ansible/ansible.changes

413 lines
18 KiB
Plaintext
Raw Normal View History

-------------------------------------------------------------------
Sun Aug 17 15:21:38 UTC 2014 - lars@linux-schulserver.de
- update to 1.7.1:
Major new features:
+ Windows support (alpha) using native PowerShell remoting
+ Tasks can now specify run_once: true, meaning they will be executed
exactly once. This can be combined with delegate_to to trigger actions
you want done just the one time versus for every host in inventory.
New Modules:
+ cloud: azure
+ cloud: rax_meta
+ cloud: rax_scaling_group
+ cloud: rax_scaling_policy
+ windows: version of setup module
+ windows: version of slurp module
+ windows: win_feature
+ windows: win_get_url
+ windows: win_msi
+ windows: win_ping
+ windows: win_user
+ windows: win_service
+ windows: win_group
New inventory scripts:
+ SoftLayer
+ Windows Azure
Docker module bug fixes:
+ Fixed support for specifying rw/ro bind modes for volumes
+ Fixed support for allowing the tag in the image parameter
Other notable changes:
+ Performance enhancements related to previous security fixes, which
could cause slowness when modules returned very large JSON results.
This specifically impacted the unarchive module frequently, which
returns the details of all unarchived files in the result.
+ Inventory speed improvements for very large inventories.
+ Vault password files can now be executable, to support scripts
that fetch the vault password.
+ Fixes an issue with the copy module when copying a directory that
fails when changing file attributes and the target file already exists
+ Improved unicode handling when splitting args
+ Further improvements to module parameter parsing to address
additional regressions caused by security fixes
+ Corrects a regression in the way shell and command parameters
were being parsed
+ Various other bug fixes
Security fixes:
+ Security fix to disallow specifying 'args:' as a string, which could
allow the insertion of extra module parameters through variables.
+ Strip lookup calls out of inventory variables and clean unsafe
data returned from lookup plugins (CVE-2014-4966)
+ Make sure vars don't insert extra parameters into module args and
prevent duplicate params from superseding previous params (CVE-2014-4967)
-------------------------------------------------------------------
Thu Jul 10 12:53:16 UTC 2014 - lars@linux-schulserver.de
- update to 1.6.6:
* Security updates to further protect against the incorrect
execution of untrusted data
* Additional tweaks to prevent the incorrect execution of
untrusted data
* Security update to prevent local operations from executing as
the result of specifically crafted untrusted data
-------------------------------------------------------------------
Thu Jun 19 07:28:24 UTC 2014 - lars@linux-schulserver.de
- update to 1.6.3:
* The deprecated legacy variable templating system has been
finally removed. Use {{ foo }} always not $foo or ${foo}.
* Any data file can also be JSON. Use sparingly -- with great power
comes great responsibility. Starting file with "{" or "[" denotes JSON.
* Added 'gathering' param for ansible.cfg to change the default
gather_facts policy.
* Accelerate improvements:
+ multiple users can connect with different keys, when
accelerate_multi_key = yes is specified in the ansible.cfg.
+ daemon lifetime is now based on the time from the last activity,
not the time from the daemon's launch.
* ansible-playbook now accepts --force-handlers to run handlers
even if tasks result in failures.
* Added VMWare support with the vsphere_guest module.
* many new modules and ther notable changes, please read
/usr/share/doc/packages/ansible/CHANGELOG.md for details
- use new upstream URL(s)
- require python-httplib2 and python-setuptools
- ignore "wrong" permissions of synchronize.py
- ignore rpmlint warning about requiring python-httplib2 explicitely
-------------------------------------------------------------------
Thu Mar 20 23:24:56 UTC 2014 - lars@linux-schulserver.de
- update to 1.5.3:
* Fixes to the git module related to host key checking
* Force command action to not be executed by the shell unless
specifically enabled.
* Validate SSL certs accessed through urllib*.
* Implement new default cipher class AES256 in ansible-vault.
* Misc bug fixes.
- update to 1.5: Major features/changes: * when_foo which was previously deprecated is now removed, use "when:" instead. Code generates appropriate error suggestion. * include + with_items which was previously deprecated is now removed, ditto. Use with_nested / with_together, etc. * only_if, which is much older than when_foo and was deprecated, is similarly removed. * ssh connection plugin is now more efficient if you add 'pipelining=True' in ansible.cfg under [ssh_connection], see example.cfg * localhost/127.0.0.1 is not required to be in inventory if referenced, if not in inventory, it does not implicitly appear in the 'all' group. * git module has new parameters (accept_hostkey, key_file, ssh_opts) to ease the usage of git and ssh protocols. * when using accelerate mode, the daemon will now be restarted when specifying a different remote_user between plays. * added no_log: option for tasks. When used, no logging information will be sent to syslog during the module execution. * acl module now handles 'default' and allows for either shorthand entry or specific fields per entry section * play_hosts is a new magic variable to provide a list of hosts in scope for the current play. * ec2 module now accepts 'exact_count' and 'count_tag' as a way to enforce a running number of nodes by tags. * all ec2 modules that work with Eucalyptus also now support a 'validate_certs' option, which can be set to 'off' for installations using self-signed certs. * Start of new integration test infrastructure (WIP) OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=19
2014-03-08 12:12:26 +01:00
-------------------------------------------------------------------
Sat Mar 8 11:08:25 UTC 2014 - lars@linux-schulserver.de
- update to 1.5:
Major features/changes:
* when_foo which was previously deprecated is now removed, use
"when:" instead. Code generates appropriate error suggestion.
