bug: mark password as sensitive in install.json

This commit marks `password` as sensitive in the install.json bolt task
param metadata.

This prevents password from being shown in plaintext, in the bolt logs.

before:
```
Running task puppet_agent::install with '{"retry":5,"collection":"puppetcore8","version":"latest","password":"1234","_task":"puppet_agent::install"}' on [".."]
```

after:
```
Running task puppet_agent::install with '{"retry":5,"collection":"puppetcore8","version":"latest","password":"Sensitive [value redacted]","_task":"puppet_agent::install"}' on [".."]
```

Author: jordanbreen28

task_spec/spec/acceptance/init_spec.rb

@@ -266,6 +266,14 @@ def latest_sources
         expect(res).to include('status' => 'success')
         expect(res['value']['_output']).to match(%r{Puppet Agent #{installed_version} detected. Nothing to do.})
       end
+      # Verify that the password is not in the output
+      it 'redacts password in output' do
+        results = run_task('puppet_agent::install', 'target', { 'collection' => puppet_8_collection, 'password' => '1234' })
+        results.each do |res|
+          expect(res).to include('status' => 'success')
+          expect(res['value']['_output']).to match(%r{"password":\"Sensitive [value redacted]\"})
+        end
+      end
     end
   end
 end

tasks/install.json

@@ -48,6 +48,7 @@
     },
     "password": {
       "description": "The password to use when downloading from a source location requiring authentication",
+      "sensitive": true,
       "type": "Optional[String]"
     }
   },