bolt-project.yaml options

Sections

This page lists the configuration options that are available in the bolt-project.yaml. For more information, see Configuring Bolt.

Options

apply-settings

A map of Puppet settings to use when applying Puppet code using the apply plan function or the bolt apply command.

  • Type: Hash

show_diff

Whether to log and report a contextual diff.

  • Type: Boolean

  • Default: false

apply-settings:
  show_diff: true

apply_settings

This option is deprecated. This option will be removed in Bolt 3.0. Use apply-settings instead.

A map of Puppet settings to use when applying Puppet code using the apply plan function or the bolt apply command.

  • Type: Hash

show_diff

Whether to log and report a contextual diff.

  • Type: Boolean

  • Default: false

apply_settings:
  show_diff: true

color

Whether to use colored output when printing messages to the console.

  • Type: Boolean

  • Default: true

color: false

compile-concurrency

The maximum number of simultaneous manifest block compiles.

  • Type: Integer

  • Default: Number of cores.

compile-concurrency: 5

concurrency

The number of threads to use when executing on remote targets.

  • Type: Integer

  • Default: 100 or 1/7 the ulimit, whichever is lower.

concurrency: 50

format

The format to use when printing results.

  • Type: String

  • Available values: human, json, rainbow

  • Default: human

format: json

hiera-config

The path to the Hiera configuration file.

  • Type: String

  • Default: project/hiera.yaml

hiera-config: "~/.puppetlabs/bolt/hiera.yaml"

inventoryfile

This option is deprecated. This option will be removed in Bolt 3.0. Use the --inventoryfile command-line option to use a non-default inventory file or move the file contents to inventory.yaml in the project directory.

The path to a structured data inventory file used to refer to groups of targets on the command line and from plans. Read more about using inventory files in Inventory files.

  • Type: String

  • Default: project/inventory.yaml

inventoryfile: "~/.puppetlabs/bolt/inventory.yaml"

log

A map of configuration for the logfile output. Under log, you can configure log options for console and add configuration for individual log files, such as ~/.puppetlabs/bolt/debug.log. Individual log files must be valid filepaths. If the log file does not exist, then Bolt will create it before logging information. Set the value to disable to remove a log file defined at an earlier level of the config hierarchy. By default, Bolt logs to a bolt-debug.log file in the Bolt project directory.

  • Type: Hash

append

Whether to append output to an existing log file.

  • Type: Boolean

  • Default: true

level

The type of information to log.

  • Type: String

  • Available values: trace, debug, error, info, warn, fatal, any

  • Default: warn

log:
  console:
    level: info
  "~/logs/debug.log":
    append: false
    level: debug

modulepath

An array of directories that Bolt loads content such as plans and tasks from. Read more about modules in Module structure.

  • Type: Array, String

  • Default:

modulepath:
- "~/.puppetlabs/bolt/modules"
- "~/.puppetlabs/bolt/site-modules"

modules

A list of module dependencies for the project. Each dependency is a map of data specifying the module to install. To install the project's module dependencies, run the bolt module install command.

  • Type: Array

modules:
- puppetlabs-facts
- name: puppetlabs-mysql
- name: puppetlabs-apache
  version_requirement: 5.5.0
- name: puppetlabs-puppetdb
  version_requirement: 7.x
- name: puppetlabs-firewall
  version_requirement: ">= 1.0.0 < 3.0.0"
- git: https://github.com/puppetlabs/puppetlabs-apt
  ref: 7.6.0

name

The name of the Bolt project. When this option is configured, the project is considered a Bolt project, allowing Bolt to load content from the project directory as though it were a module.

  • Type: String

name: myproject

plans

A list of plan names and glob patterns to filter the project's plans by. This option is used to limit the visibility of plans for users of the project. For example, project authors might want to limit the visibility of plans that are bundled with Bolt or plans that should only be run as part of another plan. When this option is not configured, all plans are visible. This option does not prevent users from running plans that are not part of this list.

  • Type: Array

plans:
- myproject
- myproject::foo
- myproject::bar
- myproject::deploy::*

plugin-hooks

A map of plugin hooks and which plugins a hook should use. The only configurable plugin hook is puppet_library, which can use two possible plugins: puppet_agent and task.

  • Type: Hash

plugin-hooks:
  puppet_library:
    plugin: puppet_agent
    version: 6.15.0
    _run_as: root

plugin_hooks

This option is deprecated. This option will be removed in Bolt 3.0. Use plugin-hooks instead.

A map of plugin hooks and which plugins a hook should use. The only configurable plugin hook is puppet_library, which can use two possible plugins: puppet_agent and task.

  • Type: Hash

plugin_hooks:
  puppet_library:
    plugin: puppet_agent
    version: 6.15.0
    _run_as: root

plugins

A map of plugins and their configuration data, where each key is the name of a plugin and its value is a map of configuration data. Configurable options are specified by the plugin. Read more about configuring plugins in Using plugins.