* include + with_items which was previously deprecated is now
removed, ditto. Use with_nested / with_together, etc.
* only_if, which is much older than when_foo and was deprecated,
is similarly removed.
* ssh connection plugin is now more efficient if you add
'pipelining=True' in ansible.cfg under [ssh_connection],
see example.cfg
* localhost/127.0.0.1 is not required to be in inventory if
referenced, if not in inventory, it does not implicitly appear
in the 'all' group.
* git module has new parameters (accept_hostkey, key_file, ssh_opts)
to ease the usage of git and ssh protocols.
* when using accelerate mode, the daemon will now be restarted
when specifying a different remote_user between plays.
* added no_log: option for tasks. When used, no logging information
will be sent to syslog during the module execution.
* acl module now handles 'default' and allows for either shorthand
entry or specific fields per entry section
* play_hosts is a new magic variable to provide a list of hosts
in scope for the current play.
* ec2 module now accepts 'exact_count' and 'count_tag' as a way to
enforce a running number of nodes by tags.
* all ec2 modules that work with Eucalyptus also now support a
'validate_certs' option, which can be set to 'off' for installations
using self-signed certs.
* Start of new integration test infrastructure (WIP)
* if repoquery is unavailble, the yum module will automatically
attempt to install yum-utils
* ansible-vault: a framework for encrypting your playbooks
and variable files
Other notable changes (many new module params & bugfixes may not not listed):
* no_reboot is now defaulted to "no" in the ec2_ami module to ensure
filesystem consistency in the resulting AMI.
* sysctl module overhauled
* authorized_key module overhauled
* synchronized module now handles local transport better
* apt_key module now ignores case on keys
* zypper_repository now skips on check mode
* file module now responds to force behavior when dealing with hardlinks
* new lookup plugin 'csvfile'
* fixes to allow hash_merge behavior to work with dynamic inventory
* mysql module will use port argument on dump/import
* subversion module now ignores locale to better intercept status messages
* rax api_key argument is no longer logged
* backwards/forwards compatibility for OpenStack modules, 'quantum'
modules grok neutron renaming
* hosts properly uniqueified if appearing in redundant groups
* hostname module support added for ScientificLinux
* ansible-pull can now show live stdout and pass verbosity levels
to ansible-playbook
* ec2 instances can now be stopped or started
* additional volumes can be created when creating new ec2 instances
* user module can move a home directory
* significant enhancement and cleanup of rackspace modules
* ansible_ssh_private_key_file can be templated
* docker module updated to support docker-py 0.3.0
* various other bug fixes
* md5 logic improved during sudo operation
* support for ed25519 keys in authorized_key module
* ability to set directory permissions during a recursive copy
(directory_mode parameter)
* update docker module, support for using docker python
library 0.3.0
-------------------------------------------------------------------
Thu Feb 27 17:39:07 UTC 2014 - lars@linux-schulserver.de
- update to 1.4.5:
+ fixed issue with permissions being incorrect on
fireball/accelerate keys when the umask setting was too loose.
-------------------------------------------------------------------
Sun Jan 19 03:12:17 UTC 2014 - lars@linux-schulserver.de
- update to 1.4.4:
+ Fixed issue with newer versions of pip not having --use-mirrors
+ Fixed role_path parsing from ansible.cfg
+ Fixed default role templates
+ Fixed a few bugs related to unicode
+ Fixed errors in the ssh connection method with large data returns
+ Miscellaneous fixes for a few modules
+ Add the ansible-galaxy command
-------------------------------------------------------------------
Mon Dec 16 21:28:31 UTC 2013 - lars@linux-schulserver.de
- update to 1.4.1:
* Misc fix updates
-------------------------------------------------------------------
Thu Nov 28 13:54:02 UTC 2013 - kgronlund@suse.com
- Update to release 1.4
- Highlighted new features:
+ Added do-until feature, which can be used to retry a failed task a
specified number of times with a delay in-between the retries.
+ Added failed_when option for tasks, which can be used to specify
logical statements that make it easier to determine when a task has
failed, or to make it easier to ignore certain non-zero return
codes for some commands.
