbose
You can now use shortened command options for modulepath (-m), inventoryfile (-i), and verbose (-v). (BOLT-1047)
-
Select module content missing from puppet-bolt package
Previous releases of the puppet-bolt package omitted the python_task_helper and ruby_task_helper modules. These are now included. (BOLT-1036)
-
Remote tasks
You can now run tasks on a proxy target that remotely interacts with the real target, as defined by the run-on option. Remote tasks are useful for targets like network devices that have limited shell environments, or cloud services driven only by HTTP APIs. Connection information for non-server targets, like HTTP endpoints, can be stored in inventory. (BOLT-791)
-
reboot module plan
Bolt now ships with the reboot module, and that module now provides a plan that reboots targets and waits for them to become available. (BOLT-459)
-
Local transport on Windows
The local transport option is now supported on Windows. (BOLT-608)
-
bolt_shim module contents marked as sensitive
The bolt_shim module that enables using Bolt with PE now marks file content as sensitive, preventing it from being logged or stored in a database. (BOLT-815)
-
wait_until_available function didn't work with Docker transport
We merged the Docker transport and wait_until_available function in the same release, and they didn't play nicely together. (BOLT-1018)
-
Python task helper didn't generate appropriate errors
The Python task helper included with Bolt didn't produce an error if an exception was thrown in a task implemented with the helper. (BOLT-1021)
-
Node aliases
You can now specify aliases for nodes in your inventory and then use the aliases to refer to specific nodes. (BOLT-510)
-
Run apply with PE orchestrator without installing puppet_agent module
Bolt no longer requires installing the puppet_agent module in PE in order to run apply actions with the PE orchestrator. (BOLT-940)
-
Bolt apply with orchestrator
A new puppetlabs-apply_helper module enables using Boltapply with orchestrator. For details, see the module README. (BOLT-941)
-
Add targets to a group
A new add_to_group function allows you to add targets to an inventory group during plan execution. (BOLT-942)
-
Additional plan test helpers
The BoltSpec::Plans library now supports unit testing plans that use the
_run_as
parameter,apply
,run_command
,run_script
, andupload_file
. (BOLT-984) -
Data collection about applied catalogs
If analytics data collection is enabled, we now collect randomized info about the number of statements in a manifest block, and how many resources that produces for each target. (BOLT-644)
-
Docker transport for running commands on containers
A new Docker transport option enables running commands on container instances with the Docker API. The Docker transport is experimental because the capabilities and role of the Docker API might change.(BOLT-962)
-
Wait until all target nodes accept connections
A new wait_until_available function waits until all targets are accepting connections, or triggers an error if the command times out. (BOLT-956)
-
Plans with no return value weren't marked complete in PE
Bolt now correctly reports plan completion to PE for plans that don't return a value. Previously, a plan that didn't return a value incorrectly logged that the plan didn't complete. (BOLT-959)
-
Some functions weren't available in the BoltSpec::Plans library
The BoltSpec::Plans library now supports plans that use without_default_logging and wait_until_available, and includes a setup helper that ensures tasks are found and that notice works. (BOLT-971)
-
Apply Puppet manifest code with bolt apply command
The command bolt apply has been added to apply Puppet manifest code on targets without wrapping them in an apply() block in a plan. Note: This command is in development and subject to change. (BOLT-858)
-
Python and Ruby helper libraries for tasks
Two new libraries have been added to help you write tasks in Ruby and Python:
- https://github.com/puppetlabs/puppetlabs-ruby_task_helper
- https://github.com/puppetlabs/puppetlabs-python_task_helper Use these libraries to parse task input, catch errors, and produce task output. For details, see Task Helpers. (BOLT-906 and BOLT-907)
-
Redacted passwords for printed target objects
When the Target object in a Bolt plan is printed, it includes only the host, user, port, and protocol used. The values for password and sudo-password are redacted. (BOLT-944)
-
Task implementation not located relative to other files in installdir
When you use tasks that include shared code, the task executable is located alongside shared code at
_installdir/MODULE/tasks/TASK
. (BOLT-931)
-
Share code between tasks
Bolt includes the ability to share code between tasks. A task can include a list of files that it requires, from any module, that it copies over and makes available via a _installdir parameter. This feature is also supported in Puppet Enterprise 2019.0. For more information see, Sharing task code. (BOLT-755)
-
Upgraded WinRM gem dependencies
The following gem dependencies have been upgraded to fix the connection between OMI server on Linux and the WinRM transport:
- winrm 2.3.0
- winrm-fs 1.3.1
- json-schema 2.8.1 (BOLT-929)
-
Mark internal tasks as private
In the task metadata, you can mark internal tasks as private and prevent them from appearing in task list UIs. (BOLT-734)
-
Upload directories via plans
The bolt file upload command and upload_file action now upload directories. For use over the PCP transport these commands require puppetlabs-bolt_shim 0.2.0 or later. (BOLT-191)
-
Support for public-key signature system ed25519
The ed25519 key type is now supported out-of-the-box in Bolt packages. (BOLT-380)
-
Error when puppet_agent task not run as root
The puppet_agent task now checks that it is run as root. When run as another user, it prints and fails with a helpful message. (BOLT-878)
-
Bolt suppresses errors from transport
Previously, Bolt suppressed some exception errors thrown by transports. For example, when the ed25519 gem was not present for an Net::SSH process, the NotImplementedError for ed25519 keys would not appear. These errors are now identified and displayed. (BOLT-922)
-
Loading bolt/executor is "breaking" gettext setup in spec tests
When Bolt is used as a library, it no longer loads code from r10k unless you explicitly require 'bolt/cli'.(BOLT-914)
-
Deprecated functions in stdlib result in Evaluation Error
Manifest blocks will now allow use of deprecated functions from stdlib, and language features governed by the 'strict' setting in Puppet. (BOLT-900)
-
Bolt apply does not provide
clientcert
factapply_prep has been updated to collect agent facts as listed in Puppet agent facts. (BOLT-898)
-
C:\Program Files\Puppet Labs\Bolt\bin\bolt.bat
is non-functionalWhen moving to Ruby 2.5, the .bat scripts in Bolt packaging reverted to hard-coded paths that were not accurate. As a result Bolt would be unusable outside of PowerShell. The .bat scripts have been fixed so they work from cmd.exe as well. (BOLT-886)