  • Type: Hash

plugins:
  pkcs7:
    keysize: 1024

puppetdb

A map containing options for configuring the Bolt PuppetDB client.

  • Type: Hash

cacert

The path to the ca certificate for PuppetDB.

  • Type: String

cert

The path to the client certificate file to use for authentication.

  • Type: String

connect_timeout

How long to wait in seconds when establishing connections with PuppetDB.

  • Type: Integer

  • Default: 60

key

The private key for the certificate.

  • Type: String

read_timeout

How long to wait in seconds for a response from PuppetDB.

  • Type: Integer

  • Default: 60

server_urls

An array containing the PuppetDB host to connect to. Include the protocol https and the port, which is usually 8081. For example, https://my-puppetdb-server.com:8081.

  • Type: Array

token

The path to the PE RBAC Token.

  • Type: String

puppetdb:
  cacert: "/etc/puppetlabs/puppet/ssl/certs/ca.pem"
  cert: "/etc/puppetlabs/puppet/ssl/certs/my-host.example.com.pem"
  connect_timeout: 120
  key: "/etc/puppetlabs/puppet/ssl/private_keys/my-host.example.com.pem"
  read_timeout: 120
  server_urls:
  - https://puppet.example.com:8081
  token: "~/.puppetlabs/token"

puppetfile

A map containing options for the bolt puppetfile install command.

  • Type: Hash

forge

A subsection that can have its own proxy setting to set an HTTP proxy for Forge operations only, and a baseurl setting to specify a different Forge host.

  • Type: Hash

proxy

The HTTP proxy to use for Git and Forge operations.

  • Type: String

puppetfile:
  forge:
    baseurl: https://forge.example.com
    proxy: https://forgeapi.example.com
  proxy: https://forgeapi.example.com

save-rerun

Whether to update .rerun.json in the Bolt project directory. If your target names include passwords, set this value to false to avoid writing passwords to disk.

  • Type: Boolean

  • Default: true

save-rerun: false

tasks

A list of task names and glob patterns to filter the project's tasks by. This option is used to limit the visibility of tasks for users of the project. For example, project authors might want to limit the visibility of tasks that are bundled with Bolt or plans that should only be run as part of a larger workflow. When this option is not configured, all tasks are visible. This option does not prevent users from running tasks that are not part of this list.

  • Type: Array

tasks:
- myproject
- myproject::foo
- myproject::bar
- myproject::deploy_*

trusted-external-command

The path to an executable on the Bolt controller that can produce external trusted facts. External trusted facts are experimental in both Puppet and Bolt and this API may change or be removed.

  • Type: String

trusted-external-command: "/etc/puppetlabs/facts/trusted_external.sh"

Example file

# bolt-project.yaml
apply-settings:
  show_diff: true
apply_settings:
  show_diff: true
color: false
compile-concurrency: 5
concurrency: 50
format: json
hiera-config: "~/.puppetlabs/bolt/hiera.yaml"
inventoryfile: "~/.puppetlabs/bolt/inventory.yaml"
log:
  console:
    level: info
  "~/logs/debug.log":
    append: false
    level: debug
modulepath:
- "~/.puppetlabs/bolt/modules"
- "~/.puppetlabs/bolt/site-modules"
modules:
- puppetlabs-facts
- name: puppetlabs-mysql
- name: puppetlabs-apache
  version_requirement: 5.5.0
- name: puppetlabs-puppetdb
  version_requirement: 7.x
- name: puppetlabs-firewall
  version_requirement: ">= 1.0.0 < 3.0.0"
- git: https://github.com/puppetlabs/puppetlabs-apt
  ref: 7.6.0
name: myproject
plans:
- myproject
- myproject::foo
- myproject::bar
- myproject::deploy::*
plugin-hooks:
  puppet_library:
    plugin: puppet_agent
    version: 6.15.0
    _run_as: root
plugin_hooks:
  puppet_library:
    plugin: puppet_agent
    version: 6.15.0
    _run_as: root
plugins:
  pkcs7:
    keysize: 1024
puppetdb:
  cacert: "/etc/puppetlabs/puppet/ssl/certs/ca.pem"
  cert: "/etc/puppetlabs/puppet/ssl/certs/my-host.example.com.pem"
  connect_timeout: 120
  key: "/etc/puppetlabs/puppet/ssl/private_keys/my-host.example.com.pem"
  read_timeout: 120
  server_urls:
  - https://puppet.example.com:8081
  token: "~/.puppetlabs/token"
puppetfile:
  forge:
    baseurl: https://forge.example.com
    proxy: https://forgeapi.example.com
  proxy: https://forgeapi.example.com
save-rerun: false
tasks:
- myproject
- myproject::foo
- myproject::bar
- myproject::deploy_*
trusted-external-command: "/etc/puppetlabs/facts/trusted_external.sh"

📖 Related information

Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.