+ Added the "subelement" lookup plugin, which allows iteration of the
keys of a dictionary or items in a list.
+ Added the capability to use either paramiko or ssh for the inital
setup connection of an accelerated playbook.
+ Automatically provide advice on common parser errors users
encounter.
+ Deprecation warnings are now shown for legacy features:
when_integer/etc, only_if, include+with_items, etc. Can be disabled
in ansible.cfg
+ The system will now provide helpful tips around possible YAML
syntax errors increasing ease of use for new users.
+ warnings are now shown for using {{ foo }} in loops and
conditionals, and suggest leaving the variable expressions bare as
per docs.
+ The roles search path is now configurable in
ansible.cfg. 'roles_path' in the config setting.
+ Includes with parameters can now be done like roles for
consistency: - { include: song.yml, year:1984, song:'jump' }
+ The name of each role is now shown before each task if roles are
being used
+ Adds a "var=" option to the debug module for debugging variable
data. "debug: var=hostvars['hostname']" and "debug: var=foo" are
all valid syntax.
+ Variables in {{ format }} can be used as references even if they
are structured data
+ Can force binding of accelerate to ipv6 ports.
+ the apt module will auto-install python-apt if not present rather
than requiring a manual installation
+ the copy module is now recursive if the local 'src' parameter is a
directory.
+ syntax checks now scan included task and variable files as well as
main files
- New modules and plugins:
+ cloud: ec2_eip -- manage AWS elastic IPs
+ cloud: ec2_vpc -- manage ec2 virtual private clouds
+ cloud: elasticcache -- Manages clusters in Amazon Elasticache
+ cloud: rax_network -- sets up Rackspace networks
+ cloud: rax_facts: retrieve facts about a Rackspace Cloud Server
+ cloud: rax_clb_nodes -- manage Rackspace cloud load balanced nodes
+ cloud: rax_clb -- manages Rackspace cloud load balancers
+ cloud: docker - instantiates/removes/manages docker containers
+ cloud: ovirt -- VM lifecycle controls for ovirt
+ files: acl -- set or get acls on a file
+ files: unarchive: pushes and extracts tarballs
+ files: synchronize: a useful wraper around rsyncing trees of files
+ system: firewalld -- manage the firewalld configuration
+ system: modprobe -- manage kernel modules on systems that support
modprobe/rmmod
+ system: open_iscsi -- manage targets on an initiator using
open-iscsi
+ system: blacklist: add or remove modules from the kernel blacklist
+ system: hostname - sets the systems hostname
+ utilities: include_vars -- dynamically load variables based on
conditions.
+ packaging: zypper_repository - adds or removes Zypper repositories
+ packaging: urpmi - work with urpmi packages
+ packaging: swdepot - a module for working with swdepot
+ notification: grove - notifies to Grove hosted IRC channels
+ web_infrastructure: ejabberd_user: add and remove users to ejabberd
+ web_infrastructure: jboss: deploys or undeploys apps to jboss
+ source_control: github_hooks: manages GitHub service hooks
+ net_infrastructure: bigip_monitor_http: manages F5 BIG-IP LTM http
monitors
+ net_infrastructure: bigip_monitor_tcp: manages F5 BIG-IP LTM TCP
monitors
+ net_infrastructure: bigip_pool_member: manages F5 BIG-IP LTM pool
members
+ net_infrastructure: bigip_node: manages F5 BIG-IP LTM nodes
+ net_infrastructure: openvswitch_port
+ net_infrastructure: openvswitch_bridge
-------------------------------------------------------------------
Fri Nov 1 15:09:48 UTC 2013 - kgronlund@suse.com
- Updated .spec file:
+ Remove deprecated fireball and node-fireball packages
+ Add dependency on python-keyczar
+ Add recommends for sshpass
+ Fix support for RHEL
+ Correct upstream URL
+ Use upstream release package for 1.3.4
+ Re-add CHANGELOG.md
+ Re-added man3 man pages
+ Updated short description to match upstream description
- update to 1.3.4: Highlighted new features: + accelerated mode: An enhanced fireball mode that requires zero bootstrapping and fewer requirements plus adds capabilities like sudo commands. + role defaults: Allows roles to define a set of variables at the lowest priority. These variables can be overridden by any other variable. + new /etc/ansible/facts.d allows JSON or INI-style facts to be provided from the remote node, and supports executable fact programs in this dir. Files must end in *.fact. + added the ability to make undefined template variables raise errors (see ansible.cfg) + (DOCS PENDING) sudo: True/False and sudo_user: True/False can be set at include and role level + added changed_when: (expression) which allows overriding whether a result is changed or not and can work with registered expressions + --extra-vars can now take a file as input, e.g., "-e @filename" and can also be formatted as YAML + external inventory scripts may now return host variables in one pass, which allows them to be much more efficient for large numbers of hosts + if --forks exceeds the numbers of hosts, it will be automatically reduced. Set forks to 0 and you get "as many forks as I have hosts" out of the box. + enabled error_on_undefined_vars by default, which will make errors in playbooks more obvious + role dependencies -- one role can now pull in another, with parameters of its own. + added the ability to have tasks execute even during a check OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=11
2013-10-31 18:30:42 +01:00
-------------------------------------------------------------------
Thu Oct 31 17:26:44 UTC 2013 - lars@linux-schulserver.de
- update to 1.3.4:
Highlighted new features:
+ accelerated mode: An enhanced fireball mode that requires zero
bootstrapping and fewer requirements plus adds capabilities
like sudo commands.
+ role defaults: Allows roles to define a set of variables at the
lowest priority. These variables can be overridden by any
other variable.
+ new /etc/ansible/facts.d allows JSON or INI-style facts to be
provided from the remote node, and supports executable fact
programs in this dir. Files must end in *.fact.
+ added the ability to make undefined template variables raise
errors (see ansible.cfg)
+ (DOCS PENDING) sudo: True/False and sudo_user: True/False can be
set at include and role level
+ added changed_when: (expression) which allows overriding whether
a result is changed or not and can work with registered expressions
+ --extra-vars can now take a file as input, e.g., "-e @filename"
and can also be formatted as YAML
+ external inventory scripts may now return host variables in one
pass, which allows them to be much more efficient for large
numbers of hosts
+ if --forks exceeds the numbers of hosts, it will be automatically
reduced. Set forks to 0 and you get "as many forks as I have
hosts" out of the box.
+ enabled error_on_undefined_vars by default, which will make
errors in playbooks more obvious
+ role dependencies -- one role can now pull in another, with
parameters of its own.
+ added the ability to have tasks execute even during a check
run (always_run).
+ added the ability to set the maximum failure percentage for a
group of hosts.
...and a lot more information can be found at
/usr/share/doc/packages/ansible/CHANGELOG.md
- removed man3 man pages
- removed separate CHANGELOG.md source - now in upstream tarball
-------------------------------------------------------------------
Sun Jun 30 20:05:47 UTC 2013 - lars@linux-schulserver.de
- update to 1.2:
+ new feature: roles
+ massively improved variable support and conditionals
+ Pre and Post tasks provide greater controls to make rolling
updates even smoother
+ added 32 new modules:
++ including a openSUSE package management module
++ added team chat notification modules for Flowdock, Hipchat,
Campfire, IRC, and more
++ added monitoring modules to interact with New Relic, Airbrake,
Pingdom, Pagerduty and Monit
- added CHANGELOG.md to /usr/share/doc/packages/ansible/ to have
the complete changelog at hand
-------------------------------------------------------------------
Thu Apr 25 08:01:24 UTC 2013 - lars@linux-schulserver.de
- require python-pyzmq on (open)SUSE
-------------------------------------------------------------------
Thu Apr 18 07:42:43 UTC 2013 - lars@linux-schulserver.de
- fix build on other distributions than openSUSE
- License in SPDX format
- added rpmlintrc
-------------------------------------------------------------------
Wed Apr 17 11:04:04 UTC 2013 - lars@linux-schulserver.de
- update to 1.1:
+ stderr shown when commands fail to parse
+ uses yaml.safe_dump in filter plugins
+ authentication Q&A no longer happens before --syntax-check, but after
+ ability to get hostvars data for nodes not in the setup cache yet
+ SSH timeout now correctly passed to native SSH connection plugin
+ raise an error when multiple when_ statements are provided
+ --list-hosts applies host limit selections better
+ (internals) template engine specifications to use template_ds everywhere
+ better error message when your host file can not be found
+ end of line comments now work in the inventory file
+ directory destinations now work better with remote md5 code
+ lookup plugin macros like $FILE and $ENV now work without
returning arrays in variable definitions/playbooks
+ uses yaml.safe_load everywhere
+ able to add EXAMPLES to documentation via EXAMPLES docstring,
rather than just in main documentation YAML
+ can set ANSIBLE_COW_SELECTION to pick other cowsay types (including random)
+ to_nice_yaml and to_nice_json available as Jinja2 filters that indent and sort
+ cowsay able to run out of macports (very important!)
+ improved logging for fireball mode
+ nicer error message when talking to an older system that needs a
JSON module installed
+ 'magic' variable 'inventory_basedir' now gives path to inventory file
+ 'magic' variable 'vars' works like 'hostvars' but gives global scope
variables, useful for debugging in templates mostly
+ conditionals can be used on plugins like add_host
+ ...and many more...
- specfile cleanup
- just recomend python-paramiko as the user can also use openssh
-------------------------------------------------------------------
Tue Jan 22 13:47:16 UTC 2013 - julien.tognazzi@gmail.com
- Merge changes from upstream